7) r2 = openat(0xffffffffffffffff, &(0x7f00000000c0)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r2, 0x0) preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0) getsockopt$SO_J1939_ERRQUEUE(r1, 0x6b, 0x3, 0x0, &(0x7f00000001c0)) 09:52:17 executing program 3: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = socket$can_j1939(0x1d, 0x2, 0x7) r2 = openat(0xffffffffffffffff, &(0x7f00000000c0)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r2, 0x0) preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0) getsockopt$SO_J1939_ERRQUEUE(r1, 0x6b, 0x3, 0x0, &(0x7f00000001c0)) 09:52:17 executing program 1: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = socket$can_j1939(0x1d, 0x2, 0x7) r2 = openat(0xffffffffffffffff, &(0x7f00000000c0)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r2, 0x0) preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0) getsockopt$SO_J1939_ERRQUEUE(r1, 0x6b, 0x3, 0x0, &(0x7f00000001c0)) 09:52:17 executing program 2: r0 = timerfd_create(0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x387b1d0848878264, 0x8031, 0xffffffffffffffff, 0x0) fsetxattr$trusted_overlay_origin(r0, &(0x7f0000000000), 0x0, 0x0, 0x0) 09:52:17 executing program 1: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = socket$can_j1939(0x1d, 0x2, 0x7) r2 = openat(0xffffffffffffffff, &(0x7f00000000c0)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r2, 0x0) preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0) getsockopt$SO_J1939_ERRQUEUE(r1, 0x6b, 0x3, 0x0, &(0x7f00000001c0)) 09:52:17 executing program 3: openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) unshare(0x4000400) pselect6(0x40, &(0x7f0000001540), &(0x7f0000001580)={0x9}, 0x0, 0x0, 0x0) 09:52:17 executing program 0: r0 = timerfd_create(0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x387b1d0848878264, 0x8031, 0xffffffffffffffff, 0x0) fsetxattr$trusted_overlay_origin(r0, &(0x7f0000000000), 0x0, 0x0, 0x0) 09:52:17 executing program 1: migrate_pages(0x0, 0x9, &(0x7f0000000000)=0x2, &(0x7f0000000040)=0x100000001) 09:52:17 executing program 3: openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) unshare(0x4000400) pselect6(0x40, &(0x7f0000001540), &(0x7f0000001580)={0x9}, 0x0, 0x0, 0x0) 09:52:17 executing program 3: openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) unshare(0x4000400) pselect6(0x40, &(0x7f0000001540), &(0x7f0000001580)={0x9}, 0x0, 0x0, 0x0) 09:52:17 executing program 1: migrate_pages(0x0, 0x9, &(0x7f0000000000)=0x2, &(0x7f0000000040)=0x100000001) 09:52:18 executing program 1: migrate_pages(0x0, 0x9, &(0x7f0000000000)=0x2, &(0x7f0000000040)=0x100000001) 09:52:18 executing program 3: openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) unshare(0x4000400) pselect6(0x40, &(0x7f0000001540), &(0x7f0000001580)={0x9}, 0x0, 0x0, 0x0) 09:52:18 executing program 2: r0 = socket$unix(0x1, 0x2, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) r2 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r2, &(0x7f0000000000), 0x10) sendmsg$can_bcm(r2, &(0x7f0000000480)={&(0x7f0000000340)={0x1d, r1}, 0x10, &(0x7f00000000c0)={&(0x7f0000000580)={0x4, 0x0, 0x0, {}, {}, {}, 0x1, @canfd={{}, 0x0, 0x0, 0x0, 0x0, "b8ee0816756b62187804752330b2b55830d7228ef1593c0639bd084bba0bfd8db72f70e5b2e7f90e11cbc6ec61a03fc316d5d47970907af5fc4a27f6cf718909"}}, 0x38}}, 0x0) 09:52:18 executing program 3: io_setup(0x7f, &(0x7f0000000000)=0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000400)='clear_refs\x00') r3 = eventfd2(0x0, 0x0) io_submit(r0, 0x2, &(0x7f0000000380)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0}, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x5, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x5, r3}]) 09:52:18 executing program 1: migrate_pages(0x0, 0x9, &(0x7f0000000000)=0x2, &(0x7f0000000040)=0x100000001) 09:52:18 executing program 2: r0 = socket$unix(0x1, 0x2, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) r2 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r2, &(0x7f0000000000), 0x10) sendmsg$can_bcm(r2, &(0x7f0000000480)={&(0x7f0000000340)={0x1d, r1}, 0x10, &(0x7f00000000c0)={&(0x7f0000000580)={0x4, 0x0, 0x0, {}, {}, {}, 0x1, @canfd={{}, 0x0, 0x0, 0x0, 0x0, "b8ee0816756b62187804752330b2b55830d7228ef1593c0639bd084bba0bfd8db72f70e5b2e7f90e11cbc6ec61a03fc316d5d47970907af5fc4a27f6cf718909"}}, 0x38}}, 0x0) 09:52:18 executing program 0: r0 = socket$unix(0x1, 0x2, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) r2 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r2, &(0x7f0000000000), 0x10) sendmsg$can_bcm(r2, &(0x7f0000000480)={&(0x7f0000000340)={0x1d, r1}, 0x10, &(0x7f00000000c0)={&(0x7f0000000580)={0x4, 0x0, 0x0, {}, {}, {}, 0x1, @canfd={{}, 0x0, 0x0, 0x0, 0x0, "b8ee0816756b62187804752330b2b55830d7228ef1593c0639bd084bba0bfd8db72f70e5b2e7f90e11cbc6ec61a03fc316d5d47970907af5fc4a27f6cf718909"}}, 0x38}}, 0x0) 09:52:18 executing program 2: r0 = socket$unix(0x1, 0x2, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) r2 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r2, &(0x7f0000000000), 0x10) sendmsg$can_bcm(r2, &(0x7f0000000480)={&(0x7f0000000340)={0x1d, r1}, 0x10, &(0x7f00000000c0)={&(0x7f0000000580)={0x4, 0x0, 0x0, {}, {}, {}, 0x1, @canfd={{}, 0x0, 0x0, 0x0, 0x0, "b8ee0816756b62187804752330b2b55830d7228ef1593c0639bd084bba0bfd8db72f70e5b2e7f90e11cbc6ec61a03fc316d5d47970907af5fc4a27f6cf718909"}}, 0x38}}, 0x0) 09:52:18 executing program 1: r0 = socket(0x10, 0x8000000803, 0x0) sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newlink={0x130, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x100, 0x12, 0x0, 0x1, @vlan={{0x9}, {0xf0, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x4}, @IFLA_VLAN_INGRESS_QOS={0x7c, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0x6}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x64, 0x3, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}]}]}}}, @IFLA_LINK={0x8}, @IFLA_MASTER={0x8}]}, 0x130}}, 0x0) 09:52:18 executing program 0: r0 = socket$unix(0x1, 0x2, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) r2 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r2, &(0x7f0000000000), 0x10) sendmsg$can_bcm(r2, &(0x7f0000000480)={&(0x7f0000000340)={0x1d, r1}, 0x10, &(0x7f00000000c0)={&(0x7f0000000580)={0x4, 0x0, 0x0, {}, {}, {}, 0x1, @canfd={{}, 0x0, 0x0, 0x0, 0x0, "b8ee0816756b62187804752330b2b55830d7228ef1593c0639bd084bba0bfd8db72f70e5b2e7f90e11cbc6ec61a03fc316d5d47970907af5fc4a27f6cf718909"}}, 0x38}}, 0x0) 09:52:18 executing program 0: r0 = socket$unix(0x1, 0x2, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) r2 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r2, &(0x7f0000000000), 0x10) sendmsg$can_bcm(r2, &(0x7f0000000480)={&(0x7f0000000340)={0x1d, r1}, 0x10, &(0x7f00000000c0)={&(0x7f0000000580)={0x4, 0x0, 0x0, {}, {}, {}, 0x1, @canfd={{}, 0x0, 0x0, 0x0, 0x0, "b8ee0816756b62187804752330b2b55830d7228ef1593c0639bd084bba0bfd8db72f70e5b2e7f90e11cbc6ec61a03fc316d5d47970907af5fc4a27f6cf718909"}}, 0x38}}, 0x0) 09:52:18 executing program 3: io_setup(0x7f, &(0x7f0000000000)=0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000400)='clear_refs\x00') r3 = eventfd2(0x0, 0x0) io_submit(r0, 0x2, &(0x7f0000000380)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0}, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x5, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x5, r3}]) 09:52:18 executing program 2: r0 = socket$unix(0x1, 0x2, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) r2 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r2, &(0x7f0000000000), 0x10) sendmsg$can_bcm(r2, &(0x7f0000000480)={&(0x7f0000000340)={0x1d, r1}, 0x10, &(0x7f00000000c0)={&(0x7f0000000580)={0x4, 0x0, 0x0, {}, {}, {}, 0x1, @canfd={{}, 0x0, 0x0, 0x0, 0x0, "b8ee0816756b62187804752330b2b55830d7228ef1593c0639bd084bba0bfd8db72f70e5b2e7f90e11cbc6ec61a03fc316d5d47970907af5fc4a27f6cf718909"}}, 0x38}}, 0x0) 09:52:18 executing program 1: r0 = socket(0x10, 0x8000000803, 0x0) sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newlink={0x130, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x100, 0x12, 0x0, 0x1, @vlan={{0x9}, {0xf0, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x4}, @IFLA_VLAN_INGRESS_QOS={0x7c, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0x6}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x64, 0x3, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}]}]}}}, @IFLA_LINK={0x8}, @IFLA_MASTER={0x8}]}, 0x130}}, 0x0) 09:52:18 executing program 1: r0 = socket(0x10, 0x8000000803, 0x0) sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newlink={0x130, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x100, 0x12, 0x0, 0x1, @vlan={{0x9}, {0xf0, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x4}, @IFLA_VLAN_INGRESS_QOS={0x7c, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0x6}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x64, 0x3, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}]}]}}}, @IFLA_LINK={0x8}, @IFLA_MASTER={0x8}]}, 0x130}}, 0x0) 09:52:18 executing program 0: prctl$PR_GET_TIMERSLACK(0x1e) r0 = socket$inet(0x2, 0x2, 0x0) r1 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x2, 0x122) ioctl$FITRIM(r1, 0xc0185879, &(0x7f00000000c0)={0x0, 0xffffffea}) shutdown(r0, 0x0) setsockopt$sock_int(r0, 0x1, 0x2e, &(0x7f0000000000)=0x7, 0x4) recvmmsg(r0, &(0x7f00000066c0), 0xa0d, 0x0, 0x0) 09:52:18 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$GIO_CMAP(r0, 0x4b52, &(0x7f00000000c0)) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$GIO_CMAP(r1, 0x4b52, &(0x7f00000000c0)) 09:52:18 executing program 1: r0 = socket(0x10, 0x8000000803, 0x0) sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newlink={0x130, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x100, 0x12, 0x0, 0x1, @vlan={{0x9}, {0xf0, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x4}, @IFLA_VLAN_INGRESS_QOS={0x7c, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0x6}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_EGRESS_QOS={0x64, 0x3, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}]}]}}}, @IFLA_LINK={0x8}, @IFLA_MASTER={0x8}]}, 0x130}}, 0x0) 09:52:18 executing program 3: io_setup(0x7f, &(0x7f0000000000)=0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000400)='clear_refs\x00') r3 = eventfd2(0x0, 0x0) io_submit(r0, 0x2, &(0x7f0000000380)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0}, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x5, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x5, r3}]) 09:52:18 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$GIO_CMAP(r0, 0x4b52, &(0x7f00000000c0)) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$GIO_CMAP(r1, 0x4b52, &(0x7f00000000c0)) 09:52:18 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$GIO_CMAP(r0, 0x4b52, &(0x7f00000000c0)) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$GIO_CMAP(r1, 0x4b52, &(0x7f00000000c0)) 09:52:18 executing program 0: prctl$PR_GET_TIMERSLACK(0x1e) r0 = socket$inet(0x2, 0x2, 0x0) r1 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x2, 0x122) ioctl$FITRIM(r1, 0xc0185879, &(0x7f00000000c0)={0x0, 0xffffffea}) shutdown(r0, 0x0) setsockopt$sock_int(r0, 0x1, 0x2e, &(0x7f0000000000)=0x7, 0x4) recvmmsg(r0, &(0x7f00000066c0), 0xa0d, 0x0, 0x0) 09:52:19 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$GIO_CMAP(r0, 0x4b52, &(0x7f00000000c0)) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$GIO_CMAP(r1, 0x4b52, &(0x7f00000000c0)) 09:52:19 executing program 3: io_setup(0x7f, &(0x7f0000000000)=0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000400)='clear_refs\x00') r3 = eventfd2(0x0, 0x0) io_submit(r0, 0x2, &(0x7f0000000380)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0}, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x5, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x5, r3}]) 09:52:19 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$GIO_CMAP(r0, 0x4b52, &(0x7f00000000c0)) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$GIO_CMAP(r1, 0x4b52, &(0x7f00000000c0)) 09:52:19 executing program 0: prctl$PR_GET_TIMERSLACK(0x1e) r0 = socket$inet(0x2, 0x2, 0x0) r1 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x2, 0x122) ioctl$FITRIM(r1, 0xc0185879, &(0x7f00000000c0)={0x0, 0xffffffea}) shutdown(r0, 0x0) setsockopt$sock_int(r0, 0x1, 0x2e, &(0x7f0000000000)=0x7, 0x4) recvmmsg(r0, &(0x7f00000066c0), 0xa0d, 0x0, 0x0) 09:52:19 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$GIO_CMAP(r0, 0x4b52, &(0x7f00000000c0)) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$GIO_CMAP(r1, 0x4b52, &(0x7f00000000c0)) 09:52:19 executing program 0: prctl$PR_GET_TIMERSLACK(0x1e) r0 = socket$inet(0x2, 0x2, 0x0) r1 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x2, 0x122) ioctl$FITRIM(r1, 0xc0185879, &(0x7f00000000c0)={0x0, 0xffffffea}) shutdown(r0, 0x0) setsockopt$sock_int(r0, 0x1, 0x2e, &(0x7f0000000000)=0x7, 0x4) recvmmsg(r0, &(0x7f00000066c0), 0xa0d, 0x0, 0x0) 09:52:19 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$GIO_CMAP(r0, 0x4b52, &(0x7f00000000c0)) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$GIO_CMAP(r1, 0x4b52, &(0x7f00000000c0)) 09:52:19 executing program 3: prctl$PR_GET_TIMERSLACK(0x1e) r0 = socket$inet(0x2, 0x2, 0x0) r1 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x2, 0x122) ioctl$FITRIM(r1, 0xc0185879, &(0x7f00000000c0)={0x0, 0xffffffea}) shutdown(r0, 0x0) setsockopt$sock_int(r0, 0x1, 0x2e, &(0x7f0000000000)=0x7, 0x4) recvmmsg(r0, &(0x7f00000066c0), 0xa0d, 0x0, 0x0) 09:52:19 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000480), 0x0, 0x0) mmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x13, r0, 0x0) ioctl$SG_SET_RESERVED_SIZE(r0, 0x2275, &(0x7f00000000c0)) 09:52:19 executing program 1: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x2a, &(0x7f0000000080)=@nat={'nat\x00', 0x1b, 0x5, 0x328, 0x2d8, 0x1f0, 0xffffffff, 0x0, 0x100, 0x3a0, 0x3a0, 0xffffffff, 0x3a0, 0x3a0, 0x5, 0x0, {[{{@uncond, 0x0, 0x70, 0xa8}, @MASQUERADE={0x38, 'MASQUERADE\x00', 0x0, {0x1, {0x0, @broadcast, @local, @gre_key}}}}, {{@ip={@local, @rand_addr, 0x0, 0x0, 'geneve0\x00', 'ipvlan0\x00'}, 0x0, 0x70, 0x98}, @common=@unspec=@STANDARD={0x28}}, {{@ip={@multicast1, @empty, 0x0, 0x0, 'bond0\x00', 'bond_slave_1\x00'}, 0x0, 0x70, 0xa8}, @DNAT0={0x38, 'DNAT\x00', 0x0, {0x1, {0x0, @rand_addr, @broadcast, @icmp_id, @gre_key}}}}, {{@ip={@empty, @dev, 0x0, 0x0, 'hsr0\x00', 'gretap0\x00'}, 0x0, 0x70, 0xa8}, @MASQUERADE={0x38, 'MASQUERADE\x00', 0x0, {0x1, {0x0, @remote, @multicast2, @icmp_id, @icmp_id}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x388) 09:52:19 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x8}]}, 0x24}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000500)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x28, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}]}, 0x28}}, 0x0) syz_80211_join_ibss(&(0x7f0000000140)='wlan1\x00', &(0x7f0000000040)=@default_ap_ssid, 0x6, 0x0) 09:52:19 executing program 3: prctl$PR_GET_TIMERSLACK(0x1e) r0 = socket$inet(0x2, 0x2, 0x0) r1 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x2, 0x122) ioctl$FITRIM(r1, 0xc0185879, &(0x7f00000000c0)={0x0, 0xffffffea}) shutdown(r0, 0x0) setsockopt$sock_int(r0, 0x1, 0x2e, &(0x7f0000000000)=0x7, 0x4) recvmmsg(r0, &(0x7f00000066c0), 0xa0d, 0x0, 0x0) 09:52:19 executing program 1: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x2a, &(0x7f0000000080)=@nat={'nat\x00', 0x1b, 0x5, 0x328, 0x2d8, 0x1f0, 0xffffffff, 0x0, 0x100, 0x3a0, 0x3a0, 0xffffffff, 0x3a0, 0x3a0, 0x5, 0x0, {[{{@uncond, 0x0, 0x70, 0xa8}, @MASQUERADE={0x38, 'MASQUERADE\x00', 0x0, {0x1, {0x0, @broadcast, @local, @gre_key}}}}, {{@ip={@local, @rand_addr, 0x0, 0x0, 'geneve0\x00', 'ipvlan0\x00'}, 0x0, 0x70, 0x98}, @common=@unspec=@STANDARD={0x28}}, {{@ip={@multicast1, @empty, 0x0, 0x0, 'bond0\x00', 'bond_slave_1\x00'}, 0x0, 0x70, 0xa8}, @DNAT0={0x38, 'DNAT\x00', 0x0, {0x1, {0x0, @rand_addr, @broadcast, @icmp_id, @gre_key}}}}, {{@ip={@empty, @dev, 0x0, 0x0, 'hsr0\x00', 'gretap0\x00'}, 0x0, 0x70, 0xa8}, @MASQUERADE={0x38, 'MASQUERADE\x00', 0x0, {0x1, {0x0, @remote, @multicast2, @icmp_id, @icmp_id}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x388) 09:52:19 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000480), 0x0, 0x0) mmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x13, r0, 0x0) ioctl$SG_SET_RESERVED_SIZE(r0, 0x2275, &(0x7f00000000c0)) [ 700.993334][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 09:52:19 executing program 3: prctl$PR_GET_TIMERSLACK(0x1e) r0 = socket$inet(0x2, 0x2, 0x0) r1 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x2, 0x122) ioctl$FITRIM(r1, 0xc0185879, &(0x7f00000000c0)={0x0, 0xffffffea}) shutdown(r0, 0x0) setsockopt$sock_int(r0, 0x1, 0x2e, &(0x7f0000000000)=0x7, 0x4) recvmmsg(r0, &(0x7f00000066c0), 0xa0d, 0x0, 0x0) [ 701.060536][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 701.099247][T15956] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 09:52:19 executing program 1: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x2a, &(0x7f0000000080)=@nat={'nat\x00', 0x1b, 0x5, 0x328, 0x2d8, 0x1f0, 0xffffffff, 0x0, 0x100, 0x3a0, 0x3a0, 0xffffffff, 0x3a0, 0x3a0, 0x5, 0x0, {[{{@uncond, 0x0, 0x70, 0xa8}, @MASQUERADE={0x38, 'MASQUERADE\x00', 0x0, {0x1, {0x0, @broadcast, @local, @gre_key}}}}, {{@ip={@local, @rand_addr, 0x0, 0x0, 'geneve0\x00', 'ipvlan0\x00'}, 0x0, 0x70, 0x98}, @common=@unspec=@STANDARD={0x28}}, {{@ip={@multicast1, @empty, 0x0, 0x0, 'bond0\x00', 'bond_slave_1\x00'}, 0x0, 0x70, 0xa8}, @DNAT0={0x38, 'DNAT\x00', 0x0, {0x1, {0x0, @rand_addr, @broadcast, @icmp_id, @gre_key}}}}, {{@ip={@empty, @dev, 0x0, 0x0, 'hsr0\x00', 'gretap0\x00'}, 0x0, 0x70, 0xa8}, @MASQUERADE={0x38, 'MASQUERADE\x00', 0x0, {0x1, {0x0, @remote, @multicast2, @icmp_id, @icmp_id}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x388) 09:52:19 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000480), 0x0, 0x0) mmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x13, r0, 0x0) ioctl$SG_SET_RESERVED_SIZE(r0, 0x2275, &(0x7f00000000c0)) 09:52:19 executing program 1: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x2a, &(0x7f0000000080)=@nat={'nat\x00', 0x1b, 0x5, 0x328, 0x2d8, 0x1f0, 0xffffffff, 0x0, 0x100, 0x3a0, 0x3a0, 0xffffffff, 0x3a0, 0x3a0, 0x5, 0x0, {[{{@uncond, 0x0, 0x70, 0xa8}, @MASQUERADE={0x38, 'MASQUERADE\x00', 0x0, {0x1, {0x0, @broadcast, @local, @gre_key}}}}, {{@ip={@local, @rand_addr, 0x0, 0x0, 'geneve0\x00', 'ipvlan0\x00'}, 0x0, 0x70, 0x98}, @common=@unspec=@STANDARD={0x28}}, {{@ip={@multicast1, @empty, 0x0, 0x0, 'bond0\x00', 'bond_slave_1\x00'}, 0x0, 0x70, 0xa8}, @DNAT0={0x38, 'DNAT\x00', 0x0, {0x1, {0x0, @rand_addr, @broadcast, @icmp_id, @gre_key}}}}, {{@ip={@empty, @dev, 0x0, 0x0, 'hsr0\x00', 'gretap0\x00'}, 0x0, 0x70, 0xa8}, @MASQUERADE={0x38, 'MASQUERADE\x00', 0x0, {0x1, {0x0, @remote, @multicast2, @icmp_id, @icmp_id}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x388) [ 701.236429][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 09:52:19 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x8}]}, 0x24}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000500)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x28, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}]}, 0x28}}, 0x0) syz_80211_join_ibss(&(0x7f0000000140)='wlan1\x00', &(0x7f0000000040)=@default_ap_ssid, 0x6, 0x0) [ 701.262743][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 09:52:19 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x8}]}, 0x24}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000500)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x28, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}]}, 0x28}}, 0x0) syz_80211_join_ibss(&(0x7f0000000140)='wlan1\x00', &(0x7f0000000040)=@default_ap_ssid, 0x6, 0x0) 09:52:19 executing program 1: r0 = syz_open_dev$sg(&(0x7f0000000480), 0x0, 0x0) mmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x13, r0, 0x0) ioctl$SG_SET_RESERVED_SIZE(r0, 0x2275, &(0x7f00000000c0)) 09:52:19 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000480), 0x0, 0x0) mmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x13, r0, 0x0) ioctl$SG_SET_RESERVED_SIZE(r0, 0x2275, &(0x7f00000000c0)) [ 701.428731][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 701.450988][ T8881] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 701.451139][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 701.480350][ T8881] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 09:52:20 executing program 1: r0 = syz_open_dev$sg(&(0x7f0000000480), 0x0, 0x0) mmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x13, r0, 0x0) ioctl$SG_SET_RESERVED_SIZE(r0, 0x2275, &(0x7f00000000c0)) 09:52:20 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x8}]}, 0x24}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000500)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x28, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}]}, 0x28}}, 0x0) syz_80211_join_ibss(&(0x7f0000000140)='wlan1\x00', &(0x7f0000000040)=@default_ap_ssid, 0x6, 0x0) [ 701.524958][ T9581] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 09:52:20 executing program 2: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x200000005c831, 0xffffffffffffffff, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xa) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000080)) timer_settime(0x0, 0x0, 0x0, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) timer_settime(r0, 0x0, &(0x7f0000000140)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) futex(&(0x7f0000000240)=0x1, 0x6, 0x0, 0x0, 0x0, 0x0) move_pages(0x0, 0x0, 0x0, &(0x7f0000001140), 0x0, 0x0) r1 = openat$vcs(0xffffffffffffff9c, 0x0, 0x2000, 0x0) dup3(r1, 0xffffffffffffffff, 0x80000) pipe(0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(0xffffffffffffffff, 0x2405, 0xffffffffffffffff) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000100)={0x0, "3cc09b27b1bc344e527128f068fc413e"}) [ 701.661101][ T8881] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 701.681390][ T8881] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 09:52:20 executing program 1: r0 = syz_open_dev$sg(&(0x7f0000000480), 0x0, 0x0) mmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x13, r0, 0x0) ioctl$SG_SET_RESERVED_SIZE(r0, 0x2275, &(0x7f00000000c0)) 09:52:20 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x8}]}, 0x24}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000500)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x28, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}]}, 0x28}}, 0x0) syz_80211_join_ibss(&(0x7f0000000140)='wlan1\x00', &(0x7f0000000040)=@default_ap_ssid, 0x6, 0x0) 09:52:20 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x8}]}, 0x24}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000500)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x28, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}]}, 0x28}}, 0x0) syz_80211_join_ibss(&(0x7f0000000140)='wlan1\x00', &(0x7f0000000040)=@default_ap_ssid, 0x6, 0x0) [ 701.885278][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 09:52:20 executing program 1: setuid(0xee01) r0 = msgget$private(0x0, 0x0) msgsnd(r0, &(0x7f0000000140)={0x1}, 0x8, 0x0) [ 701.928974][ T8881] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 701.935742][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 701.948494][ T8881] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 09:52:20 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x8}]}, 0x24}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000500)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x28, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}]}, 0x28}}, 0x0) syz_80211_join_ibss(&(0x7f0000000140)='wlan1\x00', &(0x7f0000000040)=@default_ap_ssid, 0x6, 0x0) 09:52:20 executing program 1: setuid(0xee01) r0 = msgget$private(0x0, 0x0) msgsnd(r0, &(0x7f0000000140)={0x1}, 0x8, 0x0) 09:52:20 executing program 0: syz_mount_image$iso9660(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="ff4344303031", 0x6, 0x8800}], 0x0, &(0x7f0000011700)) [ 702.125201][ T8849] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 702.164579][ T8849] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 702.166932][T28436] loop0: detected capacity change from 0 to 136 [ 702.212855][T28436] ISOFS: Unable to identify CD-ROM format. 09:52:24 executing program 2: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x200000005c831, 0xffffffffffffffff, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xa) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000080)) timer_settime(0x0, 0x0, 0x0, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) timer_settime(r0, 0x0, &(0x7f0000000140)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) futex(&(0x7f0000000240)=0x1, 0x6, 0x0, 0x0, 0x0, 0x0) move_pages(0x0, 0x0, 0x0, &(0x7f0000001140), 0x0, 0x0) r1 = openat$vcs(0xffffffffffffff9c, 0x0, 0x2000, 0x0) dup3(r1, 0xffffffffffffffff, 0x80000) pipe(0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(0xffffffffffffffff, 0x2405, 0xffffffffffffffff) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000100)={0x0, "3cc09b27b1bc344e527128f068fc413e"}) 09:52:24 executing program 1: setuid(0xee01) r0 = msgget$private(0x0, 0x0) msgsnd(r0, &(0x7f0000000140)={0x1}, 0x8, 0x0) 09:52:24 executing program 3: perf_event_open(&(0x7f000001d000)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000140)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f00000004c0)="eb3c906d6b66732e66617400028001000240000004f801", 0x17}, {0x0, 0x0, 0x10e00}], 0x10010, &(0x7f00000001c0)=ANY=[]) mkdirat(r0, &(0x7f0000000040)='./file1\x00', 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x2) r2 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000080), 0x290c00, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000100)={r2, 0x3, 0x9, 0x80000000}) sync() sync() open(0x0, 0x0, 0x0) 09:52:24 executing program 0: syz_mount_image$iso9660(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="ff4344303031", 0x6, 0x8800}], 0x0, &(0x7f0000011700)) [ 705.687229][T28447] loop3: detected capacity change from 0 to 270 09:52:24 executing program 1: setuid(0xee01) r0 = msgget$private(0x0, 0x0) msgsnd(r0, &(0x7f0000000140)={0x1}, 0x8, 0x0) [ 705.687681][T28445] loop0: detected capacity change from 0 to 136 [ 705.759251][T28445] ISOFS: Unable to identify CD-ROM format. 09:52:24 executing program 1: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x200000005c831, 0xffffffffffffffff, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xa) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000080)) timer_settime(0x0, 0x0, 0x0, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) timer_settime(r0, 0x0, &(0x7f0000000140)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) futex(&(0x7f0000000240)=0x1, 0x6, 0x0, 0x0, 0x0, 0x0) move_pages(0x0, 0x0, 0x0, &(0x7f0000001140), 0x0, 0x0) r1 = openat$vcs(0xffffffffffffff9c, 0x0, 0x2000, 0x0) dup3(r1, 0xffffffffffffffff, 0x80000) pipe(0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(0xffffffffffffffff, 0x2405, 0xffffffffffffffff) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000100)={0x0, "3cc09b27b1bc344e527128f068fc413e"}) 09:52:24 executing program 0: syz_mount_image$iso9660(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="ff4344303031", 0x6, 0x8800}], 0x0, &(0x7f0000011700)) 09:52:24 executing program 3: perf_event_open(&(0x7f000001d000)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000140)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f00000004c0)="eb3c906d6b66732e66617400028001000240000004f801", 0x17}, {0x0, 0x0, 0x10e00}], 0x10010, &(0x7f00000001c0)=ANY=[]) mkdirat(r0, &(0x7f0000000040)='./file1\x00', 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x2) r2 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000080), 0x290c00, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000100)={r2, 0x3, 0x9, 0x80000000}) sync() sync() open(0x0, 0x0, 0x0) [ 706.144004][T28468] loop0: detected capacity change from 0 to 136 [ 706.209042][T28468] ISOFS: Unable to identify CD-ROM format. 09:52:25 executing program 2: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x200000005c831, 0xffffffffffffffff, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xa) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000080)) timer_settime(0x0, 0x0, 0x0, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) timer_settime(r0, 0x0, &(0x7f0000000140)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) futex(&(0x7f0000000240)=0x1, 0x6, 0x0, 0x0, 0x0, 0x0) move_pages(0x0, 0x0, 0x0, &(0x7f0000001140), 0x0, 0x0) r1 = openat$vcs(0xffffffffffffff9c, 0x0, 0x2000, 0x0) dup3(r1, 0xffffffffffffffff, 0x80000) pipe(0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(0xffffffffffffffff, 0x2405, 0xffffffffffffffff) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000100)={0x0, "3cc09b27b1bc344e527128f068fc413e"}) 09:52:25 executing program 3: perf_event_open(&(0x7f000001d000)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000140)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f00000004c0)="eb3c906d6b66732e66617400028001000240000004f801", 0x17}, {0x0, 0x0, 0x10e00}], 0x10010, &(0x7f00000001c0)=ANY=[]) mkdirat(r0, &(0x7f0000000040)='./file1\x00', 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x2) r2 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000080), 0x290c00, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000100)={r2, 0x3, 0x9, 0x80000000}) sync() sync() open(0x0, 0x0, 0x0) 09:52:25 executing program 0: syz_mount_image$iso9660(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="ff4344303031", 0x6, 0x8800}], 0x0, &(0x7f0000011700)) [ 706.654875][T28480] loop3: detected capacity change from 0 to 270 [ 706.685452][T28481] loop0: detected capacity change from 0 to 136 [ 706.717760][T28481] ISOFS: Unable to identify CD-ROM format. 09:52:25 executing program 1: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x200000005c831, 0xffffffffffffffff, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xa) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000080)) timer_settime(0x0, 0x0, 0x0, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) timer_settime(r0, 0x0, &(0x7f0000000140)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) futex(&(0x7f0000000240)=0x1, 0x6, 0x0, 0x0, 0x0, 0x0) move_pages(0x0, 0x0, 0x0, &(0x7f0000001140), 0x0, 0x0) r1 = openat$vcs(0xffffffffffffff9c, 0x0, 0x2000, 0x0) dup3(r1, 0xffffffffffffffff, 0x80000) pipe(0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(0xffffffffffffffff, 0x2405, 0xffffffffffffffff) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000100)={0x0, "3cc09b27b1bc344e527128f068fc413e"}) 09:52:25 executing program 3: perf_event_open(&(0x7f000001d000)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000140)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f00000004c0)="eb3c906d6b66732e66617400028001000240000004f801", 0x17}, {0x0, 0x0, 0x10e00}], 0x10010, &(0x7f00000001c0)=ANY=[]) mkdirat(r0, &(0x7f0000000040)='./file1\x00', 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x2) r2 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000080), 0x290c00, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000100)={r2, 0x3, 0x9, 0x80000000}) sync() sync() open(0x0, 0x0, 0x0) 09:52:25 executing program 0: perf_event_open(&(0x7f000001d000)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000140)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f00000004c0)="eb3c906d6b66732e66617400028001000240000004f801", 0x17}, {0x0, 0x0, 0x10e00}], 0x10010, &(0x7f00000001c0)=ANY=[]) mkdirat(r0, &(0x7f0000000040)='./file1\x00', 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x2) r2 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000080), 0x290c00, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000100)={r2, 0x3, 0x9, 0x80000000}) sync() sync() open(0x0, 0x0, 0x0) [ 707.431588][T28501] loop0: detected capacity change from 0 to 270 09:52:25 executing program 2: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x200000005c831, 0xffffffffffffffff, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xa) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000080)) timer_settime(0x0, 0x0, 0x0, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) timer_settime(r0, 0x0, &(0x7f0000000140)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) futex(&(0x7f0000000240)=0x1, 0x6, 0x0, 0x0, 0x0, 0x0) move_pages(0x0, 0x0, 0x0, &(0x7f0000001140), 0x0, 0x0) r1 = openat$vcs(0xffffffffffffff9c, 0x0, 0x2000, 0x0) dup3(r1, 0xffffffffffffffff, 0x80000) pipe(0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(0xffffffffffffffff, 0x2405, 0xffffffffffffffff) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000100)={0x0, "3cc09b27b1bc344e527128f068fc413e"}) 09:52:26 executing program 1: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x200000005c831, 0xffffffffffffffff, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xa) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000080)) timer_settime(0x0, 0x0, 0x0, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) timer_settime(r0, 0x0, &(0x7f0000000140)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) futex(&(0x7f0000000240)=0x1, 0x6, 0x0, 0x0, 0x0, 0x0) move_pages(0x0, 0x0, 0x0, &(0x7f0000001140), 0x0, 0x0) r1 = openat$vcs(0xffffffffffffff9c, 0x0, 0x2000, 0x0) dup3(r1, 0xffffffffffffffff, 0x80000) pipe(0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(0xffffffffffffffff, 0x2405, 0xffffffffffffffff) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000100)={0x0, "3cc09b27b1bc344e527128f068fc413e"}) 09:52:26 executing program 3: perf_event_open(&(0x7f000001d000)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000140)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f00000004c0)="eb3c906d6b66732e66617400028001000240000004f801", 0x17}, {0x0, 0x0, 0x10e00}], 0x10010, &(0x7f00000001c0)=ANY=[]) mkdirat(r0, &(0x7f0000000040)='./file1\x00', 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x2) r2 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000080), 0x290c00, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000100)={r2, 0x3, 0x9, 0x80000000}) sync() sync() open(0x0, 0x0, 0x0) 09:52:26 executing program 0: perf_event_open(&(0x7f000001d000)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000140)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f00000004c0)="eb3c906d6b66732e66617400028001000240000004f801", 0x17}, {0x0, 0x0, 0x10e00}], 0x10010, &(0x7f00000001c0)=ANY=[]) mkdirat(r0, &(0x7f0000000040)='./file1\x00', 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x2) r2 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000080), 0x290c00, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000100)={r2, 0x3, 0x9, 0x80000000}) sync() sync() open(0x0, 0x0, 0x0) [ 707.890622][T28516] loop3: detected capacity change from 0 to 270 [ 707.961758][T28518] loop0: detected capacity change from 0 to 270 09:52:26 executing program 0: perf_event_open(&(0x7f000001d000)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000140)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f00000004c0)="eb3c906d6b66732e66617400028001000240000004f801", 0x17}, {0x0, 0x0, 0x10e00}], 0x10010, &(0x7f00000001c0)=ANY=[]) mkdirat(r0, &(0x7f0000000040)='./file1\x00', 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x2) r2 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000080), 0x290c00, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000100)={r2, 0x3, 0x9, 0x80000000}) sync() sync() open(0x0, 0x0, 0x0) 09:52:26 executing program 3: perf_event_open(&(0x7f000001d000)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000140)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f00000004c0)="eb3c906d6b66732e66617400028001000240000004f801", 0x17}, {0x0, 0x0, 0x10e00}], 0x10010, &(0x7f00000001c0)=ANY=[]) mkdirat(r0, &(0x7f0000000040)='./file1\x00', 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x2) r2 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000080), 0x290c00, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000100)={r2, 0x3, 0x9, 0x80000000}) sync() sync() open(0x0, 0x0, 0x0) [ 708.262065][T28530] loop0: detected capacity change from 0 to 270 [ 708.371979][T28537] loop3: detected capacity change from 0 to 270 09:52:27 executing program 2: perf_event_open(&(0x7f000001d000)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000140)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f00000004c0)="eb3c906d6b66732e66617400028001000240000004f801", 0x17}, {0x0, 0x0, 0x10e00}], 0x10010, &(0x7f00000001c0)=ANY=[]) mkdirat(r0, &(0x7f0000000040)='./file1\x00', 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x2) r2 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000080), 0x290c00, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000100)={r2, 0x3, 0x9, 0x80000000}) sync() sync() open(0x0, 0x0, 0x0) 09:52:27 executing program 0: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x200000005c831, 0xffffffffffffffff, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xa) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000080)) timer_settime(0x0, 0x0, 0x0, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) timer_settime(r0, 0x0, &(0x7f0000000140)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) futex(&(0x7f0000000240)=0x1, 0x6, 0x0, 0x0, 0x0, 0x0) move_pages(0x0, 0x0, 0x0, &(0x7f0000001140), 0x0, 0x0) r1 = openat$vcs(0xffffffffffffff9c, 0x0, 0x2000, 0x0) dup3(r1, 0xffffffffffffffff, 0x80000) pipe(0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(0xffffffffffffffff, 0x2405, 0xffffffffffffffff) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000100)={0x0, "3cc09b27b1bc344e527128f068fc413e"}) [ 708.592401][T28542] loop2: detected capacity change from 0 to 270 09:52:27 executing program 3: perf_event_open(&(0x7f000001d000)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000140)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f00000004c0)="eb3c906d6b66732e66617400028001000240000004f801", 0x17}, {0x0, 0x0, 0x10e00}], 0x10010, &(0x7f00000001c0)=ANY=[]) mkdirat(r0, &(0x7f0000000040)='./file1\x00', 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x2) r2 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000080), 0x290c00, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000100)={r2, 0x3, 0x9, 0x80000000}) sync() sync() open(0x0, 0x0, 0x0) 09:52:27 executing program 1: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000340)="2e00000029000504d25a80648c63940d0124fc6004000f400a003d005a00000037153e370a00018003000000d1bd", 0x2e}], 0x1}, 0x0) r1 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000340)="2e00000029000504d25a80648c63940d0124fc6004000f400a003d005a00000037153e370a00018003000000d1bd", 0x2e}], 0x1}, 0x0) [ 708.760422][T28548] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 708.784939][T28548] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 09:52:27 executing program 2: perf_event_open(&(0x7f000001d000)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000140)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f00000004c0)="eb3c906d6b66732e66617400028001000240000004f801", 0x17}, {0x0, 0x0, 0x10e00}], 0x10010, &(0x7f00000001c0)=ANY=[]) mkdirat(r0, &(0x7f0000000040)='./file1\x00', 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x2) r2 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000080), 0x290c00, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000100)={r2, 0x3, 0x9, 0x80000000}) sync() sync() open(0x0, 0x0, 0x0) 09:52:27 executing program 1: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000340)="2e00000029000504d25a80648c63940d0124fc6004000f400a003d005a00000037153e370a00018003000000d1bd", 0x2e}], 0x1}, 0x0) r1 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000340)="2e00000029000504d25a80648c63940d0124fc6004000f400a003d005a00000037153e370a00018003000000d1bd", 0x2e}], 0x1}, 0x0) [ 708.851790][T28553] loop3: detected capacity change from 0 to 270 [ 708.933263][T28557] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 09:52:27 executing program 1: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000340)="2e00000029000504d25a80648c63940d0124fc6004000f400a003d005a00000037153e370a00018003000000d1bd", 0x2e}], 0x1}, 0x0) r1 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000340)="2e00000029000504d25a80648c63940d0124fc6004000f400a003d005a00000037153e370a00018003000000d1bd", 0x2e}], 0x1}, 0x0) [ 709.038242][T28563] loop2: detected capacity change from 0 to 270 [ 709.146597][T28564] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 09:52:27 executing program 3: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000340)="2e00000029000504d25a80648c63940d0124fc6004000f400a003d005a00000037153e370a00018003000000d1bd", 0x2e}], 0x1}, 0x0) r1 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000340)="2e00000029000504d25a80648c63940d0124fc6004000f400a003d005a00000037153e370a00018003000000d1bd", 0x2e}], 0x1}, 0x0) 09:52:27 executing program 2: perf_event_open(&(0x7f000001d000)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000140)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f00000004c0)="eb3c906d6b66732e66617400028001000240000004f801", 0x17}, {0x0, 0x0, 0x10e00}], 0x10010, &(0x7f00000001c0)=ANY=[]) mkdirat(r0, &(0x7f0000000040)='./file1\x00', 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x2) r2 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000080), 0x290c00, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000100)={r2, 0x3, 0x9, 0x80000000}) sync() sync() open(0x0, 0x0, 0x0) [ 709.310418][T28570] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 709.414850][T28573] loop2: detected capacity change from 0 to 270 09:52:28 executing program 0: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x200000005c831, 0xffffffffffffffff, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xa) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000080)) timer_settime(0x0, 0x0, 0x0, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) timer_settime(r0, 0x0, &(0x7f0000000140)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) futex(&(0x7f0000000240)=0x1, 0x6, 0x0, 0x0, 0x0, 0x0) move_pages(0x0, 0x0, 0x0, &(0x7f0000001140), 0x0, 0x0) r1 = openat$vcs(0xffffffffffffff9c, 0x0, 0x2000, 0x0) dup3(r1, 0xffffffffffffffff, 0x80000) pipe(0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(0xffffffffffffffff, 0x2405, 0xffffffffffffffff) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000100)={0x0, "3cc09b27b1bc344e527128f068fc413e"}) 09:52:28 executing program 1: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000340)="2e00000029000504d25a80648c63940d0124fc6004000f400a003d005a00000037153e370a00018003000000d1bd", 0x2e}], 0x1}, 0x0) r1 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000340)="2e00000029000504d25a80648c63940d0124fc6004000f400a003d005a00000037153e370a00018003000000d1bd", 0x2e}], 0x1}, 0x0) 09:52:28 executing program 3: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000340)="2e00000029000504d25a80648c63940d0124fc6004000f400a003d005a00000037153e370a00018003000000d1bd", 0x2e}], 0x1}, 0x0) r1 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000340)="2e00000029000504d25a80648c63940d0124fc6004000f400a003d005a00000037153e370a00018003000000d1bd", 0x2e}], 0x1}, 0x0) [ 709.632060][T28579] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 709.691604][T28580] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 09:52:28 executing program 1: perf_event_open(&(0x7f00000015c0)={0x2, 0x80, 0xde, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffffff, &(0x7f00000002c0)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r0, 0x0) 09:52:28 executing program 3: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000340)="2e00000029000504d25a80648c63940d0124fc6004000f400a003d005a00000037153e370a00018003000000d1bd", 0x2e}], 0x1}, 0x0) r1 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000340)="2e00000029000504d25a80648c63940d0124fc6004000f400a003d005a00000037153e370a00018003000000d1bd", 0x2e}], 0x1}, 0x0) [ 709.832660][T28589] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 09:52:28 executing program 1: ioctl$sock_x25_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000180)={@remote={'\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc', 0x2}, 0x0, 'veth0_macvtap\x00'}) r0 = openat$audio1(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f0000000540)=0xcd3) 09:52:28 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_TEST(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="5c0100000b06010800000000000000000700000908000940000000036c000880100007900900120073797a30000000000c000780050007000c00000010000780090013007302000000000000000007800900120073797a3000000000100007800a001100bbbbbbbbbbbb0000100007800900120073797a31000000000c0007800800084000000008050001000700000008000940000000450900020073797a320000000005000100070000003c0007"], 0x15c}}, 0x0) 09:52:28 executing program 2: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000580)={@empty, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x20) [ 710.148547][T28601] __nla_validate_parse: 1 callbacks suppressed [ 710.148566][T28601] netlink: 116 bytes leftover after parsing attributes in process `syz-executor.3'. 09:52:29 executing program 0: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x200000005c831, 0xffffffffffffffff, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xa) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000080)) timer_settime(0x0, 0x0, 0x0, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) timer_settime(r0, 0x0, &(0x7f0000000140)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) futex(&(0x7f0000000240)=0x1, 0x6, 0x0, 0x0, 0x0, 0x0) move_pages(0x0, 0x0, 0x0, &(0x7f0000001140), 0x0, 0x0) r1 = openat$vcs(0xffffffffffffff9c, 0x0, 0x2000, 0x0) dup3(r1, 0xffffffffffffffff, 0x80000) pipe(0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(0xffffffffffffffff, 0x2405, 0xffffffffffffffff) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f0000000100)={0x0, "3cc09b27b1bc344e527128f068fc413e"}) 09:52:29 executing program 2: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000580)={@empty, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x20) 09:52:29 executing program 1: ioctl$sock_x25_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000180)={@remote={'\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc', 0x2}, 0x0, 'veth0_macvtap\x00'}) r0 = openat$audio1(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f0000000540)=0xcd3) 09:52:29 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_TEST(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="5c0100000b06010800000000000000000700000908000940000000036c000880100007900900120073797a30000000000c000780050007000c00000010000780090013007302000000000000000007800900120073797a3000000000100007800a001100bbbbbbbbbbbb0000100007800900120073797a31000000000c0007800800084000000008050001000700000008000940000000450900020073797a320000000005000100070000003c0007"], 0x15c}}, 0x0) [ 710.586095][T28609] netlink: 116 bytes leftover after parsing attributes in process `syz-executor.3'. 09:52:29 executing program 2: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000580)={@empty, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x20) 09:52:29 executing program 1: ioctl$sock_x25_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000180)={@remote={'\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc', 0x2}, 0x0, 'veth0_macvtap\x00'}) r0 = openat$audio1(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f0000000540)=0xcd3) 09:52:29 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_TEST(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="5c0100000b06010800000000000000000700000908000940000000036c000880100007900900120073797a30000000000c000780050007000c00000010000780090013007302000000000000000007800900120073797a3000000000100007800a001100bbbbbbbbbbbb0000100007800900120073797a31000000000c0007800800084000000008050001000700000008000940000000450900020073797a320000000005000100070000003c0007"], 0x15c}}, 0x0) [ 710.733690][T28619] netlink: 116 bytes leftover after parsing attributes in process `syz-executor.3'. 09:52:29 executing program 2: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000580)={@empty, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x20) 09:52:29 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_TEST(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="5c0100000b06010800000000000000000700000908000940000000036c000880100007900900120073797a30000000000c000780050007000c00000010000780090013007302000000000000000007800900120073797a3000000000100007800a001100bbbbbbbbbbbb0000100007800900120073797a31000000000c0007800800084000000008050001000700000008000940000000450900020073797a320000000005000100070000003c0007"], 0x15c}}, 0x0) 09:52:29 executing program 1: ioctl$sock_x25_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000180)={@remote={'\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc', 0x2}, 0x0, 'veth0_macvtap\x00'}) r0 = openat$audio1(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f0000000540)=0xcd3) 09:52:29 executing program 0: ioctl$sock_x25_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000180)={@remote={'\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc', 0x2}, 0x0, 'veth0_macvtap\x00'}) r0 = openat$audio1(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f0000000540)=0xcd3) 09:52:29 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_io_uring_setup(0xa1c, &(0x7f0000000340)={0x0, 0x4dba, 0xb, 0x0, 0x1f}, &(0x7f0000458000/0x2000)=nil, &(0x7f00005f6000/0x4000)=nil, &(0x7f00000003c0), &(0x7f0000000400)) [ 710.964833][T28631] netlink: 116 bytes leftover after parsing attributes in process `syz-executor.3'. 09:52:29 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_io_uring_setup(0xa1c, &(0x7f0000000340)={0x0, 0x4dba, 0xb, 0x0, 0x1f}, &(0x7f0000458000/0x2000)=nil, &(0x7f00005f6000/0x4000)=nil, &(0x7f00000003c0), &(0x7f0000000400)) 09:52:29 executing program 0: ioctl$sock_x25_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000180)={@remote={'\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc', 0x2}, 0x0, 'veth0_macvtap\x00'}) r0 = openat$audio1(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f0000000540)=0xcd3) 09:52:29 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0x2800, 0x4) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000400)={0x0, &(0x7f0000000100)}, 0x10) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x0) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x1c}}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000180)='illinois\x00', 0x9) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f00000000c0), 0x4) bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, 0x0, 0x0) getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, 0x0, 0x0) setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) sendmsg$inet(r0, &(0x7f00000015c0)={0x0, 0x14, &(0x7f0000001600)=[{&(0x7f0000000240)=' ', 0xffffff1f}], 0x1}, 0x0) recvmsg(r0, &(0x7f0000000580)={0x0, 0x2, &(0x7f0000000500)=[{&(0x7f0000000740)=""/4096, 0xa15b0}], 0x1}, 0x700) 09:52:29 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000040)='./bus\x00', 0x0) r0 = creat(&(0x7f00000000c0)='./bus/file1\x00', 0x0) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount$overlay(0x400002, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='upperdir=./file1,lowerdir=./bus,workdir=./file0,metacopy=on']) lsetxattr$security_capability(&(0x7f0000000140)='./bus/file1\x00', &(0x7f0000000180), &(0x7f0000000280)=@v3, 0x18, 0x0) link(&(0x7f00000001c0)='./bus/file1\x00', &(0x7f00000002c0)='./bus/file0\x00') perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_aout(r0, &(0x7f0000000780)=ANY=[], 0x20) acct(&(0x7f0000000440)='./bus/file0\x00') 09:52:29 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_io_uring_setup(0xa1c, &(0x7f0000000340)={0x0, 0x4dba, 0xb, 0x0, 0x1f}, &(0x7f0000458000/0x2000)=nil, &(0x7f00005f6000/0x4000)=nil, &(0x7f00000003c0), &(0x7f0000000400)) 09:52:29 executing program 0: ioctl$sock_x25_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000180)={@remote={'\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc', 0x2}, 0x0, 'veth0_macvtap\x00'}) r0 = openat$audio1(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f0000000540)=0xcd3) 09:52:29 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_io_uring_setup(0xa1c, &(0x7f0000000340)={0x0, 0x4dba, 0xb, 0x0, 0x1f}, &(0x7f0000458000/0x2000)=nil, &(0x7f00005f6000/0x4000)=nil, &(0x7f00000003c0), &(0x7f0000000400)) 09:52:29 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)={0x34, r4, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_MESH_SETUP={0xc, 0x70, [@NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC={0x5}]}]}, 0x34}}, 0x0) sendfile(r2, r1, 0x0, 0x100005000) 09:52:30 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x12f0, 0x1148, 0x1d0, 0x2a5, 0x1148, 0x1d0, 0x1220, 0x2a0, 0x2a0, 0x1220, 0x2a0, 0x3, 0x0, {[{{@ipv6={@remote, @remote, [], [], 'batadv_slave_0\x00', 'lo\x00'}, 0x0, 0x1120, 0x1148, 0x0, {}, [@common=@unspec=@helper={{0x48}, {0x0, 'Q.931\x00'}}, @common=@unspec=@cgroup1={{0x1030}, {0x0, 0x0, 0x2, 0x0, './cgroup.cpu/syz1\x00'}}]}, @common=@inet=@SET1={0x28}}, {{@uncond, 0x0, 0xa8, 0xd8}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x1350) [ 711.499651][ T51] audit: type=1804 audit(1626688350.019:152): pid=28658 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/syzkaller-testdir721736670/syzkaller.FB3ewm/429/cgroup.controllers" dev="sda1" ino=14225 res=1 errno=0 09:52:30 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x12f0, 0x1148, 0x1d0, 0x2a5, 0x1148, 0x1d0, 0x1220, 0x2a0, 0x2a0, 0x1220, 0x2a0, 0x3, 0x0, {[{{@ipv6={@remote, @remote, [], [], 'batadv_slave_0\x00', 'lo\x00'}, 0x0, 0x1120, 0x1148, 0x0, {}, [@common=@unspec=@helper={{0x48}, {0x0, 'Q.931\x00'}}, @common=@unspec=@cgroup1={{0x1030}, {0x0, 0x0, 0x2, 0x0, './cgroup.cpu/syz1\x00'}}]}, @common=@inet=@SET1={0x28}}, {{@uncond, 0x0, 0xa8, 0xd8}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x1350) [ 712.102842][T28670] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection. [ 712.178922][T28643] Process accounting resumed 09:52:30 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)={0x34, r4, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_MESH_SETUP={0xc, 0x70, [@NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC={0x5}]}]}, 0x34}}, 0x0) sendfile(r2, r1, 0x0, 0x100005000) [ 712.274363][T28670] Process accounting resumed 09:52:30 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000040)='./bus\x00', 0x0) r0 = creat(&(0x7f00000000c0)='./bus/file1\x00', 0x0) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount$overlay(0x400002, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='upperdir=./file1,lowerdir=./bus,workdir=./file0,metacopy=on']) lsetxattr$security_capability(&(0x7f0000000140)='./bus/file1\x00', &(0x7f0000000180), &(0x7f0000000280)=@v3, 0x18, 0x0) link(&(0x7f00000001c0)='./bus/file1\x00', &(0x7f00000002c0)='./bus/file0\x00') perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_aout(r0, &(0x7f0000000780)=ANY=[], 0x20) acct(&(0x7f0000000440)='./bus/file0\x00') 09:52:30 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x12f0, 0x1148, 0x1d0, 0x2a5, 0x1148, 0x1d0, 0x1220, 0x2a0, 0x2a0, 0x1220, 0x2a0, 0x3, 0x0, {[{{@ipv6={@remote, @remote, [], [], 'batadv_slave_0\x00', 'lo\x00'}, 0x0, 0x1120, 0x1148, 0x0, {}, [@common=@unspec=@helper={{0x48}, {0x0, 'Q.931\x00'}}, @common=@unspec=@cgroup1={{0x1030}, {0x0, 0x0, 0x2, 0x0, './cgroup.cpu/syz1\x00'}}]}, @common=@inet=@SET1={0x28}}, {{@uncond, 0x0, 0xa8, 0xd8}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x1350) 09:52:30 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)={0x34, r4, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_MESH_SETUP={0xc, 0x70, [@NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC={0x5}]}]}, 0x34}}, 0x0) sendfile(r2, r1, 0x0, 0x100005000) [ 712.372191][ T51] audit: type=1804 audit(1626688350.899:153): pid=28678 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/syzkaller-testdir816205733/syzkaller.CpYtQu/455/cgroup.controllers" dev="sda1" ino=14007 res=1 errno=0 09:52:30 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x12f0, 0x1148, 0x1d0, 0x2a5, 0x1148, 0x1d0, 0x1220, 0x2a0, 0x2a0, 0x1220, 0x2a0, 0x3, 0x0, {[{{@ipv6={@remote, @remote, [], [], 'batadv_slave_0\x00', 'lo\x00'}, 0x0, 0x1120, 0x1148, 0x0, {}, [@common=@unspec=@helper={{0x48}, {0x0, 'Q.931\x00'}}, @common=@unspec=@cgroup1={{0x1030}, {0x0, 0x0, 0x2, 0x0, './cgroup.cpu/syz1\x00'}}]}, @common=@inet=@SET1={0x28}}, {{@uncond, 0x0, 0xa8, 0xd8}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x1350) [ 712.511733][ T51] audit: type=1804 audit(1626688351.019:154): pid=28676 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/syzkaller-testdir721736670/syzkaller.FB3ewm/430/cgroup.controllers" dev="sda1" ino=14225 res=1 errno=0 [ 712.712522][T28680] Process accounting resumed 09:52:31 executing program 2: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000040)='./bus\x00', 0x0) r0 = creat(&(0x7f00000000c0)='./bus/file1\x00', 0x0) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount$overlay(0x400002, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='upperdir=./file1,lowerdir=./bus,workdir=./file0,metacopy=on']) lsetxattr$security_capability(&(0x7f0000000140)='./bus/file1\x00', &(0x7f0000000180), &(0x7f0000000280)=@v3, 0x18, 0x0) link(&(0x7f00000001c0)='./bus/file1\x00', &(0x7f00000002c0)='./bus/file0\x00') perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_aout(r0, &(0x7f0000000780)=ANY=[], 0x20) acct(&(0x7f0000000440)='./bus/file0\x00') 09:52:31 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000040)='./bus\x00', 0x0) r0 = creat(&(0x7f00000000c0)='./bus/file1\x00', 0x0) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount$overlay(0x400002, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='upperdir=./file1,lowerdir=./bus,workdir=./file0,metacopy=on']) lsetxattr$security_capability(&(0x7f0000000140)='./bus/file1\x00', &(0x7f0000000180), &(0x7f0000000280)=@v3, 0x18, 0x0) link(&(0x7f00000001c0)='./bus/file1\x00', &(0x7f00000002c0)='./bus/file0\x00') perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_aout(r0, &(0x7f0000000780)=ANY=[], 0x20) acct(&(0x7f0000000440)='./bus/file0\x00') 09:52:31 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)={0x34, r4, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_MESH_SETUP={0xc, 0x70, [@NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC={0x5}]}]}, 0x34}}, 0x0) sendfile(r2, r1, 0x0, 0x100005000) 09:52:31 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)={0x34, r4, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_MESH_SETUP={0xc, 0x70, [@NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC={0x5}]}]}, 0x34}}, 0x0) sendfile(r2, r1, 0x0, 0x100005000) [ 713.072289][ T51] audit: type=1804 audit(1626688351.589:155): pid=28691 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/syzkaller-testdir816205733/syzkaller.CpYtQu/456/cgroup.controllers" dev="sda1" ino=14022 res=1 errno=0 [ 713.147568][T28693] Process accounting resumed 09:52:31 executing program 2: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000040)='./bus\x00', 0x0) r0 = creat(&(0x7f00000000c0)='./bus/file1\x00', 0x0) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount$overlay(0x400002, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='upperdir=./file1,lowerdir=./bus,workdir=./file0,metacopy=on']) lsetxattr$security_capability(&(0x7f0000000140)='./bus/file1\x00', &(0x7f0000000180), &(0x7f0000000280)=@v3, 0x18, 0x0) link(&(0x7f00000001c0)='./bus/file1\x00', &(0x7f00000002c0)='./bus/file0\x00') perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_aout(r0, &(0x7f0000000780)=ANY=[], 0x20) acct(&(0x7f0000000440)='./bus/file0\x00') [ 713.413058][T28699] Process accounting resumed 09:52:32 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000040)='./bus\x00', 0x0) r0 = creat(&(0x7f00000000c0)='./bus/file1\x00', 0x0) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount$overlay(0x400002, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='upperdir=./file1,lowerdir=./bus,workdir=./file0,metacopy=on']) lsetxattr$security_capability(&(0x7f0000000140)='./bus/file1\x00', &(0x7f0000000180), &(0x7f0000000280)=@v3, 0x18, 0x0) link(&(0x7f00000001c0)='./bus/file1\x00', &(0x7f00000002c0)='./bus/file0\x00') perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_aout(r0, &(0x7f0000000780)=ANY=[], 0x20) acct(&(0x7f0000000440)='./bus/file0\x00') [ 713.462864][ T51] audit: type=1804 audit(1626688351.969:156): pid=28696 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/syzkaller-testdir721736670/syzkaller.FB3ewm/431/cgroup.controllers" dev="sda1" ino=14273 res=1 errno=0 09:52:32 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)={0x34, r4, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_MESH_SETUP={0xc, 0x70, [@NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC={0x5}]}]}, 0x34}}, 0x0) sendfile(r2, r1, 0x0, 0x100005000) [ 713.853151][T28705] Process accounting resumed 09:52:32 executing program 2: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000040)='./bus\x00', 0x0) r0 = creat(&(0x7f00000000c0)='./bus/file1\x00', 0x0) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount$overlay(0x400002, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='upperdir=./file1,lowerdir=./bus,workdir=./file0,metacopy=on']) lsetxattr$security_capability(&(0x7f0000000140)='./bus/file1\x00', &(0x7f0000000180), &(0x7f0000000280)=@v3, 0x18, 0x0) link(&(0x7f00000001c0)='./bus/file1\x00', &(0x7f00000002c0)='./bus/file0\x00') perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_aout(r0, &(0x7f0000000780)=ANY=[], 0x20) acct(&(0x7f0000000440)='./bus/file0\x00') 09:52:32 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)={0x34, r4, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_MESH_SETUP={0xc, 0x70, [@NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC={0x5}]}]}, 0x34}}, 0x0) sendfile(r2, r1, 0x0, 0x100005000) [ 714.145585][T28703] Process accounting resumed [ 714.165825][ T51] audit: type=1804 audit(1626688352.689:157): pid=28709 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/syzkaller-testdir816205733/syzkaller.CpYtQu/457/cgroup.controllers" dev="sda1" ino=13993 res=1 errno=0 09:52:32 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000040)='./bus\x00', 0x0) r0 = creat(&(0x7f00000000c0)='./bus/file1\x00', 0x0) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount$overlay(0x400002, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='upperdir=./file1,lowerdir=./bus,workdir=./file0,metacopy=on']) lsetxattr$security_capability(&(0x7f0000000140)='./bus/file1\x00', &(0x7f0000000180), &(0x7f0000000280)=@v3, 0x18, 0x0) link(&(0x7f00000001c0)='./bus/file1\x00', &(0x7f00000002c0)='./bus/file0\x00') perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_aout(r0, &(0x7f0000000780)=ANY=[], 0x20) acct(&(0x7f0000000440)='./bus/file0\x00') [ 714.369709][ T51] audit: type=1804 audit(1626688352.769:158): pid=28717 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/syzkaller-testdir721736670/syzkaller.FB3ewm/432/cgroup.controllers" dev="sda1" ino=13968 res=1 errno=0 09:52:32 executing program 0: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000040)='./bus\x00', 0x0) r0 = creat(&(0x7f00000000c0)='./bus/file1\x00', 0x0) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount$overlay(0x400002, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='upperdir=./file1,lowerdir=./bus,workdir=./file0,metacopy=on']) lsetxattr$security_capability(&(0x7f0000000140)='./bus/file1\x00', &(0x7f0000000180), &(0x7f0000000280)=@v3, 0x18, 0x0) link(&(0x7f00000001c0)='./bus/file1\x00', &(0x7f00000002c0)='./bus/file0\x00') perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_aout(r0, &(0x7f0000000780)=ANY=[], 0x20) acct(&(0x7f0000000440)='./bus/file0\x00') [ 714.465609][T28710] Process accounting resumed 09:52:33 executing program 2: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000040)='./bus\x00', 0x0) r0 = creat(&(0x7f00000000c0)='./bus/file1\x00', 0x0) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount$overlay(0x400002, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='upperdir=./file1,lowerdir=./bus,workdir=./file0,metacopy=on']) lsetxattr$security_capability(&(0x7f0000000140)='./bus/file1\x00', &(0x7f0000000180), &(0x7f0000000280)=@v3, 0x18, 0x0) link(&(0x7f00000001c0)='./bus/file1\x00', &(0x7f00000002c0)='./bus/file0\x00') perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_aout(r0, &(0x7f0000000780)=ANY=[], 0x20) acct(&(0x7f0000000440)='./bus/file0\x00') 09:52:33 executing program 3: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000040)='./bus\x00', 0x0) r0 = creat(&(0x7f00000000c0)='./bus/file1\x00', 0x0) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount$overlay(0x400002, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='upperdir=./file1,lowerdir=./bus,workdir=./file0,metacopy=on']) lsetxattr$security_capability(&(0x7f0000000140)='./bus/file1\x00', &(0x7f0000000180), &(0x7f0000000280)=@v3, 0x18, 0x0) link(&(0x7f00000001c0)='./bus/file1\x00', &(0x7f00000002c0)='./bus/file0\x00') perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_aout(r0, &(0x7f0000000780)=ANY=[], 0x20) acct(&(0x7f0000000440)='./bus/file0\x00') 09:52:33 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000040)='./bus\x00', 0x0) r0 = creat(&(0x7f00000000c0)='./bus/file1\x00', 0x0) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount$overlay(0x400002, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='upperdir=./file1,lowerdir=./bus,workdir=./file0,metacopy=on']) lsetxattr$security_capability(&(0x7f0000000140)='./bus/file1\x00', &(0x7f0000000180), &(0x7f0000000280)=@v3, 0x18, 0x0) link(&(0x7f00000001c0)='./bus/file1\x00', &(0x7f00000002c0)='./bus/file0\x00') perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_aout(r0, &(0x7f0000000780)=ANY=[], 0x20) acct(&(0x7f0000000440)='./bus/file0\x00') 09:52:34 executing program 0: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000040)='./bus\x00', 0x0) r0 = creat(&(0x7f00000000c0)='./bus/file1\x00', 0x0) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount$overlay(0x400002, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='upperdir=./file1,lowerdir=./bus,workdir=./file0,metacopy=on']) lsetxattr$security_capability(&(0x7f0000000140)='./bus/file1\x00', &(0x7f0000000180), &(0x7f0000000280)=@v3, 0x18, 0x0) link(&(0x7f00000001c0)='./bus/file1\x00', &(0x7f00000002c0)='./bus/file0\x00') perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_aout(r0, &(0x7f0000000780)=ANY=[], 0x20) acct(&(0x7f0000000440)='./bus/file0\x00') 09:52:34 executing program 2: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000040)='./bus\x00', 0x0) r0 = creat(&(0x7f00000000c0)='./bus/file1\x00', 0x0) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount$overlay(0x400002, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='upperdir=./file1,lowerdir=./bus,workdir=./file0,metacopy=on']) lsetxattr$security_capability(&(0x7f0000000140)='./bus/file1\x00', &(0x7f0000000180), &(0x7f0000000280)=@v3, 0x18, 0x0) link(&(0x7f00000001c0)='./bus/file1\x00', &(0x7f00000002c0)='./bus/file0\x00') perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_aout(r0, &(0x7f0000000780)=ANY=[], 0x20) acct(&(0x7f0000000440)='./bus/file0\x00') 09:52:34 executing program 3: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000040)='./bus\x00', 0x0) r0 = creat(&(0x7f00000000c0)='./bus/file1\x00', 0x0) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount$overlay(0x400002, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='upperdir=./file1,lowerdir=./bus,workdir=./file0,metacopy=on']) lsetxattr$security_capability(&(0x7f0000000140)='./bus/file1\x00', &(0x7f0000000180), &(0x7f0000000280)=@v3, 0x18, 0x0) link(&(0x7f00000001c0)='./bus/file1\x00', &(0x7f00000002c0)='./bus/file0\x00') perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_aout(r0, &(0x7f0000000780)=ANY=[], 0x20) acct(&(0x7f0000000440)='./bus/file0\x00') 09:52:34 executing program 1: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000040)='./bus\x00', 0x0) r0 = creat(&(0x7f00000000c0)='./bus/file1\x00', 0x0) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount$overlay(0x400002, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='upperdir=./file1,lowerdir=./bus,workdir=./file0,metacopy=on']) lsetxattr$security_capability(&(0x7f0000000140)='./bus/file1\x00', &(0x7f0000000180), &(0x7f0000000280)=@v3, 0x18, 0x0) link(&(0x7f00000001c0)='./bus/file1\x00', &(0x7f00000002c0)='./bus/file0\x00') perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_aout(r0, &(0x7f0000000780)=ANY=[], 0x20) acct(&(0x7f0000000440)='./bus/file0\x00') 09:52:35 executing program 0: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000040)='./bus\x00', 0x0) r0 = creat(&(0x7f00000000c0)='./bus/file1\x00', 0x0) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount$overlay(0x400002, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='upperdir=./file1,lowerdir=./bus,workdir=./file0,metacopy=on']) lsetxattr$security_capability(&(0x7f0000000140)='./bus/file1\x00', &(0x7f0000000180), &(0x7f0000000280)=@v3, 0x18, 0x0) link(&(0x7f00000001c0)='./bus/file1\x00', &(0x7f00000002c0)='./bus/file0\x00') perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_aout(r0, &(0x7f0000000780)=ANY=[], 0x20) acct(&(0x7f0000000440)='./bus/file0\x00') [ 716.815758][T28744] Process accounting resumed 09:52:35 executing program 2: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000040)='./bus\x00', 0x0) r0 = creat(&(0x7f00000000c0)='./bus/file1\x00', 0x0) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount$overlay(0x400002, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='upperdir=./file1,lowerdir=./bus,workdir=./file0,metacopy=on']) lsetxattr$security_capability(&(0x7f0000000140)='./bus/file1\x00', &(0x7f0000000180), &(0x7f0000000280)=@v3, 0x18, 0x0) link(&(0x7f00000001c0)='./bus/file1\x00', &(0x7f00000002c0)='./bus/file0\x00') perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_aout(r0, &(0x7f0000000780)=ANY=[], 0x20) acct(&(0x7f0000000440)='./bus/file0\x00') 09:52:35 executing program 3: mkdir(&(0x7f0000000240)='./file1\x00', 0x0) mkdir(&(0x7f0000000040)='./bus\x00', 0x0) r0 = creat(&(0x7f00000000c0)='./bus/file1\x00', 0x0) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount$overlay(0x400002, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='upperdir=./file1,lowerdir=./bus,workdir=./file0,metacopy=on']) lsetxattr$security_capability(&(0x7f0000000140)='./bus/file1\x00', &(0x7f0000000180), &(0x7f0000000280)=@v3, 0x18, 0x0) link(&(0x7f00000001c0)='./bus/file1\x00', &(0x7f00000002c0)='./bus/file0\x00') perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_aout(r0, &(0x7f0000000780)=ANY=[], 0x20) acct(&(0x7f0000000440)='./bus/file0\x00') [ 717.112425][T28757] Process accounting resumed [ 717.208134][T28754] Process accounting resumed 09:52:35 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)={0x34, r4, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_MESH_SETUP={0xc, 0x70, [@NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC={0x5}]}]}, 0x34}}, 0x0) sendfile(r2, r1, 0x0, 0x100005000) 09:52:35 executing program 0: r0 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r0, &(0x7f0000002c80)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="140000002f00052dd25a80648c63940d0124fc00", 0x14}], 0x1}, 0x0) sendmsg$kcm(r0, &(0x7f0000002c80)={0x0, 0x0, &(0x7f00000026c0)=[{&(0x7f0000000080)="140000002f00052dd25a80648c63ed4e0410bf6b", 0x14}], 0x7}, 0x0) 09:52:36 executing program 0: r0 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r0, &(0x7f0000002c80)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="140000002f00052dd25a80648c63940d0124fc00", 0x14}], 0x1}, 0x0) sendmsg$kcm(r0, &(0x7f0000002c80)={0x0, 0x0, &(0x7f00000026c0)=[{&(0x7f0000000080)="140000002f00052dd25a80648c63ed4e0410bf6b", 0x14}], 0x7}, 0x0) [ 717.530140][ T51] audit: type=1804 audit(1626688356.049:159): pid=28772 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/syzkaller-testdir918310331/syzkaller.y6gMpo/486/cgroup.controllers" dev="sda1" ino=14010 res=1 errno=0 09:52:36 executing program 0: r0 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r0, &(0x7f0000002c80)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="140000002f00052dd25a80648c63940d0124fc00", 0x14}], 0x1}, 0x0) sendmsg$kcm(r0, &(0x7f0000002c80)={0x0, 0x0, &(0x7f00000026c0)=[{&(0x7f0000000080)="140000002f00052dd25a80648c63ed4e0410bf6b", 0x14}], 0x7}, 0x0) 09:52:36 executing program 0: r0 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r0, &(0x7f0000002c80)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="140000002f00052dd25a80648c63940d0124fc00", 0x14}], 0x1}, 0x0) sendmsg$kcm(r0, &(0x7f0000002c80)={0x0, 0x0, &(0x7f00000026c0)=[{&(0x7f0000000080)="140000002f00052dd25a80648c63ed4e0410bf6b", 0x14}], 0x7}, 0x0) 09:52:36 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)={0x34, r4, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_MESH_SETUP={0xc, 0x70, [@NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC={0x5}]}]}, 0x34}}, 0x0) sendfile(r2, r1, 0x0, 0x100005000) 09:52:36 executing program 0: r0 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r0, &(0x7f0000002c80)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="140000002f00052dd25a80648c63940d0124fc00", 0x14}], 0x1}, 0x0) sendmsg$kcm(r0, &(0x7f0000002c80)={0x0, 0x0, &(0x7f00000026c0)=[{&(0x7f0000000080)="140000002f00052dd25a80648c63ed4e0410bf6b", 0x14}], 0x7}, 0x0) 09:52:36 executing program 2: syz_mount_image$minix(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x8000, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="100000000100010005000000ffffff7f782401002000"/32, 0x20, 0x400}, {&(0x7f0000010100)="ff00feffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff03f0ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffed4103005cf9535fe0000000e8c2645fe8c2645fe8c2645f05000000000000000000000000000000000000000000000000000000000000000000000000000000ed4102000000000080000000e8c2645fe8c2645fe8c2645f06000000000000000000000000000000000000000000000000000000000000000000000000000000ed810100000000001a040000e8c2645fe8c2645fe8c2645f07000000080000000000000000000000000000000000000000000000000000000000000000000000ffa101000000000026000000e8c2645fe8c2645fe8c2645f09000000000000000000000000000000000000000000000000000000000000000000000000000000ed810100000000000a000000e8c2645fe8c2645fe8c2645f0a000000000000000000000000000000000000000000000000000000000000000000000000000000ed8102000000000028230000e8c2645fe8c2645fe8c2645f0b0000000c0000000d0000000e0000000f0000001000000011000000120000000000000000000000ed8101000000000064000000e8c2645fe8c2645fe8c2645f1500000000000000", 0x9a0, 0x800}, {&(0x7f0000010b00)="01002e000000000000000000000000000000000000000000000000000000000001002e2e00000000000000000000000000000000000000000000000000000000020066696c653000000000000000000000000000000000000000000000000000050066696c653100000000000000000000000000000000000000000000000000060066696c653200000000000000000000000000000000000000000000000000060066696c653300000000000000000000000000000000000000000000000000070066696c652e636f6c6400"/224, 0xe0, 0x1400}, {&(0x7f0000010c00)="02002e000000000000000000000000000000000000000000000000000000000001002e2e00000000000000000000000000000000000000000000000000000000030066696c653000000000000000000000000000000000000000000000000000040066696c653100"/128, 0x80, 0x1800}, {&(0x7f0000010d00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x1c00}, {&(0x7f0000011200)='/tmp/syz-imagegen504148828/file0/file0\x00'/64, 0x40, 0x2400}, {&(0x7f0000011300)='syzkallers\x00'/32, 0x20, 0x2800}, {&(0x7f0000011400)="130000001400"/32, 0x20, 0x4800}, {&(0x7f0000011500)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x5400}], 0x0, &(0x7f0000011600)) 09:52:36 executing program 3: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000180)) 09:52:36 executing program 0: r0 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r0, &(0x7f0000002c80)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="140000002f00052dd25a80648c63940d0124fc00", 0x14}], 0x1}, 0x0) sendmsg$kcm(r0, &(0x7f0000002c80)={0x0, 0x0, &(0x7f00000026c0)=[{&(0x7f0000000080)="140000002f00052dd25a80648c63ed4e0410bf6b", 0x14}], 0x7}, 0x0) [ 718.385504][ T51] audit: type=1804 audit(1626688356.909:160): pid=28783 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/syzkaller-testdir918310331/syzkaller.y6gMpo/487/cgroup.controllers" dev="sda1" ino=13997 res=1 errno=0 [ 718.569415][T28794] loop2: detected capacity change from 0 to 84 09:52:37 executing program 0: r0 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r0, &(0x7f0000002c80)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="140000002f00052dd25a80648c63940d0124fc00", 0x14}], 0x1}, 0x0) sendmsg$kcm(r0, &(0x7f0000002c80)={0x0, 0x0, &(0x7f00000026c0)=[{&(0x7f0000000080)="140000002f00052dd25a80648c63ed4e0410bf6b", 0x14}], 0x7}, 0x0) 09:52:37 executing program 3: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000180)) 09:52:37 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)={0x34, r4, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_MESH_SETUP={0xc, 0x70, [@NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC={0x5}]}]}, 0x34}}, 0x0) sendfile(r2, r1, 0x0, 0x100005000) 09:52:37 executing program 3: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000180)) 09:52:37 executing program 2: syz_mount_image$minix(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x8000, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="100000000100010005000000ffffff7f782401002000"/32, 0x20, 0x400}, {&(0x7f0000010100)="ff00feffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff03f0ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffed4103005cf9535fe0000000e8c2645fe8c2645fe8c2645f05000000000000000000000000000000000000000000000000000000000000000000000000000000ed4102000000000080000000e8c2645fe8c2645fe8c2645f06000000000000000000000000000000000000000000000000000000000000000000000000000000ed810100000000001a040000e8c2645fe8c2645fe8c2645f07000000080000000000000000000000000000000000000000000000000000000000000000000000ffa101000000000026000000e8c2645fe8c2645fe8c2645f09000000000000000000000000000000000000000000000000000000000000000000000000000000ed810100000000000a000000e8c2645fe8c2645fe8c2645f0a000000000000000000000000000000000000000000000000000000000000000000000000000000ed8102000000000028230000e8c2645fe8c2645fe8c2645f0b0000000c0000000d0000000e0000000f0000001000000011000000120000000000000000000000ed8101000000000064000000e8c2645fe8c2645fe8c2645f1500000000000000", 0x9a0, 0x800}, {&(0x7f0000010b00)="01002e000000000000000000000000000000000000000000000000000000000001002e2e00000000000000000000000000000000000000000000000000000000020066696c653000000000000000000000000000000000000000000000000000050066696c653100000000000000000000000000000000000000000000000000060066696c653200000000000000000000000000000000000000000000000000060066696c653300000000000000000000000000000000000000000000000000070066696c652e636f6c6400"/224, 0xe0, 0x1400}, {&(0x7f0000010c00)="02002e000000000000000000000000000000000000000000000000000000000001002e2e00000000000000000000000000000000000000000000000000000000030066696c653000000000000000000000000000000000000000000000000000040066696c653100"/128, 0x80, 0x1800}, {&(0x7f0000010d00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x1c00}, {&(0x7f0000011200)='/tmp/syz-imagegen504148828/file0/file0\x00'/64, 0x40, 0x2400}, {&(0x7f0000011300)='syzkallers\x00'/32, 0x20, 0x2800}, {&(0x7f0000011400)="130000001400"/32, 0x20, 0x4800}, {&(0x7f0000011500)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x5400}], 0x0, &(0x7f0000011600)) 09:52:37 executing program 0: r0 = syz_open_dev$dri(&(0x7f0000000100), 0x0, 0x2403) flock(r0, 0x0) 09:52:37 executing program 3: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000180)) 09:52:37 executing program 0: r0 = syz_open_dev$dri(&(0x7f0000000100), 0x0, 0x2403) flock(r0, 0x0) [ 718.992712][ T51] audit: type=1804 audit(1626688357.509:161): pid=28805 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/syzkaller-testdir918310331/syzkaller.y6gMpo/488/cgroup.controllers" dev="sda1" ino=14121 res=1 errno=0 [ 719.008458][T28815] loop2: detected capacity change from 0 to 84 09:52:37 executing program 0: r0 = syz_open_dev$dri(&(0x7f0000000100), 0x0, 0x2403) flock(r0, 0x0) 09:52:37 executing program 3: r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) write$UHID_CREATE(r0, &(0x7f0000000340)={0x0, {'syz1\x00', 'syz1\x00', 'syz1\x00', &(0x7f0000000000)=""/9, 0x9}}, 0x120) write$UHID_DESTROY(r0, &(0x7f0000000180), 0x4) readv(r0, &(0x7f0000000480)=[{&(0x7f0000001540)=""/4096, 0x1000}, {&(0x7f0000000040)=""/119, 0x77}], 0x2) [ 719.300562][T15956] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 719.334684][T15956] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 719.368845][T15956] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 719.393663][T15956] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 719.415717][T15956] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 719.432806][T15956] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 719.448725][T15956] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 719.467537][T15956] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 719.484813][T15956] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 719.522082][T15956] hid-generic 0000:0000:0000.0002: hidraw1: HID v0.00 Device [syz1] on syz1 09:52:38 executing program 3: r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) write$UHID_CREATE(r0, &(0x7f0000000340)={0x0, {'syz1\x00', 'syz1\x00', 'syz1\x00', &(0x7f0000000000)=""/9, 0x9}}, 0x120) write$UHID_DESTROY(r0, &(0x7f0000000180), 0x4) readv(r0, &(0x7f0000000480)=[{&(0x7f0000001540)=""/4096, 0x1000}, {&(0x7f0000000040)=""/119, 0x77}], 0x2) 09:52:38 executing program 2: syz_mount_image$minix(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x8000, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="100000000100010005000000ffffff7f782401002000"/32, 0x20, 0x400}, {&(0x7f0000010100)="ff00feffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff03f0ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffed4103005cf9535fe0000000e8c2645fe8c2645fe8c2645f05000000000000000000000000000000000000000000000000000000000000000000000000000000ed4102000000000080000000e8c2645fe8c2645fe8c2645f06000000000000000000000000000000000000000000000000000000000000000000000000000000ed810100000000001a040000e8c2645fe8c2645fe8c2645f07000000080000000000000000000000000000000000000000000000000000000000000000000000ffa101000000000026000000e8c2645fe8c2645fe8c2645f09000000000000000000000000000000000000000000000000000000000000000000000000000000ed810100000000000a000000e8c2645fe8c2645fe8c2645f0a000000000000000000000000000000000000000000000000000000000000000000000000000000ed8102000000000028230000e8c2645fe8c2645fe8c2645f0b0000000c0000000d0000000e0000000f0000001000000011000000120000000000000000000000ed8101000000000064000000e8c2645fe8c2645fe8c2645f1500000000000000", 0x9a0, 0x800}, {&(0x7f0000010b00)="01002e000000000000000000000000000000000000000000000000000000000001002e2e00000000000000000000000000000000000000000000000000000000020066696c653000000000000000000000000000000000000000000000000000050066696c653100000000000000000000000000000000000000000000000000060066696c653200000000000000000000000000000000000000000000000000060066696c653300000000000000000000000000000000000000000000000000070066696c652e636f6c6400"/224, 0xe0, 0x1400}, {&(0x7f0000010c00)="02002e000000000000000000000000000000000000000000000000000000000001002e2e00000000000000000000000000000000000000000000000000000000030066696c653000000000000000000000000000000000000000000000000000040066696c653100"/128, 0x80, 0x1800}, {&(0x7f0000010d00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x1c00}, {&(0x7f0000011200)='/tmp/syz-imagegen504148828/file0/file0\x00'/64, 0x40, 0x2400}, {&(0x7f0000011300)='syzkallers\x00'/32, 0x20, 0x2800}, {&(0x7f0000011400)="130000001400"/32, 0x20, 0x4800}, {&(0x7f0000011500)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x5400}], 0x0, &(0x7f0000011600)) 09:52:38 executing program 0: r0 = syz_open_dev$dri(&(0x7f0000000100), 0x0, 0x2403) flock(r0, 0x0) [ 719.788572][T28837] loop2: detected capacity change from 0 to 84 [ 719.795099][ T9581] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 719.843445][ T9581] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 719.874858][ T9581] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 719.925799][ T9581] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 09:52:38 executing program 1: r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) write$UHID_CREATE(r0, &(0x7f0000000340)={0x0, {'syz1\x00', 'syz1\x00', 'syz1\x00', &(0x7f0000000000)=""/9, 0x9}}, 0x120) write$UHID_DESTROY(r0, &(0x7f0000000180), 0x4) readv(r0, &(0x7f0000000480)=[{&(0x7f0000001540)=""/4096, 0x1000}, {&(0x7f0000000040)=""/119, 0x77}], 0x2) 09:52:38 executing program 0: r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) write$UHID_CREATE(r0, &(0x7f0000000340)={0x0, {'syz1\x00', 'syz1\x00', 'syz1\x00', &(0x7f0000000000)=""/9, 0x9}}, 0x120) write$UHID_DESTROY(r0, &(0x7f0000000180), 0x4) readv(r0, &(0x7f0000000480)=[{&(0x7f0000001540)=""/4096, 0x1000}, {&(0x7f0000000040)=""/119, 0x77}], 0x2) [ 719.994668][ T9581] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 720.022420][ T9581] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 720.024948][T15956] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 720.097323][ T9581] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 720.113677][ T9581] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 720.122199][T15956] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 720.127949][ T9581] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 720.143751][T15956] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 09:52:38 executing program 2: syz_mount_image$minix(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x8000, 0x9, &(0x7f0000000200)=[{&(0x7f0000010000)="100000000100010005000000ffffff7f782401002000"/32, 0x20, 0x400}, {&(0x7f0000010100)="ff00feffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff03f0ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffed4103005cf9535fe0000000e8c2645fe8c2645fe8c2645f05000000000000000000000000000000000000000000000000000000000000000000000000000000ed4102000000000080000000e8c2645fe8c2645fe8c2645f06000000000000000000000000000000000000000000000000000000000000000000000000000000ed810100000000001a040000e8c2645fe8c2645fe8c2645f07000000080000000000000000000000000000000000000000000000000000000000000000000000ffa101000000000026000000e8c2645fe8c2645fe8c2645f09000000000000000000000000000000000000000000000000000000000000000000000000000000ed810100000000000a000000e8c2645fe8c2645fe8c2645f0a000000000000000000000000000000000000000000000000000000000000000000000000000000ed8102000000000028230000e8c2645fe8c2645fe8c2645f0b0000000c0000000d0000000e0000000f0000001000000011000000120000000000000000000000ed8101000000000064000000e8c2645fe8c2645fe8c2645f1500000000000000", 0x9a0, 0x800}, {&(0x7f0000010b00)="01002e000000000000000000000000000000000000000000000000000000000001002e2e00000000000000000000000000000000000000000000000000000000020066696c653000000000000000000000000000000000000000000000000000050066696c653100000000000000000000000000000000000000000000000000060066696c653200000000000000000000000000000000000000000000000000060066696c653300000000000000000000000000000000000000000000000000070066696c652e636f6c6400"/224, 0xe0, 0x1400}, {&(0x7f0000010c00)="02002e000000000000000000000000000000000000000000000000000000000001002e2e00000000000000000000000000000000000000000000000000000000030066696c653000000000000000000000000000000000000000000000000000040066696c653100"/128, 0x80, 0x1800}, {&(0x7f0000010d00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x1c00}, {&(0x7f0000011200)='/tmp/syz-imagegen504148828/file0/file0\x00'/64, 0x40, 0x2400}, {&(0x7f0000011300)='syzkallers\x00'/32, 0x20, 0x2800}, {&(0x7f0000011400)="130000001400"/32, 0x20, 0x4800}, {&(0x7f0000011500)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x5400}], 0x0, &(0x7f0000011600)) [ 720.174330][T15956] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 720.191224][T15956] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 720.214377][T15956] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 720.231750][T15956] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 720.240333][ T9581] hid-generic 0000:0000:0000.0003: hidraw1: HID v0.00 Device [syz1] on syz1 [ 720.246832][T15956] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 720.281912][T15956] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 720.317178][T15956] hid-generic 0000:0000:0000.0004: hidraw1: HID v0.00 Device [syz1] on syz1 09:52:38 executing program 3: r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) write$UHID_CREATE(r0, &(0x7f0000000340)={0x0, {'syz1\x00', 'syz1\x00', 'syz1\x00', &(0x7f0000000000)=""/9, 0x9}}, 0x120) write$UHID_DESTROY(r0, &(0x7f0000000180), 0x4) readv(r0, &(0x7f0000000480)=[{&(0x7f0000001540)=""/4096, 0x1000}, {&(0x7f0000000040)=""/119, 0x77}], 0x2) [ 720.405102][T28861] loop2: detected capacity change from 0 to 84 09:52:38 executing program 1: r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) write$UHID_CREATE(r0, &(0x7f0000000340)={0x0, {'syz1\x00', 'syz1\x00', 'syz1\x00', &(0x7f0000000000)=""/9, 0x9}}, 0x120) write$UHID_DESTROY(r0, &(0x7f0000000180), 0x4) readv(r0, &(0x7f0000000480)=[{&(0x7f0000001540)=""/4096, 0x1000}, {&(0x7f0000000040)=""/119, 0x77}], 0x2) [ 720.442766][ T9581] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 720.463491][ T9581] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 720.494677][ T9581] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 720.500903][ T9576] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 720.525716][ T9581] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 720.534077][ T9576] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 720.567881][ T9576] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 720.581536][ T9576] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 720.614666][ T9581] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 720.645729][ T9576] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 720.657205][ T9581] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 720.657261][ T9581] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 720.657329][ T9581] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 720.657360][ T9581] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 720.662441][ T9581] hid-generic 0000:0000:0000.0005: hidraw1: HID v0.00 Device [syz1] on syz1 [ 720.729097][ T9576] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 720.782922][ T9576] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 720.801696][ T9576] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 720.844000][ T9576] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 720.907625][ T9576] hid-generic 0000:0000:0000.0006: hidraw2: HID v0.00 Device [syz1] on syz1 09:52:39 executing program 2: io_setup(0x72b7, &(0x7f0000000000)) io_setup(0x101, &(0x7f0000000040)) io_setup(0x5, &(0x7f0000002a00)) io_setup(0x1, &(0x7f0000000100)) io_setup(0x8, &(0x7f0000000080)) 09:52:39 executing program 3: r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) write$UHID_CREATE(r0, &(0x7f0000000340)={0x0, {'syz1\x00', 'syz1\x00', 'syz1\x00', &(0x7f0000000000)=""/9, 0x9}}, 0x120) write$UHID_DESTROY(r0, &(0x7f0000000180), 0x4) readv(r0, &(0x7f0000000480)=[{&(0x7f0000001540)=""/4096, 0x1000}, {&(0x7f0000000040)=""/119, 0x77}], 0x2) 09:52:39 executing program 1: r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) write$UHID_CREATE(r0, &(0x7f0000000340)={0x0, {'syz1\x00', 'syz1\x00', 'syz1\x00', &(0x7f0000000000)=""/9, 0x9}}, 0x120) write$UHID_DESTROY(r0, &(0x7f0000000180), 0x4) readv(r0, &(0x7f0000000480)=[{&(0x7f0000001540)=""/4096, 0x1000}, {&(0x7f0000000040)=""/119, 0x77}], 0x2) 09:52:39 executing program 0: r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) write$UHID_CREATE(r0, &(0x7f0000000340)={0x0, {'syz1\x00', 'syz1\x00', 'syz1\x00', &(0x7f0000000000)=""/9, 0x9}}, 0x120) write$UHID_DESTROY(r0, &(0x7f0000000180), 0x4) readv(r0, &(0x7f0000000480)=[{&(0x7f0000001540)=""/4096, 0x1000}, {&(0x7f0000000040)=""/119, 0x77}], 0x2) [ 721.114138][ T9605] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 721.145055][ T9605] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 721.197529][ T9605] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 721.217658][T15956] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 721.234321][T15956] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 721.234680][ T9605] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 721.267191][ T9605] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 721.267241][ T9605] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 721.267290][ T9605] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 09:52:39 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000014c0)={&(0x7f0000000500)=@newsa={0x104, 0x10, 0x1, 0x0, 0x0, {{@in=@remote, @in=@initdev={0xac, 0x1e, 0x0, 0x0}}, {@in6=@mcast2, 0x0, 0x2b}, @in, {}, {}, {}, 0x0, 0x0, 0xa, 0x2}, [@coaddr={0x14, 0xe, @in=@empty}]}, 0x104}}, 0x0) [ 721.267336][ T9605] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 721.267374][ T9605] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 721.286469][T15956] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 721.286520][T15956] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 721.363398][ T9605] hid-generic 0000:0000:0000.0007: hidraw1: HID v0.00 Device [syz1] on syz1 [ 721.380044][T15956] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 721.446240][T15956] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 09:52:39 executing program 2: io_setup(0x72b7, &(0x7f0000000000)) io_setup(0x101, &(0x7f0000000040)) io_setup(0x5, &(0x7f0000002a00)) io_setup(0x1, &(0x7f0000000100)) io_setup(0x8, &(0x7f0000000080)) [ 721.474829][T15956] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 721.528378][T15956] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 721.555666][T15956] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 09:52:40 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000014c0)={&(0x7f0000000500)=@newsa={0x104, 0x10, 0x1, 0x0, 0x0, {{@in=@remote, @in=@initdev={0xac, 0x1e, 0x0, 0x0}}, {@in6=@mcast2, 0x0, 0x2b}, @in, {}, {}, {}, 0x0, 0x0, 0xa, 0x2}, [@coaddr={0x14, 0xe, @in=@empty}]}, 0x104}}, 0x0) 09:52:40 executing program 1: io_setup(0x72b7, &(0x7f0000000000)) io_setup(0x101, &(0x7f0000000040)) io_setup(0x5, &(0x7f0000002a00)) io_setup(0x1, &(0x7f0000000100)) io_setup(0x8, &(0x7f0000000080)) [ 721.599773][T15956] hid-generic 0000:0000:0000.0008: hidraw1: HID v0.00 Device [syz1] on syz1 09:52:40 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000014c0)={&(0x7f0000000500)=@newsa={0x104, 0x10, 0x1, 0x0, 0x0, {{@in=@remote, @in=@initdev={0xac, 0x1e, 0x0, 0x0}}, {@in6=@mcast2, 0x0, 0x2b}, @in, {}, {}, {}, 0x0, 0x0, 0xa, 0x2}, [@coaddr={0x14, 0xe, @in=@empty}]}, 0x104}}, 0x0) 09:52:40 executing program 0: r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) write$UHID_CREATE(r0, &(0x7f0000000340)={0x0, {'syz1\x00', 'syz1\x00', 'syz1\x00', &(0x7f0000000000)=""/9, 0x9}}, 0x120) write$UHID_DESTROY(r0, &(0x7f0000000180), 0x4) readv(r0, &(0x7f0000000480)=[{&(0x7f0000001540)=""/4096, 0x1000}, {&(0x7f0000000040)=""/119, 0x77}], 0x2) 09:52:40 executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000014c0)={&(0x7f0000000500)=@newsa={0x104, 0x10, 0x1, 0x0, 0x0, {{@in=@remote, @in=@initdev={0xac, 0x1e, 0x0, 0x0}}, {@in6=@mcast2, 0x0, 0x2b}, @in, {}, {}, {}, 0x0, 0x0, 0xa, 0x2}, [@coaddr={0x14, 0xe, @in=@empty}]}, 0x104}}, 0x0) 09:52:40 executing program 2: io_setup(0x72b7, &(0x7f0000000000)) io_setup(0x101, &(0x7f0000000040)) io_setup(0x5, &(0x7f0000002a00)) io_setup(0x1, &(0x7f0000000100)) io_setup(0x8, &(0x7f0000000080)) 09:52:40 executing program 3: r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$KDSIGACCEPT(r0, 0x4b4e, 0x13) 09:52:40 executing program 1: io_setup(0x72b7, &(0x7f0000000000)) io_setup(0x101, &(0x7f0000000040)) io_setup(0x5, &(0x7f0000002a00)) io_setup(0x1, &(0x7f0000000100)) io_setup(0x8, &(0x7f0000000080)) 09:52:40 executing program 3: r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$KDSIGACCEPT(r0, 0x4b4e, 0x13) 09:52:40 executing program 0: r0 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10) r1 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000280)={0x41}, 0x10) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f00000000c0)={0x42}, 0x10) setsockopt$TIPC_GROUP_LEAVE(r1, 0x10f, 0x88) 09:52:40 executing program 3: r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$KDSIGACCEPT(r0, 0x4b4e, 0x13) 09:52:40 executing program 0: r0 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10) r1 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000280)={0x41}, 0x10) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f00000000c0)={0x42}, 0x10) setsockopt$TIPC_GROUP_LEAVE(r1, 0x10f, 0x88) 09:52:40 executing program 2: io_setup(0x72b7, &(0x7f0000000000)) io_setup(0x101, &(0x7f0000000040)) io_setup(0x5, &(0x7f0000002a00)) io_setup(0x1, &(0x7f0000000100)) io_setup(0x8, &(0x7f0000000080)) 09:52:40 executing program 1: io_setup(0x72b7, &(0x7f0000000000)) io_setup(0x101, &(0x7f0000000040)) io_setup(0x5, &(0x7f0000002a00)) io_setup(0x1, &(0x7f0000000100)) io_setup(0x8, &(0x7f0000000080)) 09:52:40 executing program 3: r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$KDSIGACCEPT(r0, 0x4b4e, 0x13) 09:52:40 executing program 0: r0 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10) r1 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000280)={0x41}, 0x10) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f00000000c0)={0x42}, 0x10) setsockopt$TIPC_GROUP_LEAVE(r1, 0x10f, 0x88) 09:52:41 executing program 3: r0 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10) r1 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000280)={0x41}, 0x10) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f00000000c0)={0x42}, 0x10) setsockopt$TIPC_GROUP_LEAVE(r1, 0x10f, 0x88) 09:52:41 executing program 0: r0 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10) r1 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000280)={0x41}, 0x10) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f00000000c0)={0x42}, 0x10) setsockopt$TIPC_GROUP_LEAVE(r1, 0x10f, 0x88) 09:52:41 executing program 2: r0 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/card1/oss_mixer\x00', 0x2102, 0x0) write$proc_mixer(r0, &(0x7f0000000080)=ANY=[@ANYBLOB='PCM \'CD\' 00000040000'], 0x46) close(r0) 09:52:41 executing program 3: r0 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10) r1 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000280)={0x41}, 0x10) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f00000000c0)={0x42}, 0x10) setsockopt$TIPC_GROUP_LEAVE(r1, 0x10f, 0x88) [ 722.655428][T28959] ALSA: mixer_oss: invalid index 40000 09:52:41 executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x2, 0x4, 0x10004, 0x1, 0x0, 0x1}, 0x40) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000001240)={&(0x7f00000000c0), 0x0, 0x0, 0x0, 0x5fa, r0}, 0x38) [ 722.738430][T28966] ALSA: mixer_oss: invalid index 40000 09:52:41 executing program 3: r0 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10) r1 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000280)={0x41}, 0x10) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f00000000c0)={0x42}, 0x10) setsockopt$TIPC_GROUP_LEAVE(r1, 0x10f, 0x88) 09:52:41 executing program 1: perf_event_open(&(0x7f00000003c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000300)={0x2, 0x80, 0x69, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r1 = openat$null(0xffffff9c, &(0x7f0000000040), 0x10440, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x40042406, 0x0) write$binfmt_aout(0xffffffffffffffff, 0x0, 0x41) ioctl$VT_GETSTATE(0xffffffffffffffff, 0x5603, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "850e32db99baeb0600"}) ioctl$TIOCPKT(0xffffffffffffffff, 0x5420, &(0x7f0000000100)) read(r0, &(0x7f0000001c40)=""/242, 0xf2) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f00000002c0)) r3 = syz_open_pts(r0, 0x0) r4 = dup2(r3, r0) ioctl$TCXONC(r4, 0x540a, 0x3) 09:52:41 executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x2, 0x4, 0x10004, 0x1, 0x0, 0x1}, 0x40) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000001240)={&(0x7f00000000c0), 0x0, 0x0, 0x0, 0x5fa, r0}, 0x38) 09:52:41 executing program 2: r0 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/card1/oss_mixer\x00', 0x2102, 0x0) write$proc_mixer(r0, &(0x7f0000000080)=ANY=[@ANYBLOB='PCM \'CD\' 00000040000'], 0x46) close(r0) 09:52:41 executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x2, 0x4, 0x10004, 0x1, 0x0, 0x1}, 0x40) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000001240)={&(0x7f00000000c0), 0x0, 0x0, 0x0, 0x5fa, r0}, 0x38) 09:52:41 executing program 3: r0 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/card1/oss_mixer\x00', 0x2102, 0x0) write$proc_mixer(r0, &(0x7f0000000080)=ANY=[@ANYBLOB='PCM \'CD\' 00000040000'], 0x46) close(r0) [ 722.951405][T28976] ALSA: mixer_oss: invalid index 40000 [ 722.967705][T28979] ALSA: mixer_oss: invalid index 40000 09:52:41 executing program 3: r0 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/card1/oss_mixer\x00', 0x2102, 0x0) write$proc_mixer(r0, &(0x7f0000000080)=ANY=[@ANYBLOB='PCM \'CD\' 00000040000'], 0x46) close(r0) 09:52:41 executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x2, 0x4, 0x10004, 0x1, 0x0, 0x1}, 0x40) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000001240)={&(0x7f00000000c0), 0x0, 0x0, 0x0, 0x5fa, r0}, 0x38) 09:52:41 executing program 2: r0 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/card1/oss_mixer\x00', 0x2102, 0x0) write$proc_mixer(r0, &(0x7f0000000080)=ANY=[@ANYBLOB='PCM \'CD\' 00000040000'], 0x46) close(r0) [ 723.138932][ T3397] ieee802154 phy0 wpan0: encryption failed: -22 [ 723.151128][ T3397] ieee802154 phy1 wpan1: encryption failed: -22 [ 723.167316][T28985] ALSA: mixer_oss: invalid index 40000 [ 723.178641][T28987] ALSA: mixer_oss: invalid index 40000 09:52:41 executing program 1: perf_event_open(&(0x7f00000003c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000300)={0x2, 0x80, 0x69, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r1 = openat$null(0xffffff9c, &(0x7f0000000040), 0x10440, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x40042406, 0x0) write$binfmt_aout(0xffffffffffffffff, 0x0, 0x41) ioctl$VT_GETSTATE(0xffffffffffffffff, 0x5603, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "850e32db99baeb0600"}) ioctl$TIOCPKT(0xffffffffffffffff, 0x5420, &(0x7f0000000100)) read(r0, &(0x7f0000001c40)=""/242, 0xf2) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f00000002c0)) r3 = syz_open_pts(r0, 0x0) r4 = dup2(r3, r0) ioctl$TCXONC(r4, 0x540a, 0x3) 09:52:41 executing program 0: r0 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/card1/oss_mixer\x00', 0x2102, 0x0) write$proc_mixer(r0, &(0x7f0000000080)=ANY=[@ANYBLOB='PCM \'CD\' 00000040000'], 0x46) close(r0) 09:52:41 executing program 2: r0 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/card1/oss_mixer\x00', 0x2102, 0x0) write$proc_mixer(r0, &(0x7f0000000080)=ANY=[@ANYBLOB='PCM \'CD\' 00000040000'], 0x46) close(r0) 09:52:41 executing program 3: r0 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/card1/oss_mixer\x00', 0x2102, 0x0) write$proc_mixer(r0, &(0x7f0000000080)=ANY=[@ANYBLOB='PCM \'CD\' 00000040000'], 0x46) close(r0) [ 723.283546][T28992] ALSA: mixer_oss: invalid index 40000 09:52:41 executing program 0: r0 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/card1/oss_mixer\x00', 0x2102, 0x0) write$proc_mixer(r0, &(0x7f0000000080)=ANY=[@ANYBLOB='PCM \'CD\' 00000040000'], 0x46) close(r0) [ 723.364989][T28996] ALSA: mixer_oss: invalid index 40000 [ 723.381428][T28998] ALSA: mixer_oss: invalid index 40000 [ 723.397237][T29001] ALSA: mixer_oss: invalid index 40000 09:52:41 executing program 3: perf_event_open(&(0x7f00000003c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000300)={0x2, 0x80, 0x69, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r1 = openat$null(0xffffff9c, &(0x7f0000000040), 0x10440, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x40042406, 0x0) write$binfmt_aout(0xffffffffffffffff, 0x0, 0x41) ioctl$VT_GETSTATE(0xffffffffffffffff, 0x5603, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "850e32db99baeb0600"}) ioctl$TIOCPKT(0xffffffffffffffff, 0x5420, &(0x7f0000000100)) read(r0, &(0x7f0000001c40)=""/242, 0xf2) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f00000002c0)) r3 = syz_open_pts(r0, 0x0) r4 = dup2(r3, r0) ioctl$TCXONC(r4, 0x540a, 0x3) 09:52:42 executing program 0: r0 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/card1/oss_mixer\x00', 0x2102, 0x0) write$proc_mixer(r0, &(0x7f0000000080)=ANY=[@ANYBLOB='PCM \'CD\' 00000040000'], 0x46) close(r0) 09:52:42 executing program 2: perf_event_open(&(0x7f00000003c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000300)={0x2, 0x80, 0x69, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r1 = openat$null(0xffffff9c, &(0x7f0000000040), 0x10440, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x40042406, 0x0) write$binfmt_aout(0xffffffffffffffff, 0x0, 0x41) ioctl$VT_GETSTATE(0xffffffffffffffff, 0x5603, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "850e32db99baeb0600"}) ioctl$TIOCPKT(0xffffffffffffffff, 0x5420, &(0x7f0000000100)) read(r0, &(0x7f0000001c40)=""/242, 0xf2) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f00000002c0)) r3 = syz_open_pts(r0, 0x0) r4 = dup2(r3, r0) ioctl$TCXONC(r4, 0x540a, 0x3) [ 723.576117][T29007] ALSA: mixer_oss: invalid index 40000 09:52:42 executing program 1: perf_event_open(&(0x7f00000003c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000300)={0x2, 0x80, 0x69, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r1 = openat$null(0xffffff9c, &(0x7f0000000040), 0x10440, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x40042406, 0x0) write$binfmt_aout(0xffffffffffffffff, 0x0, 0x41) ioctl$VT_GETSTATE(0xffffffffffffffff, 0x5603, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "850e32db99baeb0600"}) ioctl$TIOCPKT(0xffffffffffffffff, 0x5420, &(0x7f0000000100)) read(r0, &(0x7f0000001c40)=""/242, 0xf2) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f00000002c0)) r3 = syz_open_pts(r0, 0x0) r4 = dup2(r3, r0) ioctl$TCXONC(r4, 0x540a, 0x3) 09:52:42 executing program 0: perf_event_open(&(0x7f00000003c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000300)={0x2, 0x80, 0x69, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r1 = openat$null(0xffffff9c, &(0x7f0000000040), 0x10440, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x40042406, 0x0) write$binfmt_aout(0xffffffffffffffff, 0x0, 0x41) ioctl$VT_GETSTATE(0xffffffffffffffff, 0x5603, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "850e32db99baeb0600"}) ioctl$TIOCPKT(0xffffffffffffffff, 0x5420, &(0x7f0000000100)) read(r0, &(0x7f0000001c40)=""/242, 0xf2) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f00000002c0)) r3 = syz_open_pts(r0, 0x0) r4 = dup2(r3, r0) ioctl$TCXONC(r4, 0x540a, 0x3) 09:52:42 executing program 2: perf_event_open(&(0x7f00000003c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000300)={0x2, 0x80, 0x69, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r1 = openat$null(0xffffff9c, &(0x7f0000000040), 0x10440, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x40042406, 0x0) write$binfmt_aout(0xffffffffffffffff, 0x0, 0x41) ioctl$VT_GETSTATE(0xffffffffffffffff, 0x5603, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "850e32db99baeb0600"}) ioctl$TIOCPKT(0xffffffffffffffff, 0x5420, &(0x7f0000000100)) read(r0, &(0x7f0000001c40)=""/242, 0xf2) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f00000002c0)) r3 = syz_open_pts(r0, 0x0) r4 = dup2(r3, r0) ioctl$TCXONC(r4, 0x540a, 0x3) 09:52:42 executing program 3: perf_event_open(&(0x7f00000003c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000300)={0x2, 0x80, 0x69, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r1 = openat$null(0xffffff9c, &(0x7f0000000040), 0x10440, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x40042406, 0x0) write$binfmt_aout(0xffffffffffffffff, 0x0, 0x41) ioctl$VT_GETSTATE(0xffffffffffffffff, 0x5603, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "850e32db99baeb0600"}) ioctl$TIOCPKT(0xffffffffffffffff, 0x5420, &(0x7f0000000100)) read(r0, &(0x7f0000001c40)=""/242, 0xf2) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f00000002c0)) r3 = syz_open_pts(r0, 0x0) r4 = dup2(r3, r0) ioctl$TCXONC(r4, 0x540a, 0x3) 09:52:43 executing program 1: perf_event_open(&(0x7f00000003c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000300)={0x2, 0x80, 0x69, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r1 = openat$null(0xffffff9c, &(0x7f0000000040), 0x10440, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x40042406, 0x0) write$binfmt_aout(0xffffffffffffffff, 0x0, 0x41) ioctl$VT_GETSTATE(0xffffffffffffffff, 0x5603, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "850e32db99baeb0600"}) ioctl$TIOCPKT(0xffffffffffffffff, 0x5420, &(0x7f0000000100)) read(r0, &(0x7f0000001c40)=""/242, 0xf2) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f00000002c0)) r3 = syz_open_pts(r0, 0x0) r4 = dup2(r3, r0) ioctl$TCXONC(r4, 0x540a, 0x3) 09:52:43 executing program 0: perf_event_open(&(0x7f00000003c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000300)={0x2, 0x80, 0x69, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r1 = openat$null(0xffffff9c, &(0x7f0000000040), 0x10440, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x40042406, 0x0) write$binfmt_aout(0xffffffffffffffff, 0x0, 0x41) ioctl$VT_GETSTATE(0xffffffffffffffff, 0x5603, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "850e32db99baeb0600"}) ioctl$TIOCPKT(0xffffffffffffffff, 0x5420, &(0x7f0000000100)) read(r0, &(0x7f0000001c40)=""/242, 0xf2) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f00000002c0)) r3 = syz_open_pts(r0, 0x0) r4 = dup2(r3, r0) ioctl$TCXONC(r4, 0x540a, 0x3) 09:52:43 executing program 2: perf_event_open(&(0x7f00000003c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000300)={0x2, 0x80, 0x69, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r1 = openat$null(0xffffff9c, &(0x7f0000000040), 0x10440, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x40042406, 0x0) write$binfmt_aout(0xffffffffffffffff, 0x0, 0x41) ioctl$VT_GETSTATE(0xffffffffffffffff, 0x5603, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "850e32db99baeb0600"}) ioctl$TIOCPKT(0xffffffffffffffff, 0x5420, &(0x7f0000000100)) read(r0, &(0x7f0000001c40)=""/242, 0xf2) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f00000002c0)) r3 = syz_open_pts(r0, 0x0) r4 = dup2(r3, r0) ioctl$TCXONC(r4, 0x540a, 0x3) 09:52:43 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = add_key$user(&(0x7f00000000c0), &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000340)="585ccbe4ed83b836c1a6474914dc55e72206297b6895b66147b3c7218a9169a85ea0bdc9e1587a050000000000000042e33089754c8107c3cd3923dd4a71c2ff06007b6b4816122d2550829eaa9435c99926022b8753a188748c569f435fb3bae96efb74b50ec93c152f5e8e198a29e5c0d0c60000ce0637ce003d661ff5ff70e48884ca000018cea71fcfacf40d32e4b58a8d2725561f6110fd7b06f90b5274cc5c1e298a16324fe27da2a9d5ba9ff3c009d308bd73f4772539", 0x2b2, 0xfffffffffffffffe) r2 = add_key$user(&(0x7f0000000280), &(0x7f0000000180)={'syz', 0x2}, &(0x7f0000000000)="03", 0x1, 0xfffffffffffffffd) r3 = add_key$user(&(0x7f0000002340), &(0x7f0000000700)={'syz', 0x0}, &(0x7f00000006c0)="9c", 0x1, 0xfffffffffffffffe) add_key$user(&(0x7f0000000080), &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000500)="cedb69f2822640e0a6e7ca50337375286884abf3ed3cd0dff9c5651731477f9b4ba919eb88b4e9911a91f44d6adfa52060ad723970d8c1964bd574a3302abbb378c0dd5855a7c5061fa85f10c3e6a2855ae079c88d65437ed790cafb7c73b1c20a73b3c0e8c8461c3ab334a699ec8028ee1b73e48932948bb740635780d4", 0x7e, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000000640)={r2, r1, r3}, &(0x7f0000000400)=""/228, 0xe4, &(0x7f0000000840)={&(0x7f0000000680)={'wp256\x00'}}) 09:52:43 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = add_key$user(&(0x7f00000000c0), &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000340)="585ccbe4ed83b836c1a6474914dc55e72206297b6895b66147b3c7218a9169a85ea0bdc9e1587a050000000000000042e33089754c8107c3cd3923dd4a71c2ff06007b6b4816122d2550829eaa9435c99926022b8753a188748c569f435fb3bae96efb74b50ec93c152f5e8e198a29e5c0d0c60000ce0637ce003d661ff5ff70e48884ca000018cea71fcfacf40d32e4b58a8d2725561f6110fd7b06f90b5274cc5c1e298a16324fe27da2a9d5ba9ff3c009d308bd73f4772539", 0x2b2, 0xfffffffffffffffe) r2 = add_key$user(&(0x7f0000000280), &(0x7f0000000180)={'syz', 0x2}, &(0x7f0000000000)="03", 0x1, 0xfffffffffffffffd) r3 = add_key$user(&(0x7f0000002340), &(0x7f0000000700)={'syz', 0x0}, &(0x7f00000006c0)="9c", 0x1, 0xfffffffffffffffe) add_key$user(&(0x7f0000000080), &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000500)="cedb69f2822640e0a6e7ca50337375286884abf3ed3cd0dff9c5651731477f9b4ba919eb88b4e9911a91f44d6adfa52060ad723970d8c1964bd574a3302abbb378c0dd5855a7c5061fa85f10c3e6a2855ae079c88d65437ed790cafb7c73b1c20a73b3c0e8c8461c3ab334a699ec8028ee1b73e48932948bb740635780d4", 0x7e, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000000640)={r2, r1, r3}, &(0x7f0000000400)=""/228, 0xe4, &(0x7f0000000840)={&(0x7f0000000680)={'wp256\x00'}}) 09:52:43 executing program 0: perf_event_open(&(0x7f00000003c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000300)={0x2, 0x80, 0x69, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r1 = openat$null(0xffffff9c, &(0x7f0000000040), 0x10440, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x40042406, 0x0) write$binfmt_aout(0xffffffffffffffff, 0x0, 0x41) ioctl$VT_GETSTATE(0xffffffffffffffff, 0x5603, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "850e32db99baeb0600"}) ioctl$TIOCPKT(0xffffffffffffffff, 0x5420, &(0x7f0000000100)) read(r0, &(0x7f0000001c40)=""/242, 0xf2) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f00000002c0)) r3 = syz_open_pts(r0, 0x0) r4 = dup2(r3, r0) ioctl$TCXONC(r4, 0x540a, 0x3) 09:52:43 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = add_key$user(&(0x7f00000000c0), &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000340)="585ccbe4ed83b836c1a6474914dc55e72206297b6895b66147b3c7218a9169a85ea0bdc9e1587a050000000000000042e33089754c8107c3cd3923dd4a71c2ff06007b6b4816122d2550829eaa9435c99926022b8753a188748c569f435fb3bae96efb74b50ec93c152f5e8e198a29e5c0d0c60000ce0637ce003d661ff5ff70e48884ca000018cea71fcfacf40d32e4b58a8d2725561f6110fd7b06f90b5274cc5c1e298a16324fe27da2a9d5ba9ff3c009d308bd73f4772539", 0x2b2, 0xfffffffffffffffe) r2 = add_key$user(&(0x7f0000000280), &(0x7f0000000180)={'syz', 0x2}, &(0x7f0000000000)="03", 0x1, 0xfffffffffffffffd) r3 = add_key$user(&(0x7f0000002340), &(0x7f0000000700)={'syz', 0x0}, &(0x7f00000006c0)="9c", 0x1, 0xfffffffffffffffe) add_key$user(&(0x7f0000000080), &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000500)="cedb69f2822640e0a6e7ca50337375286884abf3ed3cd0dff9c5651731477f9b4ba919eb88b4e9911a91f44d6adfa52060ad723970d8c1964bd574a3302abbb378c0dd5855a7c5061fa85f10c3e6a2855ae079c88d65437ed790cafb7c73b1c20a73b3c0e8c8461c3ab334a699ec8028ee1b73e48932948bb740635780d4", 0x7e, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000000640)={r2, r1, r3}, &(0x7f0000000400)=""/228, 0xe4, &(0x7f0000000840)={&(0x7f0000000680)={'wp256\x00'}}) 09:52:44 executing program 3: perf_event_open(&(0x7f00000003c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000300)={0x2, 0x80, 0x69, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r1 = openat$null(0xffffff9c, &(0x7f0000000040), 0x10440, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x40042406, 0x0) write$binfmt_aout(0xffffffffffffffff, 0x0, 0x41) ioctl$VT_GETSTATE(0xffffffffffffffff, 0x5603, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "850e32db99baeb0600"}) ioctl$TIOCPKT(0xffffffffffffffff, 0x5420, &(0x7f0000000100)) read(r0, &(0x7f0000001c40)=""/242, 0xf2) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f00000002c0)) r3 = syz_open_pts(r0, 0x0) r4 = dup2(r3, r0) ioctl$TCXONC(r4, 0x540a, 0x3) 09:52:44 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = add_key$user(&(0x7f00000000c0), &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000340)="585ccbe4ed83b836c1a6474914dc55e72206297b6895b66147b3c7218a9169a85ea0bdc9e1587a050000000000000042e33089754c8107c3cd3923dd4a71c2ff06007b6b4816122d2550829eaa9435c99926022b8753a188748c569f435fb3bae96efb74b50ec93c152f5e8e198a29e5c0d0c60000ce0637ce003d661ff5ff70e48884ca000018cea71fcfacf40d32e4b58a8d2725561f6110fd7b06f90b5274cc5c1e298a16324fe27da2a9d5ba9ff3c009d308bd73f4772539", 0x2b2, 0xfffffffffffffffe) r2 = add_key$user(&(0x7f0000000280), &(0x7f0000000180)={'syz', 0x2}, &(0x7f0000000000)="03", 0x1, 0xfffffffffffffffd) r3 = add_key$user(&(0x7f0000002340), &(0x7f0000000700)={'syz', 0x0}, &(0x7f00000006c0)="9c", 0x1, 0xfffffffffffffffe) add_key$user(&(0x7f0000000080), &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000500)="cedb69f2822640e0a6e7ca50337375286884abf3ed3cd0dff9c5651731477f9b4ba919eb88b4e9911a91f44d6adfa52060ad723970d8c1964bd574a3302abbb378c0dd5855a7c5061fa85f10c3e6a2855ae079c88d65437ed790cafb7c73b1c20a73b3c0e8c8461c3ab334a699ec8028ee1b73e48932948bb740635780d4", 0x7e, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000000640)={r2, r1, r3}, &(0x7f0000000400)=""/228, 0xe4, &(0x7f0000000840)={&(0x7f0000000680)={'wp256\x00'}}) 09:52:44 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = add_key$user(&(0x7f00000000c0), &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000340)="585ccbe4ed83b836c1a6474914dc55e72206297b6895b66147b3c7218a9169a85ea0bdc9e1587a050000000000000042e33089754c8107c3cd3923dd4a71c2ff06007b6b4816122d2550829eaa9435c99926022b8753a188748c569f435fb3bae96efb74b50ec93c152f5e8e198a29e5c0d0c60000ce0637ce003d661ff5ff70e48884ca000018cea71fcfacf40d32e4b58a8d2725561f6110fd7b06f90b5274cc5c1e298a16324fe27da2a9d5ba9ff3c009d308bd73f4772539", 0x2b2, 0xfffffffffffffffe) r2 = add_key$user(&(0x7f0000000280), &(0x7f0000000180)={'syz', 0x2}, &(0x7f0000000000)="03", 0x1, 0xfffffffffffffffd) r3 = add_key$user(&(0x7f0000002340), &(0x7f0000000700)={'syz', 0x0}, &(0x7f00000006c0)="9c", 0x1, 0xfffffffffffffffe) add_key$user(&(0x7f0000000080), &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000500)="cedb69f2822640e0a6e7ca50337375286884abf3ed3cd0dff9c5651731477f9b4ba919eb88b4e9911a91f44d6adfa52060ad723970d8c1964bd574a3302abbb378c0dd5855a7c5061fa85f10c3e6a2855ae079c88d65437ed790cafb7c73b1c20a73b3c0e8c8461c3ab334a699ec8028ee1b73e48932948bb740635780d4", 0x7e, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000000640)={r2, r1, r3}, &(0x7f0000000400)=""/228, 0xe4, &(0x7f0000000840)={&(0x7f0000000680)={'wp256\x00'}}) 09:52:44 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = add_key$user(&(0x7f00000000c0), &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000340)="585ccbe4ed83b836c1a6474914dc55e72206297b6895b66147b3c7218a9169a85ea0bdc9e1587a050000000000000042e33089754c8107c3cd3923dd4a71c2ff06007b6b4816122d2550829eaa9435c99926022b8753a188748c569f435fb3bae96efb74b50ec93c152f5e8e198a29e5c0d0c60000ce0637ce003d661ff5ff70e48884ca000018cea71fcfacf40d32e4b58a8d2725561f6110fd7b06f90b5274cc5c1e298a16324fe27da2a9d5ba9ff3c009d308bd73f4772539", 0x2b2, 0xfffffffffffffffe) r2 = add_key$user(&(0x7f0000000280), &(0x7f0000000180)={'syz', 0x2}, &(0x7f0000000000)="03", 0x1, 0xfffffffffffffffd) r3 = add_key$user(&(0x7f0000002340), &(0x7f0000000700)={'syz', 0x0}, &(0x7f00000006c0)="9c", 0x1, 0xfffffffffffffffe) add_key$user(&(0x7f0000000080), &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000500)="cedb69f2822640e0a6e7ca50337375286884abf3ed3cd0dff9c5651731477f9b4ba919eb88b4e9911a91f44d6adfa52060ad723970d8c1964bd574a3302abbb378c0dd5855a7c5061fa85f10c3e6a2855ae079c88d65437ed790cafb7c73b1c20a73b3c0e8c8461c3ab334a699ec8028ee1b73e48932948bb740635780d4", 0x7e, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000000640)={r2, r1, r3}, &(0x7f0000000400)=""/228, 0xe4, &(0x7f0000000840)={&(0x7f0000000680)={'wp256\x00'}}) 09:52:44 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = add_key$user(&(0x7f00000000c0), &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000340)="585ccbe4ed83b836c1a6474914dc55e72206297b6895b66147b3c7218a9169a85ea0bdc9e1587a050000000000000042e33089754c8107c3cd3923dd4a71c2ff06007b6b4816122d2550829eaa9435c99926022b8753a188748c569f435fb3bae96efb74b50ec93c152f5e8e198a29e5c0d0c60000ce0637ce003d661ff5ff70e48884ca000018cea71fcfacf40d32e4b58a8d2725561f6110fd7b06f90b5274cc5c1e298a16324fe27da2a9d5ba9ff3c009d308bd73f4772539", 0x2b2, 0xfffffffffffffffe) r2 = add_key$user(&(0x7f0000000280), &(0x7f0000000180)={'syz', 0x2}, &(0x7f0000000000)="03", 0x1, 0xfffffffffffffffd) r3 = add_key$user(&(0x7f0000002340), &(0x7f0000000700)={'syz', 0x0}, &(0x7f00000006c0)="9c", 0x1, 0xfffffffffffffffe) add_key$user(&(0x7f0000000080), &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000500)="cedb69f2822640e0a6e7ca50337375286884abf3ed3cd0dff9c5651731477f9b4ba919eb88b4e9911a91f44d6adfa52060ad723970d8c1964bd574a3302abbb378c0dd5855a7c5061fa85f10c3e6a2855ae079c88d65437ed790cafb7c73b1c20a73b3c0e8c8461c3ab334a699ec8028ee1b73e48932948bb740635780d4", 0x7e, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000000640)={r2, r1, r3}, &(0x7f0000000400)=""/228, 0xe4, &(0x7f0000000840)={&(0x7f0000000680)={'wp256\x00'}}) 09:52:44 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = add_key$user(&(0x7f00000000c0), &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000340)="585ccbe4ed83b836c1a6474914dc55e72206297b6895b66147b3c7218a9169a85ea0bdc9e1587a050000000000000042e33089754c8107c3cd3923dd4a71c2ff06007b6b4816122d2550829eaa9435c99926022b8753a188748c569f435fb3bae96efb74b50ec93c152f5e8e198a29e5c0d0c60000ce0637ce003d661ff5ff70e48884ca000018cea71fcfacf40d32e4b58a8d2725561f6110fd7b06f90b5274cc5c1e298a16324fe27da2a9d5ba9ff3c009d308bd73f4772539", 0x2b2, 0xfffffffffffffffe) r2 = add_key$user(&(0x7f0000000280), &(0x7f0000000180)={'syz', 0x2}, &(0x7f0000000000)="03", 0x1, 0xfffffffffffffffd) r3 = add_key$user(&(0x7f0000002340), &(0x7f0000000700)={'syz', 0x0}, &(0x7f00000006c0)="9c", 0x1, 0xfffffffffffffffe) add_key$user(&(0x7f0000000080), &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000500)="cedb69f2822640e0a6e7ca50337375286884abf3ed3cd0dff9c5651731477f9b4ba919eb88b4e9911a91f44d6adfa52060ad723970d8c1964bd574a3302abbb378c0dd5855a7c5061fa85f10c3e6a2855ae079c88d65437ed790cafb7c73b1c20a73b3c0e8c8461c3ab334a699ec8028ee1b73e48932948bb740635780d4", 0x7e, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000000640)={r2, r1, r3}, &(0x7f0000000400)=""/228, 0xe4, &(0x7f0000000840)={&(0x7f0000000680)={'wp256\x00'}}) 09:52:44 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = add_key$user(&(0x7f00000000c0), &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000340)="585ccbe4ed83b836c1a6474914dc55e72206297b6895b66147b3c7218a9169a85ea0bdc9e1587a050000000000000042e33089754c8107c3cd3923dd4a71c2ff06007b6b4816122d2550829eaa9435c99926022b8753a188748c569f435fb3bae96efb74b50ec93c152f5e8e198a29e5c0d0c60000ce0637ce003d661ff5ff70e48884ca000018cea71fcfacf40d32e4b58a8d2725561f6110fd7b06f90b5274cc5c1e298a16324fe27da2a9d5ba9ff3c009d308bd73f4772539", 0x2b2, 0xfffffffffffffffe) r2 = add_key$user(&(0x7f0000000280), &(0x7f0000000180)={'syz', 0x2}, &(0x7f0000000000)="03", 0x1, 0xfffffffffffffffd) r3 = add_key$user(&(0x7f0000002340), &(0x7f0000000700)={'syz', 0x0}, &(0x7f00000006c0)="9c", 0x1, 0xfffffffffffffffe) add_key$user(&(0x7f0000000080), &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000500)="cedb69f2822640e0a6e7ca50337375286884abf3ed3cd0dff9c5651731477f9b4ba919eb88b4e9911a91f44d6adfa52060ad723970d8c1964bd574a3302abbb378c0dd5855a7c5061fa85f10c3e6a2855ae079c88d65437ed790cafb7c73b1c20a73b3c0e8c8461c3ab334a699ec8028ee1b73e48932948bb740635780d4", 0x7e, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000000640)={r2, r1, r3}, &(0x7f0000000400)=""/228, 0xe4, &(0x7f0000000840)={&(0x7f0000000680)={'wp256\x00'}}) 09:52:44 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = add_key$user(&(0x7f00000000c0), &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000340)="585ccbe4ed83b836c1a6474914dc55e72206297b6895b66147b3c7218a9169a85ea0bdc9e1587a050000000000000042e33089754c8107c3cd3923dd4a71c2ff06007b6b4816122d2550829eaa9435c99926022b8753a188748c569f435fb3bae96efb74b50ec93c152f5e8e198a29e5c0d0c60000ce0637ce003d661ff5ff70e48884ca000018cea71fcfacf40d32e4b58a8d2725561f6110fd7b06f90b5274cc5c1e298a16324fe27da2a9d5ba9ff3c009d308bd73f4772539", 0x2b2, 0xfffffffffffffffe) r2 = add_key$user(&(0x7f0000000280), &(0x7f0000000180)={'syz', 0x2}, &(0x7f0000000000)="03", 0x1, 0xfffffffffffffffd) r3 = add_key$user(&(0x7f0000002340), &(0x7f0000000700)={'syz', 0x0}, &(0x7f00000006c0)="9c", 0x1, 0xfffffffffffffffe) add_key$user(&(0x7f0000000080), &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000500)="cedb69f2822640e0a6e7ca50337375286884abf3ed3cd0dff9c5651731477f9b4ba919eb88b4e9911a91f44d6adfa52060ad723970d8c1964bd574a3302abbb378c0dd5855a7c5061fa85f10c3e6a2855ae079c88d65437ed790cafb7c73b1c20a73b3c0e8c8461c3ab334a699ec8028ee1b73e48932948bb740635780d4", 0x7e, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000000640)={r2, r1, r3}, &(0x7f0000000400)=""/228, 0xe4, &(0x7f0000000840)={&(0x7f0000000680)={'wp256\x00'}}) 09:52:44 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = add_key$user(&(0x7f00000000c0), &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000340)="585ccbe4ed83b836c1a6474914dc55e72206297b6895b66147b3c7218a9169a85ea0bdc9e1587a050000000000000042e33089754c8107c3cd3923dd4a71c2ff06007b6b4816122d2550829eaa9435c99926022b8753a188748c569f435fb3bae96efb74b50ec93c152f5e8e198a29e5c0d0c60000ce0637ce003d661ff5ff70e48884ca000018cea71fcfacf40d32e4b58a8d2725561f6110fd7b06f90b5274cc5c1e298a16324fe27da2a9d5ba9ff3c009d308bd73f4772539", 0x2b2, 0xfffffffffffffffe) r2 = add_key$user(&(0x7f0000000280), &(0x7f0000000180)={'syz', 0x2}, &(0x7f0000000000)="03", 0x1, 0xfffffffffffffffd) r3 = add_key$user(&(0x7f0000002340), &(0x7f0000000700)={'syz', 0x0}, &(0x7f00000006c0)="9c", 0x1, 0xfffffffffffffffe) add_key$user(&(0x7f0000000080), &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000500)="cedb69f2822640e0a6e7ca50337375286884abf3ed3cd0dff9c5651731477f9b4ba919eb88b4e9911a91f44d6adfa52060ad723970d8c1964bd574a3302abbb378c0dd5855a7c5061fa85f10c3e6a2855ae079c88d65437ed790cafb7c73b1c20a73b3c0e8c8461c3ab334a699ec8028ee1b73e48932948bb740635780d4", 0x7e, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000000640)={r2, r1, r3}, &(0x7f0000000400)=""/228, 0xe4, &(0x7f0000000840)={&(0x7f0000000680)={'wp256\x00'}}) 09:52:44 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f00000005c0), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RELOAD(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000200)={0x64, r1, 0x1, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_ID={0x8}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_FD={0x8}}]}, 0x64}}, 0x0) 09:52:44 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = add_key$user(&(0x7f00000000c0), &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000340)="585ccbe4ed83b836c1a6474914dc55e72206297b6895b66147b3c7218a9169a85ea0bdc9e1587a050000000000000042e33089754c8107c3cd3923dd4a71c2ff06007b6b4816122d2550829eaa9435c99926022b8753a188748c569f435fb3bae96efb74b50ec93c152f5e8e198a29e5c0d0c60000ce0637ce003d661ff5ff70e48884ca000018cea71fcfacf40d32e4b58a8d2725561f6110fd7b06f90b5274cc5c1e298a16324fe27da2a9d5ba9ff3c009d308bd73f4772539", 0x2b2, 0xfffffffffffffffe) r2 = add_key$user(&(0x7f0000000280), &(0x7f0000000180)={'syz', 0x2}, &(0x7f0000000000)="03", 0x1, 0xfffffffffffffffd) r3 = add_key$user(&(0x7f0000002340), &(0x7f0000000700)={'syz', 0x0}, &(0x7f00000006c0)="9c", 0x1, 0xfffffffffffffffe) add_key$user(&(0x7f0000000080), &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000500)="cedb69f2822640e0a6e7ca50337375286884abf3ed3cd0dff9c5651731477f9b4ba919eb88b4e9911a91f44d6adfa52060ad723970d8c1964bd574a3302abbb378c0dd5855a7c5061fa85f10c3e6a2855ae079c88d65437ed790cafb7c73b1c20a73b3c0e8c8461c3ab334a699ec8028ee1b73e48932948bb740635780d4", 0x7e, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000000640)={r2, r1, r3}, &(0x7f0000000400)=""/228, 0xe4, &(0x7f0000000840)={&(0x7f0000000680)={'wp256\x00'}}) 09:52:44 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f00000005c0), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RELOAD(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000200)={0x64, r1, 0x1, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_ID={0x8}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_FD={0x8}}]}, 0x64}}, 0x0) 09:52:44 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = add_key$user(&(0x7f00000000c0), &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000340)="585ccbe4ed83b836c1a6474914dc55e72206297b6895b66147b3c7218a9169a85ea0bdc9e1587a050000000000000042e33089754c8107c3cd3923dd4a71c2ff06007b6b4816122d2550829eaa9435c99926022b8753a188748c569f435fb3bae96efb74b50ec93c152f5e8e198a29e5c0d0c60000ce0637ce003d661ff5ff70e48884ca000018cea71fcfacf40d32e4b58a8d2725561f6110fd7b06f90b5274cc5c1e298a16324fe27da2a9d5ba9ff3c009d308bd73f4772539", 0x2b2, 0xfffffffffffffffe) r2 = add_key$user(&(0x7f0000000280), &(0x7f0000000180)={'syz', 0x2}, &(0x7f0000000000)="03", 0x1, 0xfffffffffffffffd) r3 = add_key$user(&(0x7f0000002340), &(0x7f0000000700)={'syz', 0x0}, &(0x7f00000006c0)="9c", 0x1, 0xfffffffffffffffe) add_key$user(&(0x7f0000000080), &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000500)="cedb69f2822640e0a6e7ca50337375286884abf3ed3cd0dff9c5651731477f9b4ba919eb88b4e9911a91f44d6adfa52060ad723970d8c1964bd574a3302abbb378c0dd5855a7c5061fa85f10c3e6a2855ae079c88d65437ed790cafb7c73b1c20a73b3c0e8c8461c3ab334a699ec8028ee1b73e48932948bb740635780d4", 0x7e, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000000640)={r2, r1, r3}, &(0x7f0000000400)=""/228, 0xe4, &(0x7f0000000840)={&(0x7f0000000680)={'wp256\x00'}}) 09:52:44 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f00000005c0), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RELOAD(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000200)={0x64, r1, 0x1, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_ID={0x8}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_FD={0x8}}]}, 0x64}}, 0x0) 09:52:44 executing program 0: get_mempolicy(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000ffc000/0x3000)=nil, 0x4) 09:52:44 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x39, 0x1b, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000040)=0x152, 0xa99, 0x0) remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x201608, 0x0, 0x0, 0x0) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2) [ 726.245235][T29093] mmap: syz-executor.2 (29093) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst. 09:52:44 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f00000005c0), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RELOAD(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000200)={0x64, r1, 0x1, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_ID={0x8}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_FD={0x8}}]}, 0x64}}, 0x0) 09:52:44 executing program 1: r0 = openat$random(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r1, 0x0) r2 = dup2(r0, r1) ioctl$RNDADDENTROPY(r2, 0x40085203, &(0x7f00000003c0)) 09:52:44 executing program 0: get_mempolicy(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000ffc000/0x3000)=nil, 0x4) 09:52:44 executing program 3: syz_mount_image$exfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000040)="eb769045584641542020200000000000000000000000000000000000000000000000000000000000000000000000f5", 0x2f}, {&(0x7f00000000c0)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x1e0}], 0x0, &(0x7f0000002c40)=ANY=[]) 09:52:44 executing program 1: r0 = openat$random(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r1, 0x0) r2 = dup2(r0, r1) ioctl$RNDADDENTROPY(r2, 0x40085203, &(0x7f00000003c0)) 09:52:45 executing program 0: get_mempolicy(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000ffc000/0x3000)=nil, 0x4) [ 726.486952][T29106] loop3: detected capacity change from 0 to 1 [ 726.548742][T29106] exFAT-fs (loop3): failed to read boot sector 09:52:45 executing program 0: get_mempolicy(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000ffc000/0x3000)=nil, 0x4) [ 726.606170][T29106] exFAT-fs (loop3): failed to recognize exfat type 09:52:45 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x39, 0x1b, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000040)=0x152, 0xa99, 0x0) remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x201608, 0x0, 0x0, 0x0) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2) 09:52:45 executing program 1: r0 = openat$random(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r1, 0x0) r2 = dup2(r0, r1) ioctl$RNDADDENTROPY(r2, 0x40085203, &(0x7f00000003c0)) [ 726.771948][T29106] loop3: detected capacity change from 0 to 1 09:52:45 executing program 1: r0 = openat$random(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2800004, 0x12, r1, 0x0) r2 = dup2(r0, r1) ioctl$RNDADDENTROPY(r2, 0x40085203, &(0x7f00000003c0)) [ 726.829299][T29106] exFAT-fs (loop3): failed to read boot sector 09:52:45 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x39, 0x1b, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000040)=0x152, 0xa99, 0x0) remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x201608, 0x0, 0x0, 0x0) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2) [ 726.856050][T29106] exFAT-fs (loop3): failed to recognize exfat type 09:52:45 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x39, 0x1b, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000040)=0x152, 0xa99, 0x0) remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x201608, 0x0, 0x0, 0x0) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2) 09:52:45 executing program 3: syz_mount_image$exfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000040)="eb769045584641542020200000000000000000000000000000000000000000000000000000000000000000000000f5", 0x2f}, {&(0x7f00000000c0)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x1e0}], 0x0, &(0x7f0000002c40)=ANY=[]) 09:52:45 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x39, 0x1b, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000040)=0x152, 0xa99, 0x0) remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x201608, 0x0, 0x0, 0x0) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2) [ 727.110606][T29133] loop3: detected capacity change from 0 to 1 [ 727.133797][T29133] exFAT-fs (loop3): failed to read boot sector [ 727.142744][T29133] exFAT-fs (loop3): failed to recognize exfat type 09:52:45 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x39, 0x1b, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000040)=0x152, 0xa99, 0x0) remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x201608, 0x0, 0x0, 0x0) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2) 09:52:45 executing program 3: syz_mount_image$exfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000040)="eb769045584641542020200000000000000000000000000000000000000000000000000000000000000000000000f5", 0x2f}, {&(0x7f00000000c0)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x1e0}], 0x0, &(0x7f0000002c40)=ANY=[]) 09:52:45 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x39, 0x1b, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000040)=0x152, 0xa99, 0x0) remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x201608, 0x0, 0x0, 0x0) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2) [ 727.383155][T29142] loop3: detected capacity change from 0 to 1 09:52:45 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x39, 0x1b, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000040)=0x152, 0xa99, 0x0) remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x201608, 0x0, 0x0, 0x0) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2) [ 727.443194][T29142] exFAT-fs (loop3): failed to read boot sector [ 727.484657][T29142] exFAT-fs (loop3): failed to recognize exfat type 09:52:46 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x39, 0x1b, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000040)=0x152, 0xa99, 0x0) remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x201608, 0x0, 0x0, 0x0) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2) 09:52:46 executing program 3: syz_mount_image$exfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000040)="eb769045584641542020200000000000000000000000000000000000000000000000000000000000000000000000f5", 0x2f}, {&(0x7f00000000c0)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x1e0}], 0x0, &(0x7f0000002c40)=ANY=[]) [ 727.787615][T29157] loop3: detected capacity change from 0 to 1 09:52:46 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x39, 0x1b, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000040)=0x152, 0xa99, 0x0) remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x201608, 0x0, 0x0, 0x0) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2) [ 727.921736][T29157] exFAT-fs (loop3): failed to read boot sector 09:52:46 executing program 2: openat$tcp_mem(0xffffff9c, 0x0, 0x1, 0x0) r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) pwritev2(r0, &(0x7f0000000180)=[{&(0x7f00000000c0)="d1f13e083a5466a36afbd4", 0xb}, {&(0x7f0000000240)="7c81383738", 0x5}], 0x2, 0x0, 0x0, 0x0) [ 727.946700][T29157] exFAT-fs (loop3): failed to recognize exfat type 09:52:46 executing program 2: openat$tcp_mem(0xffffff9c, 0x0, 0x1, 0x0) r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) pwritev2(r0, &(0x7f0000000180)=[{&(0x7f00000000c0)="d1f13e083a5466a36afbd4", 0xb}, {&(0x7f0000000240)="7c81383738", 0x5}], 0x2, 0x0, 0x0, 0x0) 09:52:46 executing program 2: openat$tcp_mem(0xffffff9c, 0x0, 0x1, 0x0) r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) pwritev2(r0, &(0x7f0000000180)=[{&(0x7f00000000c0)="d1f13e083a5466a36afbd4", 0xb}, {&(0x7f0000000240)="7c81383738", 0x5}], 0x2, 0x0, 0x0, 0x0) 09:52:46 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) recvmmsg(r0, &(0x7f0000004fc0)=[{{0x0, 0x0, &(0x7f0000000600)=[{0x0, 0x7ffffffff000}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9}}], 0x1, 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000003140), 0x0, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001480)={&(0x7f0000000000)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @private0}}}, 0x80, &(0x7f0000001380)=[{0x0}, {&(0x7f0000000140)=""/168, 0xa8}], 0x2}, 0x2041) r4 = syz_genetlink_get_family_id$ethtool(0x0, r2) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f00000015c0)={'ip_vti0\x00', &(0x7f0000001540)={'syztnl1\x00', 0x0, 0x7800, 0x8000, 0x2, 0x883, {{0x15, 0x4, 0x0, 0x7, 0x54, 0x67, 0x0, 0x7f, 0x4, 0x0, @broadcast, @local, {[@noop, @rr={0x7, 0xb, 0xea, [@initdev={0xac, 0x1e, 0x1, 0x0}, @local]}, @rr={0x7, 0x7, 0xe0, [@remote]}, @timestamp={0x44, 0xc, 0x90, 0x0, 0x2, [0x40, 0x0]}, @ssrr={0x89, 0x1f, 0x38, [@local, @multicast2, @local, @dev={0xac, 0x14, 0x14, 0x23}, @rand_addr=0x64010102, @loopback, @dev={0xac, 0x14, 0x14, 0x11}]}]}}}}}) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f00000041c0)={'team0\x00', 0x0}) sendmsg$ETHTOOL_MSG_CHANNELS_GET(r3, &(0x7f0000004300)={&(0x7f00000014c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000042c0)={&(0x7f0000004200)={0x90, r4, 0x10, 0x70bd2d, 0x25dfdbfc, {}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x64, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvlan1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge_slave_0\x00'}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}]}]}, 0x90}, 0x1, 0x0, 0x0, 0x40000000}, 0x840) socket$inet_udplite(0x2, 0x2, 0x88) openat$vcsu(0xffffffffffffff9c, &(0x7f0000003140), 0x0, 0x0) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000340)={'syztnl1\x00', &(0x7f00000002c0)={'erspan0\x00', 0x0, 0x7800, 0x40, 0x7, 0xffff, {{0x11, 0x4, 0x2, 0x7, 0x44, 0x67, 0x0, 0x2, 0x29, 0x0, @loopback, @local, {[@ra={0x94, 0x4, 0x1}, @lsrr={0x83, 0x2b, 0xe2, [@initdev={0xac, 0x1e, 0x0, 0x0}, @multicast2, @initdev={0xac, 0x1e, 0x0, 0x0}, @initdev={0xac, 0x1e, 0x1, 0x0}, @multicast1, @dev={0xac, 0x14, 0x14, 0x2d}, @private=0xa010102, @local, @loopback, @remote]}]}}}}}) 09:52:46 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000780), 0xffffffffffffffff) r2 = socket$l2tp(0x2, 0x2, 0x73) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000007c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_KEY(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000380)={0x5c, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_KEY_DATA_WEP104={0x11, 0x7, "288efebc474b0e14987a02d383"}, @NL80211_ATTR_KEY_CIPHER={0x8, 0x9, 0xfac05}, @NL80211_ATTR_KEY_DEFAULT_TYPES={0x4}, @NL80211_ATTR_KEY_IDX={0x5}, @NL80211_ATTR_KEY_TYPE={0x8, 0x37, 0x1}, @NL80211_ATTR_KEY_SEQ={0x4}]}, 0x5c}}, 0x0) 09:52:47 executing program 1: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000980), 0x0, 0x0) ioctl$SNDCTL_SEQ_OUTOFBAND(r0, 0x40085112, &(0x7f0000000d40)=@v={0x93, 0x0, 0xa0, 0x0, @generic}) 09:52:47 executing program 2: openat$tcp_mem(0xffffff9c, 0x0, 0x1, 0x0) r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) pwritev2(r0, &(0x7f0000000180)=[{&(0x7f00000000c0)="d1f13e083a5466a36afbd4", 0xb}, {&(0x7f0000000240)="7c81383738", 0x5}], 0x2, 0x0, 0x0, 0x0) 09:52:47 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000780), 0xffffffffffffffff) r2 = socket$l2tp(0x2, 0x2, 0x73) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000007c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_KEY(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000380)={0x5c, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_KEY_DATA_WEP104={0x11, 0x7, "288efebc474b0e14987a02d383"}, @NL80211_ATTR_KEY_CIPHER={0x8, 0x9, 0xfac05}, @NL80211_ATTR_KEY_DEFAULT_TYPES={0x4}, @NL80211_ATTR_KEY_IDX={0x5}, @NL80211_ATTR_KEY_TYPE={0x8, 0x37, 0x1}, @NL80211_ATTR_KEY_SEQ={0x4}]}, 0x5c}}, 0x0) 09:52:47 executing program 1: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000980), 0x0, 0x0) ioctl$SNDCTL_SEQ_OUTOFBAND(r0, 0x40085112, &(0x7f0000000d40)=@v={0x93, 0x0, 0xa0, 0x0, @generic}) 09:52:47 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x12, 0x200, 0x0, 0x1}, 0x40) 09:52:47 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000780), 0xffffffffffffffff) r2 = socket$l2tp(0x2, 0x2, 0x73) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000007c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_KEY(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000380)={0x5c, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_KEY_DATA_WEP104={0x11, 0x7, "288efebc474b0e14987a02d383"}, @NL80211_ATTR_KEY_CIPHER={0x8, 0x9, 0xfac05}, @NL80211_ATTR_KEY_DEFAULT_TYPES={0x4}, @NL80211_ATTR_KEY_IDX={0x5}, @NL80211_ATTR_KEY_TYPE={0x8, 0x37, 0x1}, @NL80211_ATTR_KEY_SEQ={0x4}]}, 0x5c}}, 0x0) 09:52:47 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) recvmmsg(r0, &(0x7f0000004fc0)=[{{0x0, 0x0, &(0x7f0000000600)=[{0x0, 0x7ffffffff000}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9}}], 0x1, 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000003140), 0x0, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001480)={&(0x7f0000000000)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @private0}}}, 0x80, &(0x7f0000001380)=[{0x0}, {&(0x7f0000000140)=""/168, 0xa8}], 0x2}, 0x2041) r4 = syz_genetlink_get_family_id$ethtool(0x0, r2) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f00000015c0)={'ip_vti0\x00', &(0x7f0000001540)={'syztnl1\x00', 0x0, 0x7800, 0x8000, 0x2, 0x883, {{0x15, 0x4, 0x0, 0x7, 0x54, 0x67, 0x0, 0x7f, 0x4, 0x0, @broadcast, @local, {[@noop, @rr={0x7, 0xb, 0xea, [@initdev={0xac, 0x1e, 0x1, 0x0}, @local]}, @rr={0x7, 0x7, 0xe0, [@remote]}, @timestamp={0x44, 0xc, 0x90, 0x0, 0x2, [0x40, 0x0]}, @ssrr={0x89, 0x1f, 0x38, [@local, @multicast2, @local, @dev={0xac, 0x14, 0x14, 0x23}, @rand_addr=0x64010102, @loopback, @dev={0xac, 0x14, 0x14, 0x11}]}]}}}}}) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f00000041c0)={'team0\x00', 0x0}) sendmsg$ETHTOOL_MSG_CHANNELS_GET(r3, &(0x7f0000004300)={&(0x7f00000014c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000042c0)={&(0x7f0000004200)={0x90, r4, 0x10, 0x70bd2d, 0x25dfdbfc, {}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x64, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvlan1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge_slave_0\x00'}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}]}]}, 0x90}, 0x1, 0x0, 0x0, 0x40000000}, 0x840) socket$inet_udplite(0x2, 0x2, 0x88) openat$vcsu(0xffffffffffffff9c, &(0x7f0000003140), 0x0, 0x0) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000340)={'syztnl1\x00', &(0x7f00000002c0)={'erspan0\x00', 0x0, 0x7800, 0x40, 0x7, 0xffff, {{0x11, 0x4, 0x2, 0x7, 0x44, 0x67, 0x0, 0x2, 0x29, 0x0, @loopback, @local, {[@ra={0x94, 0x4, 0x1}, @lsrr={0x83, 0x2b, 0xe2, [@initdev={0xac, 0x1e, 0x0, 0x0}, @multicast2, @initdev={0xac, 0x1e, 0x0, 0x0}, @initdev={0xac, 0x1e, 0x1, 0x0}, @multicast1, @dev={0xac, 0x14, 0x14, 0x2d}, @private=0xa010102, @local, @loopback, @remote]}]}}}}}) 09:52:47 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000780), 0xffffffffffffffff) r2 = socket$l2tp(0x2, 0x2, 0x73) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000007c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_KEY(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000380)={0x5c, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_KEY_DATA_WEP104={0x11, 0x7, "288efebc474b0e14987a02d383"}, @NL80211_ATTR_KEY_CIPHER={0x8, 0x9, 0xfac05}, @NL80211_ATTR_KEY_DEFAULT_TYPES={0x4}, @NL80211_ATTR_KEY_IDX={0x5}, @NL80211_ATTR_KEY_TYPE={0x8, 0x37, 0x1}, @NL80211_ATTR_KEY_SEQ={0x4}]}, 0x5c}}, 0x0) 09:52:47 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x12, 0x200, 0x0, 0x1}, 0x40) 09:52:47 executing program 1: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000980), 0x0, 0x0) ioctl$SNDCTL_SEQ_OUTOFBAND(r0, 0x40085112, &(0x7f0000000d40)=@v={0x93, 0x0, 0xa0, 0x0, @generic}) 09:52:48 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x12, 0x200, 0x0, 0x1}, 0x40) 09:52:48 executing program 1: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000980), 0x0, 0x0) ioctl$SNDCTL_SEQ_OUTOFBAND(r0, 0x40085112, &(0x7f0000000d40)=@v={0x93, 0x0, 0xa0, 0x0, @generic}) 09:52:48 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) recvmmsg(r0, &(0x7f0000004fc0)=[{{0x0, 0x0, &(0x7f0000000600)=[{0x0, 0x7ffffffff000}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9}}], 0x1, 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000003140), 0x0, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001480)={&(0x7f0000000000)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @private0}}}, 0x80, &(0x7f0000001380)=[{0x0}, {&(0x7f0000000140)=""/168, 0xa8}], 0x2}, 0x2041) r4 = syz_genetlink_get_family_id$ethtool(0x0, r2) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f00000015c0)={'ip_vti0\x00', &(0x7f0000001540)={'syztnl1\x00', 0x0, 0x7800, 0x8000, 0x2, 0x883, {{0x15, 0x4, 0x0, 0x7, 0x54, 0x67, 0x0, 0x7f, 0x4, 0x0, @broadcast, @local, {[@noop, @rr={0x7, 0xb, 0xea, [@initdev={0xac, 0x1e, 0x1, 0x0}, @local]}, @rr={0x7, 0x7, 0xe0, [@remote]}, @timestamp={0x44, 0xc, 0x90, 0x0, 0x2, [0x40, 0x0]}, @ssrr={0x89, 0x1f, 0x38, [@local, @multicast2, @local, @dev={0xac, 0x14, 0x14, 0x23}, @rand_addr=0x64010102, @loopback, @dev={0xac, 0x14, 0x14, 0x11}]}]}}}}}) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f00000041c0)={'team0\x00', 0x0}) sendmsg$ETHTOOL_MSG_CHANNELS_GET(r3, &(0x7f0000004300)={&(0x7f00000014c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000042c0)={&(0x7f0000004200)={0x90, r4, 0x10, 0x70bd2d, 0x25dfdbfc, {}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x64, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvlan1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge_slave_0\x00'}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}]}]}, 0x90}, 0x1, 0x0, 0x0, 0x40000000}, 0x840) socket$inet_udplite(0x2, 0x2, 0x88) openat$vcsu(0xffffffffffffff9c, &(0x7f0000003140), 0x0, 0x0) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000340)={'syztnl1\x00', &(0x7f00000002c0)={'erspan0\x00', 0x0, 0x7800, 0x40, 0x7, 0xffff, {{0x11, 0x4, 0x2, 0x7, 0x44, 0x67, 0x0, 0x2, 0x29, 0x0, @loopback, @local, {[@ra={0x94, 0x4, 0x1}, @lsrr={0x83, 0x2b, 0xe2, [@initdev={0xac, 0x1e, 0x0, 0x0}, @multicast2, @initdev={0xac, 0x1e, 0x0, 0x0}, @initdev={0xac, 0x1e, 0x1, 0x0}, @multicast1, @dev={0xac, 0x14, 0x14, 0x2d}, @private=0xa010102, @local, @loopback, @remote]}]}}}}}) 09:52:48 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x12, 0x200, 0x0, 0x1}, 0x40) 09:52:48 executing program 1: setrlimit(0x7, &(0x7f0000000100)) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0), 0x0, 0x0) 09:52:48 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) recvmmsg(r0, &(0x7f0000004fc0)=[{{0x0, 0x0, &(0x7f0000000600)=[{0x0, 0x7ffffffff000}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9}}], 0x1, 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000003140), 0x0, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001480)={&(0x7f0000000000)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @private0}}}, 0x80, &(0x7f0000001380)=[{0x0}, {&(0x7f0000000140)=""/168, 0xa8}], 0x2}, 0x2041) r4 = syz_genetlink_get_family_id$ethtool(0x0, r2) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f00000015c0)={'ip_vti0\x00', &(0x7f0000001540)={'syztnl1\x00', 0x0, 0x7800, 0x8000, 0x2, 0x883, {{0x15, 0x4, 0x0, 0x7, 0x54, 0x67, 0x0, 0x7f, 0x4, 0x0, @broadcast, @local, {[@noop, @rr={0x7, 0xb, 0xea, [@initdev={0xac, 0x1e, 0x1, 0x0}, @local]}, @rr={0x7, 0x7, 0xe0, [@remote]}, @timestamp={0x44, 0xc, 0x90, 0x0, 0x2, [0x40, 0x0]}, @ssrr={0x89, 0x1f, 0x38, [@local, @multicast2, @local, @dev={0xac, 0x14, 0x14, 0x23}, @rand_addr=0x64010102, @loopback, @dev={0xac, 0x14, 0x14, 0x11}]}]}}}}}) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f00000041c0)={'team0\x00', 0x0}) sendmsg$ETHTOOL_MSG_CHANNELS_GET(r3, &(0x7f0000004300)={&(0x7f00000014c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000042c0)={&(0x7f0000004200)={0x90, r4, 0x10, 0x70bd2d, 0x25dfdbfc, {}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x64, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvlan1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge_slave_0\x00'}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}]}]}, 0x90}, 0x1, 0x0, 0x0, 0x40000000}, 0x840) socket$inet_udplite(0x2, 0x2, 0x88) openat$vcsu(0xffffffffffffff9c, &(0x7f0000003140), 0x0, 0x0) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000340)={'syztnl1\x00', &(0x7f00000002c0)={'erspan0\x00', 0x0, 0x7800, 0x40, 0x7, 0xffff, {{0x11, 0x4, 0x2, 0x7, 0x44, 0x67, 0x0, 0x2, 0x29, 0x0, @loopback, @local, {[@ra={0x94, 0x4, 0x1}, @lsrr={0x83, 0x2b, 0xe2, [@initdev={0xac, 0x1e, 0x0, 0x0}, @multicast2, @initdev={0xac, 0x1e, 0x0, 0x0}, @initdev={0xac, 0x1e, 0x1, 0x0}, @multicast1, @dev={0xac, 0x14, 0x14, 0x2d}, @private=0xa010102, @local, @loopback, @remote]}]}}}}}) 09:52:48 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) recvmmsg(r0, &(0x7f0000004fc0)=[{{0x0, 0x0, &(0x7f0000000600)=[{0x0, 0x7ffffffff000}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9}}], 0x1, 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000003140), 0x0, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001480)={&(0x7f0000000000)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @private0}}}, 0x80, &(0x7f0000001380)=[{0x0}, {&(0x7f0000000140)=""/168, 0xa8}], 0x2}, 0x2041) r4 = syz_genetlink_get_family_id$ethtool(0x0, r2) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f00000015c0)={'ip_vti0\x00', &(0x7f0000001540)={'syztnl1\x00', 0x0, 0x7800, 0x8000, 0x2, 0x883, {{0x15, 0x4, 0x0, 0x7, 0x54, 0x67, 0x0, 0x7f, 0x4, 0x0, @broadcast, @local, {[@noop, @rr={0x7, 0xb, 0xea, [@initdev={0xac, 0x1e, 0x1, 0x0}, @local]}, @rr={0x7, 0x7, 0xe0, [@remote]}, @timestamp={0x44, 0xc, 0x90, 0x0, 0x2, [0x40, 0x0]}, @ssrr={0x89, 0x1f, 0x38, [@local, @multicast2, @local, @dev={0xac, 0x14, 0x14, 0x23}, @rand_addr=0x64010102, @loopback, @dev={0xac, 0x14, 0x14, 0x11}]}]}}}}}) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f00000041c0)={'team0\x00', 0x0}) sendmsg$ETHTOOL_MSG_CHANNELS_GET(r3, &(0x7f0000004300)={&(0x7f00000014c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000042c0)={&(0x7f0000004200)={0x90, r4, 0x10, 0x70bd2d, 0x25dfdbfc, {}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x64, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvlan1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge_slave_0\x00'}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}]}]}, 0x90}, 0x1, 0x0, 0x0, 0x40000000}, 0x840) socket$inet_udplite(0x2, 0x2, 0x88) openat$vcsu(0xffffffffffffff9c, &(0x7f0000003140), 0x0, 0x0) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000340)={'syztnl1\x00', &(0x7f00000002c0)={'erspan0\x00', 0x0, 0x7800, 0x40, 0x7, 0xffff, {{0x11, 0x4, 0x2, 0x7, 0x44, 0x67, 0x0, 0x2, 0x29, 0x0, @loopback, @local, {[@ra={0x94, 0x4, 0x1}, @lsrr={0x83, 0x2b, 0xe2, [@initdev={0xac, 0x1e, 0x0, 0x0}, @multicast2, @initdev={0xac, 0x1e, 0x0, 0x0}, @initdev={0xac, 0x1e, 0x1, 0x0}, @multicast1, @dev={0xac, 0x14, 0x14, 0x2d}, @private=0xa010102, @local, @loopback, @remote]}]}}}}}) 09:52:48 executing program 1: setrlimit(0x7, &(0x7f0000000100)) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0), 0x0, 0x0) 09:52:49 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) recvmmsg(r0, &(0x7f0000004fc0)=[{{0x0, 0x0, &(0x7f0000000600)=[{0x0, 0x7ffffffff000}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9}}], 0x1, 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000003140), 0x0, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001480)={&(0x7f0000000000)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @private0}}}, 0x80, &(0x7f0000001380)=[{0x0}, {&(0x7f0000000140)=""/168, 0xa8}], 0x2}, 0x2041) r4 = syz_genetlink_get_family_id$ethtool(0x0, r2) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f00000015c0)={'ip_vti0\x00', &(0x7f0000001540)={'syztnl1\x00', 0x0, 0x7800, 0x8000, 0x2, 0x883, {{0x15, 0x4, 0x0, 0x7, 0x54, 0x67, 0x0, 0x7f, 0x4, 0x0, @broadcast, @local, {[@noop, @rr={0x7, 0xb, 0xea, [@initdev={0xac, 0x1e, 0x1, 0x0}, @local]}, @rr={0x7, 0x7, 0xe0, [@remote]}, @timestamp={0x44, 0xc, 0x90, 0x0, 0x2, [0x40, 0x0]}, @ssrr={0x89, 0x1f, 0x38, [@local, @multicast2, @local, @dev={0xac, 0x14, 0x14, 0x23}, @rand_addr=0x64010102, @loopback, @dev={0xac, 0x14, 0x14, 0x11}]}]}}}}}) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f00000041c0)={'team0\x00', 0x0}) sendmsg$ETHTOOL_MSG_CHANNELS_GET(r3, &(0x7f0000004300)={&(0x7f00000014c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000042c0)={&(0x7f0000004200)={0x90, r4, 0x10, 0x70bd2d, 0x25dfdbfc, {}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x64, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvlan1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge_slave_0\x00'}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}]}]}, 0x90}, 0x1, 0x0, 0x0, 0x40000000}, 0x840) socket$inet_udplite(0x2, 0x2, 0x88) openat$vcsu(0xffffffffffffff9c, &(0x7f0000003140), 0x0, 0x0) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000340)={'syztnl1\x00', &(0x7f00000002c0)={'erspan0\x00', 0x0, 0x7800, 0x40, 0x7, 0xffff, {{0x11, 0x4, 0x2, 0x7, 0x44, 0x67, 0x0, 0x2, 0x29, 0x0, @loopback, @local, {[@ra={0x94, 0x4, 0x1}, @lsrr={0x83, 0x2b, 0xe2, [@initdev={0xac, 0x1e, 0x0, 0x0}, @multicast2, @initdev={0xac, 0x1e, 0x0, 0x0}, @initdev={0xac, 0x1e, 0x1, 0x0}, @multicast1, @dev={0xac, 0x14, 0x14, 0x2d}, @private=0xa010102, @local, @loopback, @remote]}]}}}}}) 09:52:49 executing program 1: setrlimit(0x7, &(0x7f0000000100)) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0), 0x0, 0x0) 09:52:49 executing program 1: setrlimit(0x7, &(0x7f0000000100)) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0), 0x0, 0x0) 09:52:49 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) setuid(0xee01) ioctl$KDGETLED(r0, 0x4b52, 0x0) 09:52:49 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) recvmmsg(r0, &(0x7f0000004fc0)=[{{0x0, 0x0, &(0x7f0000000600)=[{0x0, 0x7ffffffff000}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9}}], 0x1, 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000003140), 0x0, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001480)={&(0x7f0000000000)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @private0}}}, 0x80, &(0x7f0000001380)=[{0x0}, {&(0x7f0000000140)=""/168, 0xa8}], 0x2}, 0x2041) r4 = syz_genetlink_get_family_id$ethtool(0x0, r2) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f00000015c0)={'ip_vti0\x00', &(0x7f0000001540)={'syztnl1\x00', 0x0, 0x7800, 0x8000, 0x2, 0x883, {{0x15, 0x4, 0x0, 0x7, 0x54, 0x67, 0x0, 0x7f, 0x4, 0x0, @broadcast, @local, {[@noop, @rr={0x7, 0xb, 0xea, [@initdev={0xac, 0x1e, 0x1, 0x0}, @local]}, @rr={0x7, 0x7, 0xe0, [@remote]}, @timestamp={0x44, 0xc, 0x90, 0x0, 0x2, [0x40, 0x0]}, @ssrr={0x89, 0x1f, 0x38, [@local, @multicast2, @local, @dev={0xac, 0x14, 0x14, 0x23}, @rand_addr=0x64010102, @loopback, @dev={0xac, 0x14, 0x14, 0x11}]}]}}}}}) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f00000041c0)={'team0\x00', 0x0}) sendmsg$ETHTOOL_MSG_CHANNELS_GET(r3, &(0x7f0000004300)={&(0x7f00000014c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000042c0)={&(0x7f0000004200)={0x90, r4, 0x10, 0x70bd2d, 0x25dfdbfc, {}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x64, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvlan1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge_slave_0\x00'}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}]}]}, 0x90}, 0x1, 0x0, 0x0, 0x40000000}, 0x840) socket$inet_udplite(0x2, 0x2, 0x88) openat$vcsu(0xffffffffffffff9c, &(0x7f0000003140), 0x0, 0x0) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000340)={'syztnl1\x00', &(0x7f00000002c0)={'erspan0\x00', 0x0, 0x7800, 0x40, 0x7, 0xffff, {{0x11, 0x4, 0x2, 0x7, 0x44, 0x67, 0x0, 0x2, 0x29, 0x0, @loopback, @local, {[@ra={0x94, 0x4, 0x1}, @lsrr={0x83, 0x2b, 0xe2, [@initdev={0xac, 0x1e, 0x0, 0x0}, @multicast2, @initdev={0xac, 0x1e, 0x0, 0x0}, @initdev={0xac, 0x1e, 0x1, 0x0}, @multicast1, @dev={0xac, 0x14, 0x14, 0x2d}, @private=0xa010102, @local, @loopback, @remote]}]}}}}}) 09:52:49 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) setuid(0xee01) ioctl$KDGETLED(r0, 0x4b52, 0x0) 09:52:49 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) recvmmsg(r0, &(0x7f0000004fc0)=[{{0x0, 0x0, &(0x7f0000000600)=[{0x0, 0x7ffffffff000}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9}}], 0x1, 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000003140), 0x0, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001480)={&(0x7f0000000000)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @private0}}}, 0x80, &(0x7f0000001380)=[{0x0}, {&(0x7f0000000140)=""/168, 0xa8}], 0x2}, 0x2041) r4 = syz_genetlink_get_family_id$ethtool(0x0, r2) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f00000015c0)={'ip_vti0\x00', &(0x7f0000001540)={'syztnl1\x00', 0x0, 0x7800, 0x8000, 0x2, 0x883, {{0x15, 0x4, 0x0, 0x7, 0x54, 0x67, 0x0, 0x7f, 0x4, 0x0, @broadcast, @local, {[@noop, @rr={0x7, 0xb, 0xea, [@initdev={0xac, 0x1e, 0x1, 0x0}, @local]}, @rr={0x7, 0x7, 0xe0, [@remote]}, @timestamp={0x44, 0xc, 0x90, 0x0, 0x2, [0x40, 0x0]}, @ssrr={0x89, 0x1f, 0x38, [@local, @multicast2, @local, @dev={0xac, 0x14, 0x14, 0x23}, @rand_addr=0x64010102, @loopback, @dev={0xac, 0x14, 0x14, 0x11}]}]}}}}}) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f00000041c0)={'team0\x00', 0x0}) sendmsg$ETHTOOL_MSG_CHANNELS_GET(r3, &(0x7f0000004300)={&(0x7f00000014c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000042c0)={&(0x7f0000004200)={0x90, r4, 0x10, 0x70bd2d, 0x25dfdbfc, {}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x64, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvlan1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge_slave_0\x00'}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}]}]}, 0x90}, 0x1, 0x0, 0x0, 0x40000000}, 0x840) socket$inet_udplite(0x2, 0x2, 0x88) openat$vcsu(0xffffffffffffff9c, &(0x7f0000003140), 0x0, 0x0) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000340)={'syztnl1\x00', &(0x7f00000002c0)={'erspan0\x00', 0x0, 0x7800, 0x40, 0x7, 0xffff, {{0x11, 0x4, 0x2, 0x7, 0x44, 0x67, 0x0, 0x2, 0x29, 0x0, @loopback, @local, {[@ra={0x94, 0x4, 0x1}, @lsrr={0x83, 0x2b, 0xe2, [@initdev={0xac, 0x1e, 0x0, 0x0}, @multicast2, @initdev={0xac, 0x1e, 0x0, 0x0}, @initdev={0xac, 0x1e, 0x1, 0x0}, @multicast1, @dev={0xac, 0x14, 0x14, 0x2d}, @private=0xa010102, @local, @loopback, @remote]}]}}}}}) 09:52:49 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) setuid(0xee01) ioctl$KDGETLED(r0, 0x4b52, 0x0) 09:52:49 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) recvmmsg(r0, &(0x7f0000004fc0)=[{{0x0, 0x0, &(0x7f0000000600)=[{0x0, 0x7ffffffff000}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9}}], 0x1, 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000003140), 0x0, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001480)={&(0x7f0000000000)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @private0}}}, 0x80, &(0x7f0000001380)=[{0x0}, {&(0x7f0000000140)=""/168, 0xa8}], 0x2}, 0x2041) r4 = syz_genetlink_get_family_id$ethtool(0x0, r2) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f00000015c0)={'ip_vti0\x00', &(0x7f0000001540)={'syztnl1\x00', 0x0, 0x7800, 0x8000, 0x2, 0x883, {{0x15, 0x4, 0x0, 0x7, 0x54, 0x67, 0x0, 0x7f, 0x4, 0x0, @broadcast, @local, {[@noop, @rr={0x7, 0xb, 0xea, [@initdev={0xac, 0x1e, 0x1, 0x0}, @local]}, @rr={0x7, 0x7, 0xe0, [@remote]}, @timestamp={0x44, 0xc, 0x90, 0x0, 0x2, [0x40, 0x0]}, @ssrr={0x89, 0x1f, 0x38, [@local, @multicast2, @local, @dev={0xac, 0x14, 0x14, 0x23}, @rand_addr=0x64010102, @loopback, @dev={0xac, 0x14, 0x14, 0x11}]}]}}}}}) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f00000041c0)={'team0\x00', 0x0}) sendmsg$ETHTOOL_MSG_CHANNELS_GET(r3, &(0x7f0000004300)={&(0x7f00000014c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000042c0)={&(0x7f0000004200)={0x90, r4, 0x10, 0x70bd2d, 0x25dfdbfc, {}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x64, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvlan1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge_slave_0\x00'}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}]}]}, 0x90}, 0x1, 0x0, 0x0, 0x40000000}, 0x840) socket$inet_udplite(0x2, 0x2, 0x88) openat$vcsu(0xffffffffffffff9c, &(0x7f0000003140), 0x0, 0x0) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000340)={'syztnl1\x00', &(0x7f00000002c0)={'erspan0\x00', 0x0, 0x7800, 0x40, 0x7, 0xffff, {{0x11, 0x4, 0x2, 0x7, 0x44, 0x67, 0x0, 0x2, 0x29, 0x0, @loopback, @local, {[@ra={0x94, 0x4, 0x1}, @lsrr={0x83, 0x2b, 0xe2, [@initdev={0xac, 0x1e, 0x0, 0x0}, @multicast2, @initdev={0xac, 0x1e, 0x0, 0x0}, @initdev={0xac, 0x1e, 0x1, 0x0}, @multicast1, @dev={0xac, 0x14, 0x14, 0x2d}, @private=0xa010102, @local, @loopback, @remote]}]}}}}}) 09:52:50 executing program 1: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) setuid(0xee01) ioctl$KDGETLED(r0, 0x4b52, 0x0) 09:52:50 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYBLOB="440000001000000100"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002400128009cc1100626f6e640000000014000280080008"], 0x44}}, 0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) close(r3) socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010005fff000005000000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000280012800a00010076786c616e"], 0x3}}, 0x0) write$binfmt_misc(r2, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r1, 0x0, r3, 0x0, 0x4ffe2, 0x0) [ 731.899792][T29298] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. 09:52:50 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) recvmmsg(r0, &(0x7f0000004fc0)=[{{0x0, 0x0, &(0x7f0000000600)=[{0x0, 0x7ffffffff000}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9}}], 0x1, 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000003140), 0x0, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001480)={&(0x7f0000000000)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @private0}}}, 0x80, &(0x7f0000001380)=[{0x0}, {&(0x7f0000000140)=""/168, 0xa8}], 0x2}, 0x2041) r4 = syz_genetlink_get_family_id$ethtool(0x0, r2) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f00000015c0)={'ip_vti0\x00', &(0x7f0000001540)={'syztnl1\x00', 0x0, 0x7800, 0x8000, 0x2, 0x883, {{0x15, 0x4, 0x0, 0x7, 0x54, 0x67, 0x0, 0x7f, 0x4, 0x0, @broadcast, @local, {[@noop, @rr={0x7, 0xb, 0xea, [@initdev={0xac, 0x1e, 0x1, 0x0}, @local]}, @rr={0x7, 0x7, 0xe0, [@remote]}, @timestamp={0x44, 0xc, 0x90, 0x0, 0x2, [0x40, 0x0]}, @ssrr={0x89, 0x1f, 0x38, [@local, @multicast2, @local, @dev={0xac, 0x14, 0x14, 0x23}, @rand_addr=0x64010102, @loopback, @dev={0xac, 0x14, 0x14, 0x11}]}]}}}}}) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f00000041c0)={'team0\x00', 0x0}) sendmsg$ETHTOOL_MSG_CHANNELS_GET(r3, &(0x7f0000004300)={&(0x7f00000014c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000042c0)={&(0x7f0000004200)={0x90, r4, 0x10, 0x70bd2d, 0x25dfdbfc, {}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x64, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvlan1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge_slave_0\x00'}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}]}]}, 0x90}, 0x1, 0x0, 0x0, 0x40000000}, 0x840) socket$inet_udplite(0x2, 0x2, 0x88) openat$vcsu(0xffffffffffffff9c, &(0x7f0000003140), 0x0, 0x0) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000340)={'syztnl1\x00', &(0x7f00000002c0)={'erspan0\x00', 0x0, 0x7800, 0x40, 0x7, 0xffff, {{0x11, 0x4, 0x2, 0x7, 0x44, 0x67, 0x0, 0x2, 0x29, 0x0, @loopback, @local, {[@ra={0x94, 0x4, 0x1}, @lsrr={0x83, 0x2b, 0xe2, [@initdev={0xac, 0x1e, 0x0, 0x0}, @multicast2, @initdev={0xac, 0x1e, 0x0, 0x0}, @initdev={0xac, 0x1e, 0x1, 0x0}, @multicast1, @dev={0xac, 0x14, 0x14, 0x2d}, @private=0xa010102, @local, @loopback, @remote]}]}}}}}) 09:52:50 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x317d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000200)={0x2, 0x0, [0x4b564d02, 0x1]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 09:52:51 executing program 0: r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000003c80)={'batadv0\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000000)={@private0, @private2, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4a0156, r1}) 09:52:51 executing program 0: r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000003c80)={'batadv0\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000000)={@private0, @private2, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4a0156, r1}) 09:52:51 executing program 0: r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000003c80)={'batadv0\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000000)={@private0, @private2, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4a0156, r1}) 09:52:51 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYBLOB="440000001000000100"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002400128009cc1100626f6e640000000014000280080008"], 0x44}}, 0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) close(r3) socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010005fff000005000000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000280012800a00010076786c616e"], 0x3}}, 0x0) write$binfmt_misc(r2, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r1, 0x0, r3, 0x0, 0x4ffe2, 0x0) 09:52:51 executing program 0: r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000003c80)={'batadv0\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000000)={@private0, @private2, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4a0156, r1}) 09:52:51 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x317d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000200)={0x2, 0x0, [0x4b564d02, 0x1]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 733.370754][T29332] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. 09:52:51 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x317d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000200)={0x2, 0x0, [0x4b564d02, 0x1]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 09:52:51 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x317d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000200)={0x2, 0x0, [0x4b564d02, 0x1]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 733.403057][T29332] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. 09:52:52 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYBLOB="440000001000000100"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002400128009cc1100626f6e640000000014000280080008"], 0x44}}, 0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) close(r3) socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010005fff000005000000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000280012800a00010076786c616e"], 0x3}}, 0x0) write$binfmt_misc(r2, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r1, 0x0, r3, 0x0, 0x4ffe2, 0x0) 09:52:52 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x317d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000200)={0x2, 0x0, [0x4b564d02, 0x1]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 09:52:53 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x317d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000200)={0x2, 0x0, [0x4b564d02, 0x1]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 09:52:53 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x317d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000200)={0x2, 0x0, [0x4b564d02, 0x1]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 734.683985][T29365] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. 09:52:53 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x317d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000200)={0x2, 0x0, [0x4b564d02, 0x1]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 09:52:53 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x317d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000200)={0x2, 0x0, [0x4b564d02, 0x1]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 09:52:53 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x317d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000200)={0x2, 0x0, [0x4b564d02, 0x1]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 09:52:54 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800007, 0x12, r0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYBLOB="440000001000000100"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002400128009cc1100626f6e640000000014000280080008"], 0x44}}, 0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) close(r3) socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010005fff000005000000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000280012800a00010076786c616e"], 0x3}}, 0x0) write$binfmt_misc(r2, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r1, 0x0, r3, 0x0, 0x4ffe2, 0x0) [ 736.056700][T29402] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 736.116830][T29402] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. 09:52:54 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x317d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000200)={0x2, 0x0, [0x4b564d02, 0x1]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 09:52:54 executing program 2: r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000003c80)={'batadv0\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000000)={@private0, @private2, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4a0156, r1}) 09:52:54 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x317d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000200)={0x2, 0x0, [0x4b564d02, 0x1]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 09:52:55 executing program 2: r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000003c80)={'batadv0\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000000)={@private0, @private2, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4a0156, r1}) 09:52:55 executing program 2: r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000003c80)={'batadv0\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000000)={@private0, @private2, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4a0156, r1}) 09:52:55 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x317d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000200)={0x2, 0x0, [0x4b564d02, 0x1]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 09:52:55 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x317d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000200)={0x2, 0x0, [0x4b564d02, 0x1]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 09:52:55 executing program 2: r0 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000140)={0x43, 0x0, 0x3}, 0x10) bind$tipc(r0, 0x0, 0x0) 09:52:55 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_ACCT_NEW(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x40, 0x0, 0x7, 0x103, 0x0, 0x0, {}, [@NFACCT_PKTS={0xc, 0x2, 0x1, 0x0, 0xfffffffffffffffc}, @NFACCT_BYTES={0xc, 0x3, 0x1, 0x0, 0x4b5}, @NFACCT_FLAGS={0x8, 0x5, 0x1, 0x0, 0x3}, @NFACCT_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x40}, 0x1, 0x0, 0x0, 0x80}, 0x20000000) 09:52:55 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_ACCT_NEW(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x40, 0x0, 0x7, 0x103, 0x0, 0x0, {}, [@NFACCT_PKTS={0xc, 0x2, 0x1, 0x0, 0xfffffffffffffffc}, @NFACCT_BYTES={0xc, 0x3, 0x1, 0x0, 0x4b5}, @NFACCT_FLAGS={0x8, 0x5, 0x1, 0x0, 0x3}, @NFACCT_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x40}, 0x1, 0x0, 0x0, 0x80}, 0x20000000) 09:52:55 executing program 2: r0 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000140)={0x43, 0x0, 0x3}, 0x10) bind$tipc(r0, 0x0, 0x0) 09:52:56 executing program 2: r0 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000140)={0x43, 0x0, 0x3}, 0x10) bind$tipc(r0, 0x0, 0x0) 09:52:56 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_ACCT_NEW(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x40, 0x0, 0x7, 0x103, 0x0, 0x0, {}, [@NFACCT_PKTS={0xc, 0x2, 0x1, 0x0, 0xfffffffffffffffc}, @NFACCT_BYTES={0xc, 0x3, 0x1, 0x0, 0x4b5}, @NFACCT_FLAGS={0x8, 0x5, 0x1, 0x0, 0x3}, @NFACCT_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x40}, 0x1, 0x0, 0x0, 0x80}, 0x20000000) 09:52:56 executing program 2: r0 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000140)={0x43, 0x0, 0x3}, 0x10) bind$tipc(r0, 0x0, 0x0) 09:52:56 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x317d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000200)={0x2, 0x0, [0x4b564d02, 0x1]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 09:52:56 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x317d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000200)={0x2, 0x0, [0x4b564d02, 0x1]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 09:52:56 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_ACCT_NEW(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x40, 0x0, 0x7, 0x103, 0x0, 0x0, {}, [@NFACCT_PKTS={0xc, 0x2, 0x1, 0x0, 0xfffffffffffffffc}, @NFACCT_BYTES={0xc, 0x3, 0x1, 0x0, 0x4b5}, @NFACCT_FLAGS={0x8, 0x5, 0x1, 0x0, 0x3}, @NFACCT_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x40}, 0x1, 0x0, 0x0, 0x80}, 0x20000000) 09:52:56 executing program 1: r0 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000140)={0x43, 0x0, 0x3}, 0x10) bind$tipc(r0, 0x0, 0x0) 09:52:56 executing program 2: r0 = socket$pppl2tp(0x18, 0x1, 0x1) r1 = socket$inet6_udp(0xa, 0x2, 0x0) connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @dev}, 0x10001}}, 0x2e) setsockopt$pppl2tp_PPPOL2TP_SO_DEBUG(r0, 0x111, 0x4, 0x770001, 0x4) 09:52:56 executing program 1: r0 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000140)={0x43, 0x0, 0x3}, 0x10) bind$tipc(r0, 0x0, 0x0) 09:52:56 executing program 1: r0 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000140)={0x43, 0x0, 0x3}, 0x10) bind$tipc(r0, 0x0, 0x0) 09:52:56 executing program 2: r0 = socket$pppl2tp(0x18, 0x1, 0x1) r1 = socket$inet6_udp(0xa, 0x2, 0x0) connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @dev}, 0x10001}}, 0x2e) setsockopt$pppl2tp_PPPOL2TP_SO_DEBUG(r0, 0x111, 0x4, 0x770001, 0x4) 09:52:57 executing program 2: r0 = socket$pppl2tp(0x18, 0x1, 0x1) r1 = socket$inet6_udp(0xa, 0x2, 0x0) connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @dev}, 0x10001}}, 0x2e) setsockopt$pppl2tp_PPPOL2TP_SO_DEBUG(r0, 0x111, 0x4, 0x770001, 0x4) 09:52:57 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r1, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r2, @ANYBLOB="0000000000000076280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="380000002400ffffff7f000000003c0005000000", @ANYRES32=r2, @ANYBLOB="00000000ffffffff00000000090001006866736300000000080002"], 0x38}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=@newtfilter={0x3c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {}, {0xa}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_FLAGS={0x8, 0x16, 0x10}]}}]}, 0x3c}}, 0x0) r3 = socket(0x1000000010, 0x80002, 0x0) sendmmsg$alg(r3, &(0x7f0000000200), 0x10efe10675dec16, 0x0) r4 = socket(0x1000000010, 0x80002, 0x0) sendmmsg$alg(r4, &(0x7f0000000200), 0x10efe10675dec16, 0x0) 09:52:57 executing program 0: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0) ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r0, 0x40505331, &(0x7f0000000000)={{0x0, 0x9}}) 09:52:57 executing program 2: r0 = socket$pppl2tp(0x18, 0x1, 0x1) r1 = socket$inet6_udp(0xa, 0x2, 0x0) connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @dev}, 0x10001}}, 0x2e) setsockopt$pppl2tp_PPPOL2TP_SO_DEBUG(r0, 0x111, 0x4, 0x770001, 0x4) [ 739.056359][T29496] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. 09:52:57 executing program 3: prlimit64(0x0, 0x0, 0x0, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000940)='tmpfs\x00', 0x0, 0x0) chdir(&(0x7f0000000300)='./file0\x00') mkdir(&(0x7f0000000100)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) creat(&(0x7f00000000c0)='./bus/file1\x00', 0x0) rename(&(0x7f0000000180)='./file1\x00', &(0x7f00000001c0)='./bus\x00') 09:52:57 executing program 0: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0) ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r0, 0x40505331, &(0x7f0000000000)={{0x0, 0x9}}) 09:52:57 executing program 2: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="6000e0ff720008602abd7000fbdbdf", @ANYRES32=0x0, @ANYRESOCT], 0x60}, 0x1, 0x0, 0x0, 0x20040805}, 0x200000c4) r0 = socket$nl_route(0x10, 0x3, 0x0) pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000240)='./file0\x00') r1 = socket(0x10, 0x80002, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000000)={'batadv0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@dellink={0x90, 0x11, 0x1, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, 0x814, 0x30}, [@IFLA_GROUP={0x8, 0x1b, 0xfd}, @IFLA_PROP_LIST={0x4}, @IFLA_LINKMODE={0x5}, @IFLA_LINKINFO={0x3c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x2c, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_STARTUP_QUERY_INTVL={0xc}, @IFLA_BR_MAX_AGE={0x8, 0x3, 0x21}, @IFLA_BR_MCAST_STARTUP_QUERY_INTVL={0xc}, @IFLA_BR_MCAST_STATS_ENABLED={0x5}]}}}, @IFLA_PHYS_SWITCH_ID={0x1f, 0x24, "d74095263ff09d0b3b2716c7547624ab13835b89d74e4faa038718"}]}, 0x90}}, 0x10000004) 09:52:57 executing program 0: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0) ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r0, 0x40505331, &(0x7f0000000000)={{0x0, 0x9}}) 09:52:57 executing program 3: prlimit64(0x0, 0x0, 0x0, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000940)='tmpfs\x00', 0x0, 0x0) chdir(&(0x7f0000000300)='./file0\x00') mkdir(&(0x7f0000000100)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) creat(&(0x7f00000000c0)='./bus/file1\x00', 0x0) rename(&(0x7f0000000180)='./file1\x00', &(0x7f00000001c0)='./bus\x00') [ 739.354926][T29517] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. 09:52:57 executing program 0: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0) ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r0, 0x40505331, &(0x7f0000000000)={{0x0, 0x9}}) 09:52:57 executing program 3: prlimit64(0x0, 0x0, 0x0, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000940)='tmpfs\x00', 0x0, 0x0) chdir(&(0x7f0000000300)='./file0\x00') mkdir(&(0x7f0000000100)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) creat(&(0x7f00000000c0)='./bus/file1\x00', 0x0) rename(&(0x7f0000000180)='./file1\x00', &(0x7f00000001c0)='./bus\x00') 09:52:57 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r1, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r2, @ANYBLOB="0000000000000076280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="380000002400ffffff7f000000003c0005000000", @ANYRES32=r2, @ANYBLOB="00000000ffffffff00000000090001006866736300000000080002"], 0x38}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=@newtfilter={0x3c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {}, {0xa}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_FLAGS={0x8, 0x16, 0x10}]}}]}, 0x3c}}, 0x0) r3 = socket(0x1000000010, 0x80002, 0x0) sendmmsg$alg(r3, &(0x7f0000000200), 0x10efe10675dec16, 0x0) r4 = socket(0x1000000010, 0x80002, 0x0) sendmmsg$alg(r4, &(0x7f0000000200), 0x10efe10675dec16, 0x0) [ 739.472980][T29525] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. 09:52:58 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r1, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r2, @ANYBLOB="0000000000000076280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="380000002400ffffff7f000000003c0005000000", @ANYRES32=r2, @ANYBLOB="00000000ffffffff00000000090001006866736300000000080002"], 0x38}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=@newtfilter={0x3c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {}, {0xa}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_FLAGS={0x8, 0x16, 0x10}]}}]}, 0x3c}}, 0x0) r3 = socket(0x1000000010, 0x80002, 0x0) sendmmsg$alg(r3, &(0x7f0000000200), 0x10efe10675dec16, 0x0) r4 = socket(0x1000000010, 0x80002, 0x0) sendmmsg$alg(r4, &(0x7f0000000200), 0x10efe10675dec16, 0x0) 09:52:58 executing program 2: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="6000e0ff720008602abd7000fbdbdf", @ANYRES32=0x0, @ANYRESOCT], 0x60}, 0x1, 0x0, 0x0, 0x20040805}, 0x200000c4) r0 = socket$nl_route(0x10, 0x3, 0x0) pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000240)='./file0\x00') r1 = socket(0x10, 0x80002, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000000)={'batadv0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@dellink={0x90, 0x11, 0x1, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, 0x814, 0x30}, [@IFLA_GROUP={0x8, 0x1b, 0xfd}, @IFLA_PROP_LIST={0x4}, @IFLA_LINKMODE={0x5}, @IFLA_LINKINFO={0x3c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x2c, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_STARTUP_QUERY_INTVL={0xc}, @IFLA_BR_MAX_AGE={0x8, 0x3, 0x21}, @IFLA_BR_MCAST_STARTUP_QUERY_INTVL={0xc}, @IFLA_BR_MCAST_STATS_ENABLED={0x5}]}}}, @IFLA_PHYS_SWITCH_ID={0x1f, 0x24, "d74095263ff09d0b3b2716c7547624ab13835b89d74e4faa038718"}]}, 0x90}}, 0x10000004) 09:52:58 executing program 3: prlimit64(0x0, 0x0, 0x0, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000940)='tmpfs\x00', 0x0, 0x0) chdir(&(0x7f0000000300)='./file0\x00') mkdir(&(0x7f0000000100)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) creat(&(0x7f00000000c0)='./bus/file1\x00', 0x0) rename(&(0x7f0000000180)='./file1\x00', &(0x7f00000001c0)='./bus\x00') 09:52:58 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r1, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r2, @ANYBLOB="0000000000000076280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="380000002400ffffff7f000000003c0005000000", @ANYRES32=r2, @ANYBLOB="00000000ffffffff00000000090001006866736300000000080002"], 0x38}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=@newtfilter={0x3c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {}, {0xa}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_FLAGS={0x8, 0x16, 0x10}]}}]}, 0x3c}}, 0x0) r3 = socket(0x1000000010, 0x80002, 0x0) sendmmsg$alg(r3, &(0x7f0000000200), 0x10efe10675dec16, 0x0) r4 = socket(0x1000000010, 0x80002, 0x0) sendmmsg$alg(r4, &(0x7f0000000200), 0x10efe10675dec16, 0x0) [ 739.650672][T29535] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. 09:52:58 executing program 3: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="6000e0ff720008602abd7000fbdbdf", @ANYRES32=0x0, @ANYRESOCT], 0x60}, 0x1, 0x0, 0x0, 0x20040805}, 0x200000c4) r0 = socket$nl_route(0x10, 0x3, 0x0) pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000240)='./file0\x00') r1 = socket(0x10, 0x80002, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000000)={'batadv0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@dellink={0x90, 0x11, 0x1, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, 0x814, 0x30}, [@IFLA_GROUP={0x8, 0x1b, 0xfd}, @IFLA_PROP_LIST={0x4}, @IFLA_LINKMODE={0x5}, @IFLA_LINKINFO={0x3c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x2c, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_STARTUP_QUERY_INTVL={0xc}, @IFLA_BR_MAX_AGE={0x8, 0x3, 0x21}, @IFLA_BR_MCAST_STARTUP_QUERY_INTVL={0xc}, @IFLA_BR_MCAST_STATS_ENABLED={0x5}]}}}, @IFLA_PHYS_SWITCH_ID={0x1f, 0x24, "d74095263ff09d0b3b2716c7547624ab13835b89d74e4faa038718"}]}, 0x90}}, 0x10000004) [ 739.757543][T29542] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. 09:52:58 executing program 2: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="6000e0ff720008602abd7000fbdbdf", @ANYRES32=0x0, @ANYRESOCT], 0x60}, 0x1, 0x0, 0x0, 0x20040805}, 0x200000c4) r0 = socket$nl_route(0x10, 0x3, 0x0) pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000240)='./file0\x00') r1 = socket(0x10, 0x80002, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000000)={'batadv0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@dellink={0x90, 0x11, 0x1, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, 0x814, 0x30}, [@IFLA_GROUP={0x8, 0x1b, 0xfd}, @IFLA_PROP_LIST={0x4}, @IFLA_LINKMODE={0x5}, @IFLA_LINKINFO={0x3c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x2c, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_STARTUP_QUERY_INTVL={0xc}, @IFLA_BR_MAX_AGE={0x8, 0x3, 0x21}, @IFLA_BR_MCAST_STARTUP_QUERY_INTVL={0xc}, @IFLA_BR_MCAST_STATS_ENABLED={0x5}]}}}, @IFLA_PHYS_SWITCH_ID={0x1f, 0x24, "d74095263ff09d0b3b2716c7547624ab13835b89d74e4faa038718"}]}, 0x90}}, 0x10000004) 09:52:58 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r1, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r2, @ANYBLOB="0000000000000076280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="380000002400ffffff7f000000003c0005000000", @ANYRES32=r2, @ANYBLOB="00000000ffffffff00000000090001006866736300000000080002"], 0x38}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=@newtfilter={0x3c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {}, {0xa}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_FLAGS={0x8, 0x16, 0x10}]}}]}, 0x3c}}, 0x0) r3 = socket(0x1000000010, 0x80002, 0x0) sendmmsg$alg(r3, &(0x7f0000000200), 0x10efe10675dec16, 0x0) r4 = socket(0x1000000010, 0x80002, 0x0) sendmmsg$alg(r4, &(0x7f0000000200), 0x10efe10675dec16, 0x0) 09:52:58 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r1, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r2, @ANYBLOB="0000000000000076280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="380000002400ffffff7f000000003c0005000000", @ANYRES32=r2, @ANYBLOB="00000000ffffffff00000000090001006866736300000000080002"], 0x38}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=@newtfilter={0x3c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {}, {0xa}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_FLAGS={0x8, 0x16, 0x10}]}}]}, 0x3c}}, 0x0) r3 = socket(0x1000000010, 0x80002, 0x0) sendmmsg$alg(r3, &(0x7f0000000200), 0x10efe10675dec16, 0x0) r4 = socket(0x1000000010, 0x80002, 0x0) sendmmsg$alg(r4, &(0x7f0000000200), 0x10efe10675dec16, 0x0) [ 739.965948][T29567] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. [ 740.002385][T29568] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. 09:52:58 executing program 2: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="6000e0ff720008602abd7000fbdbdf", @ANYRES32=0x0, @ANYRESOCT], 0x60}, 0x1, 0x0, 0x0, 0x20040805}, 0x200000c4) r0 = socket$nl_route(0x10, 0x3, 0x0) pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000240)='./file0\x00') r1 = socket(0x10, 0x80002, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000000)={'batadv0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@dellink={0x90, 0x11, 0x1, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, 0x814, 0x30}, [@IFLA_GROUP={0x8, 0x1b, 0xfd}, @IFLA_PROP_LIST={0x4}, @IFLA_LINKMODE={0x5}, @IFLA_LINKINFO={0x3c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x2c, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_STARTUP_QUERY_INTVL={0xc}, @IFLA_BR_MAX_AGE={0x8, 0x3, 0x21}, @IFLA_BR_MCAST_STARTUP_QUERY_INTVL={0xc}, @IFLA_BR_MCAST_STATS_ENABLED={0x5}]}}}, @IFLA_PHYS_SWITCH_ID={0x1f, 0x24, "d74095263ff09d0b3b2716c7547624ab13835b89d74e4faa038718"}]}, 0x90}}, 0x10000004) 09:52:58 executing program 3: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="6000e0ff720008602abd7000fbdbdf", @ANYRES32=0x0, @ANYRESOCT], 0x60}, 0x1, 0x0, 0x0, 0x20040805}, 0x200000c4) r0 = socket$nl_route(0x10, 0x3, 0x0) pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000240)='./file0\x00') r1 = socket(0x10, 0x80002, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000000)={'batadv0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@dellink={0x90, 0x11, 0x1, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, 0x814, 0x30}, [@IFLA_GROUP={0x8, 0x1b, 0xfd}, @IFLA_PROP_LIST={0x4}, @IFLA_LINKMODE={0x5}, @IFLA_LINKINFO={0x3c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x2c, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_STARTUP_QUERY_INTVL={0xc}, @IFLA_BR_MAX_AGE={0x8, 0x3, 0x21}, @IFLA_BR_MCAST_STARTUP_QUERY_INTVL={0xc}, @IFLA_BR_MCAST_STATS_ENABLED={0x5}]}}}, @IFLA_PHYS_SWITCH_ID={0x1f, 0x24, "d74095263ff09d0b3b2716c7547624ab13835b89d74e4faa038718"}]}, 0x90}}, 0x10000004) 09:52:58 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r1, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r2, @ANYBLOB="0000000000000076280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="380000002400ffffff7f000000003c0005000000", @ANYRES32=r2, @ANYBLOB="00000000ffffffff00000000090001006866736300000000080002"], 0x38}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=@newtfilter={0x3c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {}, {0xa}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_FLAGS={0x8, 0x16, 0x10}]}}]}, 0x3c}}, 0x0) r3 = socket(0x1000000010, 0x80002, 0x0) sendmmsg$alg(r3, &(0x7f0000000200), 0x10efe10675dec16, 0x0) r4 = socket(0x1000000010, 0x80002, 0x0) sendmmsg$alg(r4, &(0x7f0000000200), 0x10efe10675dec16, 0x0) 09:52:58 executing program 1: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="6000e0ff720008602abd7000fbdbdf", @ANYRES32=0x0, @ANYRESOCT], 0x60}, 0x1, 0x0, 0x0, 0x20040805}, 0x200000c4) r0 = socket$nl_route(0x10, 0x3, 0x0) pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000240)='./file0\x00') r1 = socket(0x10, 0x80002, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000000)={'batadv0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@dellink={0x90, 0x11, 0x1, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, 0x814, 0x30}, [@IFLA_GROUP={0x8, 0x1b, 0xfd}, @IFLA_PROP_LIST={0x4}, @IFLA_LINKMODE={0x5}, @IFLA_LINKINFO={0x3c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x2c, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_STARTUP_QUERY_INTVL={0xc}, @IFLA_BR_MAX_AGE={0x8, 0x3, 0x21}, @IFLA_BR_MCAST_STARTUP_QUERY_INTVL={0xc}, @IFLA_BR_MCAST_STATS_ENABLED={0x5}]}}}, @IFLA_PHYS_SWITCH_ID={0x1f, 0x24, "d74095263ff09d0b3b2716c7547624ab13835b89d74e4faa038718"}]}, 0x90}}, 0x10000004) 09:52:58 executing program 3: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="6000e0ff720008602abd7000fbdbdf", @ANYRES32=0x0, @ANYRESOCT], 0x60}, 0x1, 0x0, 0x0, 0x20040805}, 0x200000c4) r0 = socket$nl_route(0x10, 0x3, 0x0) pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000240)='./file0\x00') r1 = socket(0x10, 0x80002, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000000)={'batadv0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@dellink={0x90, 0x11, 0x1, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, 0x814, 0x30}, [@IFLA_GROUP={0x8, 0x1b, 0xfd}, @IFLA_PROP_LIST={0x4}, @IFLA_LINKMODE={0x5}, @IFLA_LINKINFO={0x3c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x2c, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_STARTUP_QUERY_INTVL={0xc}, @IFLA_BR_MAX_AGE={0x8, 0x3, 0x21}, @IFLA_BR_MCAST_STARTUP_QUERY_INTVL={0xc}, @IFLA_BR_MCAST_STATS_ENABLED={0x5}]}}}, @IFLA_PHYS_SWITCH_ID={0x1f, 0x24, "d74095263ff09d0b3b2716c7547624ab13835b89d74e4faa038718"}]}, 0x90}}, 0x10000004) [ 740.297609][T29592] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. 09:52:59 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r1, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r2, @ANYBLOB="0000000000000076280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="380000002400ffffff7f000000003c0005000000", @ANYRES32=r2, @ANYBLOB="00000000ffffffff00000000090001006866736300000000080002"], 0x38}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=@newtfilter={0x3c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {}, {0xa}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_FLAGS={0x8, 0x16, 0x10}]}}]}, 0x3c}}, 0x0) r3 = socket(0x1000000010, 0x80002, 0x0) sendmmsg$alg(r3, &(0x7f0000000200), 0x10efe10675dec16, 0x0) r4 = socket(0x1000000010, 0x80002, 0x0) sendmmsg$alg(r4, &(0x7f0000000200), 0x10efe10675dec16, 0x0) 09:52:59 executing program 2: r0 = syz_open_dev$ttys(0xc, 0x2, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xd) ioctl$TCFLSH(r0, 0x540b, 0x2) 09:52:59 executing program 3: syz_emit_ethernet(0x11e, &(0x7f0000000100)={@broadcast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "890201", 0xe8, 0x3a, 0xff, @empty, @local, {[], @ndisc_ns={0x87, 0x0, 0x0, @private0, [{0x0, 0x0, '!F'}, {0x1, 0x1a, "be8d82d55f0289965a5ffcb72ea8f0ad40310daaf79a993cf2de0129ec16cf971eb720e4bc0d7001e0e6a48c752a3e589f68bcae38cc8a97a3888b8b6f992dc100643fed047742d95619d5b37de00a51731f836578058de45cb2c81f25ab9350dbf1d52a90994e02d40a3dcae2a51fb557c5efef4d19b4376901b2acb65179ba128f1538fde5145c4e5992eef662acba52caa018bbc9eba025a53af751bed78a52f3498aee0cfd64b3fe3927e5a8a7ea83d83fc6b90699bdbfa7490de8536ee84abd1c2fdbffe9b0e947dfc41b29"}]}}}}}}, 0x0) [ 740.525186][T29609] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. 09:52:59 executing program 3: r0 = socket(0x2a, 0x2, 0x0) bind$can_raw(r0, 0x0, 0x0) 09:52:59 executing program 1: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="6000e0ff720008602abd7000fbdbdf", @ANYRES32=0x0, @ANYRESOCT], 0x60}, 0x1, 0x0, 0x0, 0x20040805}, 0x200000c4) r0 = socket$nl_route(0x10, 0x3, 0x0) pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000240)='./file0\x00') r1 = socket(0x10, 0x80002, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000000)={'batadv0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@dellink={0x90, 0x11, 0x1, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, 0x814, 0x30}, [@IFLA_GROUP={0x8, 0x1b, 0xfd}, @IFLA_PROP_LIST={0x4}, @IFLA_LINKMODE={0x5}, @IFLA_LINKINFO={0x3c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x2c, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_STARTUP_QUERY_INTVL={0xc}, @IFLA_BR_MAX_AGE={0x8, 0x3, 0x21}, @IFLA_BR_MCAST_STARTUP_QUERY_INTVL={0xc}, @IFLA_BR_MCAST_STATS_ENABLED={0x5}]}}}, @IFLA_PHYS_SWITCH_ID={0x1f, 0x24, "d74095263ff09d0b3b2716c7547624ab13835b89d74e4faa038718"}]}, 0x90}}, 0x10000004) 09:52:59 executing program 2: r0 = syz_open_dev$ttys(0xc, 0x2, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xd) ioctl$TCFLSH(r0, 0x540b, 0x2) 09:52:59 executing program 3: r0 = socket(0x2a, 0x2, 0x0) bind$can_raw(r0, 0x0, 0x0) 09:52:59 executing program 3: r0 = socket(0x2a, 0x2, 0x0) bind$can_raw(r0, 0x0, 0x0) 09:52:59 executing program 1: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="6000e0ff720008602abd7000fbdbdf", @ANYRES32=0x0, @ANYRESOCT], 0x60}, 0x1, 0x0, 0x0, 0x20040805}, 0x200000c4) r0 = socket$nl_route(0x10, 0x3, 0x0) pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000240)='./file0\x00') r1 = socket(0x10, 0x80002, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000000)={'batadv0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@dellink={0x90, 0x11, 0x1, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, 0x814, 0x30}, [@IFLA_GROUP={0x8, 0x1b, 0xfd}, @IFLA_PROP_LIST={0x4}, @IFLA_LINKMODE={0x5}, @IFLA_LINKINFO={0x3c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x2c, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_STARTUP_QUERY_INTVL={0xc}, @IFLA_BR_MAX_AGE={0x8, 0x3, 0x21}, @IFLA_BR_MCAST_STARTUP_QUERY_INTVL={0xc}, @IFLA_BR_MCAST_STATS_ENABLED={0x5}]}}}, @IFLA_PHYS_SWITCH_ID={0x1f, 0x24, "d74095263ff09d0b3b2716c7547624ab13835b89d74e4faa038718"}]}, 0x90}}, 0x10000004) 09:52:59 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r1, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r2, @ANYBLOB="0000000000000076280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="380000002400ffffff7f000000003c0005000000", @ANYRES32=r2, @ANYBLOB="00000000ffffffff00000000090001006866736300000000080002"], 0x38}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=@newtfilter={0x3c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {}, {0xa}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_FLAGS={0x8, 0x16, 0x10}]}}]}, 0x3c}}, 0x0) r3 = socket(0x1000000010, 0x80002, 0x0) sendmmsg$alg(r3, &(0x7f0000000200), 0x10efe10675dec16, 0x0) r4 = socket(0x1000000010, 0x80002, 0x0) sendmmsg$alg(r4, &(0x7f0000000200), 0x10efe10675dec16, 0x0) 09:52:59 executing program 2: r0 = syz_open_dev$ttys(0xc, 0x2, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xd) ioctl$TCFLSH(r0, 0x540b, 0x2) [ 740.883691][T29635] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. 09:52:59 executing program 3: r0 = socket(0x2a, 0x2, 0x0) bind$can_raw(r0, 0x0, 0x0) 09:52:59 executing program 2: r0 = syz_open_dev$ttys(0xc, 0x2, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xd) ioctl$TCFLSH(r0, 0x540b, 0x2) 09:52:59 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r1, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r2, @ANYBLOB="0000000000000076280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="380000002400ffffff7f000000003c0005000000", @ANYRES32=r2, @ANYBLOB="00000000ffffffff00000000090001006866736300000000080002"], 0x38}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=@newtfilter={0x3c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {}, {0xa}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_FLAGS={0x8, 0x16, 0x10}]}}]}, 0x3c}}, 0x0) r3 = socket(0x1000000010, 0x80002, 0x0) sendmmsg$alg(r3, &(0x7f0000000200), 0x10efe10675dec16, 0x0) r4 = socket(0x1000000010, 0x80002, 0x0) sendmmsg$alg(r4, &(0x7f0000000200), 0x10efe10675dec16, 0x0) 09:52:59 executing program 3: r0 = syz_open_dev$ttys(0xc, 0x2, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xd) ioctl$TCFLSH(r0, 0x540b, 0x2) 09:52:59 executing program 3: r0 = syz_open_dev$ttys(0xc, 0x2, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xd) ioctl$TCFLSH(r0, 0x540b, 0x2) 09:52:59 executing program 2: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0xa, &(0x7f0000000340)={0x0, @in, 0x0, 0x0, 0x289, 0x0, 0x7fff}, 0x98) 09:52:59 executing program 1: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, &(0x7f0000000040)={0xc, 0x110001}) write$bt_hci(r0, &(0x7f0000000040)=ANY=[], 0x7) 09:52:59 executing program 3: r0 = syz_open_dev$ttys(0xc, 0x2, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xd) ioctl$TCFLSH(r0, 0x540b, 0x2) 09:53:00 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = openat(0xffffffffffffffff, &(0x7f0000000440)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x1, 0x0, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={{0x14}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x3}, @NFT_MSG_DELFLOWTABLE={0x30, 0x16, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x4}]}], {0x14, 0x3}}, 0x6c}}, 0x0) 09:53:00 executing program 1: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, &(0x7f0000000040)={0xc, 0x110001}) write$bt_hci(r0, &(0x7f0000000040)=ANY=[], 0x7) 09:53:00 executing program 2: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, &(0x7f0000000040)={0xc, 0x110001}) write$bt_hci(r0, &(0x7f0000000040)=ANY=[], 0x7) 09:53:00 executing program 3: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, &(0x7f0000000040)={0xc, 0x110001}) write$bt_hci(r0, &(0x7f0000000040)=ANY=[], 0x7) 09:53:00 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = openat(0xffffffffffffffff, &(0x7f0000000440)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x1, 0x0, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={{0x14}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x3}, @NFT_MSG_DELFLOWTABLE={0x30, 0x16, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x4}]}], {0x14, 0x3}}, 0x6c}}, 0x0) 09:53:00 executing program 1: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, &(0x7f0000000040)={0xc, 0x110001}) write$bt_hci(r0, &(0x7f0000000040)=ANY=[], 0x7) 09:53:00 executing program 2: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, &(0x7f0000000040)={0xc, 0x110001}) write$bt_hci(r0, &(0x7f0000000040)=ANY=[], 0x7) 09:53:00 executing program 3: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, &(0x7f0000000040)={0xc, 0x110001}) write$bt_hci(r0, &(0x7f0000000040)=ANY=[], 0x7) 09:53:00 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = openat(0xffffffffffffffff, &(0x7f0000000440)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x1, 0x0, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={{0x14}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x3}, @NFT_MSG_DELFLOWTABLE={0x30, 0x16, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x4}]}], {0x14, 0x3}}, 0x6c}}, 0x0) 09:53:00 executing program 2: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, &(0x7f0000000040)={0xc, 0x110001}) write$bt_hci(r0, &(0x7f0000000040)=ANY=[], 0x7) 09:53:00 executing program 1: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, &(0x7f0000000040)={0xc, 0x110001}) write$bt_hci(r0, &(0x7f0000000040)=ANY=[], 0x7) 09:53:00 executing program 2: perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xc7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="48000000100005070000006f0000000000000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="2800000010000108002bd62b2fe9a2e951000000", @ANYRES32=r4, @ANYBLOB="fffffffd0000000008001c00ef"], 0x28}}, 0x0) sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=@newlink={0x28, 0x11, 0x40d, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_TARGET_NETNSID={0x8}]}, 0x28}}, 0x0) 09:53:00 executing program 3: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, &(0x7f0000000040)={0xc, 0x110001}) write$bt_hci(r0, &(0x7f0000000040)=ANY=[], 0x7) 09:53:00 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = openat(0xffffffffffffffff, &(0x7f0000000440)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x1, 0x0, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={{0x14}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x3}, @NFT_MSG_DELFLOWTABLE={0x30, 0x16, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x4}]}], {0x14, 0x3}}, 0x6c}}, 0x0) 09:53:00 executing program 1: r0 = socket$inet6(0xa, 0x802, 0x73) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TUNSETLINK(r1, 0x8912, 0x400308) setsockopt$inet6_opts(r0, 0x29, 0x37, &(0x7f0000000040), 0x8) sendmmsg$inet6(r0, &(0x7f00000000c0)=[{{&(0x7f0000000080)={0xa, 0x0, 0x0, @remote}, 0x1c, 0x0}}, {{&(0x7f0000000140)={0xa, 0x0, 0x0, @loopback}, 0x1c, 0x0}}], 0x2, 0x0) 09:53:00 executing program 0: sendmsg$DEVLINK_CMD_TRAP_SET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)={0x58, 0x0, 0x0, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}, {0x5}}]}, 0x58}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000400)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) sendmsg$IPSET_CMD_LIST(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000070601801fdb59cce59ba2700100e90005"], 0x1}}, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r2, r1, 0x0, 0x100000001) [ 742.064042][T29696] device veth17 entered promiscuous mode 09:53:00 executing program 1: r0 = socket$inet6(0xa, 0x802, 0x73) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TUNSETLINK(r1, 0x8912, 0x400308) setsockopt$inet6_opts(r0, 0x29, 0x37, &(0x7f0000000040), 0x8) sendmmsg$inet6(r0, &(0x7f00000000c0)=[{{&(0x7f0000000080)={0xa, 0x0, 0x0, @remote}, 0x1c, 0x0}}, {{&(0x7f0000000140)={0xa, 0x0, 0x0, @loopback}, 0x1c, 0x0}}], 0x2, 0x0) 09:53:00 executing program 3: r0 = socket$inet6(0xa, 0x802, 0x73) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TUNSETLINK(r1, 0x8912, 0x400308) setsockopt$inet6_opts(r0, 0x29, 0x37, &(0x7f0000000040), 0x8) sendmmsg$inet6(r0, &(0x7f00000000c0)=[{{&(0x7f0000000080)={0xa, 0x0, 0x0, @remote}, 0x1c, 0x0}}, {{&(0x7f0000000140)={0xa, 0x0, 0x0, @loopback}, 0x1c, 0x0}}], 0x2, 0x0) [ 742.263297][ T51] audit: type=1804 audit(1626688380.769:162): pid=29731 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/syzkaller-testdir721736670/syzkaller.FB3ewm/505/cgroup.controllers" dev="sda1" ino=14466 res=1 errno=0 09:53:00 executing program 1: r0 = socket$inet6(0xa, 0x802, 0x73) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TUNSETLINK(r1, 0x8912, 0x400308) setsockopt$inet6_opts(r0, 0x29, 0x37, &(0x7f0000000040), 0x8) sendmmsg$inet6(r0, &(0x7f00000000c0)=[{{&(0x7f0000000080)={0xa, 0x0, 0x0, @remote}, 0x1c, 0x0}}, {{&(0x7f0000000140)={0xa, 0x0, 0x0, @loopback}, 0x1c, 0x0}}], 0x2, 0x0) 09:53:01 executing program 2: perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xc7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="48000000100005070000006f0000000000000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="2800000010000108002bd62b2fe9a2e951000000", @ANYRES32=r4, @ANYBLOB="fffffffd0000000008001c00ef"], 0x28}}, 0x0) sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=@newlink={0x28, 0x11, 0x40d, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_TARGET_NETNSID={0x8}]}, 0x28}}, 0x0) 09:53:01 executing program 3: r0 = socket$inet6(0xa, 0x802, 0x73) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TUNSETLINK(r1, 0x8912, 0x400308) setsockopt$inet6_opts(r0, 0x29, 0x37, &(0x7f0000000040), 0x8) sendmmsg$inet6(r0, &(0x7f00000000c0)=[{{&(0x7f0000000080)={0xa, 0x0, 0x0, @remote}, 0x1c, 0x0}}, {{&(0x7f0000000140)={0xa, 0x0, 0x0, @loopback}, 0x1c, 0x0}}], 0x2, 0x0) 09:53:01 executing program 0: sendmsg$DEVLINK_CMD_TRAP_SET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)={0x58, 0x0, 0x0, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}, {0x5}}]}, 0x58}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000400)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) sendmsg$IPSET_CMD_LIST(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000070601801fdb59cce59ba2700100e90005"], 0x1}}, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r2, r1, 0x0, 0x100000001) 09:53:01 executing program 1: r0 = socket$inet6(0xa, 0x802, 0x73) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TUNSETLINK(r1, 0x8912, 0x400308) setsockopt$inet6_opts(r0, 0x29, 0x37, &(0x7f0000000040), 0x8) sendmmsg$inet6(r0, &(0x7f00000000c0)=[{{&(0x7f0000000080)={0xa, 0x0, 0x0, @remote}, 0x1c, 0x0}}, {{&(0x7f0000000140)={0xa, 0x0, 0x0, @loopback}, 0x1c, 0x0}}], 0x2, 0x0) 09:53:01 executing program 3: r0 = socket$inet6(0xa, 0x802, 0x73) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TUNSETLINK(r1, 0x8912, 0x400308) setsockopt$inet6_opts(r0, 0x29, 0x37, &(0x7f0000000040), 0x8) sendmmsg$inet6(r0, &(0x7f00000000c0)=[{{&(0x7f0000000080)={0xa, 0x0, 0x0, @remote}, 0x1c, 0x0}}, {{&(0x7f0000000140)={0xa, 0x0, 0x0, @loopback}, 0x1c, 0x0}}], 0x2, 0x0) 09:53:01 executing program 1: sendmsg$DEVLINK_CMD_TRAP_SET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)={0x58, 0x0, 0x0, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}, {0x5}}]}, 0x58}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000400)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) sendmsg$IPSET_CMD_LIST(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000070601801fdb59cce59ba2700100e90005"], 0x1}}, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r2, r1, 0x0, 0x100000001) 09:53:01 executing program 0: sendmsg$DEVLINK_CMD_TRAP_SET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)={0x58, 0x0, 0x0, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}, {0x5}}]}, 0x58}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000400)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) sendmsg$IPSET_CMD_LIST(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000070601801fdb59cce59ba2700100e90005"], 0x1}}, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r2, r1, 0x0, 0x100000001) 09:53:01 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xc7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="48000000100005070000006f0000000000000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="2800000010000108002bd62b2fe9a2e951000000", @ANYRES32=r4, @ANYBLOB="fffffffd0000000008001c00ef"], 0x28}}, 0x0) sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=@newlink={0x28, 0x11, 0x40d, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_TARGET_NETNSID={0x8}]}, 0x28}}, 0x0) [ 742.955892][ T51] audit: type=1804 audit(1626688381.479:163): pid=29759 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/syzkaller-testdir918310331/syzkaller.y6gMpo/551/cgroup.controllers" dev="sda1" ino=14568 res=1 errno=0 [ 743.014124][T29750] device veth17 entered promiscuous mode [ 743.035682][ T51] audit: type=1804 audit(1626688381.559:164): pid=29764 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/syzkaller-testdir721736670/syzkaller.FB3ewm/507/cgroup.controllers" dev="sda1" ino=14042 res=1 errno=0 [ 743.570543][T29777] device veth3 entered promiscuous mode 09:53:02 executing program 2: perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xc7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="48000000100005070000006f0000000000000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="2800000010000108002bd62b2fe9a2e951000000", @ANYRES32=r4, @ANYBLOB="fffffffd0000000008001c00ef"], 0x28}}, 0x0) sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=@newlink={0x28, 0x11, 0x40d, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_TARGET_NETNSID={0x8}]}, 0x28}}, 0x0) 09:53:02 executing program 0: sendmsg$DEVLINK_CMD_TRAP_SET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)={0x58, 0x0, 0x0, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}, {0x5}}]}, 0x58}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000400)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) sendmsg$IPSET_CMD_LIST(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000070601801fdb59cce59ba2700100e90005"], 0x1}}, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r2, r1, 0x0, 0x100000001) 09:53:02 executing program 1: sendmsg$DEVLINK_CMD_TRAP_SET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)={0x58, 0x0, 0x0, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}, {0x5}}]}, 0x58}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000400)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) sendmsg$IPSET_CMD_LIST(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000070601801fdb59cce59ba2700100e90005"], 0x1}}, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r2, r1, 0x0, 0x100000001) 09:53:02 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xc7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="48000000100005070000006f0000000000000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="2800000010000108002bd62b2fe9a2e951000000", @ANYRES32=r4, @ANYBLOB="fffffffd0000000008001c00ef"], 0x28}}, 0x0) sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=@newlink={0x28, 0x11, 0x40d, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_TARGET_NETNSID={0x8}]}, 0x28}}, 0x0) [ 743.907757][ T51] audit: type=1804 audit(1626688382.429:165): pid=29817 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/syzkaller-testdir918310331/syzkaller.y6gMpo/552/cgroup.controllers" dev="sda1" ino=14569 res=1 errno=0 [ 743.981467][ T51] audit: type=1804 audit(1626688382.459:166): pid=29829 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/syzkaller-testdir721736670/syzkaller.FB3ewm/508/cgroup.controllers" dev="sda1" ino=14514 res=1 errno=0 [ 744.068060][T29820] device veth17 entered promiscuous mode [ 744.113708][T29828] __nla_validate_parse: 5 callbacks suppressed [ 744.113732][T29828] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. 09:53:02 executing program 1: sendmsg$DEVLINK_CMD_TRAP_SET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)={0x58, 0x0, 0x0, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}, {0x5}}]}, 0x58}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000400)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) sendmsg$IPSET_CMD_LIST(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000070601801fdb59cce59ba2700100e90005"], 0x1}}, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r2, r1, 0x0, 0x100000001) [ 744.512399][T29832] device veth3 entered promiscuous mode 09:53:03 executing program 0: perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xc7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="48000000100005070000006f0000000000000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="2800000010000108002bd62b2fe9a2e951000000", @ANYRES32=r4, @ANYBLOB="fffffffd0000000008001c00ef"], 0x28}}, 0x0) sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=@newlink={0x28, 0x11, 0x40d, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_TARGET_NETNSID={0x8}]}, 0x28}}, 0x0) 09:53:03 executing program 1: clone(0x83201100, 0x0, &(0x7f00000000c0), 0x0, 0x0) r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff) request_key(&(0x7f0000000900)='id_resolver\x00', &(0x7f0000000300)={'syz', 0x2}, &(0x7f0000000340)=':{{@*:-\x00', r0) add_key(&(0x7f0000000440)='rxrpc\x00', &(0x7f0000000480)={'syz', 0x1}, 0x0, 0x0, 0x0) sendmsg$AUDIT_TRIM(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000640)={&(0x7f0000000600)={0x10, 0x3f6, 0x8, 0x70bd29, 0x25dfdbfd, "", ["", "", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x4004}, 0x4080) [ 744.886541][T29880] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. 09:53:03 executing program 2: perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xc7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="48000000100005070000006f0000000000000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="2800000010000108002bd62b2fe9a2e951000000", @ANYRES32=r4, @ANYBLOB="fffffffd0000000008001c00ef"], 0x28}}, 0x0) sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=@newlink={0x28, 0x11, 0x40d, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_TARGET_NETNSID={0x8}]}, 0x28}}, 0x0) 09:53:03 executing program 1: clone(0x83201100, 0x0, &(0x7f00000000c0), 0x0, 0x0) r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff) request_key(&(0x7f0000000900)='id_resolver\x00', &(0x7f0000000300)={'syz', 0x2}, &(0x7f0000000340)=':{{@*:-\x00', r0) add_key(&(0x7f0000000440)='rxrpc\x00', &(0x7f0000000480)={'syz', 0x1}, 0x0, 0x0, 0x0) sendmsg$AUDIT_TRIM(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000640)={&(0x7f0000000600)={0x10, 0x3f6, 0x8, 0x70bd29, 0x25dfdbfd, "", ["", "", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x4004}, 0x4080) [ 745.022804][T29899] device veth35 entered promiscuous mode 09:53:03 executing program 1: clone(0x83201100, 0x0, &(0x7f00000000c0), 0x0, 0x0) r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff) request_key(&(0x7f0000000900)='id_resolver\x00', &(0x7f0000000300)={'syz', 0x2}, &(0x7f0000000340)=':{{@*:-\x00', r0) add_key(&(0x7f0000000440)='rxrpc\x00', &(0x7f0000000480)={'syz', 0x1}, 0x0, 0x0, 0x0) sendmsg$AUDIT_TRIM(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000640)={&(0x7f0000000600)={0x10, 0x3f6, 0x8, 0x70bd29, 0x25dfdbfd, "", ["", "", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x4004}, 0x4080) 09:53:03 executing program 1: clone(0x83201100, 0x0, &(0x7f00000000c0), 0x0, 0x0) r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff) request_key(&(0x7f0000000900)='id_resolver\x00', &(0x7f0000000300)={'syz', 0x2}, &(0x7f0000000340)=':{{@*:-\x00', r0) add_key(&(0x7f0000000440)='rxrpc\x00', &(0x7f0000000480)={'syz', 0x1}, 0x0, 0x0, 0x0) sendmsg$AUDIT_TRIM(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000640)={&(0x7f0000000600)={0x10, 0x3f6, 0x8, 0x70bd29, 0x25dfdbfd, "", ["", "", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x4004}, 0x4080) 09:53:03 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xc7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="48000000100005070000006f0000000000000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="2800000010000108002bd62b2fe9a2e951000000", @ANYRES32=r4, @ANYBLOB="fffffffd0000000008001c00ef"], 0x28}}, 0x0) sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=@newlink={0x28, 0x11, 0x40d, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_TARGET_NETNSID={0x8}]}, 0x28}}, 0x0) [ 745.287850][T29915] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. 09:53:03 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000000)={@multicast2, @loopback}, 0xc) r1 = socket$netlink(0x10, 0x3, 0x0) writev(r1, &(0x7f0000000140)=[{&(0x7f00000000c0)="390000001300034700bb65e1c3e4ffff06000000010000005600000025000000190004000400000007fd17e5ff8e0606040020000000000000", 0x39}], 0x1) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f0000000800)={0x26, 'hash\x00', 0x0, 0x0, 'hmac(sha384-generic)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000880)="e2c68fbbad2e23c21844ccf09d52daeb6d9d9bc5e9c30addc795fa441ab7d9678454d71cc70d638ecc7f26cb34160ac712bc3620bbb469e6652969225e8c20d8cbad23f2a360ddaf7fe85aecc207d2c4e6292ccc7292a2e50acc1015191fec61f762f5ad7c21bdf998f61bb1333376052ace0635ab1818dda40d9b729d18b24b1aacbf84f81d7ba80e5f3c433ccf04f356c0ae5d79ab831f563d3af18cfa28121dc15cd14599d3883b304a01f5b939c94f1a55aa99ecee9a723eb418d541361800af43b19bde6b3012dfb2338c60c62a246cf0668a541636318029800db3a373af5a6ff538f73adad2177b67d09e73f7", 0xf0) dup2(r2, r0) [ 745.379096][T29959] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. [ 745.525222][T29966] device veth3 entered promiscuous mode [ 745.635327][T29975] netlink: 'syz-executor.1': attribute type 4 has an invalid length. 09:53:04 executing program 0: perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xc7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="48000000100005070000006f0000000000000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="2800000010000108002bd62b2fe9a2e951000000", @ANYRES32=r4, @ANYBLOB="fffffffd0000000008001c00ef"], 0x28}}, 0x0) sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=@newlink={0x28, 0x11, 0x40d, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_TARGET_NETNSID={0x8}]}, 0x28}}, 0x0) 09:53:04 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000000)={@multicast2, @loopback}, 0xc) r1 = socket$netlink(0x10, 0x3, 0x0) writev(r1, &(0x7f0000000140)=[{&(0x7f00000000c0)="390000001300034700bb65e1c3e4ffff06000000010000005600000025000000190004000400000007fd17e5ff8e0606040020000000000000", 0x39}], 0x1) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f0000000800)={0x26, 'hash\x00', 0x0, 0x0, 'hmac(sha384-generic)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000880)="e2c68fbbad2e23c21844ccf09d52daeb6d9d9bc5e9c30addc795fa441ab7d9678454d71cc70d638ecc7f26cb34160ac712bc3620bbb469e6652969225e8c20d8cbad23f2a360ddaf7fe85aecc207d2c4e6292ccc7292a2e50acc1015191fec61f762f5ad7c21bdf998f61bb1333376052ace0635ab1818dda40d9b729d18b24b1aacbf84f81d7ba80e5f3c433ccf04f356c0ae5d79ab831f563d3af18cfa28121dc15cd14599d3883b304a01f5b939c94f1a55aa99ecee9a723eb418d541361800af43b19bde6b3012dfb2338c60c62a246cf0668a541636318029800db3a373af5a6ff538f73adad2177b67d09e73f7", 0xf0) dup2(r2, r0) 09:53:04 executing program 2: r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000000)={0x9}, 0x3c33) write(r0, &(0x7f00000000c0)="1b0000001e005f0214fffffffffffff80700000000004000000001", 0x1b) [ 745.792316][T30004] netlink: 'syz-executor.1': attribute type 4 has an invalid length. [ 745.824122][T30007] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. 09:53:04 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000000)={@multicast2, @loopback}, 0xc) r1 = socket$netlink(0x10, 0x3, 0x0) writev(r1, &(0x7f0000000140)=[{&(0x7f00000000c0)="390000001300034700bb65e1c3e4ffff06000000010000005600000025000000190004000400000007fd17e5ff8e0606040020000000000000", 0x39}], 0x1) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f0000000800)={0x26, 'hash\x00', 0x0, 0x0, 'hmac(sha384-generic)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000880)="e2c68fbbad2e23c21844ccf09d52daeb6d9d9bc5e9c30addc795fa441ab7d9678454d71cc70d638ecc7f26cb34160ac712bc3620bbb469e6652969225e8c20d8cbad23f2a360ddaf7fe85aecc207d2c4e6292ccc7292a2e50acc1015191fec61f762f5ad7c21bdf998f61bb1333376052ace0635ab1818dda40d9b729d18b24b1aacbf84f81d7ba80e5f3c433ccf04f356c0ae5d79ab831f563d3af18cfa28121dc15cd14599d3883b304a01f5b939c94f1a55aa99ecee9a723eb418d541361800af43b19bde6b3012dfb2338c60c62a246cf0668a541636318029800db3a373af5a6ff538f73adad2177b67d09e73f7", 0xf0) dup2(r2, r0) 09:53:04 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000000)={@multicast2, @loopback}, 0xc) r1 = socket$netlink(0x10, 0x3, 0x0) writev(r1, &(0x7f0000000140)=[{&(0x7f00000000c0)="390000001300034700bb65e1c3e4ffff06000000010000005600000025000000190004000400000007fd17e5ff8e0606040020000000000000", 0x39}], 0x1) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f0000000800)={0x26, 'hash\x00', 0x0, 0x0, 'hmac(sha384-generic)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000880)="e2c68fbbad2e23c21844ccf09d52daeb6d9d9bc5e9c30addc795fa441ab7d9678454d71cc70d638ecc7f26cb34160ac712bc3620bbb469e6652969225e8c20d8cbad23f2a360ddaf7fe85aecc207d2c4e6292ccc7292a2e50acc1015191fec61f762f5ad7c21bdf998f61bb1333376052ace0635ab1818dda40d9b729d18b24b1aacbf84f81d7ba80e5f3c433ccf04f356c0ae5d79ab831f563d3af18cfa28121dc15cd14599d3883b304a01f5b939c94f1a55aa99ecee9a723eb418d541361800af43b19bde6b3012dfb2338c60c62a246cf0668a541636318029800db3a373af5a6ff538f73adad2177b67d09e73f7", 0xf0) dup2(r2, r0) 09:53:04 executing program 2: r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000000)={0x9}, 0x3c33) write(r0, &(0x7f00000000c0)="1b0000001e005f0214fffffffffffff80700000000004000000001", 0x1b) [ 745.939312][T30012] device veth35 entered promiscuous mode [ 746.141789][T30017] netlink: 'syz-executor.3': attribute type 4 has an invalid length. [ 746.168404][T30016] netlink: 'syz-executor.1': attribute type 4 has an invalid length. 09:53:04 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000000)={@multicast2, @loopback}, 0xc) r1 = socket$netlink(0x10, 0x3, 0x0) writev(r1, &(0x7f0000000140)=[{&(0x7f00000000c0)="390000001300034700bb65e1c3e4ffff06000000010000005600000025000000190004000400000007fd17e5ff8e0606040020000000000000", 0x39}], 0x1) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f0000000800)={0x26, 'hash\x00', 0x0, 0x0, 'hmac(sha384-generic)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000880)="e2c68fbbad2e23c21844ccf09d52daeb6d9d9bc5e9c30addc795fa441ab7d9678454d71cc70d638ecc7f26cb34160ac712bc3620bbb469e6652969225e8c20d8cbad23f2a360ddaf7fe85aecc207d2c4e6292ccc7292a2e50acc1015191fec61f762f5ad7c21bdf998f61bb1333376052ace0635ab1818dda40d9b729d18b24b1aacbf84f81d7ba80e5f3c433ccf04f356c0ae5d79ab831f563d3af18cfa28121dc15cd14599d3883b304a01f5b939c94f1a55aa99ecee9a723eb418d541361800af43b19bde6b3012dfb2338c60c62a246cf0668a541636318029800db3a373af5a6ff538f73adad2177b67d09e73f7", 0xf0) dup2(r2, r0) 09:53:04 executing program 2: r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000000)={0x9}, 0x3c33) write(r0, &(0x7f00000000c0)="1b0000001e005f0214fffffffffffff80700000000004000000001", 0x1b) [ 746.311760][T30047] netlink: 'syz-executor.3': attribute type 4 has an invalid length. 09:53:04 executing program 0: perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xc7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="48000000100005070000006f0000000000000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="2800000010000108002bd62b2fe9a2e951000000", @ANYRES32=r4, @ANYBLOB="fffffffd0000000008001c00ef"], 0x28}}, 0x0) sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=@newlink={0x28, 0x11, 0x40d, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_TARGET_NETNSID={0x8}]}, 0x28}}, 0x0) 09:53:04 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000000)={@multicast2, @loopback}, 0xc) r1 = socket$netlink(0x10, 0x3, 0x0) writev(r1, &(0x7f0000000140)=[{&(0x7f00000000c0)="390000001300034700bb65e1c3e4ffff06000000010000005600000025000000190004000400000007fd17e5ff8e0606040020000000000000", 0x39}], 0x1) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f0000000800)={0x26, 'hash\x00', 0x0, 0x0, 'hmac(sha384-generic)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000880)="e2c68fbbad2e23c21844ccf09d52daeb6d9d9bc5e9c30addc795fa441ab7d9678454d71cc70d638ecc7f26cb34160ac712bc3620bbb469e6652969225e8c20d8cbad23f2a360ddaf7fe85aecc207d2c4e6292ccc7292a2e50acc1015191fec61f762f5ad7c21bdf998f61bb1333376052ace0635ab1818dda40d9b729d18b24b1aacbf84f81d7ba80e5f3c433ccf04f356c0ae5d79ab831f563d3af18cfa28121dc15cd14599d3883b304a01f5b939c94f1a55aa99ecee9a723eb418d541361800af43b19bde6b3012dfb2338c60c62a246cf0668a541636318029800db3a373af5a6ff538f73adad2177b67d09e73f7", 0xf0) dup2(r2, r0) 09:53:04 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000000)={@multicast2, @loopback}, 0xc) r1 = socket$netlink(0x10, 0x3, 0x0) writev(r1, &(0x7f0000000140)=[{&(0x7f00000000c0)="390000001300034700bb65e1c3e4ffff06000000010000005600000025000000190004000400000007fd17e5ff8e0606040020000000000000", 0x39}], 0x1) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f0000000800)={0x26, 'hash\x00', 0x0, 0x0, 'hmac(sha384-generic)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000880)="e2c68fbbad2e23c21844ccf09d52daeb6d9d9bc5e9c30addc795fa441ab7d9678454d71cc70d638ecc7f26cb34160ac712bc3620bbb469e6652969225e8c20d8cbad23f2a360ddaf7fe85aecc207d2c4e6292ccc7292a2e50acc1015191fec61f762f5ad7c21bdf998f61bb1333376052ace0635ab1818dda40d9b729d18b24b1aacbf84f81d7ba80e5f3c433ccf04f356c0ae5d79ab831f563d3af18cfa28121dc15cd14599d3883b304a01f5b939c94f1a55aa99ecee9a723eb418d541361800af43b19bde6b3012dfb2338c60c62a246cf0668a541636318029800db3a373af5a6ff538f73adad2177b67d09e73f7", 0xf0) dup2(r2, r0) [ 746.398282][T30052] netlink: 'syz-executor.1': attribute type 4 has an invalid length. 09:53:04 executing program 2: r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000000)={0x9}, 0x3c33) write(r0, &(0x7f00000000c0)="1b0000001e005f0214fffffffffffff80700000000004000000001", 0x1b) 09:53:05 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000000)={@multicast2, @loopback}, 0xc) r1 = socket$netlink(0x10, 0x3, 0x0) writev(r1, &(0x7f0000000140)=[{&(0x7f00000000c0)="390000001300034700bb65e1c3e4ffff06000000010000005600000025000000190004000400000007fd17e5ff8e0606040020000000000000", 0x39}], 0x1) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f0000000800)={0x26, 'hash\x00', 0x0, 0x0, 'hmac(sha384-generic)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000880)="e2c68fbbad2e23c21844ccf09d52daeb6d9d9bc5e9c30addc795fa441ab7d9678454d71cc70d638ecc7f26cb34160ac712bc3620bbb469e6652969225e8c20d8cbad23f2a360ddaf7fe85aecc207d2c4e6292ccc7292a2e50acc1015191fec61f762f5ad7c21bdf998f61bb1333376052ace0635ab1818dda40d9b729d18b24b1aacbf84f81d7ba80e5f3c433ccf04f356c0ae5d79ab831f563d3af18cfa28121dc15cd14599d3883b304a01f5b939c94f1a55aa99ecee9a723eb418d541361800af43b19bde6b3012dfb2338c60c62a246cf0668a541636318029800db3a373af5a6ff538f73adad2177b67d09e73f7", 0xf0) dup2(r2, r0) [ 746.469618][T30054] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 746.568376][T30061] netlink: 'syz-executor.3': attribute type 4 has an invalid length. [ 746.688318][T30062] device veth35 entered promiscuous mode 09:53:05 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000000)={@multicast2, @loopback}, 0xc) r1 = socket$netlink(0x10, 0x3, 0x0) writev(r1, &(0x7f0000000140)=[{&(0x7f00000000c0)="390000001300034700bb65e1c3e4ffff06000000010000005600000025000000190004000400000007fd17e5ff8e0606040020000000000000", 0x39}], 0x1) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f0000000800)={0x26, 'hash\x00', 0x0, 0x0, 'hmac(sha384-generic)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000880)="e2c68fbbad2e23c21844ccf09d52daeb6d9d9bc5e9c30addc795fa441ab7d9678454d71cc70d638ecc7f26cb34160ac712bc3620bbb469e6652969225e8c20d8cbad23f2a360ddaf7fe85aecc207d2c4e6292ccc7292a2e50acc1015191fec61f762f5ad7c21bdf998f61bb1333376052ace0635ab1818dda40d9b729d18b24b1aacbf84f81d7ba80e5f3c433ccf04f356c0ae5d79ab831f563d3af18cfa28121dc15cd14599d3883b304a01f5b939c94f1a55aa99ecee9a723eb418d541361800af43b19bde6b3012dfb2338c60c62a246cf0668a541636318029800db3a373af5a6ff538f73adad2177b67d09e73f7", 0xf0) dup2(r2, r0) 09:53:05 executing program 2: openat$fuse(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='fd/3\x00') write$P9_RWALK(r0, 0x0, 0x3d) [ 746.878128][T30076] netlink: 'syz-executor.1': attribute type 4 has an invalid length. [ 746.901880][T30092] netlink: 'syz-executor.3': attribute type 4 has an invalid length. 09:53:05 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000000)={@multicast2, @loopback}, 0xc) r1 = socket$netlink(0x10, 0x3, 0x0) writev(r1, &(0x7f0000000140)=[{&(0x7f00000000c0)="390000001300034700bb65e1c3e4ffff06000000010000005600000025000000190004000400000007fd17e5ff8e0606040020000000000000", 0x39}], 0x1) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f0000000800)={0x26, 'hash\x00', 0x0, 0x0, 'hmac(sha384-generic)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000880)="e2c68fbbad2e23c21844ccf09d52daeb6d9d9bc5e9c30addc795fa441ab7d9678454d71cc70d638ecc7f26cb34160ac712bc3620bbb469e6652969225e8c20d8cbad23f2a360ddaf7fe85aecc207d2c4e6292ccc7292a2e50acc1015191fec61f762f5ad7c21bdf998f61bb1333376052ace0635ab1818dda40d9b729d18b24b1aacbf84f81d7ba80e5f3c433ccf04f356c0ae5d79ab831f563d3af18cfa28121dc15cd14599d3883b304a01f5b939c94f1a55aa99ecee9a723eb418d541361800af43b19bde6b3012dfb2338c60c62a246cf0668a541636318029800db3a373af5a6ff538f73adad2177b67d09e73f7", 0xf0) dup2(r2, r0) 09:53:05 executing program 2: openat$fuse(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='fd/3\x00') write$P9_RWALK(r0, 0x0, 0x3d) 09:53:05 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000000)={@multicast2, @loopback}, 0xc) r1 = socket$netlink(0x10, 0x3, 0x0) writev(r1, &(0x7f0000000140)=[{&(0x7f00000000c0)="390000001300034700bb65e1c3e4ffff06000000010000005600000025000000190004000400000007fd17e5ff8e0606040020000000000000", 0x39}], 0x1) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f0000000800)={0x26, 'hash\x00', 0x0, 0x0, 'hmac(sha384-generic)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000880)="e2c68fbbad2e23c21844ccf09d52daeb6d9d9bc5e9c30addc795fa441ab7d9678454d71cc70d638ecc7f26cb34160ac712bc3620bbb469e6652969225e8c20d8cbad23f2a360ddaf7fe85aecc207d2c4e6292ccc7292a2e50acc1015191fec61f762f5ad7c21bdf998f61bb1333376052ace0635ab1818dda40d9b729d18b24b1aacbf84f81d7ba80e5f3c433ccf04f356c0ae5d79ab831f563d3af18cfa28121dc15cd14599d3883b304a01f5b939c94f1a55aa99ecee9a723eb418d541361800af43b19bde6b3012dfb2338c60c62a246cf0668a541636318029800db3a373af5a6ff538f73adad2177b67d09e73f7", 0xf0) dup2(r2, r0) [ 747.159381][T30131] netlink: 'syz-executor.1': attribute type 4 has an invalid length. 09:53:05 executing program 2: openat$fuse(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='fd/3\x00') write$P9_RWALK(r0, 0x0, 0x3d) 09:53:05 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000000)={@multicast2, @loopback}, 0xc) r1 = socket$netlink(0x10, 0x3, 0x0) writev(r1, &(0x7f0000000140)=[{&(0x7f00000000c0)="390000001300034700bb65e1c3e4ffff06000000010000005600000025000000190004000400000007fd17e5ff8e0606040020000000000000", 0x39}], 0x1) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f0000000800)={0x26, 'hash\x00', 0x0, 0x0, 'hmac(sha384-generic)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000880)="e2c68fbbad2e23c21844ccf09d52daeb6d9d9bc5e9c30addc795fa441ab7d9678454d71cc70d638ecc7f26cb34160ac712bc3620bbb469e6652969225e8c20d8cbad23f2a360ddaf7fe85aecc207d2c4e6292ccc7292a2e50acc1015191fec61f762f5ad7c21bdf998f61bb1333376052ace0635ab1818dda40d9b729d18b24b1aacbf84f81d7ba80e5f3c433ccf04f356c0ae5d79ab831f563d3af18cfa28121dc15cd14599d3883b304a01f5b939c94f1a55aa99ecee9a723eb418d541361800af43b19bde6b3012dfb2338c60c62a246cf0668a541636318029800db3a373af5a6ff538f73adad2177b67d09e73f7", 0xf0) dup2(r2, r0) 09:53:05 executing program 0: sendmsg(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000000c0)="24000000180007351dfffd946f610500020000091f000007242808000800084004001000", 0x24}], 0x1}, 0x0) r0 = socket(0x800000010, 0x1000000002, 0x0) sendmmsg$alg(r0, &(0x7f0000000140)=[{0x4000000, 0x0, &(0x7f0000000100), 0x0, &(0x7f0000000100)}], 0x492492492492805, 0x0) write(0xffffffffffffffff, 0x0, 0x0) 09:53:05 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000000)={@multicast2, @loopback}, 0xc) r1 = socket$netlink(0x10, 0x3, 0x0) writev(r1, &(0x7f0000000140)=[{&(0x7f00000000c0)="390000001300034700bb65e1c3e4ffff06000000010000005600000025000000190004000400000007fd17e5ff8e0606040020000000000000", 0x39}], 0x1) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f0000000800)={0x26, 'hash\x00', 0x0, 0x0, 'hmac(sha384-generic)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000880)="e2c68fbbad2e23c21844ccf09d52daeb6d9d9bc5e9c30addc795fa441ab7d9678454d71cc70d638ecc7f26cb34160ac712bc3620bbb469e6652969225e8c20d8cbad23f2a360ddaf7fe85aecc207d2c4e6292ccc7292a2e50acc1015191fec61f762f5ad7c21bdf998f61bb1333376052ace0635ab1818dda40d9b729d18b24b1aacbf84f81d7ba80e5f3c433ccf04f356c0ae5d79ab831f563d3af18cfa28121dc15cd14599d3883b304a01f5b939c94f1a55aa99ecee9a723eb418d541361800af43b19bde6b3012dfb2338c60c62a246cf0668a541636318029800db3a373af5a6ff538f73adad2177b67d09e73f7", 0xf0) dup2(r2, r0) 09:53:06 executing program 3: r0 = syz_init_net_socket$ax25(0x3, 0x5, 0x0) setsockopt$ax25_int(r0, 0x101, 0x0, 0x0, 0x0) 09:53:06 executing program 2: openat$fuse(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='fd/3\x00') write$P9_RWALK(r0, 0x0, 0x3d) 09:53:06 executing program 1: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='devices.list\x00', 0x275a, 0x0) write$binfmt_elf64(r1, &(0x7f0000000340)=ANY=[], 0x78) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800003, 0x12, r1, 0x0) ioctl$SNDCTL_SEQ_NRMIDIS(r0, 0xc0045103, &(0x7f0000000040)) 09:53:06 executing program 1: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='devices.list\x00', 0x275a, 0x0) write$binfmt_elf64(r1, &(0x7f0000000340)=ANY=[], 0x78) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800003, 0x12, r1, 0x0) ioctl$SNDCTL_SEQ_NRMIDIS(r0, 0xc0045103, &(0x7f0000000040)) 09:53:06 executing program 3: r0 = syz_init_net_socket$ax25(0x3, 0x5, 0x0) setsockopt$ax25_int(r0, 0x101, 0x0, 0x0, 0x0) 09:53:06 executing program 0: sendmsg(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000000c0)="24000000180007351dfffd946f610500020000091f000007242808000800084004001000", 0x24}], 0x1}, 0x0) r0 = socket(0x800000010, 0x1000000002, 0x0) sendmmsg$alg(r0, &(0x7f0000000140)=[{0x4000000, 0x0, &(0x7f0000000100), 0x0, &(0x7f0000000100)}], 0x492492492492805, 0x0) write(0xffffffffffffffff, 0x0, 0x0) 09:53:06 executing program 1: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='devices.list\x00', 0x275a, 0x0) write$binfmt_elf64(r1, &(0x7f0000000340)=ANY=[], 0x78) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800003, 0x12, r1, 0x0) ioctl$SNDCTL_SEQ_NRMIDIS(r0, 0xc0045103, &(0x7f0000000040)) 09:53:06 executing program 1: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='devices.list\x00', 0x275a, 0x0) write$binfmt_elf64(r1, &(0x7f0000000340)=ANY=[], 0x78) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800003, 0x12, r1, 0x0) ioctl$SNDCTL_SEQ_NRMIDIS(r0, 0xc0045103, &(0x7f0000000040)) 09:53:06 executing program 2: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='devices.list\x00', 0x275a, 0x0) write$binfmt_elf64(r1, &(0x7f0000000340)=ANY=[], 0x78) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800003, 0x12, r1, 0x0) ioctl$SNDCTL_SEQ_NRMIDIS(r0, 0xc0045103, &(0x7f0000000040)) 09:53:06 executing program 3: r0 = syz_init_net_socket$ax25(0x3, 0x5, 0x0) setsockopt$ax25_int(r0, 0x101, 0x0, 0x0, 0x0) 09:53:06 executing program 2: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='devices.list\x00', 0x275a, 0x0) write$binfmt_elf64(r1, &(0x7f0000000340)=ANY=[], 0x78) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800003, 0x12, r1, 0x0) ioctl$SNDCTL_SEQ_NRMIDIS(r0, 0xc0045103, &(0x7f0000000040)) 09:53:06 executing program 3: r0 = syz_init_net_socket$ax25(0x3, 0x5, 0x0) setsockopt$ax25_int(r0, 0x101, 0x0, 0x0, 0x0) 09:53:06 executing program 0: sendmsg(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000000c0)="24000000180007351dfffd946f610500020000091f000007242808000800084004001000", 0x24}], 0x1}, 0x0) r0 = socket(0x800000010, 0x1000000002, 0x0) sendmmsg$alg(r0, &(0x7f0000000140)=[{0x4000000, 0x0, &(0x7f0000000100), 0x0, &(0x7f0000000100)}], 0x492492492492805, 0x0) write(0xffffffffffffffff, 0x0, 0x0) 09:53:06 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)={0x1c, r1, 0x25d8fa0ac07c13c9, 0x0, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8}]}, 0x1c}}, 0x0) 09:53:06 executing program 3: r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) write$UHID_INPUT2(r0, &(0x7f0000000100), 0x6) 09:53:06 executing program 2: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='devices.list\x00', 0x275a, 0x0) write$binfmt_elf64(r1, &(0x7f0000000340)=ANY=[], 0x78) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x800003, 0x12, r1, 0x0) ioctl$SNDCTL_SEQ_NRMIDIS(r0, 0xc0045103, &(0x7f0000000040)) 09:53:07 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)={0x1c, r1, 0x25d8fa0ac07c13c9, 0x0, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8}]}, 0x1c}}, 0x0) 09:53:07 executing program 3: r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) write$UHID_INPUT2(r0, &(0x7f0000000100), 0x6) 09:53:07 executing program 2: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x4, &(0x7f0000000080)=@framed={{}, [@alu={0x7, 0x0, 0x3, 0x0, 0x0, 0x0, 0xfffffffffffffffc}]}, &(0x7f00000000c0)='GPL\x00', 0x5, 0x1000, &(0x7f0000001880)=""/4096, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 09:53:07 executing program 0: sendmsg(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000000c0)="24000000180007351dfffd946f610500020000091f000007242808000800084004001000", 0x24}], 0x1}, 0x0) r0 = socket(0x800000010, 0x1000000002, 0x0) sendmmsg$alg(r0, &(0x7f0000000140)=[{0x4000000, 0x0, &(0x7f0000000100), 0x0, &(0x7f0000000100)}], 0x492492492492805, 0x0) write(0xffffffffffffffff, 0x0, 0x0) 09:53:07 executing program 3: r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) write$UHID_INPUT2(r0, &(0x7f0000000100), 0x6) 09:53:07 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)={0x1c, r1, 0x25d8fa0ac07c13c9, 0x0, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8}]}, 0x1c}}, 0x0) 09:53:07 executing program 2: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x4, &(0x7f0000000080)=@framed={{}, [@alu={0x7, 0x0, 0x3, 0x0, 0x0, 0x0, 0xfffffffffffffffc}]}, &(0x7f00000000c0)='GPL\x00', 0x5, 0x1000, &(0x7f0000001880)=""/4096, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 09:53:07 executing program 3: r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) write$UHID_INPUT2(r0, &(0x7f0000000100), 0x6) 09:53:07 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)={0x1c, r1, 0x25d8fa0ac07c13c9, 0x0, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8}]}, 0x1c}}, 0x0) 09:53:07 executing program 2: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x4, &(0x7f0000000080)=@framed={{}, [@alu={0x7, 0x0, 0x3, 0x0, 0x0, 0x0, 0xfffffffffffffffc}]}, &(0x7f00000000c0)='GPL\x00', 0x5, 0x1000, &(0x7f0000001880)=""/4096, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 09:53:07 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000001600), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000000)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_SET_VLAN(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x1c, r1, 0x1, 0x0, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r2}]}, 0x1c}}, 0x0) 09:53:07 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$TIPC_CMD_SET_NODE_ADDR(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x24, r1, 0x1, 0x0, 0x0, {{}, {}, {0xc}}}, 0x24}}, 0x0) 09:53:07 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_open_dev$tty20(0xc, 0x4, 0x1) r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close_range(r0, r2, 0x0) 09:53:07 executing program 2: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x4, &(0x7f0000000080)=@framed={{}, [@alu={0x7, 0x0, 0x3, 0x0, 0x0, 0x0, 0xfffffffffffffffc}]}, &(0x7f00000000c0)='GPL\x00', 0x5, 0x1000, &(0x7f0000001880)=""/4096, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 09:53:07 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$TIPC_CMD_SET_NODE_ADDR(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x24, r1, 0x1, 0x0, 0x0, {{}, {}, {0xc}}}, 0x24}}, 0x0) 09:53:07 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_open_dev$tty20(0xc, 0x4, 0x1) r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close_range(r0, r2, 0x0) 09:53:07 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000001600), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000000)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_SET_VLAN(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x1c, r1, 0x1, 0x0, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r2}]}, 0x1c}}, 0x0) 09:53:07 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_open_dev$tty20(0xc, 0x4, 0x1) r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close_range(r0, r2, 0x0) 09:53:07 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000001600), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000000)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_SET_VLAN(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x1c, r1, 0x1, 0x0, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r2}]}, 0x1c}}, 0x0) 09:53:07 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$TIPC_CMD_SET_NODE_ADDR(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x24, r1, 0x1, 0x0, 0x0, {{}, {}, {0xc}}}, 0x24}}, 0x0) 09:53:07 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_open_dev$tty20(0xc, 0x4, 0x1) r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close_range(r0, r2, 0x0) 09:53:08 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_open_dev$tty20(0xc, 0x4, 0x1) r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close_range(r0, r2, 0x0) 09:53:08 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000001600), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000000)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_SET_VLAN(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x1c, r1, 0x1, 0x0, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r2}]}, 0x1c}}, 0x0) 09:53:08 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$TIPC_CMD_SET_NODE_ADDR(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x24, r1, 0x1, 0x0, 0x0, {{}, {}, {0xc}}}, 0x24}}, 0x0) 09:53:08 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000001600), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000000)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_SET_VLAN(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x1c, r1, 0x1, 0x0, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r2}]}, 0x1c}}, 0x0) 09:53:08 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_open_dev$tty20(0xc, 0x4, 0x1) r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close_range(r0, r2, 0x0) 09:53:08 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$TIPC_CMD_SET_NODE_ADDR(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x24, r1, 0x1, 0x0, 0x0, {{}, {}, {0xc}}}, 0x24}}, 0x0) 09:53:08 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000001600), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000000)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_SET_VLAN(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x1c, r1, 0x1, 0x0, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r2}]}, 0x1c}}, 0x0) 09:53:08 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000001600), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000000)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_SET_VLAN(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x1c, r1, 0x1, 0x0, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r2}]}, 0x1c}}, 0x0) 09:53:08 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) syz_open_dev$tty20(0xc, 0x4, 0x1) r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close_range(r0, r2, 0x0) 09:53:08 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$TIPC_CMD_SET_NODE_ADDR(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x24, r1, 0x1, 0x0, 0x0, {{}, {}, {0xc}}}, 0x24}}, 0x0) 09:53:08 executing program 2: r0 = socket(0x11, 0x800000003, 0x0) bind(r0, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r0, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000000)=0x14) r2 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000040)=@newqdisc={0x30, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x4, 0x5}}]}, 0x30}}, 0x0) 09:53:08 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f00000004c0)=ANY=[], 0x208e24b) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=ANY=[@ANYBLOB="38010000100013070000000000000000ac1414000000000000000000000000002001000000000000000000000000000200000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="e000000100000000000000000000000000000000320000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003f00000a000400000000000000000048000200656362286369706865725f6e756c6c29"], 0x138}}, 0x0) sendfile(r3, r2, 0x0, 0x100000002) 09:53:08 executing program 1: setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x1) r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f00000000c0)="2e00000010008188040f80ecdb4cb9cca7480ef426000000e3bd6efb440a09000e000a000f000000008000001201", 0x2e}], 0x1}, 0x0) r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000180)="2e00000010008188040f80ec800002000000000026000000e3bdeefb44004f000e000a0010000b2fd6130f97d80a", 0x2e}], 0x1}, 0x0) 09:53:08 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$TIPC_CMD_SET_NODE_ADDR(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x24, r1, 0x1, 0x0, 0x0, {{}, {}, {0xc}}}, 0x24}}, 0x0) 09:53:08 executing program 2: r0 = socket(0x11, 0x800000003, 0x0) bind(r0, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r0, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000000)=0x14) r2 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000040)=@newqdisc={0x30, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x4, 0x5}}]}, 0x30}}, 0x0) [ 750.267729][T30307] bond0: (slave team_slave_0): Enslaving as an active interface with an up link [ 750.285071][ T51] audit: type=1804 audit(1626688388.799:167): pid=30304 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/syzkaller-testdir816205733/syzkaller.CpYtQu/547/cgroup.controllers" dev="sda1" ino=14227 res=1 errno=0 09:53:08 executing program 1: setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x1) r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f00000000c0)="2e00000010008188040f80ecdb4cb9cca7480ef426000000e3bd6efb440a09000e000a000f000000008000001201", 0x2e}], 0x1}, 0x0) r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000180)="2e00000010008188040f80ec800002000000000026000000e3bdeefb44004f000e000a0010000b2fd6130f97d80a", 0x2e}], 0x1}, 0x0) 09:53:09 executing program 2: r0 = socket(0x11, 0x800000003, 0x0) bind(r0, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r0, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000000)=0x14) r2 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000040)=@newqdisc={0x30, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x4, 0x5}}]}, 0x30}}, 0x0) 09:53:09 executing program 0: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x2) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000100)={0x0, 0x0, 0x0, 'queue1\x00'}) write$sndseq(r0, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw8={"a357b6b140cbb6215dd33459"}}], 0xfffffee4) syz_mount_image$tmpfs(&(0x7f00000002c0), &(0x7f0000000100)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYRESDEC, @ANYRES64]) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') mmap(&(0x7f0000137000/0x4000)=nil, 0x4000, 0x100000c, 0x1010, r1, 0xd78a5000) chdir(&(0x7f0000000380)='./bus\x00') r2 = creat(&(0x7f0000000400)='./bus\x00', 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(0xffffffffffffffff, 0x40605346, &(0x7f0000000300)={0x0, 0x0, {0xffffffffffffffff, 0x0, 0x800006, 0x1, 0x3}}) ftruncate(r2, 0x208200) r3 = open(&(0x7f0000000200)='./bus\x00', 0x10103e, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x4002011, r3, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(0xffffffffffffffff, 0xc080661a, 0x0) truncate(&(0x7f0000000040)='./bus\x00', 0x2201) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000052780)={0x0, [], 0x0, "e1bf393b54e20e"}) [ 750.558636][T30317] bond0: (slave team_slave_0): Releasing backup interface [ 750.670976][T30325] tmpfs: Unknown parameter '18446744073709551615ÿÿÿÿÿÿÿÿ' 09:53:09 executing program 2: r0 = socket(0x11, 0x800000003, 0x0) bind(r0, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r0, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000000)=0x14) r2 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000040)=@newqdisc={0x30, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x4, 0x5}}]}, 0x30}}, 0x0) 09:53:09 executing program 1: setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x1) r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f00000000c0)="2e00000010008188040f80ecdb4cb9cca7480ef426000000e3bd6efb440a09000e000a000f000000008000001201", 0x2e}], 0x1}, 0x0) r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000180)="2e00000010008188040f80ec800002000000000026000000e3bdeefb44004f000e000a0010000b2fd6130f97d80a", 0x2e}], 0x1}, 0x0) 09:53:09 executing program 2: r0 = timerfd_create(0x0, 0x0) timerfd_settime(r0, 0x0, &(0x7f000000b000)={{}, {0x800010000}}, 0x0) 09:53:09 executing program 2: r0 = timerfd_create(0x0, 0x0) timerfd_settime(r0, 0x0, &(0x7f000000b000)={{}, {0x800010000}}, 0x0) 09:53:09 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f00000004c0)=ANY=[], 0x208e24b) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=ANY=[@ANYBLOB="38010000100013070000000000000000ac1414000000000000000000000000002001000000000000000000000000000200000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="e000000100000000000000000000000000000000320000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003f00000a000400000000000000000048000200656362286369706865725f6e756c6c29"], 0x138}}, 0x0) sendfile(r3, r2, 0x0, 0x100000002) [ 751.258756][T30339] validate_nla: 6 callbacks suppressed [ 751.258784][T30339] netlink: 'syz-executor.1': attribute type 10 has an invalid length. 09:53:09 executing program 2: r0 = timerfd_create(0x0, 0x0) timerfd_settime(r0, 0x0, &(0x7f000000b000)={{}, {0x800010000}}, 0x0) [ 751.291417][T30339] bond0: (slave team_slave_0): Enslaving as an active interface with an up link [ 751.329047][T30339] netlink: 'syz-executor.1': attribute type 10 has an invalid length. [ 751.386516][T30339] bond0: (slave team_slave_0): Releasing backup interface [ 751.408603][ T51] audit: type=1804 audit(1626688389.929:168): pid=30338 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/syzkaller-testdir816205733/syzkaller.CpYtQu/548/cgroup.controllers" dev="sda1" ino=14275 res=1 errno=0 09:53:10 executing program 2: r0 = timerfd_create(0x0, 0x0) timerfd_settime(r0, 0x0, &(0x7f000000b000)={{}, {0x800010000}}, 0x0) [ 751.596509][T30325] tmpfs: Unknown parameter '18446744073709551615ÿÿÿÿÿÿÿÿ' 09:53:10 executing program 0: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x2) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000100)={0x0, 0x0, 0x0, 'queue1\x00'}) write$sndseq(r0, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw8={"a357b6b140cbb6215dd33459"}}], 0xfffffee4) syz_mount_image$tmpfs(&(0x7f00000002c0), &(0x7f0000000100)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYRESDEC, @ANYRES64]) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') mmap(&(0x7f0000137000/0x4000)=nil, 0x4000, 0x100000c, 0x1010, r1, 0xd78a5000) chdir(&(0x7f0000000380)='./bus\x00') r2 = creat(&(0x7f0000000400)='./bus\x00', 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(0xffffffffffffffff, 0x40605346, &(0x7f0000000300)={0x0, 0x0, {0xffffffffffffffff, 0x0, 0x800006, 0x1, 0x3}}) ftruncate(r2, 0x208200) r3 = open(&(0x7f0000000200)='./bus\x00', 0x10103e, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x4002011, r3, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(0xffffffffffffffff, 0xc080661a, 0x0) truncate(&(0x7f0000000040)='./bus\x00', 0x2201) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000052780)={0x0, [], 0x0, "e1bf393b54e20e"}) 09:53:10 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f00000004c0)=ANY=[], 0x208e24b) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=ANY=[@ANYBLOB="38010000100013070000000000000000ac1414000000000000000000000000002001000000000000000000000000000200000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="e000000100000000000000000000000000000000320000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003f00000a000400000000000000000048000200656362286369706865725f6e756c6c29"], 0x138}}, 0x0) sendfile(r3, r2, 0x0, 0x100000002) 09:53:10 executing program 1: setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x1) r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f00000000c0)="2e00000010008188040f80ecdb4cb9cca7480ef426000000e3bd6efb440a09000e000a000f000000008000001201", 0x2e}], 0x1}, 0x0) r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000180)="2e00000010008188040f80ec800002000000000026000000e3bdeefb44004f000e000a0010000b2fd6130f97d80a", 0x2e}], 0x1}, 0x0) [ 752.027993][ T51] audit: type=1804 audit(1626688390.549:169): pid=30385 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/syzkaller-testdir861387039/syzkaller.hKZSfF/535/cgroup.controllers" dev="sda1" ino=14099 res=1 errno=0 [ 752.131337][T30389] tmpfs: Unknown parameter '18446744073709551615ÿÿÿÿÿÿÿÿ' [ 752.201260][T30392] netlink: 'syz-executor.1': attribute type 10 has an invalid length. 09:53:10 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f00000004c0)=ANY=[], 0x208e24b) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=ANY=[@ANYBLOB="38010000100013070000000000000000ac1414000000000000000000000000002001000000000000000000000000000200000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="e000000100000000000000000000000000000000320000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003f00000a000400000000000000000048000200656362286369706865725f6e756c6c29"], 0x138}}, 0x0) sendfile(r3, r2, 0x0, 0x100000002) [ 752.303747][T30392] bond0: (slave team_slave_0): Enslaving as an active interface with an up link [ 752.387671][T30393] netlink: 'syz-executor.1': attribute type 10 has an invalid length. [ 752.434934][T30393] bond0: (slave team_slave_0): Releasing backup interface 09:53:11 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f00000004c0)=ANY=[], 0x208e24b) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=ANY=[@ANYBLOB="38010000100013070000000000000000ac1414000000000000000000000000002001000000000000000000000000000200000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="e000000100000000000000000000000000000000320000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003f00000a000400000000000000000048000200656362286369706865725f6e756c6c29"], 0x138}}, 0x0) sendfile(r3, r2, 0x0, 0x100000002) [ 752.611577][ T51] audit: type=1804 audit(1626688391.139:170): pid=30398 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/syzkaller-testdir816205733/syzkaller.CpYtQu/549/cgroup.controllers" dev="sda1" ino=14275 res=1 errno=0 09:53:11 executing program 0: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x2) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000100)={0x0, 0x0, 0x0, 'queue1\x00'}) write$sndseq(r0, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw8={"a357b6b140cbb6215dd33459"}}], 0xfffffee4) syz_mount_image$tmpfs(&(0x7f00000002c0), &(0x7f0000000100)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYRESDEC, @ANYRES64]) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') mmap(&(0x7f0000137000/0x4000)=nil, 0x4000, 0x100000c, 0x1010, r1, 0xd78a5000) chdir(&(0x7f0000000380)='./bus\x00') r2 = creat(&(0x7f0000000400)='./bus\x00', 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(0xffffffffffffffff, 0x40605346, &(0x7f0000000300)={0x0, 0x0, {0xffffffffffffffff, 0x0, 0x800006, 0x1, 0x3}}) ftruncate(r2, 0x208200) r3 = open(&(0x7f0000000200)='./bus\x00', 0x10103e, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x4002011, r3, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(0xffffffffffffffff, 0xc080661a, 0x0) truncate(&(0x7f0000000040)='./bus\x00', 0x2201) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000052780)={0x0, [], 0x0, "e1bf393b54e20e"}) [ 752.906933][ T51] audit: type=1804 audit(1626688391.429:171): pid=30400 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/syzkaller-testdir861387039/syzkaller.hKZSfF/536/cgroup.controllers" dev="sda1" ino=14099 res=1 errno=0 09:53:11 executing program 1: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x2) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000100)={0x0, 0x0, 0x0, 'queue1\x00'}) write$sndseq(r0, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw8={"a357b6b140cbb6215dd33459"}}], 0xfffffee4) syz_mount_image$tmpfs(&(0x7f00000002c0), &(0x7f0000000100)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYRESDEC, @ANYRES64]) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') mmap(&(0x7f0000137000/0x4000)=nil, 0x4000, 0x100000c, 0x1010, r1, 0xd78a5000) chdir(&(0x7f0000000380)='./bus\x00') r2 = creat(&(0x7f0000000400)='./bus\x00', 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(0xffffffffffffffff, 0x40605346, &(0x7f0000000300)={0x0, 0x0, {0xffffffffffffffff, 0x0, 0x800006, 0x1, 0x3}}) ftruncate(r2, 0x208200) r3 = open(&(0x7f0000000200)='./bus\x00', 0x10103e, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x4002011, r3, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(0xffffffffffffffff, 0xc080661a, 0x0) truncate(&(0x7f0000000040)='./bus\x00', 0x2201) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000052780)={0x0, [], 0x0, "e1bf393b54e20e"}) [ 753.012639][T30406] tmpfs: Unknown parameter '18446744073709551615ÿÿÿÿÿÿÿÿ' 09:53:11 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f00000004c0)=ANY=[], 0x208e24b) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=ANY=[@ANYBLOB="38010000100013070000000000000000ac1414000000000000000000000000002001000000000000000000000000000200000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="e000000100000000000000000000000000000000320000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003f00000a000400000000000000000048000200656362286369706865725f6e756c6c29"], 0x138}}, 0x0) sendfile(r3, r2, 0x0, 0x100000002) [ 753.213057][T30411] tmpfs: Unknown parameter '18446744073709551615ÿÿÿÿÿÿÿÿ' 09:53:11 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f00000004c0)=ANY=[], 0x208e24b) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=ANY=[@ANYBLOB="38010000100013070000000000000000ac1414000000000000000000000000002001000000000000000000000000000200000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="e000000100000000000000000000000000000000320000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003f00000a000400000000000000000048000200656362286369706865725f6e756c6c29"], 0x138}}, 0x0) sendfile(r3, r2, 0x0, 0x100000002) [ 753.419854][ T51] audit: type=1804 audit(1626688391.939:172): pid=30412 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/syzkaller-testdir861387039/syzkaller.hKZSfF/537/cgroup.controllers" dev="sda1" ino=14323 res=1 errno=0 09:53:12 executing program 0: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x2) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000100)={0x0, 0x0, 0x0, 'queue1\x00'}) write$sndseq(r0, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw8={"a357b6b140cbb6215dd33459"}}], 0xfffffee4) syz_mount_image$tmpfs(&(0x7f00000002c0), &(0x7f0000000100)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYRESDEC, @ANYRES64]) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') mmap(&(0x7f0000137000/0x4000)=nil, 0x4000, 0x100000c, 0x1010, r1, 0xd78a5000) chdir(&(0x7f0000000380)='./bus\x00') r2 = creat(&(0x7f0000000400)='./bus\x00', 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(0xffffffffffffffff, 0x40605346, &(0x7f0000000300)={0x0, 0x0, {0xffffffffffffffff, 0x0, 0x800006, 0x1, 0x3}}) ftruncate(r2, 0x208200) r3 = open(&(0x7f0000000200)='./bus\x00', 0x10103e, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x4002011, r3, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(0xffffffffffffffff, 0xc080661a, 0x0) truncate(&(0x7f0000000040)='./bus\x00', 0x2201) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000052780)={0x0, [], 0x0, "e1bf393b54e20e"}) 09:53:12 executing program 2: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x2) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000100)={0x0, 0x0, 0x0, 'queue1\x00'}) write$sndseq(r0, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw8={"a357b6b140cbb6215dd33459"}}], 0xfffffee4) syz_mount_image$tmpfs(&(0x7f00000002c0), &(0x7f0000000100)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYRESDEC, @ANYRES64]) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') mmap(&(0x7f0000137000/0x4000)=nil, 0x4000, 0x100000c, 0x1010, r1, 0xd78a5000) chdir(&(0x7f0000000380)='./bus\x00') r2 = creat(&(0x7f0000000400)='./bus\x00', 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(0xffffffffffffffff, 0x40605346, &(0x7f0000000300)={0x0, 0x0, {0xffffffffffffffff, 0x0, 0x800006, 0x1, 0x3}}) ftruncate(r2, 0x208200) r3 = open(&(0x7f0000000200)='./bus\x00', 0x10103e, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x4002011, r3, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(0xffffffffffffffff, 0xc080661a, 0x0) truncate(&(0x7f0000000040)='./bus\x00', 0x2201) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000052780)={0x0, [], 0x0, "e1bf393b54e20e"}) [ 753.772365][ T51] audit: type=1804 audit(1626688392.289:173): pid=30418 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/syzkaller-testdir816205733/syzkaller.CpYtQu/550/cgroup.controllers" dev="sda1" ino=13890 res=1 errno=0 [ 753.963749][T30425] tmpfs: Unknown parameter '18446744073709551615ÿÿÿÿÿÿÿÿ' 09:53:12 executing program 1: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x2) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000100)={0x0, 0x0, 0x0, 'queue1\x00'}) write$sndseq(r0, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw8={"a357b6b140cbb6215dd33459"}}], 0xfffffee4) syz_mount_image$tmpfs(&(0x7f00000002c0), &(0x7f0000000100)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYRESDEC, @ANYRES64]) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') mmap(&(0x7f0000137000/0x4000)=nil, 0x4000, 0x100000c, 0x1010, r1, 0xd78a5000) chdir(&(0x7f0000000380)='./bus\x00') r2 = creat(&(0x7f0000000400)='./bus\x00', 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(0xffffffffffffffff, 0x40605346, &(0x7f0000000300)={0x0, 0x0, {0xffffffffffffffff, 0x0, 0x800006, 0x1, 0x3}}) ftruncate(r2, 0x208200) r3 = open(&(0x7f0000000200)='./bus\x00', 0x10103e, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x4002011, r3, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(0xffffffffffffffff, 0xc080661a, 0x0) truncate(&(0x7f0000000040)='./bus\x00', 0x2201) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000052780)={0x0, [], 0x0, "e1bf393b54e20e"}) [ 754.153740][ T51] audit: type=1800 audit(1626688392.669:174): pid=30425 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed comm="syz-executor.0" name="bus" dev="sda1" ino=13937 res=0 errno=0 [ 754.294053][T30429] tmpfs: Unknown parameter '18446744073709551615ÿÿÿÿÿÿÿÿ' [ 754.503518][T30421] tmpfs: Unknown parameter '18446744073709551615ÿÿÿÿÿÿÿÿ' [ 754.538846][ T51] audit: type=1800 audit(1626688393.059:175): pid=30429 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed comm="syz-executor.1" name="bus" dev="sda1" ino=14419 res=0 errno=0 09:53:13 executing program 2: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x2) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000100)={0x0, 0x0, 0x0, 'queue1\x00'}) write$sndseq(r0, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw8={"a357b6b140cbb6215dd33459"}}], 0xfffffee4) syz_mount_image$tmpfs(&(0x7f00000002c0), &(0x7f0000000100)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYRESDEC, @ANYRES64]) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') mmap(&(0x7f0000137000/0x4000)=nil, 0x4000, 0x100000c, 0x1010, r1, 0xd78a5000) chdir(&(0x7f0000000380)='./bus\x00') r2 = creat(&(0x7f0000000400)='./bus\x00', 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(0xffffffffffffffff, 0x40605346, &(0x7f0000000300)={0x0, 0x0, {0xffffffffffffffff, 0x0, 0x800006, 0x1, 0x3}}) ftruncate(r2, 0x208200) r3 = open(&(0x7f0000000200)='./bus\x00', 0x10103e, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x4002011, r3, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(0xffffffffffffffff, 0xc080661a, 0x0) truncate(&(0x7f0000000040)='./bus\x00', 0x2201) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000052780)={0x0, [], 0x0, "e1bf393b54e20e"}) 09:53:13 executing program 1: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x2) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000100)={0x0, 0x0, 0x0, 'queue1\x00'}) write$sndseq(r0, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw8={"a357b6b140cbb6215dd33459"}}], 0xfffffee4) syz_mount_image$tmpfs(&(0x7f00000002c0), &(0x7f0000000100)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYRESDEC, @ANYRES64]) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') mmap(&(0x7f0000137000/0x4000)=nil, 0x4000, 0x100000c, 0x1010, r1, 0xd78a5000) chdir(&(0x7f0000000380)='./bus\x00') r2 = creat(&(0x7f0000000400)='./bus\x00', 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(0xffffffffffffffff, 0x40605346, &(0x7f0000000300)={0x0, 0x0, {0xffffffffffffffff, 0x0, 0x800006, 0x1, 0x3}}) ftruncate(r2, 0x208200) r3 = open(&(0x7f0000000200)='./bus\x00', 0x10103e, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x4002011, r3, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(0xffffffffffffffff, 0xc080661a, 0x0) truncate(&(0x7f0000000040)='./bus\x00', 0x2201) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000052780)={0x0, [], 0x0, "e1bf393b54e20e"}) 09:53:13 executing program 3: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x2) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000100)={0x0, 0x0, 0x0, 'queue1\x00'}) write$sndseq(r0, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw8={"a357b6b140cbb6215dd33459"}}], 0xfffffee4) syz_mount_image$tmpfs(&(0x7f00000002c0), &(0x7f0000000100)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYRESDEC, @ANYRES64]) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') mmap(&(0x7f0000137000/0x4000)=nil, 0x4000, 0x100000c, 0x1010, r1, 0xd78a5000) chdir(&(0x7f0000000380)='./bus\x00') r2 = creat(&(0x7f0000000400)='./bus\x00', 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(0xffffffffffffffff, 0x40605346, &(0x7f0000000300)={0x0, 0x0, {0xffffffffffffffff, 0x0, 0x800006, 0x1, 0x3}}) ftruncate(r2, 0x208200) r3 = open(&(0x7f0000000200)='./bus\x00', 0x10103e, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x4002011, r3, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(0xffffffffffffffff, 0xc080661a, 0x0) truncate(&(0x7f0000000040)='./bus\x00', 0x2201) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000052780)={0x0, [], 0x0, "e1bf393b54e20e"}) 09:53:13 executing program 0: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x2) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000100)={0x0, 0x0, 0x0, 'queue1\x00'}) write$sndseq(r0, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw8={"a357b6b140cbb6215dd33459"}}], 0xfffffee4) syz_mount_image$tmpfs(&(0x7f00000002c0), &(0x7f0000000100)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYRESDEC, @ANYRES64]) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') mmap(&(0x7f0000137000/0x4000)=nil, 0x4000, 0x100000c, 0x1010, r1, 0xd78a5000) chdir(&(0x7f0000000380)='./bus\x00') r2 = creat(&(0x7f0000000400)='./bus\x00', 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(0xffffffffffffffff, 0x40605346, &(0x7f0000000300)={0x0, 0x0, {0xffffffffffffffff, 0x0, 0x800006, 0x1, 0x3}}) ftruncate(r2, 0x208200) r3 = open(&(0x7f0000000200)='./bus\x00', 0x10103e, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x4002011, r3, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(0xffffffffffffffff, 0xc080661a, 0x0) truncate(&(0x7f0000000040)='./bus\x00', 0x2201) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000052780)={0x0, [], 0x0, "e1bf393b54e20e"}) [ 754.886832][T30436] tmpfs: Unknown parameter '18446744073709551615ÿÿÿÿÿÿÿÿ' [ 754.984322][T30441] tmpfs: Unknown parameter '18446744073709551615ÿÿÿÿÿÿÿÿ' [ 755.025171][T30443] tmpfs: Unknown parameter '18446744073709551615ÿÿÿÿÿÿÿÿ' [ 755.148441][T30446] tmpfs: Unknown parameter '18446744073709551615ÿÿÿÿÿÿÿÿ' [ 755.158694][ T51] audit: type=1800 audit(1626688393.679:176): pid=30436 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed comm="syz-executor.2" name="bus" dev="sda1" ino=14355 res=0 errno=0 [ 755.398170][ T51] audit: type=1800 audit(1626688393.909:177): pid=30443 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed comm="syz-executor.1" name="bus" dev="sda1" ino=14419 res=0 errno=0 [ 755.477693][ T51] audit: type=1800 audit(1626688393.949:178): pid=30446 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed comm="syz-executor.0" name="bus" dev="sda1" ino=14451 res=0 errno=0 09:53:14 executing program 2: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x2) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000100)={0x0, 0x0, 0x0, 'queue1\x00'}) write$sndseq(r0, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw8={"a357b6b140cbb6215dd33459"}}], 0xfffffee4) syz_mount_image$tmpfs(&(0x7f00000002c0), &(0x7f0000000100)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYRESDEC, @ANYRES64]) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') mmap(&(0x7f0000137000/0x4000)=nil, 0x4000, 0x100000c, 0x1010, r1, 0xd78a5000) chdir(&(0x7f0000000380)='./bus\x00') r2 = creat(&(0x7f0000000400)='./bus\x00', 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(0xffffffffffffffff, 0x40605346, &(0x7f0000000300)={0x0, 0x0, {0xffffffffffffffff, 0x0, 0x800006, 0x1, 0x3}}) ftruncate(r2, 0x208200) r3 = open(&(0x7f0000000200)='./bus\x00', 0x10103e, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x4002011, r3, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(0xffffffffffffffff, 0xc080661a, 0x0) truncate(&(0x7f0000000040)='./bus\x00', 0x2201) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000052780)={0x0, [], 0x0, "e1bf393b54e20e"}) 09:53:14 executing program 0: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x2) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000100)={0x0, 0x0, 0x0, 'queue1\x00'}) write$sndseq(r0, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw8={"a357b6b140cbb6215dd33459"}}], 0xfffffee4) syz_mount_image$tmpfs(&(0x7f00000002c0), &(0x7f0000000100)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYRESDEC, @ANYRES64]) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') mmap(&(0x7f0000137000/0x4000)=nil, 0x4000, 0x100000c, 0x1010, r1, 0xd78a5000) chdir(&(0x7f0000000380)='./bus\x00') r2 = creat(&(0x7f0000000400)='./bus\x00', 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(0xffffffffffffffff, 0x40605346, &(0x7f0000000300)={0x0, 0x0, {0xffffffffffffffff, 0x0, 0x800006, 0x1, 0x3}}) ftruncate(r2, 0x208200) r3 = open(&(0x7f0000000200)='./bus\x00', 0x10103e, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x4002011, r3, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(0xffffffffffffffff, 0xc080661a, 0x0) truncate(&(0x7f0000000040)='./bus\x00', 0x2201) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000052780)={0x0, [], 0x0, "e1bf393b54e20e"}) [ 755.759593][T30452] tmpfs: Unknown parameter '18446744073709551615ÿÿÿÿÿÿÿÿ' 09:53:14 executing program 3: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x2) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000100)={0x0, 0x0, 0x0, 'queue1\x00'}) write$sndseq(r0, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw8={"a357b6b140cbb6215dd33459"}}], 0xfffffee4) syz_mount_image$tmpfs(&(0x7f00000002c0), &(0x7f0000000100)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYRESDEC, @ANYRES64]) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') mmap(&(0x7f0000137000/0x4000)=nil, 0x4000, 0x100000c, 0x1010, r1, 0xd78a5000) chdir(&(0x7f0000000380)='./bus\x00') r2 = creat(&(0x7f0000000400)='./bus\x00', 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(0xffffffffffffffff, 0x40605346, &(0x7f0000000300)={0x0, 0x0, {0xffffffffffffffff, 0x0, 0x800006, 0x1, 0x3}}) ftruncate(r2, 0x208200) r3 = open(&(0x7f0000000200)='./bus\x00', 0x10103e, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x4002011, r3, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(0xffffffffffffffff, 0xc080661a, 0x0) truncate(&(0x7f0000000040)='./bus\x00', 0x2201) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000052780)={0x0, [], 0x0, "e1bf393b54e20e"}) 09:53:14 executing program 1: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x2) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000100)={0x0, 0x0, 0x0, 'queue1\x00'}) write$sndseq(r0, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw8={"a357b6b140cbb6215dd33459"}}], 0xfffffee4) syz_mount_image$tmpfs(&(0x7f00000002c0), &(0x7f0000000100)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYRESDEC, @ANYRES64]) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') mmap(&(0x7f0000137000/0x4000)=nil, 0x4000, 0x100000c, 0x1010, r1, 0xd78a5000) chdir(&(0x7f0000000380)='./bus\x00') r2 = creat(&(0x7f0000000400)='./bus\x00', 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(0xffffffffffffffff, 0x40605346, &(0x7f0000000300)={0x0, 0x0, {0xffffffffffffffff, 0x0, 0x800006, 0x1, 0x3}}) ftruncate(r2, 0x208200) r3 = open(&(0x7f0000000200)='./bus\x00', 0x10103e, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x4002011, r3, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(0xffffffffffffffff, 0xc080661a, 0x0) truncate(&(0x7f0000000040)='./bus\x00', 0x2201) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000052780)={0x0, [], 0x0, "e1bf393b54e20e"}) [ 756.056589][T30459] tmpfs: Unknown parameter '18446744073709551615ÿÿÿÿÿÿÿÿ' [ 756.057417][T30458] tmpfs: Unknown parameter '18446744073709551615ÿÿÿÿÿÿÿÿ' [ 756.285929][ T51] audit: type=1800 audit(1626688394.809:179): pid=30459 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed comm="syz-executor.3" name="bus" dev="sda1" ino=14403 res=0 errno=0 [ 756.394268][T30464] tmpfs: Unknown parameter '18446744073709551615ÿÿÿÿÿÿÿÿ' [ 756.555001][ T51] audit: type=1800 audit(1626688395.049:180): pid=30458 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed comm="syz-executor.0" name="bus" dev="sda1" ino=14419 res=0 errno=0 09:53:15 executing program 3: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x2) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000100)={0x0, 0x0, 0x0, 'queue1\x00'}) write$sndseq(r0, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw8={"a357b6b140cbb6215dd33459"}}], 0xfffffee4) syz_mount_image$tmpfs(&(0x7f00000002c0), &(0x7f0000000100)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYRESDEC, @ANYRES64]) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') mmap(&(0x7f0000137000/0x4000)=nil, 0x4000, 0x100000c, 0x1010, r1, 0xd78a5000) chdir(&(0x7f0000000380)='./bus\x00') r2 = creat(&(0x7f0000000400)='./bus\x00', 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(0xffffffffffffffff, 0x40605346, &(0x7f0000000300)={0x0, 0x0, {0xffffffffffffffff, 0x0, 0x800006, 0x1, 0x3}}) ftruncate(r2, 0x208200) r3 = open(&(0x7f0000000200)='./bus\x00', 0x10103e, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x4002011, r3, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(0xffffffffffffffff, 0xc080661a, 0x0) truncate(&(0x7f0000000040)='./bus\x00', 0x2201) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000052780)={0x0, [], 0x0, "e1bf393b54e20e"}) [ 756.625105][ T51] audit: type=1800 audit(1626688395.149:181): pid=30465 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed comm="syz-executor.1" name="bus" dev="sda1" ino=14451 res=0 errno=0 09:53:15 executing program 0: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x2) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000100)={0x0, 0x0, 0x0, 'queue1\x00'}) write$sndseq(r0, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw8={"a357b6b140cbb6215dd33459"}}], 0xfffffee4) syz_mount_image$tmpfs(&(0x7f00000002c0), &(0x7f0000000100)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYRESDEC, @ANYRES64]) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') mmap(&(0x7f0000137000/0x4000)=nil, 0x4000, 0x100000c, 0x1010, r1, 0xd78a5000) chdir(&(0x7f0000000380)='./bus\x00') r2 = creat(&(0x7f0000000400)='./bus\x00', 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(0xffffffffffffffff, 0x40605346, &(0x7f0000000300)={0x0, 0x0, {0xffffffffffffffff, 0x0, 0x800006, 0x1, 0x3}}) ftruncate(r2, 0x208200) r3 = open(&(0x7f0000000200)='./bus\x00', 0x10103e, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x4002011, r3, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(0xffffffffffffffff, 0xc080661a, 0x0) truncate(&(0x7f0000000040)='./bus\x00', 0x2201) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000052780)={0x0, [], 0x0, "e1bf393b54e20e"}) 09:53:15 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f00000004c0)=ANY=[], 0x208e24b) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=ANY=[@ANYBLOB="38010000100013070000000000000000ac1414000000000000000000000000002001000000000000000000000000000200000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="e000000100000000000000000000000000000000320000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003f00000a000400000000000000000048000200656362286369706865725f6e756c6c29"], 0x138}}, 0x0) sendfile(r3, r2, 0x0, 0x100000002) [ 756.768022][T30470] tmpfs: Unknown parameter '18446744073709551615ÿÿÿÿÿÿÿÿ' 09:53:15 executing program 1: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x2) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000100)={0x0, 0x0, 0x0, 'queue1\x00'}) write$sndseq(r0, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw8={"a357b6b140cbb6215dd33459"}}], 0xfffffee4) syz_mount_image$tmpfs(&(0x7f00000002c0), &(0x7f0000000100)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYRESDEC, @ANYRES64]) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') mmap(&(0x7f0000137000/0x4000)=nil, 0x4000, 0x100000c, 0x1010, r1, 0xd78a5000) chdir(&(0x7f0000000380)='./bus\x00') r2 = creat(&(0x7f0000000400)='./bus\x00', 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(0xffffffffffffffff, 0x40605346, &(0x7f0000000300)={0x0, 0x0, {0xffffffffffffffff, 0x0, 0x800006, 0x1, 0x3}}) ftruncate(r2, 0x208200) r3 = open(&(0x7f0000000200)='./bus\x00', 0x10103e, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x4002011, r3, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(0xffffffffffffffff, 0xc080661a, 0x0) truncate(&(0x7f0000000040)='./bus\x00', 0x2201) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000052780)={0x0, [], 0x0, "e1bf393b54e20e"}) [ 756.924026][ T51] audit: type=1804 audit(1626688395.439:182): pid=30475 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/syzkaller-testdir861387039/syzkaller.hKZSfF/541/cgroup.controllers" dev="sda1" ino=14259 res=1 errno=0 [ 757.034622][T30480] tmpfs: Unknown parameter '18446744073709551615ÿÿÿÿÿÿÿÿ' [ 757.095590][T30481] tmpfs: Unknown parameter '18446744073709551615ÿÿÿÿÿÿÿÿ' [ 757.114372][ T51] audit: type=1800 audit(1626688395.439:183): pid=30470 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed comm="syz-executor.3" name="bus" dev="sda1" ino=14211 res=0 errno=0 [ 757.311873][ T51] audit: type=1800 audit(1626688395.829:184): pid=30480 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed comm="syz-executor.0" name="bus" dev="sda1" ino=14419 res=0 errno=0 09:53:16 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x100002, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0x43400) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000400), 0x48}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r0, &(0x7f0000000540), 0x2bf70) ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x40305839, &(0x7f0000000000)) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x1, 0x0, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc028660f, &(0x7f00000005c0)=0x40000002b) 09:53:16 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f00000000c0)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000000)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_ROUTER={0x5}, @IFLA_BR_MCAST_SNOOPING={0x5}]}}}]}, 0x44}}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000016c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYRES32], 0x30}}, 0x0) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TUNSETLINK(r2, 0x8912, 0x400308) r3 = socket$nl_route(0x10, 0x3, 0x0) sendfile(r3, r1, 0x0, 0x80000000003) 09:53:16 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f00000004c0)=ANY=[], 0x208e24b) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=ANY=[@ANYBLOB="38010000100013070000000000000000ac1414000000000000000000000000002001000000000000000000000000000200000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="e000000100000000000000000000000000000000320000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003f00000a000400000000000000000048000200656362286369706865725f6e756c6c29"], 0x138}}, 0x0) sendfile(r3, r2, 0x0, 0x100000002) 09:53:16 executing program 1: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x2) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000100)={0x0, 0x0, 0x0, 'queue1\x00'}) write$sndseq(r0, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw8={"a357b6b140cbb6215dd33459"}}], 0xfffffee4) syz_mount_image$tmpfs(&(0x7f00000002c0), &(0x7f0000000100)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYRESDEC, @ANYRES64]) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') mmap(&(0x7f0000137000/0x4000)=nil, 0x4000, 0x100000c, 0x1010, r1, 0xd78a5000) chdir(&(0x7f0000000380)='./bus\x00') r2 = creat(&(0x7f0000000400)='./bus\x00', 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(0xffffffffffffffff, 0x40605346, &(0x7f0000000300)={0x0, 0x0, {0xffffffffffffffff, 0x0, 0x800006, 0x1, 0x3}}) ftruncate(r2, 0x208200) r3 = open(&(0x7f0000000200)='./bus\x00', 0x10103e, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x4002011, r3, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(0xffffffffffffffff, 0xc080661a, 0x0) truncate(&(0x7f0000000040)='./bus\x00', 0x2201) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000052780)={0x0, [], 0x0, "e1bf393b54e20e"}) [ 757.899756][ T51] audit: type=1804 audit(1626688396.419:185): pid=30490 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/syzkaller-testdir721736670/syzkaller.FB3ewm/530/cgroup.controllers" dev="sda1" ino=13937 res=1 errno=0 09:53:16 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x100002, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0x43400) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000400), 0x48}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r0, &(0x7f0000000540), 0x2bf70) ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x40305839, &(0x7f0000000000)) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x1, 0x0, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc028660f, &(0x7f00000005c0)=0x40000002b) [ 758.096106][T30500] tmpfs: Unknown parameter '18446744073709551615ÿÿÿÿÿÿÿÿ' [ 758.102117][ T51] audit: type=1804 audit(1626688396.619:186): pid=30494 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/syzkaller-testdir861387039/syzkaller.hKZSfF/542/cgroup.controllers" dev="sda1" ino=14355 res=1 errno=0 09:53:16 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f00000004c0)=ANY=[], 0x208e24b) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=ANY=[@ANYBLOB="38010000100013070000000000000000ac1414000000000000000000000000002001000000000000000000000000000200000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="e000000100000000000000000000000000000000320000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003f00000a000400000000000000000048000200656362286369706865725f6e756c6c29"], 0x138}}, 0x0) sendfile(r3, r2, 0x0, 0x100000002) 09:53:17 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f00000000c0)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000000)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_ROUTER={0x5}, @IFLA_BR_MCAST_SNOOPING={0x5}]}}}]}, 0x44}}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000016c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYRES32], 0x30}}, 0x0) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TUNSETLINK(r2, 0x8912, 0x400308) r3 = socket$nl_route(0x10, 0x3, 0x0) sendfile(r3, r1, 0x0, 0x80000000003) 09:53:17 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f00000000c0)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000000)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_ROUTER={0x5}, @IFLA_BR_MCAST_SNOOPING={0x5}]}}}]}, 0x44}}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000016c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYRES32], 0x30}}, 0x0) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TUNSETLINK(r2, 0x8912, 0x400308) r3 = socket$nl_route(0x10, 0x3, 0x0) sendfile(r3, r1, 0x0, 0x80000000003) 09:53:17 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x100002, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0x43400) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000400), 0x48}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r0, &(0x7f0000000540), 0x2bf70) ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x40305839, &(0x7f0000000000)) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x1, 0x0, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc028660f, &(0x7f00000005c0)=0x40000002b) 09:53:17 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x100002, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0x43400) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000400), 0x48}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r0, &(0x7f0000000540), 0x2bf70) ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x40305839, &(0x7f0000000000)) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x1, 0x0, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc028660f, &(0x7f00000005c0)=0x40000002b) [ 759.250510][T30508] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=0 sclass=netlink_xfrm_socket pid=30508 comm=syz-executor.2 [ 759.282952][T30508] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=0 sclass=netlink_xfrm_socket pid=30508 comm=syz-executor.2 [ 759.338554][T30508] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=0 sclass=netlink_xfrm_socket pid=30508 comm=syz-executor.2 [ 759.390017][T30508] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=0 sclass=netlink_xfrm_socket pid=30508 comm=syz-executor.2 [ 759.454887][T30508] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=0 sclass=netlink_xfrm_socket pid=30508 comm=syz-executor.2 09:53:18 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f00000000c0)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000000)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_ROUTER={0x5}, @IFLA_BR_MCAST_SNOOPING={0x5}]}}}]}, 0x44}}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000016c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYRES32], 0x30}}, 0x0) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TUNSETLINK(r2, 0x8912, 0x400308) r3 = socket$nl_route(0x10, 0x3, 0x0) sendfile(r3, r1, 0x0, 0x80000000003) 09:53:18 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x100002, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0x43400) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000400), 0x48}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r0, &(0x7f0000000540), 0x2bf70) ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x40305839, &(0x7f0000000000)) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x1, 0x0, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc028660f, &(0x7f00000005c0)=0x40000002b) 09:53:18 executing program 3: r0 = syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)) mknodat$loop(r0, &(0x7f00000000c0)='./file0\x00', 0x1000, 0x1) 09:53:18 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f00000000c0)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000000)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_ROUTER={0x5}, @IFLA_BR_MCAST_SNOOPING={0x5}]}}}]}, 0x44}}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000016c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYRES32], 0x30}}, 0x0) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TUNSETLINK(r2, 0x8912, 0x400308) r3 = socket$nl_route(0x10, 0x3, 0x0) sendfile(r3, r1, 0x0, 0x80000000003) 09:53:18 executing program 3: r0 = syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)) mknodat$loop(r0, &(0x7f00000000c0)='./file0\x00', 0x1000, 0x1) 09:53:18 executing program 3: r0 = syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)) mknodat$loop(r0, &(0x7f00000000c0)='./file0\x00', 0x1000, 0x1) 09:53:18 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x100002, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0x43400) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000400), 0x48}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r0, &(0x7f0000000540), 0x2bf70) ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x40305839, &(0x7f0000000000)) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x1, 0x0, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc028660f, &(0x7f00000005c0)=0x40000002b) 09:53:18 executing program 3: r0 = syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)) mknodat$loop(r0, &(0x7f00000000c0)='./file0\x00', 0x1000, 0x1) 09:53:18 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f00000000c0)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000000)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_ROUTER={0x5}, @IFLA_BR_MCAST_SNOOPING={0x5}]}}}]}, 0x44}}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000016c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYRES32], 0x30}}, 0x0) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TUNSETLINK(r2, 0x8912, 0x400308) r3 = socket$nl_route(0x10, 0x3, 0x0) sendfile(r3, r1, 0x0, 0x80000000003) 09:53:18 executing program 3: r0 = syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)) mknodat$loop(r0, &(0x7f00000000c0)='./file0\x00', 0x1000, 0x1) 09:53:19 executing program 3: r0 = syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)) mknodat$loop(r0, &(0x7f00000000c0)='./file0\x00', 0x1000, 0x1) 09:53:19 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f00000000c0)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000000)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_ROUTER={0x5}, @IFLA_BR_MCAST_SNOOPING={0x5}]}}}]}, 0x44}}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000016c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYRES32], 0x30}}, 0x0) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TUNSETLINK(r2, 0x8912, 0x400308) r3 = socket$nl_route(0x10, 0x3, 0x0) sendfile(r3, r1, 0x0, 0x80000000003) 09:53:19 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x100002, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x7a05, 0x1700) write$cgroup_int(r2, &(0x7f0000000200), 0x43400) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000400), 0x48}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r0, &(0x7f0000000540), 0x2bf70) ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x40305839, &(0x7f0000000000)) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r4, 0x0) preadv(r4, &(0x7f0000000280), 0x1, 0x0, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc028660f, &(0x7f00000005c0)=0x40000002b) [ 760.702902][ T51] kauditd_printk_skb: 6 callbacks suppressed [ 760.702921][ T51] audit: type=1804 audit(1626688399.229:193): pid=30573 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/syzkaller-testdir721736670/syzkaller.FB3ewm/533/cgroup.controllers" dev="sda1" ino=13923 res=1 errno=0 09:53:19 executing program 3: r0 = syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)) mknodat$loop(r0, &(0x7f00000000c0)='./file0\x00', 0x1000, 0x1) [ 760.907356][ T51] audit: type=1804 audit(1626688399.419:194): pid=30579 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/syzkaller-testdir918310331/syzkaller.y6gMpo/592/cgroup.controllers" dev="sda1" ino=13957 res=1 errno=0 09:53:19 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) shutdown(r0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800009, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) pselect6(0x40, &(0x7f00000001c0), 0x0, 0x0, 0x0, 0x0) 09:53:19 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) mkdir(&(0x7f0000000140)='./control\x00', 0x0) r1 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) chown(&(0x7f0000000000)='./control\x00', 0xee00, r2) setresuid(0x0, 0xee00, 0xee00) setxattr$system_posix_acl(&(0x7f0000000040)='./control\x00', &(0x7f0000000080)='system.posix_acl_access\x00', &(0x7f0000000300), 0x24, 0x0) 09:53:20 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) mkdir(&(0x7f0000000140)='./control\x00', 0x0) r1 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) chown(&(0x7f0000000000)='./control\x00', 0xee00, r2) setresuid(0x0, 0xee00, 0xee00) setxattr$system_posix_acl(&(0x7f0000000040)='./control\x00', &(0x7f0000000080)='system.posix_acl_access\x00', &(0x7f0000000300), 0x24, 0x0) 09:53:20 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) mkdir(&(0x7f0000000140)='./control\x00', 0x0) r1 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) chown(&(0x7f0000000000)='./control\x00', 0xee00, r2) setresuid(0x0, 0xee00, 0xee00) setxattr$system_posix_acl(&(0x7f0000000040)='./control\x00', &(0x7f0000000080)='system.posix_acl_access\x00', &(0x7f0000000300), 0x24, 0x0) 09:53:20 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) shutdown(r0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800009, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) pselect6(0x40, &(0x7f00000001c0), 0x0, 0x0, 0x0, 0x0) 09:53:20 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) shutdown(r0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800009, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) pselect6(0x40, &(0x7f00000001c0), 0x0, 0x0, 0x0, 0x0) 09:53:20 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) mkdir(&(0x7f0000000140)='./control\x00', 0x0) r1 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) chown(&(0x7f0000000000)='./control\x00', 0xee00, r2) setresuid(0x0, 0xee00, 0xee00) setxattr$system_posix_acl(&(0x7f0000000040)='./control\x00', &(0x7f0000000080)='system.posix_acl_access\x00', &(0x7f0000000300), 0x24, 0x0) 09:53:20 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) mkdir(&(0x7f0000000140)='./control\x00', 0x0) r1 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) chown(&(0x7f0000000000)='./control\x00', 0xee00, r2) setresuid(0x0, 0xee00, 0xee00) setxattr$system_posix_acl(&(0x7f0000000040)='./control\x00', &(0x7f0000000080)='system.posix_acl_access\x00', &(0x7f0000000300), 0x24, 0x0) 09:53:20 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) mkdir(&(0x7f0000000140)='./control\x00', 0x0) r1 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) chown(&(0x7f0000000000)='./control\x00', 0xee00, r2) setresuid(0x0, 0xee00, 0xee00) setxattr$system_posix_acl(&(0x7f0000000040)='./control\x00', &(0x7f0000000080)='system.posix_acl_access\x00', &(0x7f0000000300), 0x24, 0x0) 09:53:20 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) shutdown(r0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3800009, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) pselect6(0x40, &(0x7f00000001c0), 0x0, 0x0, 0x0, 0x0) 09:53:20 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) mkdir(&(0x7f0000000140)='./control\x00', 0x0) r1 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) chown(&(0x7f0000000000)='./control\x00', 0xee00, r2) setresuid(0x0, 0xee00, 0xee00) setxattr$system_posix_acl(&(0x7f0000000040)='./control\x00', &(0x7f0000000080)='system.posix_acl_access\x00', &(0x7f0000000300), 0x24, 0x0) 09:53:20 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) mkdir(&(0x7f0000000140)='./control\x00', 0x0) r1 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) chown(&(0x7f0000000000)='./control\x00', 0xee00, r2) setresuid(0x0, 0xee00, 0xee00) setxattr$system_posix_acl(&(0x7f0000000040)='./control\x00', &(0x7f0000000080)='system.posix_acl_access\x00', &(0x7f0000000300), 0x24, 0x0) 09:53:20 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x21, &(0x7f0000000000)=@assoc_value, &(0x7f0000001500)=0x2f) 09:53:20 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) mkdir(&(0x7f0000000140)='./control\x00', 0x0) r1 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) chown(&(0x7f0000000000)='./control\x00', 0xee00, r2) setresuid(0x0, 0xee00, 0xee00) setxattr$system_posix_acl(&(0x7f0000000040)='./control\x00', &(0x7f0000000080)='system.posix_acl_access\x00', &(0x7f0000000300), 0x24, 0x0) 09:53:20 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x21, &(0x7f0000000000)=@assoc_value, &(0x7f0000001500)=0x2f) 09:53:20 executing program 3: openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='cgroup.controllers\x00', 0x0, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00'}) ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{}]}) 09:53:20 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) mkdir(&(0x7f0000000140)='./control\x00', 0x0) r1 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) chown(&(0x7f0000000000)='./control\x00', 0xee00, r2) setresuid(0x0, 0xee00, 0xee00) setxattr$system_posix_acl(&(0x7f0000000040)='./control\x00', &(0x7f0000000080)='system.posix_acl_access\x00', &(0x7f0000000300), 0x24, 0x0) 09:53:20 executing program 1: setreuid(0xee01, 0xee00) setresgid(0xffffffffffffffff, 0x0, 0x0) 09:53:20 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x21, &(0x7f0000000000)=@assoc_value, &(0x7f0000001500)=0x2f) 09:53:20 executing program 1: setreuid(0xee01, 0xee00) setresgid(0xffffffffffffffff, 0x0, 0x0) 09:53:20 executing program 0: unshare(0x6c060000) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000003c0)={0xa, 0x4e22}, 0x1c) setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0) listen(r0, 0x8) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r1, 0x0, 0x0, 0x20000004, &(0x7f0000000040)={0xa, 0x4e22}, 0x6d) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) unshare(0x0) socket$l2tp6(0xa, 0x2, 0x73) bind$inet6(0xffffffffffffffff, 0x0, 0x0) r2 = accept4(r0, 0x0, 0x0, 0x0) unshare(0x0) accept(0xffffffffffffffff, 0x0, 0x0) shutdown(r1, 0x1) sendto$inet6(r2, &(0x7f00000000c0), 0xfffffdda, 0x63, 0x0, 0x600000000000004) 09:53:20 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x21, &(0x7f0000000000)=@assoc_value, &(0x7f0000001500)=0x2f) 09:53:20 executing program 1: setreuid(0xee01, 0xee00) setresgid(0xffffffffffffffff, 0x0, 0x0) 09:53:21 executing program 3: openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='cgroup.controllers\x00', 0x0, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00'}) ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{}]}) 09:53:21 executing program 2: openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='cgroup.controllers\x00', 0x0, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00'}) ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{}]}) 09:53:21 executing program 1: setreuid(0xee01, 0xee00) setresgid(0xffffffffffffffff, 0x0, 0x0) 09:53:21 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4) syz_emit_ethernet(0x22, &(0x7f0000000040)={@local, @remote, @void, {@ipv4={0x800, @generic={{0x5, 0x4, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast, {[@ra]}}}}}}, 0x0) 09:53:21 executing program 3: openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='cgroup.controllers\x00', 0x0, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00'}) ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{}]}) 09:53:21 executing program 0: unshare(0x6c060000) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000003c0)={0xa, 0x4e22}, 0x1c) setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0) listen(r0, 0x8) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r1, 0x0, 0x0, 0x20000004, &(0x7f0000000040)={0xa, 0x4e22}, 0x6d) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) unshare(0x0) socket$l2tp6(0xa, 0x2, 0x73) bind$inet6(0xffffffffffffffff, 0x0, 0x0) r2 = accept4(r0, 0x0, 0x0, 0x0) unshare(0x0) accept(0xffffffffffffffff, 0x0, 0x0) shutdown(r1, 0x1) sendto$inet6(r2, &(0x7f00000000c0), 0xfffffdda, 0x63, 0x0, 0x600000000000004) 09:53:21 executing program 2: openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='cgroup.controllers\x00', 0x0, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00'}) ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{}]}) 09:53:21 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4) syz_emit_ethernet(0x22, &(0x7f0000000040)={@local, @remote, @void, {@ipv4={0x800, @generic={{0x5, 0x4, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast, {[@ra]}}}}}}, 0x0) 09:53:21 executing program 3: openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='cgroup.controllers\x00', 0x0, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00'}) ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{}]}) 09:53:22 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4) syz_emit_ethernet(0x22, &(0x7f0000000040)={@local, @remote, @void, {@ipv4={0x800, @generic={{0x5, 0x4, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast, {[@ra]}}}}}}, 0x0) 09:53:22 executing program 2: openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='cgroup.controllers\x00', 0x0, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00'}) ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{}]}) 09:53:22 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4) syz_emit_ethernet(0x22, &(0x7f0000000040)={@local, @remote, @void, {@ipv4={0x800, @generic={{0x5, 0x4, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast, {[@ra]}}}}}}, 0x0) 09:53:22 executing program 3: unshare(0x6c060000) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000003c0)={0xa, 0x4e22}, 0x1c) setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0) listen(r0, 0x8) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r1, 0x0, 0x0, 0x20000004, &(0x7f0000000040)={0xa, 0x4e22}, 0x6d) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) unshare(0x0) socket$l2tp6(0xa, 0x2, 0x73) bind$inet6(0xffffffffffffffff, 0x0, 0x0) r2 = accept4(r0, 0x0, 0x0, 0x0) unshare(0x0) accept(0xffffffffffffffff, 0x0, 0x0) shutdown(r1, 0x1) sendto$inet6(r2, &(0x7f00000000c0), 0xfffffdda, 0x63, 0x0, 0x600000000000004) 09:53:22 executing program 1: unshare(0x6c060000) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000003c0)={0xa, 0x4e22}, 0x1c) setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0) listen(r0, 0x8) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r1, 0x0, 0x0, 0x20000004, &(0x7f0000000040)={0xa, 0x4e22}, 0x6d) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) unshare(0x0) socket$l2tp6(0xa, 0x2, 0x73) bind$inet6(0xffffffffffffffff, 0x0, 0x0) r2 = accept4(r0, 0x0, 0x0, 0x0) unshare(0x0) accept(0xffffffffffffffff, 0x0, 0x0) shutdown(r1, 0x1) sendto$inet6(r2, &(0x7f00000000c0), 0xfffffdda, 0x63, 0x0, 0x600000000000004) 09:53:22 executing program 0: unshare(0x6c060000) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000003c0)={0xa, 0x4e22}, 0x1c) setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0) listen(r0, 0x8) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r1, 0x0, 0x0, 0x20000004, &(0x7f0000000040)={0xa, 0x4e22}, 0x6d) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) unshare(0x0) socket$l2tp6(0xa, 0x2, 0x73) bind$inet6(0xffffffffffffffff, 0x0, 0x0) r2 = accept4(r0, 0x0, 0x0, 0x0) unshare(0x0) accept(0xffffffffffffffff, 0x0, 0x0) shutdown(r1, 0x1) sendto$inet6(r2, &(0x7f00000000c0), 0xfffffdda, 0x63, 0x0, 0x600000000000004) 09:53:22 executing program 2: socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TUNSETLINK(r0, 0x8912, 0x400308) bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x19, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x163, 0x11, 0x24}]}, &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f0000000200)=""/4096, 0x0, 0x0, '\x00', 0x0, 0x15, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 09:53:23 executing program 2: socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TUNSETLINK(r0, 0x8912, 0x400308) bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x19, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x163, 0x11, 0x24}]}, &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f0000000200)=""/4096, 0x0, 0x0, '\x00', 0x0, 0x15, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 09:53:23 executing program 3: unshare(0x6c060000) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000003c0)={0xa, 0x4e22}, 0x1c) setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0) listen(r0, 0x8) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r1, 0x0, 0x0, 0x20000004, &(0x7f0000000040)={0xa, 0x4e22}, 0x6d) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) unshare(0x0) socket$l2tp6(0xa, 0x2, 0x73) bind$inet6(0xffffffffffffffff, 0x0, 0x0) r2 = accept4(r0, 0x0, 0x0, 0x0) unshare(0x0) accept(0xffffffffffffffff, 0x0, 0x0) shutdown(r1, 0x1) sendto$inet6(r2, &(0x7f00000000c0), 0xfffffdda, 0x63, 0x0, 0x600000000000004) 09:53:23 executing program 2: socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TUNSETLINK(r0, 0x8912, 0x400308) bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x19, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x163, 0x11, 0x24}]}, &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f0000000200)=""/4096, 0x0, 0x0, '\x00', 0x0, 0x15, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 09:53:23 executing program 2: socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TUNSETLINK(r0, 0x8912, 0x400308) bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x19, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x163, 0x11, 0x24}]}, &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f0000000200)=""/4096, 0x0, 0x0, '\x00', 0x0, 0x15, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 09:53:23 executing program 2: r0 = open$dir(&(0x7f0000000000)='.\x00', 0x0, 0x0) mkdirat(r0, &(0x7f0000000100)='./file0\x00', 0x0) mkdirat(r0, &(0x7f0000000080)='./file0/file0\x00', 0x0) unlinkat(r0, &(0x7f00000000c0)='./file0/file0\x00', 0x800) 09:53:23 executing program 1: unshare(0x6c060000) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000003c0)={0xa, 0x4e22}, 0x1c) setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0) listen(r0, 0x8) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r1, 0x0, 0x0, 0x20000004, &(0x7f0000000040)={0xa, 0x4e22}, 0x6d) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) unshare(0x0) socket$l2tp6(0xa, 0x2, 0x73) bind$inet6(0xffffffffffffffff, 0x0, 0x0) r2 = accept4(r0, 0x0, 0x0, 0x0) unshare(0x0) accept(0xffffffffffffffff, 0x0, 0x0) shutdown(r1, 0x1) sendto$inet6(r2, &(0x7f00000000c0), 0xfffffdda, 0x63, 0x0, 0x600000000000004) 09:53:23 executing program 0: unshare(0x6c060000) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000003c0)={0xa, 0x4e22}, 0x1c) setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0) listen(r0, 0x8) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r1, 0x0, 0x0, 0x20000004, &(0x7f0000000040)={0xa, 0x4e22}, 0x6d) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) unshare(0x0) socket$l2tp6(0xa, 0x2, 0x73) bind$inet6(0xffffffffffffffff, 0x0, 0x0) r2 = accept4(r0, 0x0, 0x0, 0x0) unshare(0x0) accept(0xffffffffffffffff, 0x0, 0x0) shutdown(r1, 0x1) sendto$inet6(r2, &(0x7f00000000c0), 0xfffffdda, 0x63, 0x0, 0x600000000000004) 09:53:23 executing program 2: r0 = open$dir(&(0x7f0000000000)='.\x00', 0x0, 0x0) mkdirat(r0, &(0x7f0000000100)='./file0\x00', 0x0) mkdirat(r0, &(0x7f0000000080)='./file0/file0\x00', 0x0) unlinkat(r0, &(0x7f00000000c0)='./file0/file0\x00', 0x800) 09:53:24 executing program 2: r0 = open$dir(&(0x7f0000000000)='.\x00', 0x0, 0x0) mkdirat(r0, &(0x7f0000000100)='./file0\x00', 0x0) mkdirat(r0, &(0x7f0000000080)='./file0/file0\x00', 0x0) unlinkat(r0, &(0x7f00000000c0)='./file0/file0\x00', 0x800) 09:53:24 executing program 3: unshare(0x6c060000) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000003c0)={0xa, 0x4e22}, 0x1c) setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0) listen(r0, 0x8) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r1, 0x0, 0x0, 0x20000004, &(0x7f0000000040)={0xa, 0x4e22}, 0x6d) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) unshare(0x0) socket$l2tp6(0xa, 0x2, 0x73) bind$inet6(0xffffffffffffffff, 0x0, 0x0) r2 = accept4(r0, 0x0, 0x0, 0x0) unshare(0x0) accept(0xffffffffffffffff, 0x0, 0x0) shutdown(r1, 0x1) sendto$inet6(r2, &(0x7f00000000c0), 0xfffffdda, 0x63, 0x0, 0x600000000000004) 09:53:24 executing program 2: r0 = open$dir(&(0x7f0000000000)='.\x00', 0x0, 0x0) mkdirat(r0, &(0x7f0000000100)='./file0\x00', 0x0) mkdirat(r0, &(0x7f0000000080)='./file0/file0\x00', 0x0) unlinkat(r0, &(0x7f00000000c0)='./file0/file0\x00', 0x800) 09:53:24 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f000003a000/0x18000)=nil, &(0x7f0000000040)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f00000005c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$RTC_UIE_ON(0xffffffffffffffff, 0x7003) ioctl$RTC_UIE_OFF(0xffffffffffffffff, 0x7004) mmap(&(0x7f0000046000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000080)=0x2) ioctl$KVM_RUN(r2, 0xae80, 0x0) 09:53:24 executing program 1: unshare(0x6c060000) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000003c0)={0xa, 0x4e22}, 0x1c) setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0) listen(r0, 0x8) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r1, 0x0, 0x0, 0x20000004, &(0x7f0000000040)={0xa, 0x4e22}, 0x6d) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) unshare(0x0) socket$l2tp6(0xa, 0x2, 0x73) bind$inet6(0xffffffffffffffff, 0x0, 0x0) r2 = accept4(r0, 0x0, 0x0, 0x0) unshare(0x0) accept(0xffffffffffffffff, 0x0, 0x0) shutdown(r1, 0x1) sendto$inet6(r2, &(0x7f00000000c0), 0xfffffdda, 0x63, 0x0, 0x600000000000004) 09:53:24 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x164802, 0x2) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000180)={0x6, 0x0, [{0x80000007, 0x9, 0x0, 0x1126}, {0x40000005, 0x9, 0x4d279e8d, 0x836, 0x5}, {0x0, 0x5, 0x1ac9, 0x4, 0x9}, {0x4, 0x1818739, 0x800, 0x5, 0x8}, {0x40000001, 0xe36c, 0x7, 0x0, 0x8000}, {0x80000007, 0x7fffffff, 0x3f, 0x9, 0xffff}]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f0000000440)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_NMI(r2, 0xae9a) perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) add_key$user(0x0, 0x0, &(0x7f0000000480)="749d60de2332193ffd1dbff51469074d9c16dfcbcd7a1590c007aec3b884c257e10694a76a0c15d9420739862cb747e1589ef26059c349e1b2553578078f0dbe687c010763d0eb29235e62a27683d6236740d44d5d7ef4d3a70b0fda7aadbd9c1d7156ec8d06fb3a693d585709ced309780d878cd4bf3ddba1018cd4327ab95f4fe8a4f7d470b8af77baf55dab20310eda7497a4a32abe9815fddeabfbb6747a23fe3c5241757f071049a3e967273384408bbffa06f29a5091366d14be87e1677c41ceb26f6dc67579f9566482b239d2846509aa16ea55ba069a93a9e2e89f191d61eccf5e6810243972121dc62bdd7003fb74ba9b0e0700d7039aff7a91060b354554d9e17a83aed8839f6612128c035f06d875bcfeb471904f08119dfe1d7db0e6085ed25fcea42766c663d24e0f42450d371a157f61c6150d9eafaa8ae65c721c147f924d02777e295352a4c2aae89ff9fd553d051523fa8df2b6cb4ab50c672648518d3227cb97c437a434bcee4d849156a5dc420d21be21cf6d0006f0e6efe804ab2b355a4c6915e831fec874caa4e93c54b58c9a66f0d52d17b1433a7489d7e9b2f177e4b39e75e97a2c2d4538d5e33bfabb0a2183ed708f5812086006ff020cb3ee3bd638a2a4ac7451b23a65ab4e8c87b4b24f6b2caee38aa4e43c98596ebaf86ff36c445f6ddfc24342016c33e88b76ea26f713e4da5e96cd61f845ebc9b99f5a6b92ea01bd1a385cf2509646e224596f12d8cf042d34e2636c17a7ccc2128d0cab168048e61ad9e5f2c9453ad60f8d1742d564361862871d47bbe985de7af59ef97761802d7624a03597b8224343a066708ef2b6a2ea135cd1ee1e85ffd8208756441341ba820720d298522347f115cca2c2e7d34688ef29f714cf541939c1b2f21c5028f7a7fc2447e74884e2485d6f74160ca19f8defc10c87dc46a5f09f24a0b5bdc45278a49b8767a2b55e254730e64a8bbfae4f6427e9ca62a92bcfc801b7458ac046c79927e612d913868ee0732b17773a2e79dfef0b128a4d4f4561f86d62c726220b8faad6f3170cf1125e232d8b82413d18da79b7bd256a6f3bccec692e085c87c4c5be00e639d1aac3c091f4bc23206fd1d8bf3d5acdd8149593c6358752c85a92b7959c3f9c0dd66c287762661c1bdc90fdc1840ce7a626a56ef627670ed7493528b2fbb8bfe4f9981504a5f94e641a2cf0b6a640cdfd771d251ae91e67765509fd26e8d54e245d74941f3cc8d56249cc20053e5049382ba5c4759b46ea4e99a95a3d383a59dd8b334e4013b8315dc6a752860ba459649861daab71eb9435f4f231b16bf426d644fb2da53ac4b04bb70943ef5094cfc8feb0b27958b1e250f653842116374ff400d1ac0b0ed803ab8fb3c89f17cc02c11732b916cd78818d226078a863d6b67389a3fbed93d3529d5339bdd3e44b7ceff6a404d608e12af72bb74408bef09308a56af6d60ded1c78ece0d6ce1e06e53cde5eb2fc672d5ec8cde3238bfaa3051b649c4a4616a1b300ace4379cd234990ac8cedc1ce4a7c589fa9ed33fc3f040d0319d9095ed3b4be835df038aab41a4889e99f3819690fb0b7e5389e3063d86b021d08c37f3b82295ab376c693d90a21037eb814035bd11bb7d23b113cf838a1f48b9bc064aff7d02b020c7a2f822bf375781d247b775395ed4eb47871ec3c79da838c84a3a64a13720084e03a0897a26af658384ea4e056acebe2a1687a2b716ba147c553c408428d8e57c7b35e58b682ec1839f275e01fb538bd810876050e50a75a12e2cda19201a1222852f401c5c6429c89ba25197a515f7d4453b8601db153dd5ea2094a0d94690df2ed32199bfd86e6bae1b98ad62408607bde1f71a6ccbbfd2dd14df688d41acd32e9d84f05561c694b7a8ddc7d50c3b8e0e8fea418a1c27f20aa766e802a2d5178afce85baf0bfe89fac3f698d2acfb9d0470e4134e4c5f2ae73dbab06bdd5713c63ed4159b45b497c2be45807c2762cd08a8da9e787d5f62e4a651d9ed4b7ae53520b62ab0c5b6afe36d58d7c638d8d3c35ab707b9d06d85774106d9548bc5a1eec8ecc13fbbcd53b169a2daf7401d2e37d8eeaed89b4484bf4dbfb04f36eec46866d1dbe2bb7e89179b268f1ed23323b5b58ec3169c7c02975758bcc8a3a512e4b4e0c4e947e421131ac1100e124cc38d795617615792ce0360529c4faf59e725d90a4fff8bc8b72e9c02e4962dcbb1f56622159a9185797a871f433d1608251f89e3b9329e85d59f55956c8aeeba55360454f77af85cb3288afb7a1b0fca0e73590cd9382f20fdfaebd25d14bae6ded67a90f1011a02d596e7df6e85b383cabc0b5621f1adff5c92159b827e4e00e20d6a43f07a388ffbad6372462c615fffa03d42e46747597b468b6cdbd48b1ebaa92560865c4d564b9d1fb8410da53b637e04fe40a652c3ee1c083d1257a714a8a82b4f9ce210470446698b37852ead866cc77bfee5c31d85b97d5e7a2e72e70193ebf0f1239c7785d41719293f3f9ad51cd875c61a986ec4ba0c91b790b4ea2d31a77b7e6c220f2f5b77bcf9301661506317f47cc7c6da16b85165bd6a0dd96f6fc891200913081df36e212bbd7ca947e6dbf18b435c1424a0d9881a97c8ef19ac7fdac8c3a740b302796fb5879d103f847721b15ba3c1f8557922a08f13e40f4af95ae7ee75040b1d8e8baca4a49a15b1f7144fca6f86b0f12e9442af0bbb40abb425c3ecb17fdc70717d29c42a212f80915a985140cd47a38a2b485268f06d8e8a7fcc008e396323ad746e7da9a3a9b7918010915ad7500f93b78bee08433fd363184d8d057dab2bd6b8a8efaebbdbe77c41ebe297a70ac38bea085fe8fcb62f4666f37c4526012b0b574bc6a9581d214915a1b7da4b5bf22deedf6118125d30d3df2f97871de606c0e6e6435556d9f51e69ba393a75c098fd52b33a4d45982952c6cc170b4b9a647702b4f458d241d540a374dc889d20b919fe3ffdf09f5ffd759f0827c05eac7cf99651bd3ddbd3cd8d44c310a8c853cec4897ec8d4609eb9db8e8308ed72c558a815714fe9fa09e954485a73b62d32a7207222d96f55907bd40cafe04fe900381072d159b830daca8e6d576272861f3205de07177f805833d589d591aef3f5d19f0446581c7763c79b63b7fb218c334ff60a882964887a244783822a932f6d37ef023d3e72d2ff4b2a8509fb8c610fc0c75936f7ef91c8452a6cbb237293546e36d1176abee79cf4712acd3bd5c16d8d98e72bd7e563014382d071ef0d25e87bab6ffc859d7b91622e1486825b7639ee43d23d8d57fefe0544ba4ccb813ebc2a2435d7e2e7d3b160a451ac9035900418c2f23127dc5a652dc632c710530e7238d2433d7f97c5bb37733cbaa0958518b90db12605a86a0d7a490cb1e61fd824cb8abdb9952925c4b5ad575549e3042a17be65807e295869d27a75526e7bd320a1c84b309e82b73c6b6d5f500bf5738ad9c02a0a9a48d1dd5aa45731ffa2258999a2ba66a527be04d05586e57953a6496ef33f94593c2cc15d2282522d002ca9c1daa2af2cc37a397138974df1b044219ccb32b148f9b37db370ed71ba7b69d2803df11d61191f115aa0c2befbf0b937de997e247f5a2c7626733e2b5b7439e51a020764d47b8e1b93c49261ccc65d357c33365d04c8dd4ff47a7ca28cff06a110a6ecc2ec4933e57b46309ce4728c0148152c94c0de9e03f7c698cdf1b636bc106f0db8da80f97caf4367e9a15baf009f27b1a45591f5f58f16a2d342be7b8bd99ff3f47c5b815f2be40446eb5ce071221d3ef807dac24e167c7a6f61947d68a219725ad9516a2eaa75ef51db0c9c8d3a9f0849203ee1b4b20b76861169a1ef837011e847761b9f6a9f6767d9c8f6f44d2321833a05c578e05ed88ed3eb18fff284648f7e53461615a67cf6085a33d4ca34fc7b1e8254f60d7ee7779cdab17c310f9d8b6a79d37d0c21c84fe4419b9cd75f45089ce17253e6e376536cefe58ad6e3e0d641f6bef3118a2b3a4de7a788db248b30c95cf5b2621646bcf5fc3494247e7074d0d7c828797a84782fee0ec76969dde4b27e117910e801530f77c6fa371a2c9652a77b92752293d3a2b323c454f79ae49d3e813cfe7fb556f6c6442aab0f233642d1235724a49d252fb8f869cf", 0xb85, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 09:53:24 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f000003a000/0x18000)=nil, &(0x7f0000000040)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f00000005c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$RTC_UIE_ON(0xffffffffffffffff, 0x7003) ioctl$RTC_UIE_OFF(0xffffffffffffffff, 0x7004) mmap(&(0x7f0000046000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000080)=0x2) ioctl$KVM_RUN(r2, 0xae80, 0x0) 09:53:25 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f000003a000/0x18000)=nil, &(0x7f0000000040)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f00000005c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$RTC_UIE_ON(0xffffffffffffffff, 0x7003) ioctl$RTC_UIE_OFF(0xffffffffffffffff, 0x7004) mmap(&(0x7f0000046000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000080)=0x2) ioctl$KVM_RUN(r2, 0xae80, 0x0) 09:53:26 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f000003a000/0x18000)=nil, &(0x7f0000000040)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f00000005c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$RTC_UIE_ON(0xffffffffffffffff, 0x7003) ioctl$RTC_UIE_OFF(0xffffffffffffffff, 0x7004) mmap(&(0x7f0000046000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000080)=0x2) ioctl$KVM_RUN(r2, 0xae80, 0x0) 09:53:26 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f000003a000/0x18000)=nil, &(0x7f0000000040)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f00000005c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$RTC_UIE_ON(0xffffffffffffffff, 0x7003) ioctl$RTC_UIE_OFF(0xffffffffffffffff, 0x7004) mmap(&(0x7f0000046000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000080)=0x2) ioctl$KVM_RUN(r2, 0xae80, 0x0) 09:53:26 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x164802, 0x2) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000180)={0x6, 0x0, [{0x80000007, 0x9, 0x0, 0x1126}, {0x40000005, 0x9, 0x4d279e8d, 0x836, 0x5}, {0x0, 0x5, 0x1ac9, 0x4, 0x9}, {0x4, 0x1818739, 0x800, 0x5, 0x8}, {0x40000001, 0xe36c, 0x7, 0x0, 0x8000}, {0x80000007, 0x7fffffff, 0x3f, 0x9, 0xffff}]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f0000000440)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_NMI(r2, 0xae9a) perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) add_key$user(0x0, 0x0, &(0x7f0000000480)="749d60de2332193ffd1dbff51469074d9c16dfcbcd7a1590c007aec3b884c257e10694a76a0c15d9420739862cb747e1589ef26059c349e1b2553578078f0dbe687c010763d0eb29235e62a27683d6236740d44d5d7ef4d3a70b0fda7aadbd9c1d7156ec8d06fb3a693d585709ced309780d878cd4bf3ddba1018cd4327ab95f4fe8a4f7d470b8af77baf55dab20310eda7497a4a32abe9815fddeabfbb6747a23fe3c5241757f071049a3e967273384408bbffa06f29a5091366d14be87e1677c41ceb26f6dc67579f9566482b239d2846509aa16ea55ba069a93a9e2e89f191d61eccf5e6810243972121dc62bdd7003fb74ba9b0e0700d7039aff7a91060b354554d9e17a83aed8839f6612128c035f06d875bcfeb471904f08119dfe1d7db0e6085ed25fcea42766c663d24e0f42450d371a157f61c6150d9eafaa8ae65c721c147f924d02777e295352a4c2aae89ff9fd553d051523fa8df2b6cb4ab50c672648518d3227cb97c437a434bcee4d849156a5dc420d21be21cf6d0006f0e6efe804ab2b355a4c6915e831fec874caa4e93c54b58c9a66f0d52d17b1433a7489d7e9b2f177e4b39e75e97a2c2d4538d5e33bfabb0a2183ed708f5812086006ff020cb3ee3bd638a2a4ac7451b23a65ab4e8c87b4b24f6b2caee38aa4e43c98596ebaf86ff36c445f6ddfc24342016c33e88b76ea26f713e4da5e96cd61f845ebc9b99f5a6b92ea01bd1a385cf2509646e224596f12d8cf042d34e2636c17a7ccc2128d0cab168048e61ad9e5f2c9453ad60f8d1742d564361862871d47bbe985de7af59ef97761802d7624a03597b8224343a066708ef2b6a2ea135cd1ee1e85ffd8208756441341ba820720d298522347f115cca2c2e7d34688ef29f714cf541939c1b2f21c5028f7a7fc2447e74884e2485d6f74160ca19f8defc10c87dc46a5f09f24a0b5bdc45278a49b8767a2b55e254730e64a8bbfae4f6427e9ca62a92bcfc801b7458ac046c79927e612d913868ee0732b17773a2e79dfef0b128a4d4f4561f86d62c726220b8faad6f3170cf1125e232d8b82413d18da79b7bd256a6f3bccec692e085c87c4c5be00e639d1aac3c091f4bc23206fd1d8bf3d5acdd8149593c6358752c85a92b7959c3f9c0dd66c287762661c1bdc90fdc1840ce7a626a56ef627670ed7493528b2fbb8bfe4f9981504a5f94e641a2cf0b6a640cdfd771d251ae91e67765509fd26e8d54e245d74941f3cc8d56249cc20053e5049382ba5c4759b46ea4e99a95a3d383a59dd8b334e4013b8315dc6a752860ba459649861daab71eb9435f4f231b16bf426d644fb2da53ac4b04bb70943ef5094cfc8feb0b27958b1e250f653842116374ff400d1ac0b0ed803ab8fb3c89f17cc02c11732b916cd78818d226078a863d6b67389a3fbed93d3529d5339bdd3e44b7ceff6a404d608e12af72bb74408bef09308a56af6d60ded1c78ece0d6ce1e06e53cde5eb2fc672d5ec8cde3238bfaa3051b649c4a4616a1b300ace4379cd234990ac8cedc1ce4a7c589fa9ed33fc3f040d0319d9095ed3b4be835df038aab41a4889e99f3819690fb0b7e5389e3063d86b021d08c37f3b82295ab376c693d90a21037eb814035bd11bb7d23b113cf838a1f48b9bc064aff7d02b020c7a2f822bf375781d247b775395ed4eb47871ec3c79da838c84a3a64a13720084e03a0897a26af658384ea4e056acebe2a1687a2b716ba147c553c408428d8e57c7b35e58b682ec1839f275e01fb538bd810876050e50a75a12e2cda19201a1222852f401c5c6429c89ba25197a515f7d4453b8601db153dd5ea2094a0d94690df2ed32199bfd86e6bae1b98ad62408607bde1f71a6ccbbfd2dd14df688d41acd32e9d84f05561c694b7a8ddc7d50c3b8e0e8fea418a1c27f20aa766e802a2d5178afce85baf0bfe89fac3f698d2acfb9d0470e4134e4c5f2ae73dbab06bdd5713c63ed4159b45b497c2be45807c2762cd08a8da9e787d5f62e4a651d9ed4b7ae53520b62ab0c5b6afe36d58d7c638d8d3c35ab707b9d06d85774106d9548bc5a1eec8ecc13fbbcd53b169a2daf7401d2e37d8eeaed89b4484bf4dbfb04f36eec46866d1dbe2bb7e89179b268f1ed23323b5b58ec3169c7c02975758bcc8a3a512e4b4e0c4e947e421131ac1100e124cc38d795617615792ce0360529c4faf59e725d90a4fff8bc8b72e9c02e4962dcbb1f56622159a9185797a871f433d1608251f89e3b9329e85d59f55956c8aeeba55360454f77af85cb3288afb7a1b0fca0e73590cd9382f20fdfaebd25d14bae6ded67a90f1011a02d596e7df6e85b383cabc0b5621f1adff5c92159b827e4e00e20d6a43f07a388ffbad6372462c615fffa03d42e46747597b468b6cdbd48b1ebaa92560865c4d564b9d1fb8410da53b637e04fe40a652c3ee1c083d1257a714a8a82b4f9ce210470446698b37852ead866cc77bfee5c31d85b97d5e7a2e72e70193ebf0f1239c7785d41719293f3f9ad51cd875c61a986ec4ba0c91b790b4ea2d31a77b7e6c220f2f5b77bcf9301661506317f47cc7c6da16b85165bd6a0dd96f6fc891200913081df36e212bbd7ca947e6dbf18b435c1424a0d9881a97c8ef19ac7fdac8c3a740b302796fb5879d103f847721b15ba3c1f8557922a08f13e40f4af95ae7ee75040b1d8e8baca4a49a15b1f7144fca6f86b0f12e9442af0bbb40abb425c3ecb17fdc70717d29c42a212f80915a985140cd47a38a2b485268f06d8e8a7fcc008e396323ad746e7da9a3a9b7918010915ad7500f93b78bee08433fd363184d8d057dab2bd6b8a8efaebbdbe77c41ebe297a70ac38bea085fe8fcb62f4666f37c4526012b0b574bc6a9581d214915a1b7da4b5bf22deedf6118125d30d3df2f97871de606c0e6e6435556d9f51e69ba393a75c098fd52b33a4d45982952c6cc170b4b9a647702b4f458d241d540a374dc889d20b919fe3ffdf09f5ffd759f0827c05eac7cf99651bd3ddbd3cd8d44c310a8c853cec4897ec8d4609eb9db8e8308ed72c558a815714fe9fa09e954485a73b62d32a7207222d96f55907bd40cafe04fe900381072d159b830daca8e6d576272861f3205de07177f805833d589d591aef3f5d19f0446581c7763c79b63b7fb218c334ff60a882964887a244783822a932f6d37ef023d3e72d2ff4b2a8509fb8c610fc0c75936f7ef91c8452a6cbb237293546e36d1176abee79cf4712acd3bd5c16d8d98e72bd7e563014382d071ef0d25e87bab6ffc859d7b91622e1486825b7639ee43d23d8d57fefe0544ba4ccb813ebc2a2435d7e2e7d3b160a451ac9035900418c2f23127dc5a652dc632c710530e7238d2433d7f97c5bb37733cbaa0958518b90db12605a86a0d7a490cb1e61fd824cb8abdb9952925c4b5ad575549e3042a17be65807e295869d27a75526e7bd320a1c84b309e82b73c6b6d5f500bf5738ad9c02a0a9a48d1dd5aa45731ffa2258999a2ba66a527be04d05586e57953a6496ef33f94593c2cc15d2282522d002ca9c1daa2af2cc37a397138974df1b044219ccb32b148f9b37db370ed71ba7b69d2803df11d61191f115aa0c2befbf0b937de997e247f5a2c7626733e2b5b7439e51a020764d47b8e1b93c49261ccc65d357c33365d04c8dd4ff47a7ca28cff06a110a6ecc2ec4933e57b46309ce4728c0148152c94c0de9e03f7c698cdf1b636bc106f0db8da80f97caf4367e9a15baf009f27b1a45591f5f58f16a2d342be7b8bd99ff3f47c5b815f2be40446eb5ce071221d3ef807dac24e167c7a6f61947d68a219725ad9516a2eaa75ef51db0c9c8d3a9f0849203ee1b4b20b76861169a1ef837011e847761b9f6a9f6767d9c8f6f44d2321833a05c578e05ed88ed3eb18fff284648f7e53461615a67cf6085a33d4ca34fc7b1e8254f60d7ee7779cdab17c310f9d8b6a79d37d0c21c84fe4419b9cd75f45089ce17253e6e376536cefe58ad6e3e0d641f6bef3118a2b3a4de7a788db248b30c95cf5b2621646bcf5fc3494247e7074d0d7c828797a84782fee0ec76969dde4b27e117910e801530f77c6fa371a2c9652a77b92752293d3a2b323c454f79ae49d3e813cfe7fb556f6c6442aab0f233642d1235724a49d252fb8f869cf", 0xb85, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 09:53:26 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f000003a000/0x18000)=nil, &(0x7f0000000040)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f00000005c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$RTC_UIE_ON(0xffffffffffffffff, 0x7003) ioctl$RTC_UIE_OFF(0xffffffffffffffff, 0x7004) mmap(&(0x7f0000046000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000080)=0x2) ioctl$KVM_RUN(r2, 0xae80, 0x0) 09:53:27 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f000003a000/0x18000)=nil, &(0x7f0000000040)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f00000005c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$RTC_UIE_ON(0xffffffffffffffff, 0x7003) ioctl$RTC_UIE_OFF(0xffffffffffffffff, 0x7004) mmap(&(0x7f0000046000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000080)=0x2) ioctl$KVM_RUN(r2, 0xae80, 0x0) 09:53:27 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f000003a000/0x18000)=nil, &(0x7f0000000040)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f00000005c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$RTC_UIE_ON(0xffffffffffffffff, 0x7003) ioctl$RTC_UIE_OFF(0xffffffffffffffff, 0x7004) mmap(&(0x7f0000046000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000080)=0x2) ioctl$KVM_RUN(r2, 0xae80, 0x0) 09:53:27 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x164802, 0x2) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000180)={0x6, 0x0, [{0x80000007, 0x9, 0x0, 0x1126}, {0x40000005, 0x9, 0x4d279e8d, 0x836, 0x5}, {0x0, 0x5, 0x1ac9, 0x4, 0x9}, {0x4, 0x1818739, 0x800, 0x5, 0x8}, {0x40000001, 0xe36c, 0x7, 0x0, 0x8000}, {0x80000007, 0x7fffffff, 0x3f, 0x9, 0xffff}]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f0000000440)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_NMI(r2, 0xae9a) perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) add_key$user(0x0, 0x0, &(0x7f0000000480)="749d60de2332193ffd1dbff51469074d9c16dfcbcd7a1590c007aec3b884c257e10694a76a0c15d9420739862cb747e1589ef26059c349e1b2553578078f0dbe687c010763d0eb29235e62a27683d6236740d44d5d7ef4d3a70b0fda7aadbd9c1d7156ec8d06fb3a693d585709ced309780d878cd4bf3ddba1018cd4327ab95f4fe8a4f7d470b8af77baf55dab20310eda7497a4a32abe9815fddeabfbb6747a23fe3c5241757f071049a3e967273384408bbffa06f29a5091366d14be87e1677c41ceb26f6dc67579f9566482b239d2846509aa16ea55ba069a93a9e2e89f191d61eccf5e6810243972121dc62bdd7003fb74ba9b0e0700d7039aff7a91060b354554d9e17a83aed8839f6612128c035f06d875bcfeb471904f08119dfe1d7db0e6085ed25fcea42766c663d24e0f42450d371a157f61c6150d9eafaa8ae65c721c147f924d02777e295352a4c2aae89ff9fd553d051523fa8df2b6cb4ab50c672648518d3227cb97c437a434bcee4d849156a5dc420d21be21cf6d0006f0e6efe804ab2b355a4c6915e831fec874caa4e93c54b58c9a66f0d52d17b1433a7489d7e9b2f177e4b39e75e97a2c2d4538d5e33bfabb0a2183ed708f5812086006ff020cb3ee3bd638a2a4ac7451b23a65ab4e8c87b4b24f6b2caee38aa4e43c98596ebaf86ff36c445f6ddfc24342016c33e88b76ea26f713e4da5e96cd61f845ebc9b99f5a6b92ea01bd1a385cf2509646e224596f12d8cf042d34e2636c17a7ccc2128d0cab168048e61ad9e5f2c9453ad60f8d1742d564361862871d47bbe985de7af59ef97761802d7624a03597b8224343a066708ef2b6a2ea135cd1ee1e85ffd8208756441341ba820720d298522347f115cca2c2e7d34688ef29f714cf541939c1b2f21c5028f7a7fc2447e74884e2485d6f74160ca19f8defc10c87dc46a5f09f24a0b5bdc45278a49b8767a2b55e254730e64a8bbfae4f6427e9ca62a92bcfc801b7458ac046c79927e612d913868ee0732b17773a2e79dfef0b128a4d4f4561f86d62c726220b8faad6f3170cf1125e232d8b82413d18da79b7bd256a6f3bccec692e085c87c4c5be00e639d1aac3c091f4bc23206fd1d8bf3d5acdd8149593c6358752c85a92b7959c3f9c0dd66c287762661c1bdc90fdc1840ce7a626a56ef627670ed7493528b2fbb8bfe4f9981504a5f94e641a2cf0b6a640cdfd771d251ae91e67765509fd26e8d54e245d74941f3cc8d56249cc20053e5049382ba5c4759b46ea4e99a95a3d383a59dd8b334e4013b8315dc6a752860ba459649861daab71eb9435f4f231b16bf426d644fb2da53ac4b04bb70943ef5094cfc8feb0b27958b1e250f653842116374ff400d1ac0b0ed803ab8fb3c89f17cc02c11732b916cd78818d226078a863d6b67389a3fbed93d3529d5339bdd3e44b7ceff6a404d608e12af72bb74408bef09308a56af6d60ded1c78ece0d6ce1e06e53cde5eb2fc672d5ec8cde3238bfaa3051b649c4a4616a1b300ace4379cd234990ac8cedc1ce4a7c589fa9ed33fc3f040d0319d9095ed3b4be835df038aab41a4889e99f3819690fb0b7e5389e3063d86b021d08c37f3b82295ab376c693d90a21037eb814035bd11bb7d23b113cf838a1f48b9bc064aff7d02b020c7a2f822bf375781d247b775395ed4eb47871ec3c79da838c84a3a64a13720084e03a0897a26af658384ea4e056acebe2a1687a2b716ba147c553c408428d8e57c7b35e58b682ec1839f275e01fb538bd810876050e50a75a12e2cda19201a1222852f401c5c6429c89ba25197a515f7d4453b8601db153dd5ea2094a0d94690df2ed32199bfd86e6bae1b98ad62408607bde1f71a6ccbbfd2dd14df688d41acd32e9d84f05561c694b7a8ddc7d50c3b8e0e8fea418a1c27f20aa766e802a2d5178afce85baf0bfe89fac3f698d2acfb9d0470e4134e4c5f2ae73dbab06bdd5713c63ed4159b45b497c2be45807c2762cd08a8da9e787d5f62e4a651d9ed4b7ae53520b62ab0c5b6afe36d58d7c638d8d3c35ab707b9d06d85774106d9548bc5a1eec8ecc13fbbcd53b169a2daf7401d2e37d8eeaed89b4484bf4dbfb04f36eec46866d1dbe2bb7e89179b268f1ed23323b5b58ec3169c7c02975758bcc8a3a512e4b4e0c4e947e421131ac1100e124cc38d795617615792ce0360529c4faf59e725d90a4fff8bc8b72e9c02e4962dcbb1f56622159a9185797a871f433d1608251f89e3b9329e85d59f55956c8aeeba55360454f77af85cb3288afb7a1b0fca0e73590cd9382f20fdfaebd25d14bae6ded67a90f1011a02d596e7df6e85b383cabc0b5621f1adff5c92159b827e4e00e20d6a43f07a388ffbad6372462c615fffa03d42e46747597b468b6cdbd48b1ebaa92560865c4d564b9d1fb8410da53b637e04fe40a652c3ee1c083d1257a714a8a82b4f9ce210470446698b37852ead866cc77bfee5c31d85b97d5e7a2e72e70193ebf0f1239c7785d41719293f3f9ad51cd875c61a986ec4ba0c91b790b4ea2d31a77b7e6c220f2f5b77bcf9301661506317f47cc7c6da16b85165bd6a0dd96f6fc891200913081df36e212bbd7ca947e6dbf18b435c1424a0d9881a97c8ef19ac7fdac8c3a740b302796fb5879d103f847721b15ba3c1f8557922a08f13e40f4af95ae7ee75040b1d8e8baca4a49a15b1f7144fca6f86b0f12e9442af0bbb40abb425c3ecb17fdc70717d29c42a212f80915a985140cd47a38a2b485268f06d8e8a7fcc008e396323ad746e7da9a3a9b7918010915ad7500f93b78bee08433fd363184d8d057dab2bd6b8a8efaebbdbe77c41ebe297a70ac38bea085fe8fcb62f4666f37c4526012b0b574bc6a9581d214915a1b7da4b5bf22deedf6118125d30d3df2f97871de606c0e6e6435556d9f51e69ba393a75c098fd52b33a4d45982952c6cc170b4b9a647702b4f458d241d540a374dc889d20b919fe3ffdf09f5ffd759f0827c05eac7cf99651bd3ddbd3cd8d44c310a8c853cec4897ec8d4609eb9db8e8308ed72c558a815714fe9fa09e954485a73b62d32a7207222d96f55907bd40cafe04fe900381072d159b830daca8e6d576272861f3205de07177f805833d589d591aef3f5d19f0446581c7763c79b63b7fb218c334ff60a882964887a244783822a932f6d37ef023d3e72d2ff4b2a8509fb8c610fc0c75936f7ef91c8452a6cbb237293546e36d1176abee79cf4712acd3bd5c16d8d98e72bd7e563014382d071ef0d25e87bab6ffc859d7b91622e1486825b7639ee43d23d8d57fefe0544ba4ccb813ebc2a2435d7e2e7d3b160a451ac9035900418c2f23127dc5a652dc632c710530e7238d2433d7f97c5bb37733cbaa0958518b90db12605a86a0d7a490cb1e61fd824cb8abdb9952925c4b5ad575549e3042a17be65807e295869d27a75526e7bd320a1c84b309e82b73c6b6d5f500bf5738ad9c02a0a9a48d1dd5aa45731ffa2258999a2ba66a527be04d05586e57953a6496ef33f94593c2cc15d2282522d002ca9c1daa2af2cc37a397138974df1b044219ccb32b148f9b37db370ed71ba7b69d2803df11d61191f115aa0c2befbf0b937de997e247f5a2c7626733e2b5b7439e51a020764d47b8e1b93c49261ccc65d357c33365d04c8dd4ff47a7ca28cff06a110a6ecc2ec4933e57b46309ce4728c0148152c94c0de9e03f7c698cdf1b636bc106f0db8da80f97caf4367e9a15baf009f27b1a45591f5f58f16a2d342be7b8bd99ff3f47c5b815f2be40446eb5ce071221d3ef807dac24e167c7a6f61947d68a219725ad9516a2eaa75ef51db0c9c8d3a9f0849203ee1b4b20b76861169a1ef837011e847761b9f6a9f6767d9c8f6f44d2321833a05c578e05ed88ed3eb18fff284648f7e53461615a67cf6085a33d4ca34fc7b1e8254f60d7ee7779cdab17c310f9d8b6a79d37d0c21c84fe4419b9cd75f45089ce17253e6e376536cefe58ad6e3e0d641f6bef3118a2b3a4de7a788db248b30c95cf5b2621646bcf5fc3494247e7074d0d7c828797a84782fee0ec76969dde4b27e117910e801530f77c6fa371a2c9652a77b92752293d3a2b323c454f79ae49d3e813cfe7fb556f6c6442aab0f233642d1235724a49d252fb8f869cf", 0xb85, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 09:53:27 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f000003a000/0x18000)=nil, &(0x7f0000000040)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f00000005c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$RTC_UIE_ON(0xffffffffffffffff, 0x7003) ioctl$RTC_UIE_OFF(0xffffffffffffffff, 0x7004) mmap(&(0x7f0000046000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000080)=0x2) ioctl$KVM_RUN(r2, 0xae80, 0x0) 09:53:27 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x164802, 0x2) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000180)={0x6, 0x0, [{0x80000007, 0x9, 0x0, 0x1126}, {0x40000005, 0x9, 0x4d279e8d, 0x836, 0x5}, {0x0, 0x5, 0x1ac9, 0x4, 0x9}, {0x4, 0x1818739, 0x800, 0x5, 0x8}, {0x40000001, 0xe36c, 0x7, 0x0, 0x8000}, {0x80000007, 0x7fffffff, 0x3f, 0x9, 0xffff}]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f0000000440)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_NMI(r2, 0xae9a) perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) add_key$user(0x0, 0x0, &(0x7f0000000480)="749d60de2332193ffd1dbff51469074d9c16dfcbcd7a1590c007aec3b884c257e10694a76a0c15d9420739862cb747e1589ef26059c349e1b2553578078f0dbe687c010763d0eb29235e62a27683d6236740d44d5d7ef4d3a70b0fda7aadbd9c1d7156ec8d06fb3a693d585709ced309780d878cd4bf3ddba1018cd4327ab95f4fe8a4f7d470b8af77baf55dab20310eda7497a4a32abe9815fddeabfbb6747a23fe3c5241757f071049a3e967273384408bbffa06f29a5091366d14be87e1677c41ceb26f6dc67579f9566482b239d2846509aa16ea55ba069a93a9e2e89f191d61eccf5e6810243972121dc62bdd7003fb74ba9b0e0700d7039aff7a91060b354554d9e17a83aed8839f6612128c035f06d875bcfeb471904f08119dfe1d7db0e6085ed25fcea42766c663d24e0f42450d371a157f61c6150d9eafaa8ae65c721c147f924d02777e295352a4c2aae89ff9fd553d051523fa8df2b6cb4ab50c672648518d3227cb97c437a434bcee4d849156a5dc420d21be21cf6d0006f0e6efe804ab2b355a4c6915e831fec874caa4e93c54b58c9a66f0d52d17b1433a7489d7e9b2f177e4b39e75e97a2c2d4538d5e33bfabb0a2183ed708f5812086006ff020cb3ee3bd638a2a4ac7451b23a65ab4e8c87b4b24f6b2caee38aa4e43c98596ebaf86ff36c445f6ddfc24342016c33e88b76ea26f713e4da5e96cd61f845ebc9b99f5a6b92ea01bd1a385cf2509646e224596f12d8cf042d34e2636c17a7ccc2128d0cab168048e61ad9e5f2c9453ad60f8d1742d564361862871d47bbe985de7af59ef97761802d7624a03597b8224343a066708ef2b6a2ea135cd1ee1e85ffd8208756441341ba820720d298522347f115cca2c2e7d34688ef29f714cf541939c1b2f21c5028f7a7fc2447e74884e2485d6f74160ca19f8defc10c87dc46a5f09f24a0b5bdc45278a49b8767a2b55e254730e64a8bbfae4f6427e9ca62a92bcfc801b7458ac046c79927e612d913868ee0732b17773a2e79dfef0b128a4d4f4561f86d62c726220b8faad6f3170cf1125e232d8b82413d18da79b7bd256a6f3bccec692e085c87c4c5be00e639d1aac3c091f4bc23206fd1d8bf3d5acdd8149593c6358752c85a92b7959c3f9c0dd66c287762661c1bdc90fdc1840ce7a626a56ef627670ed7493528b2fbb8bfe4f9981504a5f94e641a2cf0b6a640cdfd771d251ae91e67765509fd26e8d54e245d74941f3cc8d56249cc20053e5049382ba5c4759b46ea4e99a95a3d383a59dd8b334e4013b8315dc6a752860ba459649861daab71eb9435f4f231b16bf426d644fb2da53ac4b04bb70943ef5094cfc8feb0b27958b1e250f653842116374ff400d1ac0b0ed803ab8fb3c89f17cc02c11732b916cd78818d226078a863d6b67389a3fbed93d3529d5339bdd3e44b7ceff6a404d608e12af72bb74408bef09308a56af6d60ded1c78ece0d6ce1e06e53cde5eb2fc672d5ec8cde3238bfaa3051b649c4a4616a1b300ace4379cd234990ac8cedc1ce4a7c589fa9ed33fc3f040d0319d9095ed3b4be835df038aab41a4889e99f3819690fb0b7e5389e3063d86b021d08c37f3b82295ab376c693d90a21037eb814035bd11bb7d23b113cf838a1f48b9bc064aff7d02b020c7a2f822bf375781d247b775395ed4eb47871ec3c79da838c84a3a64a13720084e03a0897a26af658384ea4e056acebe2a1687a2b716ba147c553c408428d8e57c7b35e58b682ec1839f275e01fb538bd810876050e50a75a12e2cda19201a1222852f401c5c6429c89ba25197a515f7d4453b8601db153dd5ea2094a0d94690df2ed32199bfd86e6bae1b98ad62408607bde1f71a6ccbbfd2dd14df688d41acd32e9d84f05561c694b7a8ddc7d50c3b8e0e8fea418a1c27f20aa766e802a2d5178afce85baf0bfe89fac3f698d2acfb9d0470e4134e4c5f2ae73dbab06bdd5713c63ed4159b45b497c2be45807c2762cd08a8da9e787d5f62e4a651d9ed4b7ae53520b62ab0c5b6afe36d58d7c638d8d3c35ab707b9d06d85774106d9548bc5a1eec8ecc13fbbcd53b169a2daf7401d2e37d8eeaed89b4484bf4dbfb04f36eec46866d1dbe2bb7e89179b268f1ed23323b5b58ec3169c7c02975758bcc8a3a512e4b4e0c4e947e421131ac1100e124cc38d795617615792ce0360529c4faf59e725d90a4fff8bc8b72e9c02e4962dcbb1f56622159a9185797a871f433d1608251f89e3b9329e85d59f55956c8aeeba55360454f77af85cb3288afb7a1b0fca0e73590cd9382f20fdfaebd25d14bae6ded67a90f1011a02d596e7df6e85b383cabc0b5621f1adff5c92159b827e4e00e20d6a43f07a388ffbad6372462c615fffa03d42e46747597b468b6cdbd48b1ebaa92560865c4d564b9d1fb8410da53b637e04fe40a652c3ee1c083d1257a714a8a82b4f9ce210470446698b37852ead866cc77bfee5c31d85b97d5e7a2e72e70193ebf0f1239c7785d41719293f3f9ad51cd875c61a986ec4ba0c91b790b4ea2d31a77b7e6c220f2f5b77bcf9301661506317f47cc7c6da16b85165bd6a0dd96f6fc891200913081df36e212bbd7ca947e6dbf18b435c1424a0d9881a97c8ef19ac7fdac8c3a740b302796fb5879d103f847721b15ba3c1f8557922a08f13e40f4af95ae7ee75040b1d8e8baca4a49a15b1f7144fca6f86b0f12e9442af0bbb40abb425c3ecb17fdc70717d29c42a212f80915a985140cd47a38a2b485268f06d8e8a7fcc008e396323ad746e7da9a3a9b7918010915ad7500f93b78bee08433fd363184d8d057dab2bd6b8a8efaebbdbe77c41ebe297a70ac38bea085fe8fcb62f4666f37c4526012b0b574bc6a9581d214915a1b7da4b5bf22deedf6118125d30d3df2f97871de606c0e6e6435556d9f51e69ba393a75c098fd52b33a4d45982952c6cc170b4b9a647702b4f458d241d540a374dc889d20b919fe3ffdf09f5ffd759f0827c05eac7cf99651bd3ddbd3cd8d44c310a8c853cec4897ec8d4609eb9db8e8308ed72c558a815714fe9fa09e954485a73b62d32a7207222d96f55907bd40cafe04fe900381072d159b830daca8e6d576272861f3205de07177f805833d589d591aef3f5d19f0446581c7763c79b63b7fb218c334ff60a882964887a244783822a932f6d37ef023d3e72d2ff4b2a8509fb8c610fc0c75936f7ef91c8452a6cbb237293546e36d1176abee79cf4712acd3bd5c16d8d98e72bd7e563014382d071ef0d25e87bab6ffc859d7b91622e1486825b7639ee43d23d8d57fefe0544ba4ccb813ebc2a2435d7e2e7d3b160a451ac9035900418c2f23127dc5a652dc632c710530e7238d2433d7f97c5bb37733cbaa0958518b90db12605a86a0d7a490cb1e61fd824cb8abdb9952925c4b5ad575549e3042a17be65807e295869d27a75526e7bd320a1c84b309e82b73c6b6d5f500bf5738ad9c02a0a9a48d1dd5aa45731ffa2258999a2ba66a527be04d05586e57953a6496ef33f94593c2cc15d2282522d002ca9c1daa2af2cc37a397138974df1b044219ccb32b148f9b37db370ed71ba7b69d2803df11d61191f115aa0c2befbf0b937de997e247f5a2c7626733e2b5b7439e51a020764d47b8e1b93c49261ccc65d357c33365d04c8dd4ff47a7ca28cff06a110a6ecc2ec4933e57b46309ce4728c0148152c94c0de9e03f7c698cdf1b636bc106f0db8da80f97caf4367e9a15baf009f27b1a45591f5f58f16a2d342be7b8bd99ff3f47c5b815f2be40446eb5ce071221d3ef807dac24e167c7a6f61947d68a219725ad9516a2eaa75ef51db0c9c8d3a9f0849203ee1b4b20b76861169a1ef837011e847761b9f6a9f6767d9c8f6f44d2321833a05c578e05ed88ed3eb18fff284648f7e53461615a67cf6085a33d4ca34fc7b1e8254f60d7ee7779cdab17c310f9d8b6a79d37d0c21c84fe4419b9cd75f45089ce17253e6e376536cefe58ad6e3e0d641f6bef3118a2b3a4de7a788db248b30c95cf5b2621646bcf5fc3494247e7074d0d7c828797a84782fee0ec76969dde4b27e117910e801530f77c6fa371a2c9652a77b92752293d3a2b323c454f79ae49d3e813cfe7fb556f6c6442aab0f233642d1235724a49d252fb8f869cf", 0xb85, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 09:53:27 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x164802, 0x2) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000180)={0x6, 0x0, [{0x80000007, 0x9, 0x0, 0x1126}, {0x40000005, 0x9, 0x4d279e8d, 0x836, 0x5}, {0x0, 0x5, 0x1ac9, 0x4, 0x9}, {0x4, 0x1818739, 0x800, 0x5, 0x8}, {0x40000001, 0xe36c, 0x7, 0x0, 0x8000}, {0x80000007, 0x7fffffff, 0x3f, 0x9, 0xffff}]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f0000000440)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_NMI(r2, 0xae9a) perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) add_key$user(0x0, 0x0, &(0x7f0000000480)="749d60de2332193ffd1dbff51469074d9c16dfcbcd7a1590c007aec3b884c257e10694a76a0c15d9420739862cb747e1589ef26059c349e1b2553578078f0dbe687c010763d0eb29235e62a27683d6236740d44d5d7ef4d3a70b0fda7aadbd9c1d7156ec8d06fb3a693d585709ced309780d878cd4bf3ddba1018cd4327ab95f4fe8a4f7d470b8af77baf55dab20310eda7497a4a32abe9815fddeabfbb6747a23fe3c5241757f071049a3e967273384408bbffa06f29a5091366d14be87e1677c41ceb26f6dc67579f9566482b239d2846509aa16ea55ba069a93a9e2e89f191d61eccf5e6810243972121dc62bdd7003fb74ba9b0e0700d7039aff7a91060b354554d9e17a83aed8839f6612128c035f06d875bcfeb471904f08119dfe1d7db0e6085ed25fcea42766c663d24e0f42450d371a157f61c6150d9eafaa8ae65c721c147f924d02777e295352a4c2aae89ff9fd553d051523fa8df2b6cb4ab50c672648518d3227cb97c437a434bcee4d849156a5dc420d21be21cf6d0006f0e6efe804ab2b355a4c6915e831fec874caa4e93c54b58c9a66f0d52d17b1433a7489d7e9b2f177e4b39e75e97a2c2d4538d5e33bfabb0a2183ed708f5812086006ff020cb3ee3bd638a2a4ac7451b23a65ab4e8c87b4b24f6b2caee38aa4e43c98596ebaf86ff36c445f6ddfc24342016c33e88b76ea26f713e4da5e96cd61f845ebc9b99f5a6b92ea01bd1a385cf2509646e224596f12d8cf042d34e2636c17a7ccc2128d0cab168048e61ad9e5f2c9453ad60f8d1742d564361862871d47bbe985de7af59ef97761802d7624a03597b8224343a066708ef2b6a2ea135cd1ee1e85ffd8208756441341ba820720d298522347f115cca2c2e7d34688ef29f714cf541939c1b2f21c5028f7a7fc2447e74884e2485d6f74160ca19f8defc10c87dc46a5f09f24a0b5bdc45278a49b8767a2b55e254730e64a8bbfae4f6427e9ca62a92bcfc801b7458ac046c79927e612d913868ee0732b17773a2e79dfef0b128a4d4f4561f86d62c726220b8faad6f3170cf1125e232d8b82413d18da79b7bd256a6f3bccec692e085c87c4c5be00e639d1aac3c091f4bc23206fd1d8bf3d5acdd8149593c6358752c85a92b7959c3f9c0dd66c287762661c1bdc90fdc1840ce7a626a56ef627670ed7493528b2fbb8bfe4f9981504a5f94e641a2cf0b6a640cdfd771d251ae91e67765509fd26e8d54e245d74941f3cc8d56249cc20053e5049382ba5c4759b46ea4e99a95a3d383a59dd8b334e4013b8315dc6a752860ba459649861daab71eb9435f4f231b16bf426d644fb2da53ac4b04bb70943ef5094cfc8feb0b27958b1e250f653842116374ff400d1ac0b0ed803ab8fb3c89f17cc02c11732b916cd78818d226078a863d6b67389a3fbed93d3529d5339bdd3e44b7ceff6a404d608e12af72bb74408bef09308a56af6d60ded1c78ece0d6ce1e06e53cde5eb2fc672d5ec8cde3238bfaa3051b649c4a4616a1b300ace4379cd234990ac8cedc1ce4a7c589fa9ed33fc3f040d0319d9095ed3b4be835df038aab41a4889e99f3819690fb0b7e5389e3063d86b021d08c37f3b82295ab376c693d90a21037eb814035bd11bb7d23b113cf838a1f48b9bc064aff7d02b020c7a2f822bf375781d247b775395ed4eb47871ec3c79da838c84a3a64a13720084e03a0897a26af658384ea4e056acebe2a1687a2b716ba147c553c408428d8e57c7b35e58b682ec1839f275e01fb538bd810876050e50a75a12e2cda19201a1222852f401c5c6429c89ba25197a515f7d4453b8601db153dd5ea2094a0d94690df2ed32199bfd86e6bae1b98ad62408607bde1f71a6ccbbfd2dd14df688d41acd32e9d84f05561c694b7a8ddc7d50c3b8e0e8fea418a1c27f20aa766e802a2d5178afce85baf0bfe89fac3f698d2acfb9d0470e4134e4c5f2ae73dbab06bdd5713c63ed4159b45b497c2be45807c2762cd08a8da9e787d5f62e4a651d9ed4b7ae53520b62ab0c5b6afe36d58d7c638d8d3c35ab707b9d06d85774106d9548bc5a1eec8ecc13fbbcd53b169a2daf7401d2e37d8eeaed89b4484bf4dbfb04f36eec46866d1dbe2bb7e89179b268f1ed23323b5b58ec3169c7c02975758bcc8a3a512e4b4e0c4e947e421131ac1100e124cc38d795617615792ce0360529c4faf59e725d90a4fff8bc8b72e9c02e4962dcbb1f56622159a9185797a871f433d1608251f89e3b9329e85d59f55956c8aeeba55360454f77af85cb3288afb7a1b0fca0e73590cd9382f20fdfaebd25d14bae6ded67a90f1011a02d596e7df6e85b383cabc0b5621f1adff5c92159b827e4e00e20d6a43f07a388ffbad6372462c615fffa03d42e46747597b468b6cdbd48b1ebaa92560865c4d564b9d1fb8410da53b637e04fe40a652c3ee1c083d1257a714a8a82b4f9ce210470446698b37852ead866cc77bfee5c31d85b97d5e7a2e72e70193ebf0f1239c7785d41719293f3f9ad51cd875c61a986ec4ba0c91b790b4ea2d31a77b7e6c220f2f5b77bcf9301661506317f47cc7c6da16b85165bd6a0dd96f6fc891200913081df36e212bbd7ca947e6dbf18b435c1424a0d9881a97c8ef19ac7fdac8c3a740b302796fb5879d103f847721b15ba3c1f8557922a08f13e40f4af95ae7ee75040b1d8e8baca4a49a15b1f7144fca6f86b0f12e9442af0bbb40abb425c3ecb17fdc70717d29c42a212f80915a985140cd47a38a2b485268f06d8e8a7fcc008e396323ad746e7da9a3a9b7918010915ad7500f93b78bee08433fd363184d8d057dab2bd6b8a8efaebbdbe77c41ebe297a70ac38bea085fe8fcb62f4666f37c4526012b0b574bc6a9581d214915a1b7da4b5bf22deedf6118125d30d3df2f97871de606c0e6e6435556d9f51e69ba393a75c098fd52b33a4d45982952c6cc170b4b9a647702b4f458d241d540a374dc889d20b919fe3ffdf09f5ffd759f0827c05eac7cf99651bd3ddbd3cd8d44c310a8c853cec4897ec8d4609eb9db8e8308ed72c558a815714fe9fa09e954485a73b62d32a7207222d96f55907bd40cafe04fe900381072d159b830daca8e6d576272861f3205de07177f805833d589d591aef3f5d19f0446581c7763c79b63b7fb218c334ff60a882964887a244783822a932f6d37ef023d3e72d2ff4b2a8509fb8c610fc0c75936f7ef91c8452a6cbb237293546e36d1176abee79cf4712acd3bd5c16d8d98e72bd7e563014382d071ef0d25e87bab6ffc859d7b91622e1486825b7639ee43d23d8d57fefe0544ba4ccb813ebc2a2435d7e2e7d3b160a451ac9035900418c2f23127dc5a652dc632c710530e7238d2433d7f97c5bb37733cbaa0958518b90db12605a86a0d7a490cb1e61fd824cb8abdb9952925c4b5ad575549e3042a17be65807e295869d27a75526e7bd320a1c84b309e82b73c6b6d5f500bf5738ad9c02a0a9a48d1dd5aa45731ffa2258999a2ba66a527be04d05586e57953a6496ef33f94593c2cc15d2282522d002ca9c1daa2af2cc37a397138974df1b044219ccb32b148f9b37db370ed71ba7b69d2803df11d61191f115aa0c2befbf0b937de997e247f5a2c7626733e2b5b7439e51a020764d47b8e1b93c49261ccc65d357c33365d04c8dd4ff47a7ca28cff06a110a6ecc2ec4933e57b46309ce4728c0148152c94c0de9e03f7c698cdf1b636bc106f0db8da80f97caf4367e9a15baf009f27b1a45591f5f58f16a2d342be7b8bd99ff3f47c5b815f2be40446eb5ce071221d3ef807dac24e167c7a6f61947d68a219725ad9516a2eaa75ef51db0c9c8d3a9f0849203ee1b4b20b76861169a1ef837011e847761b9f6a9f6767d9c8f6f44d2321833a05c578e05ed88ed3eb18fff284648f7e53461615a67cf6085a33d4ca34fc7b1e8254f60d7ee7779cdab17c310f9d8b6a79d37d0c21c84fe4419b9cd75f45089ce17253e6e376536cefe58ad6e3e0d641f6bef3118a2b3a4de7a788db248b30c95cf5b2621646bcf5fc3494247e7074d0d7c828797a84782fee0ec76969dde4b27e117910e801530f77c6fa371a2c9652a77b92752293d3a2b323c454f79ae49d3e813cfe7fb556f6c6442aab0f233642d1235724a49d252fb8f869cf", 0xb85, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 09:53:27 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x164802, 0x2) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000180)={0x6, 0x0, [{0x80000007, 0x9, 0x0, 0x1126}, {0x40000005, 0x9, 0x4d279e8d, 0x836, 0x5}, {0x0, 0x5, 0x1ac9, 0x4, 0x9}, {0x4, 0x1818739, 0x800, 0x5, 0x8}, {0x40000001, 0xe36c, 0x7, 0x0, 0x8000}, {0x80000007, 0x7fffffff, 0x3f, 0x9, 0xffff}]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f0000000440)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_NMI(r2, 0xae9a) perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) add_key$user(0x0, 0x0, &(0x7f0000000480)="749d60de2332193ffd1dbff51469074d9c16dfcbcd7a1590c007aec3b884c257e10694a76a0c15d9420739862cb747e1589ef26059c349e1b2553578078f0dbe687c010763d0eb29235e62a27683d6236740d44d5d7ef4d3a70b0fda7aadbd9c1d7156ec8d06fb3a693d585709ced309780d878cd4bf3ddba1018cd4327ab95f4fe8a4f7d470b8af77baf55dab20310eda7497a4a32abe9815fddeabfbb6747a23fe3c5241757f071049a3e967273384408bbffa06f29a5091366d14be87e1677c41ceb26f6dc67579f9566482b239d2846509aa16ea55ba069a93a9e2e89f191d61eccf5e6810243972121dc62bdd7003fb74ba9b0e0700d7039aff7a91060b354554d9e17a83aed8839f6612128c035f06d875bcfeb471904f08119dfe1d7db0e6085ed25fcea42766c663d24e0f42450d371a157f61c6150d9eafaa8ae65c721c147f924d02777e295352a4c2aae89ff9fd553d051523fa8df2b6cb4ab50c672648518d3227cb97c437a434bcee4d849156a5dc420d21be21cf6d0006f0e6efe804ab2b355a4c6915e831fec874caa4e93c54b58c9a66f0d52d17b1433a7489d7e9b2f177e4b39e75e97a2c2d4538d5e33bfabb0a2183ed708f5812086006ff020cb3ee3bd638a2a4ac7451b23a65ab4e8c87b4b24f6b2caee38aa4e43c98596ebaf86ff36c445f6ddfc24342016c33e88b76ea26f713e4da5e96cd61f845ebc9b99f5a6b92ea01bd1a385cf2509646e224596f12d8cf042d34e2636c17a7ccc2128d0cab168048e61ad9e5f2c9453ad60f8d1742d564361862871d47bbe985de7af59ef97761802d7624a03597b8224343a066708ef2b6a2ea135cd1ee1e85ffd8208756441341ba820720d298522347f115cca2c2e7d34688ef29f714cf541939c1b2f21c5028f7a7fc2447e74884e2485d6f74160ca19f8defc10c87dc46a5f09f24a0b5bdc45278a49b8767a2b55e254730e64a8bbfae4f6427e9ca62a92bcfc801b7458ac046c79927e612d913868ee0732b17773a2e79dfef0b128a4d4f4561f86d62c726220b8faad6f3170cf1125e232d8b82413d18da79b7bd256a6f3bccec692e085c87c4c5be00e639d1aac3c091f4bc23206fd1d8bf3d5acdd8149593c6358752c85a92b7959c3f9c0dd66c287762661c1bdc90fdc1840ce7a626a56ef627670ed7493528b2fbb8bfe4f9981504a5f94e641a2cf0b6a640cdfd771d251ae91e67765509fd26e8d54e245d74941f3cc8d56249cc20053e5049382ba5c4759b46ea4e99a95a3d383a59dd8b334e4013b8315dc6a752860ba459649861daab71eb9435f4f231b16bf426d644fb2da53ac4b04bb70943ef5094cfc8feb0b27958b1e250f653842116374ff400d1ac0b0ed803ab8fb3c89f17cc02c11732b916cd78818d226078a863d6b67389a3fbed93d3529d5339bdd3e44b7ceff6a404d608e12af72bb74408bef09308a56af6d60ded1c78ece0d6ce1e06e53cde5eb2fc672d5ec8cde3238bfaa3051b649c4a4616a1b300ace4379cd234990ac8cedc1ce4a7c589fa9ed33fc3f040d0319d9095ed3b4be835df038aab41a4889e99f3819690fb0b7e5389e3063d86b021d08c37f3b82295ab376c693d90a21037eb814035bd11bb7d23b113cf838a1f48b9bc064aff7d02b020c7a2f822bf375781d247b775395ed4eb47871ec3c79da838c84a3a64a13720084e03a0897a26af658384ea4e056acebe2a1687a2b716ba147c553c408428d8e57c7b35e58b682ec1839f275e01fb538bd810876050e50a75a12e2cda19201a1222852f401c5c6429c89ba25197a515f7d4453b8601db153dd5ea2094a0d94690df2ed32199bfd86e6bae1b98ad62408607bde1f71a6ccbbfd2dd14df688d41acd32e9d84f05561c694b7a8ddc7d50c3b8e0e8fea418a1c27f20aa766e802a2d5178afce85baf0bfe89fac3f698d2acfb9d0470e4134e4c5f2ae73dbab06bdd5713c63ed4159b45b497c2be45807c2762cd08a8da9e787d5f62e4a651d9ed4b7ae53520b62ab0c5b6afe36d58d7c638d8d3c35ab707b9d06d85774106d9548bc5a1eec8ecc13fbbcd53b169a2daf7401d2e37d8eeaed89b4484bf4dbfb04f36eec46866d1dbe2bb7e89179b268f1ed23323b5b58ec3169c7c02975758bcc8a3a512e4b4e0c4e947e421131ac1100e124cc38d795617615792ce0360529c4faf59e725d90a4fff8bc8b72e9c02e4962dcbb1f56622159a9185797a871f433d1608251f89e3b9329e85d59f55956c8aeeba55360454f77af85cb3288afb7a1b0fca0e73590cd9382f20fdfaebd25d14bae6ded67a90f1011a02d596e7df6e85b383cabc0b5621f1adff5c92159b827e4e00e20d6a43f07a388ffbad6372462c615fffa03d42e46747597b468b6cdbd48b1ebaa92560865c4d564b9d1fb8410da53b637e04fe40a652c3ee1c083d1257a714a8a82b4f9ce210470446698b37852ead866cc77bfee5c31d85b97d5e7a2e72e70193ebf0f1239c7785d41719293f3f9ad51cd875c61a986ec4ba0c91b790b4ea2d31a77b7e6c220f2f5b77bcf9301661506317f47cc7c6da16b85165bd6a0dd96f6fc891200913081df36e212bbd7ca947e6dbf18b435c1424a0d9881a97c8ef19ac7fdac8c3a740b302796fb5879d103f847721b15ba3c1f8557922a08f13e40f4af95ae7ee75040b1d8e8baca4a49a15b1f7144fca6f86b0f12e9442af0bbb40abb425c3ecb17fdc70717d29c42a212f80915a985140cd47a38a2b485268f06d8e8a7fcc008e396323ad746e7da9a3a9b7918010915ad7500f93b78bee08433fd363184d8d057dab2bd6b8a8efaebbdbe77c41ebe297a70ac38bea085fe8fcb62f4666f37c4526012b0b574bc6a9581d214915a1b7da4b5bf22deedf6118125d30d3df2f97871de606c0e6e6435556d9f51e69ba393a75c098fd52b33a4d45982952c6cc170b4b9a647702b4f458d241d540a374dc889d20b919fe3ffdf09f5ffd759f0827c05eac7cf99651bd3ddbd3cd8d44c310a8c853cec4897ec8d4609eb9db8e8308ed72c558a815714fe9fa09e954485a73b62d32a7207222d96f55907bd40cafe04fe900381072d159b830daca8e6d576272861f3205de07177f805833d589d591aef3f5d19f0446581c7763c79b63b7fb218c334ff60a882964887a244783822a932f6d37ef023d3e72d2ff4b2a8509fb8c610fc0c75936f7ef91c8452a6cbb237293546e36d1176abee79cf4712acd3bd5c16d8d98e72bd7e563014382d071ef0d25e87bab6ffc859d7b91622e1486825b7639ee43d23d8d57fefe0544ba4ccb813ebc2a2435d7e2e7d3b160a451ac9035900418c2f23127dc5a652dc632c710530e7238d2433d7f97c5bb37733cbaa0958518b90db12605a86a0d7a490cb1e61fd824cb8abdb9952925c4b5ad575549e3042a17be65807e295869d27a75526e7bd320a1c84b309e82b73c6b6d5f500bf5738ad9c02a0a9a48d1dd5aa45731ffa2258999a2ba66a527be04d05586e57953a6496ef33f94593c2cc15d2282522d002ca9c1daa2af2cc37a397138974df1b044219ccb32b148f9b37db370ed71ba7b69d2803df11d61191f115aa0c2befbf0b937de997e247f5a2c7626733e2b5b7439e51a020764d47b8e1b93c49261ccc65d357c33365d04c8dd4ff47a7ca28cff06a110a6ecc2ec4933e57b46309ce4728c0148152c94c0de9e03f7c698cdf1b636bc106f0db8da80f97caf4367e9a15baf009f27b1a45591f5f58f16a2d342be7b8bd99ff3f47c5b815f2be40446eb5ce071221d3ef807dac24e167c7a6f61947d68a219725ad9516a2eaa75ef51db0c9c8d3a9f0849203ee1b4b20b76861169a1ef837011e847761b9f6a9f6767d9c8f6f44d2321833a05c578e05ed88ed3eb18fff284648f7e53461615a67cf6085a33d4ca34fc7b1e8254f60d7ee7779cdab17c310f9d8b6a79d37d0c21c84fe4419b9cd75f45089ce17253e6e376536cefe58ad6e3e0d641f6bef3118a2b3a4de7a788db248b30c95cf5b2621646bcf5fc3494247e7074d0d7c828797a84782fee0ec76969dde4b27e117910e801530f77c6fa371a2c9652a77b92752293d3a2b323c454f79ae49d3e813cfe7fb556f6c6442aab0f233642d1235724a49d252fb8f869cf", 0xb85, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 09:53:28 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f000003a000/0x18000)=nil, &(0x7f0000000040)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f00000005c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$RTC_UIE_ON(0xffffffffffffffff, 0x7003) ioctl$RTC_UIE_OFF(0xffffffffffffffff, 0x7004) mmap(&(0x7f0000046000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000080)=0x2) ioctl$KVM_RUN(r2, 0xae80, 0x0) 09:53:28 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x164802, 0x2) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000180)={0x6, 0x0, [{0x80000007, 0x9, 0x0, 0x1126}, {0x40000005, 0x9, 0x4d279e8d, 0x836, 0x5}, {0x0, 0x5, 0x1ac9, 0x4, 0x9}, {0x4, 0x1818739, 0x800, 0x5, 0x8}, {0x40000001, 0xe36c, 0x7, 0x0, 0x8000}, {0x80000007, 0x7fffffff, 0x3f, 0x9, 0xffff}]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f0000000440)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_NMI(r2, 0xae9a) perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) add_key$user(0x0, 0x0, &(0x7f0000000480)="749d60de2332193ffd1dbff51469074d9c16dfcbcd7a1590c007aec3b884c257e10694a76a0c15d9420739862cb747e1589ef26059c349e1b2553578078f0dbe687c010763d0eb29235e62a27683d6236740d44d5d7ef4d3a70b0fda7aadbd9c1d7156ec8d06fb3a693d585709ced309780d878cd4bf3ddba1018cd4327ab95f4fe8a4f7d470b8af77baf55dab20310eda7497a4a32abe9815fddeabfbb6747a23fe3c5241757f071049a3e967273384408bbffa06f29a5091366d14be87e1677c41ceb26f6dc67579f9566482b239d2846509aa16ea55ba069a93a9e2e89f191d61eccf5e6810243972121dc62bdd7003fb74ba9b0e0700d7039aff7a91060b354554d9e17a83aed8839f6612128c035f06d875bcfeb471904f08119dfe1d7db0e6085ed25fcea42766c663d24e0f42450d371a157f61c6150d9eafaa8ae65c721c147f924d02777e295352a4c2aae89ff9fd553d051523fa8df2b6cb4ab50c672648518d3227cb97c437a434bcee4d849156a5dc420d21be21cf6d0006f0e6efe804ab2b355a4c6915e831fec874caa4e93c54b58c9a66f0d52d17b1433a7489d7e9b2f177e4b39e75e97a2c2d4538d5e33bfabb0a2183ed708f5812086006ff020cb3ee3bd638a2a4ac7451b23a65ab4e8c87b4b24f6b2caee38aa4e43c98596ebaf86ff36c445f6ddfc24342016c33e88b76ea26f713e4da5e96cd61f845ebc9b99f5a6b92ea01bd1a385cf2509646e224596f12d8cf042d34e2636c17a7ccc2128d0cab168048e61ad9e5f2c9453ad60f8d1742d564361862871d47bbe985de7af59ef97761802d7624a03597b8224343a066708ef2b6a2ea135cd1ee1e85ffd8208756441341ba820720d298522347f115cca2c2e7d34688ef29f714cf541939c1b2f21c5028f7a7fc2447e74884e2485d6f74160ca19f8defc10c87dc46a5f09f24a0b5bdc45278a49b8767a2b55e254730e64a8bbfae4f6427e9ca62a92bcfc801b7458ac046c79927e612d913868ee0732b17773a2e79dfef0b128a4d4f4561f86d62c726220b8faad6f3170cf1125e232d8b82413d18da79b7bd256a6f3bccec692e085c87c4c5be00e639d1aac3c091f4bc23206fd1d8bf3d5acdd8149593c6358752c85a92b7959c3f9c0dd66c287762661c1bdc90fdc1840ce7a626a56ef627670ed7493528b2fbb8bfe4f9981504a5f94e641a2cf0b6a640cdfd771d251ae91e67765509fd26e8d54e245d74941f3cc8d56249cc20053e5049382ba5c4759b46ea4e99a95a3d383a59dd8b334e4013b8315dc6a752860ba459649861daab71eb9435f4f231b16bf426d644fb2da53ac4b04bb70943ef5094cfc8feb0b27958b1e250f653842116374ff400d1ac0b0ed803ab8fb3c89f17cc02c11732b916cd78818d226078a863d6b67389a3fbed93d3529d5339bdd3e44b7ceff6a404d608e12af72bb74408bef09308a56af6d60ded1c78ece0d6ce1e06e53cde5eb2fc672d5ec8cde3238bfaa3051b649c4a4616a1b300ace4379cd234990ac8cedc1ce4a7c589fa9ed33fc3f040d0319d9095ed3b4be835df038aab41a4889e99f3819690fb0b7e5389e3063d86b021d08c37f3b82295ab376c693d90a21037eb814035bd11bb7d23b113cf838a1f48b9bc064aff7d02b020c7a2f822bf375781d247b775395ed4eb47871ec3c79da838c84a3a64a13720084e03a0897a26af658384ea4e056acebe2a1687a2b716ba147c553c408428d8e57c7b35e58b682ec1839f275e01fb538bd810876050e50a75a12e2cda19201a1222852f401c5c6429c89ba25197a515f7d4453b8601db153dd5ea2094a0d94690df2ed32199bfd86e6bae1b98ad62408607bde1f71a6ccbbfd2dd14df688d41acd32e9d84f05561c694b7a8ddc7d50c3b8e0e8fea418a1c27f20aa766e802a2d5178afce85baf0bfe89fac3f698d2acfb9d0470e4134e4c5f2ae73dbab06bdd5713c63ed4159b45b497c2be45807c2762cd08a8da9e787d5f62e4a651d9ed4b7ae53520b62ab0c5b6afe36d58d7c638d8d3c35ab707b9d06d85774106d9548bc5a1eec8ecc13fbbcd53b169a2daf7401d2e37d8eeaed89b4484bf4dbfb04f36eec46866d1dbe2bb7e89179b268f1ed23323b5b58ec3169c7c02975758bcc8a3a512e4b4e0c4e947e421131ac1100e124cc38d795617615792ce0360529c4faf59e725d90a4fff8bc8b72e9c02e4962dcbb1f56622159a9185797a871f433d1608251f89e3b9329e85d59f55956c8aeeba55360454f77af85cb3288afb7a1b0fca0e73590cd9382f20fdfaebd25d14bae6ded67a90f1011a02d596e7df6e85b383cabc0b5621f1adff5c92159b827e4e00e20d6a43f07a388ffbad6372462c615fffa03d42e46747597b468b6cdbd48b1ebaa92560865c4d564b9d1fb8410da53b637e04fe40a652c3ee1c083d1257a714a8a82b4f9ce210470446698b37852ead866cc77bfee5c31d85b97d5e7a2e72e70193ebf0f1239c7785d41719293f3f9ad51cd875c61a986ec4ba0c91b790b4ea2d31a77b7e6c220f2f5b77bcf9301661506317f47cc7c6da16b85165bd6a0dd96f6fc891200913081df36e212bbd7ca947e6dbf18b435c1424a0d9881a97c8ef19ac7fdac8c3a740b302796fb5879d103f847721b15ba3c1f8557922a08f13e40f4af95ae7ee75040b1d8e8baca4a49a15b1f7144fca6f86b0f12e9442af0bbb40abb425c3ecb17fdc70717d29c42a212f80915a985140cd47a38a2b485268f06d8e8a7fcc008e396323ad746e7da9a3a9b7918010915ad7500f93b78bee08433fd363184d8d057dab2bd6b8a8efaebbdbe77c41ebe297a70ac38bea085fe8fcb62f4666f37c4526012b0b574bc6a9581d214915a1b7da4b5bf22deedf6118125d30d3df2f97871de606c0e6e6435556d9f51e69ba393a75c098fd52b33a4d45982952c6cc170b4b9a647702b4f458d241d540a374dc889d20b919fe3ffdf09f5ffd759f0827c05eac7cf99651bd3ddbd3cd8d44c310a8c853cec4897ec8d4609eb9db8e8308ed72c558a815714fe9fa09e954485a73b62d32a7207222d96f55907bd40cafe04fe900381072d159b830daca8e6d576272861f3205de07177f805833d589d591aef3f5d19f0446581c7763c79b63b7fb218c334ff60a882964887a244783822a932f6d37ef023d3e72d2ff4b2a8509fb8c610fc0c75936f7ef91c8452a6cbb237293546e36d1176abee79cf4712acd3bd5c16d8d98e72bd7e563014382d071ef0d25e87bab6ffc859d7b91622e1486825b7639ee43d23d8d57fefe0544ba4ccb813ebc2a2435d7e2e7d3b160a451ac9035900418c2f23127dc5a652dc632c710530e7238d2433d7f97c5bb37733cbaa0958518b90db12605a86a0d7a490cb1e61fd824cb8abdb9952925c4b5ad575549e3042a17be65807e295869d27a75526e7bd320a1c84b309e82b73c6b6d5f500bf5738ad9c02a0a9a48d1dd5aa45731ffa2258999a2ba66a527be04d05586e57953a6496ef33f94593c2cc15d2282522d002ca9c1daa2af2cc37a397138974df1b044219ccb32b148f9b37db370ed71ba7b69d2803df11d61191f115aa0c2befbf0b937de997e247f5a2c7626733e2b5b7439e51a020764d47b8e1b93c49261ccc65d357c33365d04c8dd4ff47a7ca28cff06a110a6ecc2ec4933e57b46309ce4728c0148152c94c0de9e03f7c698cdf1b636bc106f0db8da80f97caf4367e9a15baf009f27b1a45591f5f58f16a2d342be7b8bd99ff3f47c5b815f2be40446eb5ce071221d3ef807dac24e167c7a6f61947d68a219725ad9516a2eaa75ef51db0c9c8d3a9f0849203ee1b4b20b76861169a1ef837011e847761b9f6a9f6767d9c8f6f44d2321833a05c578e05ed88ed3eb18fff284648f7e53461615a67cf6085a33d4ca34fc7b1e8254f60d7ee7779cdab17c310f9d8b6a79d37d0c21c84fe4419b9cd75f45089ce17253e6e376536cefe58ad6e3e0d641f6bef3118a2b3a4de7a788db248b30c95cf5b2621646bcf5fc3494247e7074d0d7c828797a84782fee0ec76969dde4b27e117910e801530f77c6fa371a2c9652a77b92752293d3a2b323c454f79ae49d3e813cfe7fb556f6c6442aab0f233642d1235724a49d252fb8f869cf", 0xb85, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 09:53:28 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x164802, 0x2) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000180)={0x6, 0x0, [{0x80000007, 0x9, 0x0, 0x1126}, {0x40000005, 0x9, 0x4d279e8d, 0x836, 0x5}, {0x0, 0x5, 0x1ac9, 0x4, 0x9}, {0x4, 0x1818739, 0x800, 0x5, 0x8}, {0x40000001, 0xe36c, 0x7, 0x0, 0x8000}, {0x80000007, 0x7fffffff, 0x3f, 0x9, 0xffff}]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f0000000440)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_NMI(r2, 0xae9a) perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) add_key$user(0x0, 0x0, &(0x7f0000000480)="749d60de2332193ffd1dbff51469074d9c16dfcbcd7a1590c007aec3b884c257e10694a76a0c15d9420739862cb747e1589ef26059c349e1b2553578078f0dbe687c010763d0eb29235e62a27683d6236740d44d5d7ef4d3a70b0fda7aadbd9c1d7156ec8d06fb3a693d585709ced309780d878cd4bf3ddba1018cd4327ab95f4fe8a4f7d470b8af77baf55dab20310eda7497a4a32abe9815fddeabfbb6747a23fe3c5241757f071049a3e967273384408bbffa06f29a5091366d14be87e1677c41ceb26f6dc67579f9566482b239d2846509aa16ea55ba069a93a9e2e89f191d61eccf5e6810243972121dc62bdd7003fb74ba9b0e0700d7039aff7a91060b354554d9e17a83aed8839f6612128c035f06d875bcfeb471904f08119dfe1d7db0e6085ed25fcea42766c663d24e0f42450d371a157f61c6150d9eafaa8ae65c721c147f924d02777e295352a4c2aae89ff9fd553d051523fa8df2b6cb4ab50c672648518d3227cb97c437a434bcee4d849156a5dc420d21be21cf6d0006f0e6efe804ab2b355a4c6915e831fec874caa4e93c54b58c9a66f0d52d17b1433a7489d7e9b2f177e4b39e75e97a2c2d4538d5e33bfabb0a2183ed708f5812086006ff020cb3ee3bd638a2a4ac7451b23a65ab4e8c87b4b24f6b2caee38aa4e43c98596ebaf86ff36c445f6ddfc24342016c33e88b76ea26f713e4da5e96cd61f845ebc9b99f5a6b92ea01bd1a385cf2509646e224596f12d8cf042d34e2636c17a7ccc2128d0cab168048e61ad9e5f2c9453ad60f8d1742d564361862871d47bbe985de7af59ef97761802d7624a03597b8224343a066708ef2b6a2ea135cd1ee1e85ffd8208756441341ba820720d298522347f115cca2c2e7d34688ef29f714cf541939c1b2f21c5028f7a7fc2447e74884e2485d6f74160ca19f8defc10c87dc46a5f09f24a0b5bdc45278a49b8767a2b55e254730e64a8bbfae4f6427e9ca62a92bcfc801b7458ac046c79927e612d913868ee0732b17773a2e79dfef0b128a4d4f4561f86d62c726220b8faad6f3170cf1125e232d8b82413d18da79b7bd256a6f3bccec692e085c87c4c5be00e639d1aac3c091f4bc23206fd1d8bf3d5acdd8149593c6358752c85a92b7959c3f9c0dd66c287762661c1bdc90fdc1840ce7a626a56ef627670ed7493528b2fbb8bfe4f9981504a5f94e641a2cf0b6a640cdfd771d251ae91e67765509fd26e8d54e245d74941f3cc8d56249cc20053e5049382ba5c4759b46ea4e99a95a3d383a59dd8b334e4013b8315dc6a752860ba459649861daab71eb9435f4f231b16bf426d644fb2da53ac4b04bb70943ef5094cfc8feb0b27958b1e250f653842116374ff400d1ac0b0ed803ab8fb3c89f17cc02c11732b916cd78818d226078a863d6b67389a3fbed93d3529d5339bdd3e44b7ceff6a404d608e12af72bb74408bef09308a56af6d60ded1c78ece0d6ce1e06e53cde5eb2fc672d5ec8cde3238bfaa3051b649c4a4616a1b300ace4379cd234990ac8cedc1ce4a7c589fa9ed33fc3f040d0319d9095ed3b4be835df038aab41a4889e99f3819690fb0b7e5389e3063d86b021d08c37f3b82295ab376c693d90a21037eb814035bd11bb7d23b113cf838a1f48b9bc064aff7d02b020c7a2f822bf375781d247b775395ed4eb47871ec3c79da838c84a3a64a13720084e03a0897a26af658384ea4e056acebe2a1687a2b716ba147c553c408428d8e57c7b35e58b682ec1839f275e01fb538bd810876050e50a75a12e2cda19201a1222852f401c5c6429c89ba25197a515f7d4453b8601db153dd5ea2094a0d94690df2ed32199bfd86e6bae1b98ad62408607bde1f71a6ccbbfd2dd14df688d41acd32e9d84f05561c694b7a8ddc7d50c3b8e0e8fea418a1c27f20aa766e802a2d5178afce85baf0bfe89fac3f698d2acfb9d0470e4134e4c5f2ae73dbab06bdd5713c63ed4159b45b497c2be45807c2762cd08a8da9e787d5f62e4a651d9ed4b7ae53520b62ab0c5b6afe36d58d7c638d8d3c35ab707b9d06d85774106d9548bc5a1eec8ecc13fbbcd53b169a2daf7401d2e37d8eeaed89b4484bf4dbfb04f36eec46866d1dbe2bb7e89179b268f1ed23323b5b58ec3169c7c02975758bcc8a3a512e4b4e0c4e947e421131ac1100e124cc38d795617615792ce0360529c4faf59e725d90a4fff8bc8b72e9c02e4962dcbb1f56622159a9185797a871f433d1608251f89e3b9329e85d59f55956c8aeeba55360454f77af85cb3288afb7a1b0fca0e73590cd9382f20fdfaebd25d14bae6ded67a90f1011a02d596e7df6e85b383cabc0b5621f1adff5c92159b827e4e00e20d6a43f07a388ffbad6372462c615fffa03d42e46747597b468b6cdbd48b1ebaa92560865c4d564b9d1fb8410da53b637e04fe40a652c3ee1c083d1257a714a8a82b4f9ce210470446698b37852ead866cc77bfee5c31d85b97d5e7a2e72e70193ebf0f1239c7785d41719293f3f9ad51cd875c61a986ec4ba0c91b790b4ea2d31a77b7e6c220f2f5b77bcf9301661506317f47cc7c6da16b85165bd6a0dd96f6fc891200913081df36e212bbd7ca947e6dbf18b435c1424a0d9881a97c8ef19ac7fdac8c3a740b302796fb5879d103f847721b15ba3c1f8557922a08f13e40f4af95ae7ee75040b1d8e8baca4a49a15b1f7144fca6f86b0f12e9442af0bbb40abb425c3ecb17fdc70717d29c42a212f80915a985140cd47a38a2b485268f06d8e8a7fcc008e396323ad746e7da9a3a9b7918010915ad7500f93b78bee08433fd363184d8d057dab2bd6b8a8efaebbdbe77c41ebe297a70ac38bea085fe8fcb62f4666f37c4526012b0b574bc6a9581d214915a1b7da4b5bf22deedf6118125d30d3df2f97871de606c0e6e6435556d9f51e69ba393a75c098fd52b33a4d45982952c6cc170b4b9a647702b4f458d241d540a374dc889d20b919fe3ffdf09f5ffd759f0827c05eac7cf99651bd3ddbd3cd8d44c310a8c853cec4897ec8d4609eb9db8e8308ed72c558a815714fe9fa09e954485a73b62d32a7207222d96f55907bd40cafe04fe900381072d159b830daca8e6d576272861f3205de07177f805833d589d591aef3f5d19f0446581c7763c79b63b7fb218c334ff60a882964887a244783822a932f6d37ef023d3e72d2ff4b2a8509fb8c610fc0c75936f7ef91c8452a6cbb237293546e36d1176abee79cf4712acd3bd5c16d8d98e72bd7e563014382d071ef0d25e87bab6ffc859d7b91622e1486825b7639ee43d23d8d57fefe0544ba4ccb813ebc2a2435d7e2e7d3b160a451ac9035900418c2f23127dc5a652dc632c710530e7238d2433d7f97c5bb37733cbaa0958518b90db12605a86a0d7a490cb1e61fd824cb8abdb9952925c4b5ad575549e3042a17be65807e295869d27a75526e7bd320a1c84b309e82b73c6b6d5f500bf5738ad9c02a0a9a48d1dd5aa45731ffa2258999a2ba66a527be04d05586e57953a6496ef33f94593c2cc15d2282522d002ca9c1daa2af2cc37a397138974df1b044219ccb32b148f9b37db370ed71ba7b69d2803df11d61191f115aa0c2befbf0b937de997e247f5a2c7626733e2b5b7439e51a020764d47b8e1b93c49261ccc65d357c33365d04c8dd4ff47a7ca28cff06a110a6ecc2ec4933e57b46309ce4728c0148152c94c0de9e03f7c698cdf1b636bc106f0db8da80f97caf4367e9a15baf009f27b1a45591f5f58f16a2d342be7b8bd99ff3f47c5b815f2be40446eb5ce071221d3ef807dac24e167c7a6f61947d68a219725ad9516a2eaa75ef51db0c9c8d3a9f0849203ee1b4b20b76861169a1ef837011e847761b9f6a9f6767d9c8f6f44d2321833a05c578e05ed88ed3eb18fff284648f7e53461615a67cf6085a33d4ca34fc7b1e8254f60d7ee7779cdab17c310f9d8b6a79d37d0c21c84fe4419b9cd75f45089ce17253e6e376536cefe58ad6e3e0d641f6bef3118a2b3a4de7a788db248b30c95cf5b2621646bcf5fc3494247e7074d0d7c828797a84782fee0ec76969dde4b27e117910e801530f77c6fa371a2c9652a77b92752293d3a2b323c454f79ae49d3e813cfe7fb556f6c6442aab0f233642d1235724a49d252fb8f869cf", 0xb85, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 09:53:28 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x164802, 0x2) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000180)={0x6, 0x0, [{0x80000007, 0x9, 0x0, 0x1126}, {0x40000005, 0x9, 0x4d279e8d, 0x836, 0x5}, {0x0, 0x5, 0x1ac9, 0x4, 0x9}, {0x4, 0x1818739, 0x800, 0x5, 0x8}, {0x40000001, 0xe36c, 0x7, 0x0, 0x8000}, {0x80000007, 0x7fffffff, 0x3f, 0x9, 0xffff}]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f0000000440)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_NMI(r2, 0xae9a) perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) add_key$user(0x0, 0x0, &(0x7f0000000480)="749d60de2332193ffd1dbff51469074d9c16dfcbcd7a1590c007aec3b884c257e10694a76a0c15d9420739862cb747e1589ef26059c349e1b2553578078f0dbe687c010763d0eb29235e62a27683d6236740d44d5d7ef4d3a70b0fda7aadbd9c1d7156ec8d06fb3a693d585709ced309780d878cd4bf3ddba1018cd4327ab95f4fe8a4f7d470b8af77baf55dab20310eda7497a4a32abe9815fddeabfbb6747a23fe3c5241757f071049a3e967273384408bbffa06f29a5091366d14be87e1677c41ceb26f6dc67579f9566482b239d2846509aa16ea55ba069a93a9e2e89f191d61eccf5e6810243972121dc62bdd7003fb74ba9b0e0700d7039aff7a91060b354554d9e17a83aed8839f6612128c035f06d875bcfeb471904f08119dfe1d7db0e6085ed25fcea42766c663d24e0f42450d371a157f61c6150d9eafaa8ae65c721c147f924d02777e295352a4c2aae89ff9fd553d051523fa8df2b6cb4ab50c672648518d3227cb97c437a434bcee4d849156a5dc420d21be21cf6d0006f0e6efe804ab2b355a4c6915e831fec874caa4e93c54b58c9a66f0d52d17b1433a7489d7e9b2f177e4b39e75e97a2c2d4538d5e33bfabb0a2183ed708f5812086006ff020cb3ee3bd638a2a4ac7451b23a65ab4e8c87b4b24f6b2caee38aa4e43c98596ebaf86ff36c445f6ddfc24342016c33e88b76ea26f713e4da5e96cd61f845ebc9b99f5a6b92ea01bd1a385cf2509646e224596f12d8cf042d34e2636c17a7ccc2128d0cab168048e61ad9e5f2c9453ad60f8d1742d564361862871d47bbe985de7af59ef97761802d7624a03597b8224343a066708ef2b6a2ea135cd1ee1e85ffd8208756441341ba820720d298522347f115cca2c2e7d34688ef29f714cf541939c1b2f21c5028f7a7fc2447e74884e2485d6f74160ca19f8defc10c87dc46a5f09f24a0b5bdc45278a49b8767a2b55e254730e64a8bbfae4f6427e9ca62a92bcfc801b7458ac046c79927e612d913868ee0732b17773a2e79dfef0b128a4d4f4561f86d62c726220b8faad6f3170cf1125e232d8b82413d18da79b7bd256a6f3bccec692e085c87c4c5be00e639d1aac3c091f4bc23206fd1d8bf3d5acdd8149593c6358752c85a92b7959c3f9c0dd66c287762661c1bdc90fdc1840ce7a626a56ef627670ed7493528b2fbb8bfe4f9981504a5f94e641a2cf0b6a640cdfd771d251ae91e67765509fd26e8d54e245d74941f3cc8d56249cc20053e5049382ba5c4759b46ea4e99a95a3d383a59dd8b334e4013b8315dc6a752860ba459649861daab71eb9435f4f231b16bf426d644fb2da53ac4b04bb70943ef5094cfc8feb0b27958b1e250f653842116374ff400d1ac0b0ed803ab8fb3c89f17cc02c11732b916cd78818d226078a863d6b67389a3fbed93d3529d5339bdd3e44b7ceff6a404d608e12af72bb74408bef09308a56af6d60ded1c78ece0d6ce1e06e53cde5eb2fc672d5ec8cde3238bfaa3051b649c4a4616a1b300ace4379cd234990ac8cedc1ce4a7c589fa9ed33fc3f040d0319d9095ed3b4be835df038aab41a4889e99f3819690fb0b7e5389e3063d86b021d08c37f3b82295ab376c693d90a21037eb814035bd11bb7d23b113cf838a1f48b9bc064aff7d02b020c7a2f822bf375781d247b775395ed4eb47871ec3c79da838c84a3a64a13720084e03a0897a26af658384ea4e056acebe2a1687a2b716ba147c553c408428d8e57c7b35e58b682ec1839f275e01fb538bd810876050e50a75a12e2cda19201a1222852f401c5c6429c89ba25197a515f7d4453b8601db153dd5ea2094a0d94690df2ed32199bfd86e6bae1b98ad62408607bde1f71a6ccbbfd2dd14df688d41acd32e9d84f05561c694b7a8ddc7d50c3b8e0e8fea418a1c27f20aa766e802a2d5178afce85baf0bfe89fac3f698d2acfb9d0470e4134e4c5f2ae73dbab06bdd5713c63ed4159b45b497c2be45807c2762cd08a8da9e787d5f62e4a651d9ed4b7ae53520b62ab0c5b6afe36d58d7c638d8d3c35ab707b9d06d85774106d9548bc5a1eec8ecc13fbbcd53b169a2daf7401d2e37d8eeaed89b4484bf4dbfb04f36eec46866d1dbe2bb7e89179b268f1ed23323b5b58ec3169c7c02975758bcc8a3a512e4b4e0c4e947e421131ac1100e124cc38d795617615792ce0360529c4faf59e725d90a4fff8bc8b72e9c02e4962dcbb1f56622159a9185797a871f433d1608251f89e3b9329e85d59f55956c8aeeba55360454f77af85cb3288afb7a1b0fca0e73590cd9382f20fdfaebd25d14bae6ded67a90f1011a02d596e7df6e85b383cabc0b5621f1adff5c92159b827e4e00e20d6a43f07a388ffbad6372462c615fffa03d42e46747597b468b6cdbd48b1ebaa92560865c4d564b9d1fb8410da53b637e04fe40a652c3ee1c083d1257a714a8a82b4f9ce210470446698b37852ead866cc77bfee5c31d85b97d5e7a2e72e70193ebf0f1239c7785d41719293f3f9ad51cd875c61a986ec4ba0c91b790b4ea2d31a77b7e6c220f2f5b77bcf9301661506317f47cc7c6da16b85165bd6a0dd96f6fc891200913081df36e212bbd7ca947e6dbf18b435c1424a0d9881a97c8ef19ac7fdac8c3a740b302796fb5879d103f847721b15ba3c1f8557922a08f13e40f4af95ae7ee75040b1d8e8baca4a49a15b1f7144fca6f86b0f12e9442af0bbb40abb425c3ecb17fdc70717d29c42a212f80915a985140cd47a38a2b485268f06d8e8a7fcc008e396323ad746e7da9a3a9b7918010915ad7500f93b78bee08433fd363184d8d057dab2bd6b8a8efaebbdbe77c41ebe297a70ac38bea085fe8fcb62f4666f37c4526012b0b574bc6a9581d214915a1b7da4b5bf22deedf6118125d30d3df2f97871de606c0e6e6435556d9f51e69ba393a75c098fd52b33a4d45982952c6cc170b4b9a647702b4f458d241d540a374dc889d20b919fe3ffdf09f5ffd759f0827c05eac7cf99651bd3ddbd3cd8d44c310a8c853cec4897ec8d4609eb9db8e8308ed72c558a815714fe9fa09e954485a73b62d32a7207222d96f55907bd40cafe04fe900381072d159b830daca8e6d576272861f3205de07177f805833d589d591aef3f5d19f0446581c7763c79b63b7fb218c334ff60a882964887a244783822a932f6d37ef023d3e72d2ff4b2a8509fb8c610fc0c75936f7ef91c8452a6cbb237293546e36d1176abee79cf4712acd3bd5c16d8d98e72bd7e563014382d071ef0d25e87bab6ffc859d7b91622e1486825b7639ee43d23d8d57fefe0544ba4ccb813ebc2a2435d7e2e7d3b160a451ac9035900418c2f23127dc5a652dc632c710530e7238d2433d7f97c5bb37733cbaa0958518b90db12605a86a0d7a490cb1e61fd824cb8abdb9952925c4b5ad575549e3042a17be65807e295869d27a75526e7bd320a1c84b309e82b73c6b6d5f500bf5738ad9c02a0a9a48d1dd5aa45731ffa2258999a2ba66a527be04d05586e57953a6496ef33f94593c2cc15d2282522d002ca9c1daa2af2cc37a397138974df1b044219ccb32b148f9b37db370ed71ba7b69d2803df11d61191f115aa0c2befbf0b937de997e247f5a2c7626733e2b5b7439e51a020764d47b8e1b93c49261ccc65d357c33365d04c8dd4ff47a7ca28cff06a110a6ecc2ec4933e57b46309ce4728c0148152c94c0de9e03f7c698cdf1b636bc106f0db8da80f97caf4367e9a15baf009f27b1a45591f5f58f16a2d342be7b8bd99ff3f47c5b815f2be40446eb5ce071221d3ef807dac24e167c7a6f61947d68a219725ad9516a2eaa75ef51db0c9c8d3a9f0849203ee1b4b20b76861169a1ef837011e847761b9f6a9f6767d9c8f6f44d2321833a05c578e05ed88ed3eb18fff284648f7e53461615a67cf6085a33d4ca34fc7b1e8254f60d7ee7779cdab17c310f9d8b6a79d37d0c21c84fe4419b9cd75f45089ce17253e6e376536cefe58ad6e3e0d641f6bef3118a2b3a4de7a788db248b30c95cf5b2621646bcf5fc3494247e7074d0d7c828797a84782fee0ec76969dde4b27e117910e801530f77c6fa371a2c9652a77b92752293d3a2b323c454f79ae49d3e813cfe7fb556f6c6442aab0f233642d1235724a49d252fb8f869cf", 0xb85, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 09:53:29 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x164802, 0x2) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000180)={0x6, 0x0, [{0x80000007, 0x9, 0x0, 0x1126}, {0x40000005, 0x9, 0x4d279e8d, 0x836, 0x5}, {0x0, 0x5, 0x1ac9, 0x4, 0x9}, {0x4, 0x1818739, 0x800, 0x5, 0x8}, {0x40000001, 0xe36c, 0x7, 0x0, 0x8000}, {0x80000007, 0x7fffffff, 0x3f, 0x9, 0xffff}]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f0000000440)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_NMI(r2, 0xae9a) perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) add_key$user(0x0, 0x0, &(0x7f0000000480)="749d60de2332193ffd1dbff51469074d9c16dfcbcd7a1590c007aec3b884c257e10694a76a0c15d9420739862cb747e1589ef26059c349e1b2553578078f0dbe687c010763d0eb29235e62a27683d6236740d44d5d7ef4d3a70b0fda7aadbd9c1d7156ec8d06fb3a693d585709ced309780d878cd4bf3ddba1018cd4327ab95f4fe8a4f7d470b8af77baf55dab20310eda7497a4a32abe9815fddeabfbb6747a23fe3c5241757f071049a3e967273384408bbffa06f29a5091366d14be87e1677c41ceb26f6dc67579f9566482b239d2846509aa16ea55ba069a93a9e2e89f191d61eccf5e6810243972121dc62bdd7003fb74ba9b0e0700d7039aff7a91060b354554d9e17a83aed8839f6612128c035f06d875bcfeb471904f08119dfe1d7db0e6085ed25fcea42766c663d24e0f42450d371a157f61c6150d9eafaa8ae65c721c147f924d02777e295352a4c2aae89ff9fd553d051523fa8df2b6cb4ab50c672648518d3227cb97c437a434bcee4d849156a5dc420d21be21cf6d0006f0e6efe804ab2b355a4c6915e831fec874caa4e93c54b58c9a66f0d52d17b1433a7489d7e9b2f177e4b39e75e97a2c2d4538d5e33bfabb0a2183ed708f5812086006ff020cb3ee3bd638a2a4ac7451b23a65ab4e8c87b4b24f6b2caee38aa4e43c98596ebaf86ff36c445f6ddfc24342016c33e88b76ea26f713e4da5e96cd61f845ebc9b99f5a6b92ea01bd1a385cf2509646e224596f12d8cf042d34e2636c17a7ccc2128d0cab168048e61ad9e5f2c9453ad60f8d1742d564361862871d47bbe985de7af59ef97761802d7624a03597b8224343a066708ef2b6a2ea135cd1ee1e85ffd8208756441341ba820720d298522347f115cca2c2e7d34688ef29f714cf541939c1b2f21c5028f7a7fc2447e74884e2485d6f74160ca19f8defc10c87dc46a5f09f24a0b5bdc45278a49b8767a2b55e254730e64a8bbfae4f6427e9ca62a92bcfc801b7458ac046c79927e612d913868ee0732b17773a2e79dfef0b128a4d4f4561f86d62c726220b8faad6f3170cf1125e232d8b82413d18da79b7bd256a6f3bccec692e085c87c4c5be00e639d1aac3c091f4bc23206fd1d8bf3d5acdd8149593c6358752c85a92b7959c3f9c0dd66c287762661c1bdc90fdc1840ce7a626a56ef627670ed7493528b2fbb8bfe4f9981504a5f94e641a2cf0b6a640cdfd771d251ae91e67765509fd26e8d54e245d74941f3cc8d56249cc20053e5049382ba5c4759b46ea4e99a95a3d383a59dd8b334e4013b8315dc6a752860ba459649861daab71eb9435f4f231b16bf426d644fb2da53ac4b04bb70943ef5094cfc8feb0b27958b1e250f653842116374ff400d1ac0b0ed803ab8fb3c89f17cc02c11732b916cd78818d226078a863d6b67389a3fbed93d3529d5339bdd3e44b7ceff6a404d608e12af72bb74408bef09308a56af6d60ded1c78ece0d6ce1e06e53cde5eb2fc672d5ec8cde3238bfaa3051b649c4a4616a1b300ace4379cd234990ac8cedc1ce4a7c589fa9ed33fc3f040d0319d9095ed3b4be835df038aab41a4889e99f3819690fb0b7e5389e3063d86b021d08c37f3b82295ab376c693d90a21037eb814035bd11bb7d23b113cf838a1f48b9bc064aff7d02b020c7a2f822bf375781d247b775395ed4eb47871ec3c79da838c84a3a64a13720084e03a0897a26af658384ea4e056acebe2a1687a2b716ba147c553c408428d8e57c7b35e58b682ec1839f275e01fb538bd810876050e50a75a12e2cda19201a1222852f401c5c6429c89ba25197a515f7d4453b8601db153dd5ea2094a0d94690df2ed32199bfd86e6bae1b98ad62408607bde1f71a6ccbbfd2dd14df688d41acd32e9d84f05561c694b7a8ddc7d50c3b8e0e8fea418a1c27f20aa766e802a2d5178afce85baf0bfe89fac3f698d2acfb9d0470e4134e4c5f2ae73dbab06bdd5713c63ed4159b45b497c2be45807c2762cd08a8da9e787d5f62e4a651d9ed4b7ae53520b62ab0c5b6afe36d58d7c638d8d3c35ab707b9d06d85774106d9548bc5a1eec8ecc13fbbcd53b169a2daf7401d2e37d8eeaed89b4484bf4dbfb04f36eec46866d1dbe2bb7e89179b268f1ed23323b5b58ec3169c7c02975758bcc8a3a512e4b4e0c4e947e421131ac1100e124cc38d795617615792ce0360529c4faf59e725d90a4fff8bc8b72e9c02e4962dcbb1f56622159a9185797a871f433d1608251f89e3b9329e85d59f55956c8aeeba55360454f77af85cb3288afb7a1b0fca0e73590cd9382f20fdfaebd25d14bae6ded67a90f1011a02d596e7df6e85b383cabc0b5621f1adff5c92159b827e4e00e20d6a43f07a388ffbad6372462c615fffa03d42e46747597b468b6cdbd48b1ebaa92560865c4d564b9d1fb8410da53b637e04fe40a652c3ee1c083d1257a714a8a82b4f9ce210470446698b37852ead866cc77bfee5c31d85b97d5e7a2e72e70193ebf0f1239c7785d41719293f3f9ad51cd875c61a986ec4ba0c91b790b4ea2d31a77b7e6c220f2f5b77bcf9301661506317f47cc7c6da16b85165bd6a0dd96f6fc891200913081df36e212bbd7ca947e6dbf18b435c1424a0d9881a97c8ef19ac7fdac8c3a740b302796fb5879d103f847721b15ba3c1f8557922a08f13e40f4af95ae7ee75040b1d8e8baca4a49a15b1f7144fca6f86b0f12e9442af0bbb40abb425c3ecb17fdc70717d29c42a212f80915a985140cd47a38a2b485268f06d8e8a7fcc008e396323ad746e7da9a3a9b7918010915ad7500f93b78bee08433fd363184d8d057dab2bd6b8a8efaebbdbe77c41ebe297a70ac38bea085fe8fcb62f4666f37c4526012b0b574bc6a9581d214915a1b7da4b5bf22deedf6118125d30d3df2f97871de606c0e6e6435556d9f51e69ba393a75c098fd52b33a4d45982952c6cc170b4b9a647702b4f458d241d540a374dc889d20b919fe3ffdf09f5ffd759f0827c05eac7cf99651bd3ddbd3cd8d44c310a8c853cec4897ec8d4609eb9db8e8308ed72c558a815714fe9fa09e954485a73b62d32a7207222d96f55907bd40cafe04fe900381072d159b830daca8e6d576272861f3205de07177f805833d589d591aef3f5d19f0446581c7763c79b63b7fb218c334ff60a882964887a244783822a932f6d37ef023d3e72d2ff4b2a8509fb8c610fc0c75936f7ef91c8452a6cbb237293546e36d1176abee79cf4712acd3bd5c16d8d98e72bd7e563014382d071ef0d25e87bab6ffc859d7b91622e1486825b7639ee43d23d8d57fefe0544ba4ccb813ebc2a2435d7e2e7d3b160a451ac9035900418c2f23127dc5a652dc632c710530e7238d2433d7f97c5bb37733cbaa0958518b90db12605a86a0d7a490cb1e61fd824cb8abdb9952925c4b5ad575549e3042a17be65807e295869d27a75526e7bd320a1c84b309e82b73c6b6d5f500bf5738ad9c02a0a9a48d1dd5aa45731ffa2258999a2ba66a527be04d05586e57953a6496ef33f94593c2cc15d2282522d002ca9c1daa2af2cc37a397138974df1b044219ccb32b148f9b37db370ed71ba7b69d2803df11d61191f115aa0c2befbf0b937de997e247f5a2c7626733e2b5b7439e51a020764d47b8e1b93c49261ccc65d357c33365d04c8dd4ff47a7ca28cff06a110a6ecc2ec4933e57b46309ce4728c0148152c94c0de9e03f7c698cdf1b636bc106f0db8da80f97caf4367e9a15baf009f27b1a45591f5f58f16a2d342be7b8bd99ff3f47c5b815f2be40446eb5ce071221d3ef807dac24e167c7a6f61947d68a219725ad9516a2eaa75ef51db0c9c8d3a9f0849203ee1b4b20b76861169a1ef837011e847761b9f6a9f6767d9c8f6f44d2321833a05c578e05ed88ed3eb18fff284648f7e53461615a67cf6085a33d4ca34fc7b1e8254f60d7ee7779cdab17c310f9d8b6a79d37d0c21c84fe4419b9cd75f45089ce17253e6e376536cefe58ad6e3e0d641f6bef3118a2b3a4de7a788db248b30c95cf5b2621646bcf5fc3494247e7074d0d7c828797a84782fee0ec76969dde4b27e117910e801530f77c6fa371a2c9652a77b92752293d3a2b323c454f79ae49d3e813cfe7fb556f6c6442aab0f233642d1235724a49d252fb8f869cf", 0xb85, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 09:53:29 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x164802, 0x2) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000180)={0x6, 0x0, [{0x80000007, 0x9, 0x0, 0x1126}, {0x40000005, 0x9, 0x4d279e8d, 0x836, 0x5}, {0x0, 0x5, 0x1ac9, 0x4, 0x9}, {0x4, 0x1818739, 0x800, 0x5, 0x8}, {0x40000001, 0xe36c, 0x7, 0x0, 0x8000}, {0x80000007, 0x7fffffff, 0x3f, 0x9, 0xffff}]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f0000000440)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_NMI(r2, 0xae9a) perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) add_key$user(0x0, 0x0, &(0x7f0000000480)="749d60de2332193ffd1dbff51469074d9c16dfcbcd7a1590c007aec3b884c257e10694a76a0c15d9420739862cb747e1589ef26059c349e1b2553578078f0dbe687c010763d0eb29235e62a27683d6236740d44d5d7ef4d3a70b0fda7aadbd9c1d7156ec8d06fb3a693d585709ced309780d878cd4bf3ddba1018cd4327ab95f4fe8a4f7d470b8af77baf55dab20310eda7497a4a32abe9815fddeabfbb6747a23fe3c5241757f071049a3e967273384408bbffa06f29a5091366d14be87e1677c41ceb26f6dc67579f9566482b239d2846509aa16ea55ba069a93a9e2e89f191d61eccf5e6810243972121dc62bdd7003fb74ba9b0e0700d7039aff7a91060b354554d9e17a83aed8839f6612128c035f06d875bcfeb471904f08119dfe1d7db0e6085ed25fcea42766c663d24e0f42450d371a157f61c6150d9eafaa8ae65c721c147f924d02777e295352a4c2aae89ff9fd553d051523fa8df2b6cb4ab50c672648518d3227cb97c437a434bcee4d849156a5dc420d21be21cf6d0006f0e6efe804ab2b355a4c6915e831fec874caa4e93c54b58c9a66f0d52d17b1433a7489d7e9b2f177e4b39e75e97a2c2d4538d5e33bfabb0a2183ed708f5812086006ff020cb3ee3bd638a2a4ac7451b23a65ab4e8c87b4b24f6b2caee38aa4e43c98596ebaf86ff36c445f6ddfc24342016c33e88b76ea26f713e4da5e96cd61f845ebc9b99f5a6b92ea01bd1a385cf2509646e224596f12d8cf042d34e2636c17a7ccc2128d0cab168048e61ad9e5f2c9453ad60f8d1742d564361862871d47bbe985de7af59ef97761802d7624a03597b8224343a066708ef2b6a2ea135cd1ee1e85ffd8208756441341ba820720d298522347f115cca2c2e7d34688ef29f714cf541939c1b2f21c5028f7a7fc2447e74884e2485d6f74160ca19f8defc10c87dc46a5f09f24a0b5bdc45278a49b8767a2b55e254730e64a8bbfae4f6427e9ca62a92bcfc801b7458ac046c79927e612d913868ee0732b17773a2e79dfef0b128a4d4f4561f86d62c726220b8faad6f3170cf1125e232d8b82413d18da79b7bd256a6f3bccec692e085c87c4c5be00e639d1aac3c091f4bc23206fd1d8bf3d5acdd8149593c6358752c85a92b7959c3f9c0dd66c287762661c1bdc90fdc1840ce7a626a56ef627670ed7493528b2fbb8bfe4f9981504a5f94e641a2cf0b6a640cdfd771d251ae91e67765509fd26e8d54e245d74941f3cc8d56249cc20053e5049382ba5c4759b46ea4e99a95a3d383a59dd8b334e4013b8315dc6a752860ba459649861daab71eb9435f4f231b16bf426d644fb2da53ac4b04bb70943ef5094cfc8feb0b27958b1e250f653842116374ff400d1ac0b0ed803ab8fb3c89f17cc02c11732b916cd78818d226078a863d6b67389a3fbed93d3529d5339bdd3e44b7ceff6a404d608e12af72bb74408bef09308a56af6d60ded1c78ece0d6ce1e06e53cde5eb2fc672d5ec8cde3238bfaa3051b649c4a4616a1b300ace4379cd234990ac8cedc1ce4a7c589fa9ed33fc3f040d0319d9095ed3b4be835df038aab41a4889e99f3819690fb0b7e5389e3063d86b021d08c37f3b82295ab376c693d90a21037eb814035bd11bb7d23b113cf838a1f48b9bc064aff7d02b020c7a2f822bf375781d247b775395ed4eb47871ec3c79da838c84a3a64a13720084e03a0897a26af658384ea4e056acebe2a1687a2b716ba147c553c408428d8e57c7b35e58b682ec1839f275e01fb538bd810876050e50a75a12e2cda19201a1222852f401c5c6429c89ba25197a515f7d4453b8601db153dd5ea2094a0d94690df2ed32199bfd86e6bae1b98ad62408607bde1f71a6ccbbfd2dd14df688d41acd32e9d84f05561c694b7a8ddc7d50c3b8e0e8fea418a1c27f20aa766e802a2d5178afce85baf0bfe89fac3f698d2acfb9d0470e4134e4c5f2ae73dbab06bdd5713c63ed4159b45b497c2be45807c2762cd08a8da9e787d5f62e4a651d9ed4b7ae53520b62ab0c5b6afe36d58d7c638d8d3c35ab707b9d06d85774106d9548bc5a1eec8ecc13fbbcd53b169a2daf7401d2e37d8eeaed89b4484bf4dbfb04f36eec46866d1dbe2bb7e89179b268f1ed23323b5b58ec3169c7c02975758bcc8a3a512e4b4e0c4e947e421131ac1100e124cc38d795617615792ce0360529c4faf59e725d90a4fff8bc8b72e9c02e4962dcbb1f56622159a9185797a871f433d1608251f89e3b9329e85d59f55956c8aeeba55360454f77af85cb3288afb7a1b0fca0e73590cd9382f20fdfaebd25d14bae6ded67a90f1011a02d596e7df6e85b383cabc0b5621f1adff5c92159b827e4e00e20d6a43f07a388ffbad6372462c615fffa03d42e46747597b468b6cdbd48b1ebaa92560865c4d564b9d1fb8410da53b637e04fe40a652c3ee1c083d1257a714a8a82b4f9ce210470446698b37852ead866cc77bfee5c31d85b97d5e7a2e72e70193ebf0f1239c7785d41719293f3f9ad51cd875c61a986ec4ba0c91b790b4ea2d31a77b7e6c220f2f5b77bcf9301661506317f47cc7c6da16b85165bd6a0dd96f6fc891200913081df36e212bbd7ca947e6dbf18b435c1424a0d9881a97c8ef19ac7fdac8c3a740b302796fb5879d103f847721b15ba3c1f8557922a08f13e40f4af95ae7ee75040b1d8e8baca4a49a15b1f7144fca6f86b0f12e9442af0bbb40abb425c3ecb17fdc70717d29c42a212f80915a985140cd47a38a2b485268f06d8e8a7fcc008e396323ad746e7da9a3a9b7918010915ad7500f93b78bee08433fd363184d8d057dab2bd6b8a8efaebbdbe77c41ebe297a70ac38bea085fe8fcb62f4666f37c4526012b0b574bc6a9581d214915a1b7da4b5bf22deedf6118125d30d3df2f97871de606c0e6e6435556d9f51e69ba393a75c098fd52b33a4d45982952c6cc170b4b9a647702b4f458d241d540a374dc889d20b919fe3ffdf09f5ffd759f0827c05eac7cf99651bd3ddbd3cd8d44c310a8c853cec4897ec8d4609eb9db8e8308ed72c558a815714fe9fa09e954485a73b62d32a7207222d96f55907bd40cafe04fe900381072d159b830daca8e6d576272861f3205de07177f805833d589d591aef3f5d19f0446581c7763c79b63b7fb218c334ff60a882964887a244783822a932f6d37ef023d3e72d2ff4b2a8509fb8c610fc0c75936f7ef91c8452a6cbb237293546e36d1176abee79cf4712acd3bd5c16d8d98e72bd7e563014382d071ef0d25e87bab6ffc859d7b91622e1486825b7639ee43d23d8d57fefe0544ba4ccb813ebc2a2435d7e2e7d3b160a451ac9035900418c2f23127dc5a652dc632c710530e7238d2433d7f97c5bb37733cbaa0958518b90db12605a86a0d7a490cb1e61fd824cb8abdb9952925c4b5ad575549e3042a17be65807e295869d27a75526e7bd320a1c84b309e82b73c6b6d5f500bf5738ad9c02a0a9a48d1dd5aa45731ffa2258999a2ba66a527be04d05586e57953a6496ef33f94593c2cc15d2282522d002ca9c1daa2af2cc37a397138974df1b044219ccb32b148f9b37db370ed71ba7b69d2803df11d61191f115aa0c2befbf0b937de997e247f5a2c7626733e2b5b7439e51a020764d47b8e1b93c49261ccc65d357c33365d04c8dd4ff47a7ca28cff06a110a6ecc2ec4933e57b46309ce4728c0148152c94c0de9e03f7c698cdf1b636bc106f0db8da80f97caf4367e9a15baf009f27b1a45591f5f58f16a2d342be7b8bd99ff3f47c5b815f2be40446eb5ce071221d3ef807dac24e167c7a6f61947d68a219725ad9516a2eaa75ef51db0c9c8d3a9f0849203ee1b4b20b76861169a1ef837011e847761b9f6a9f6767d9c8f6f44d2321833a05c578e05ed88ed3eb18fff284648f7e53461615a67cf6085a33d4ca34fc7b1e8254f60d7ee7779cdab17c310f9d8b6a79d37d0c21c84fe4419b9cd75f45089ce17253e6e376536cefe58ad6e3e0d641f6bef3118a2b3a4de7a788db248b30c95cf5b2621646bcf5fc3494247e7074d0d7c828797a84782fee0ec76969dde4b27e117910e801530f77c6fa371a2c9652a77b92752293d3a2b323c454f79ae49d3e813cfe7fb556f6c6442aab0f233642d1235724a49d252fb8f869cf", 0xb85, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 09:53:29 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x164802, 0x2) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000180)={0x6, 0x0, [{0x80000007, 0x9, 0x0, 0x1126}, {0x40000005, 0x9, 0x4d279e8d, 0x836, 0x5}, {0x0, 0x5, 0x1ac9, 0x4, 0x9}, {0x4, 0x1818739, 0x800, 0x5, 0x8}, {0x40000001, 0xe36c, 0x7, 0x0, 0x8000}, {0x80000007, 0x7fffffff, 0x3f, 0x9, 0xffff}]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f0000000440)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_NMI(r2, 0xae9a) perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) add_key$user(0x0, 0x0, &(0x7f0000000480)="749d60de2332193ffd1dbff51469074d9c16dfcbcd7a1590c007aec3b884c257e10694a76a0c15d9420739862cb747e1589ef26059c349e1b2553578078f0dbe687c010763d0eb29235e62a27683d6236740d44d5d7ef4d3a70b0fda7aadbd9c1d7156ec8d06fb3a693d585709ced309780d878cd4bf3ddba1018cd4327ab95f4fe8a4f7d470b8af77baf55dab20310eda7497a4a32abe9815fddeabfbb6747a23fe3c5241757f071049a3e967273384408bbffa06f29a5091366d14be87e1677c41ceb26f6dc67579f9566482b239d2846509aa16ea55ba069a93a9e2e89f191d61eccf5e6810243972121dc62bdd7003fb74ba9b0e0700d7039aff7a91060b354554d9e17a83aed8839f6612128c035f06d875bcfeb471904f08119dfe1d7db0e6085ed25fcea42766c663d24e0f42450d371a157f61c6150d9eafaa8ae65c721c147f924d02777e295352a4c2aae89ff9fd553d051523fa8df2b6cb4ab50c672648518d3227cb97c437a434bcee4d849156a5dc420d21be21cf6d0006f0e6efe804ab2b355a4c6915e831fec874caa4e93c54b58c9a66f0d52d17b1433a7489d7e9b2f177e4b39e75e97a2c2d4538d5e33bfabb0a2183ed708f5812086006ff020cb3ee3bd638a2a4ac7451b23a65ab4e8c87b4b24f6b2caee38aa4e43c98596ebaf86ff36c445f6ddfc24342016c33e88b76ea26f713e4da5e96cd61f845ebc9b99f5a6b92ea01bd1a385cf2509646e224596f12d8cf042d34e2636c17a7ccc2128d0cab168048e61ad9e5f2c9453ad60f8d1742d564361862871d47bbe985de7af59ef97761802d7624a03597b8224343a066708ef2b6a2ea135cd1ee1e85ffd8208756441341ba820720d298522347f115cca2c2e7d34688ef29f714cf541939c1b2f21c5028f7a7fc2447e74884e2485d6f74160ca19f8defc10c87dc46a5f09f24a0b5bdc45278a49b8767a2b55e254730e64a8bbfae4f6427e9ca62a92bcfc801b7458ac046c79927e612d913868ee0732b17773a2e79dfef0b128a4d4f4561f86d62c726220b8faad6f3170cf1125e232d8b82413d18da79b7bd256a6f3bccec692e085c87c4c5be00e639d1aac3c091f4bc23206fd1d8bf3d5acdd8149593c6358752c85a92b7959c3f9c0dd66c287762661c1bdc90fdc1840ce7a626a56ef627670ed7493528b2fbb8bfe4f9981504a5f94e641a2cf0b6a640cdfd771d251ae91e67765509fd26e8d54e245d74941f3cc8d56249cc20053e5049382ba5c4759b46ea4e99a95a3d383a59dd8b334e4013b8315dc6a752860ba459649861daab71eb9435f4f231b16bf426d644fb2da53ac4b04bb70943ef5094cfc8feb0b27958b1e250f653842116374ff400d1ac0b0ed803ab8fb3c89f17cc02c11732b916cd78818d226078a863d6b67389a3fbed93d3529d5339bdd3e44b7ceff6a404d608e12af72bb74408bef09308a56af6d60ded1c78ece0d6ce1e06e53cde5eb2fc672d5ec8cde3238bfaa3051b649c4a4616a1b300ace4379cd234990ac8cedc1ce4a7c589fa9ed33fc3f040d0319d9095ed3b4be835df038aab41a4889e99f3819690fb0b7e5389e3063d86b021d08c37f3b82295ab376c693d90a21037eb814035bd11bb7d23b113cf838a1f48b9bc064aff7d02b020c7a2f822bf375781d247b775395ed4eb47871ec3c79da838c84a3a64a13720084e03a0897a26af658384ea4e056acebe2a1687a2b716ba147c553c408428d8e57c7b35e58b682ec1839f275e01fb538bd810876050e50a75a12e2cda19201a1222852f401c5c6429c89ba25197a515f7d4453b8601db153dd5ea2094a0d94690df2ed32199bfd86e6bae1b98ad62408607bde1f71a6ccbbfd2dd14df688d41acd32e9d84f05561c694b7a8ddc7d50c3b8e0e8fea418a1c27f20aa766e802a2d5178afce85baf0bfe89fac3f698d2acfb9d0470e4134e4c5f2ae73dbab06bdd5713c63ed4159b45b497c2be45807c2762cd08a8da9e787d5f62e4a651d9ed4b7ae53520b62ab0c5b6afe36d58d7c638d8d3c35ab707b9d06d85774106d9548bc5a1eec8ecc13fbbcd53b169a2daf7401d2e37d8eeaed89b4484bf4dbfb04f36eec46866d1dbe2bb7e89179b268f1ed23323b5b58ec3169c7c02975758bcc8a3a512e4b4e0c4e947e421131ac1100e124cc38d795617615792ce0360529c4faf59e725d90a4fff8bc8b72e9c02e4962dcbb1f56622159a9185797a871f433d1608251f89e3b9329e85d59f55956c8aeeba55360454f77af85cb3288afb7a1b0fca0e73590cd9382f20fdfaebd25d14bae6ded67a90f1011a02d596e7df6e85b383cabc0b5621f1adff5c92159b827e4e00e20d6a43f07a388ffbad6372462c615fffa03d42e46747597b468b6cdbd48b1ebaa92560865c4d564b9d1fb8410da53b637e04fe40a652c3ee1c083d1257a714a8a82b4f9ce210470446698b37852ead866cc77bfee5c31d85b97d5e7a2e72e70193ebf0f1239c7785d41719293f3f9ad51cd875c61a986ec4ba0c91b790b4ea2d31a77b7e6c220f2f5b77bcf9301661506317f47cc7c6da16b85165bd6a0dd96f6fc891200913081df36e212bbd7ca947e6dbf18b435c1424a0d9881a97c8ef19ac7fdac8c3a740b302796fb5879d103f847721b15ba3c1f8557922a08f13e40f4af95ae7ee75040b1d8e8baca4a49a15b1f7144fca6f86b0f12e9442af0bbb40abb425c3ecb17fdc70717d29c42a212f80915a985140cd47a38a2b485268f06d8e8a7fcc008e396323ad746e7da9a3a9b7918010915ad7500f93b78bee08433fd363184d8d057dab2bd6b8a8efaebbdbe77c41ebe297a70ac38bea085fe8fcb62f4666f37c4526012b0b574bc6a9581d214915a1b7da4b5bf22deedf6118125d30d3df2f97871de606c0e6e6435556d9f51e69ba393a75c098fd52b33a4d45982952c6cc170b4b9a647702b4f458d241d540a374dc889d20b919fe3ffdf09f5ffd759f0827c05eac7cf99651bd3ddbd3cd8d44c310a8c853cec4897ec8d4609eb9db8e8308ed72c558a815714fe9fa09e954485a73b62d32a7207222d96f55907bd40cafe04fe900381072d159b830daca8e6d576272861f3205de07177f805833d589d591aef3f5d19f0446581c7763c79b63b7fb218c334ff60a882964887a244783822a932f6d37ef023d3e72d2ff4b2a8509fb8c610fc0c75936f7ef91c8452a6cbb237293546e36d1176abee79cf4712acd3bd5c16d8d98e72bd7e563014382d071ef0d25e87bab6ffc859d7b91622e1486825b7639ee43d23d8d57fefe0544ba4ccb813ebc2a2435d7e2e7d3b160a451ac9035900418c2f23127dc5a652dc632c710530e7238d2433d7f97c5bb37733cbaa0958518b90db12605a86a0d7a490cb1e61fd824cb8abdb9952925c4b5ad575549e3042a17be65807e295869d27a75526e7bd320a1c84b309e82b73c6b6d5f500bf5738ad9c02a0a9a48d1dd5aa45731ffa2258999a2ba66a527be04d05586e57953a6496ef33f94593c2cc15d2282522d002ca9c1daa2af2cc37a397138974df1b044219ccb32b148f9b37db370ed71ba7b69d2803df11d61191f115aa0c2befbf0b937de997e247f5a2c7626733e2b5b7439e51a020764d47b8e1b93c49261ccc65d357c33365d04c8dd4ff47a7ca28cff06a110a6ecc2ec4933e57b46309ce4728c0148152c94c0de9e03f7c698cdf1b636bc106f0db8da80f97caf4367e9a15baf009f27b1a45591f5f58f16a2d342be7b8bd99ff3f47c5b815f2be40446eb5ce071221d3ef807dac24e167c7a6f61947d68a219725ad9516a2eaa75ef51db0c9c8d3a9f0849203ee1b4b20b76861169a1ef837011e847761b9f6a9f6767d9c8f6f44d2321833a05c578e05ed88ed3eb18fff284648f7e53461615a67cf6085a33d4ca34fc7b1e8254f60d7ee7779cdab17c310f9d8b6a79d37d0c21c84fe4419b9cd75f45089ce17253e6e376536cefe58ad6e3e0d641f6bef3118a2b3a4de7a788db248b30c95cf5b2621646bcf5fc3494247e7074d0d7c828797a84782fee0ec76969dde4b27e117910e801530f77c6fa371a2c9652a77b92752293d3a2b323c454f79ae49d3e813cfe7fb556f6c6442aab0f233642d1235724a49d252fb8f869cf", 0xb85, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 09:53:29 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x164802, 0x2) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000180)={0x6, 0x0, [{0x80000007, 0x9, 0x0, 0x1126}, {0x40000005, 0x9, 0x4d279e8d, 0x836, 0x5}, {0x0, 0x5, 0x1ac9, 0x4, 0x9}, {0x4, 0x1818739, 0x800, 0x5, 0x8}, {0x40000001, 0xe36c, 0x7, 0x0, 0x8000}, {0x80000007, 0x7fffffff, 0x3f, 0x9, 0xffff}]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f0000000440)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_NMI(r2, 0xae9a) perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) add_key$user(0x0, 0x0, &(0x7f0000000480)="749d60de2332193ffd1dbff51469074d9c16dfcbcd7a1590c007aec3b884c257e10694a76a0c15d9420739862cb747e1589ef26059c349e1b2553578078f0dbe687c010763d0eb29235e62a27683d6236740d44d5d7ef4d3a70b0fda7aadbd9c1d7156ec8d06fb3a693d585709ced309780d878cd4bf3ddba1018cd4327ab95f4fe8a4f7d470b8af77baf55dab20310eda7497a4a32abe9815fddeabfbb6747a23fe3c5241757f071049a3e967273384408bbffa06f29a5091366d14be87e1677c41ceb26f6dc67579f9566482b239d2846509aa16ea55ba069a93a9e2e89f191d61eccf5e6810243972121dc62bdd7003fb74ba9b0e0700d7039aff7a91060b354554d9e17a83aed8839f6612128c035f06d875bcfeb471904f08119dfe1d7db0e6085ed25fcea42766c663d24e0f42450d371a157f61c6150d9eafaa8ae65c721c147f924d02777e295352a4c2aae89ff9fd553d051523fa8df2b6cb4ab50c672648518d3227cb97c437a434bcee4d849156a5dc420d21be21cf6d0006f0e6efe804ab2b355a4c6915e831fec874caa4e93c54b58c9a66f0d52d17b1433a7489d7e9b2f177e4b39e75e97a2c2d4538d5e33bfabb0a2183ed708f5812086006ff020cb3ee3bd638a2a4ac7451b23a65ab4e8c87b4b24f6b2caee38aa4e43c98596ebaf86ff36c445f6ddfc24342016c33e88b76ea26f713e4da5e96cd61f845ebc9b99f5a6b92ea01bd1a385cf2509646e224596f12d8cf042d34e2636c17a7ccc2128d0cab168048e61ad9e5f2c9453ad60f8d1742d564361862871d47bbe985de7af59ef97761802d7624a03597b8224343a066708ef2b6a2ea135cd1ee1e85ffd8208756441341ba820720d298522347f115cca2c2e7d34688ef29f714cf541939c1b2f21c5028f7a7fc2447e74884e2485d6f74160ca19f8defc10c87dc46a5f09f24a0b5bdc45278a49b8767a2b55e254730e64a8bbfae4f6427e9ca62a92bcfc801b7458ac046c79927e612d913868ee0732b17773a2e79dfef0b128a4d4f4561f86d62c726220b8faad6f3170cf1125e232d8b82413d18da79b7bd256a6f3bccec692e085c87c4c5be00e639d1aac3c091f4bc23206fd1d8bf3d5acdd8149593c6358752c85a92b7959c3f9c0dd66c287762661c1bdc90fdc1840ce7a626a56ef627670ed7493528b2fbb8bfe4f9981504a5f94e641a2cf0b6a640cdfd771d251ae91e67765509fd26e8d54e245d74941f3cc8d56249cc20053e5049382ba5c4759b46ea4e99a95a3d383a59dd8b334e4013b8315dc6a752860ba459649861daab71eb9435f4f231b16bf426d644fb2da53ac4b04bb70943ef5094cfc8feb0b27958b1e250f653842116374ff400d1ac0b0ed803ab8fb3c89f17cc02c11732b916cd78818d226078a863d6b67389a3fbed93d3529d5339bdd3e44b7ceff6a404d608e12af72bb74408bef09308a56af6d60ded1c78ece0d6ce1e06e53cde5eb2fc672d5ec8cde3238bfaa3051b649c4a4616a1b300ace4379cd234990ac8cedc1ce4a7c589fa9ed33fc3f040d0319d9095ed3b4be835df038aab41a4889e99f3819690fb0b7e5389e3063d86b021d08c37f3b82295ab376c693d90a21037eb814035bd11bb7d23b113cf838a1f48b9bc064aff7d02b020c7a2f822bf375781d247b775395ed4eb47871ec3c79da838c84a3a64a13720084e03a0897a26af658384ea4e056acebe2a1687a2b716ba147c553c408428d8e57c7b35e58b682ec1839f275e01fb538bd810876050e50a75a12e2cda19201a1222852f401c5c6429c89ba25197a515f7d4453b8601db153dd5ea2094a0d94690df2ed32199bfd86e6bae1b98ad62408607bde1f71a6ccbbfd2dd14df688d41acd32e9d84f05561c694b7a8ddc7d50c3b8e0e8fea418a1c27f20aa766e802a2d5178afce85baf0bfe89fac3f698d2acfb9d0470e4134e4c5f2ae73dbab06bdd5713c63ed4159b45b497c2be45807c2762cd08a8da9e787d5f62e4a651d9ed4b7ae53520b62ab0c5b6afe36d58d7c638d8d3c35ab707b9d06d85774106d9548bc5a1eec8ecc13fbbcd53b169a2daf7401d2e37d8eeaed89b4484bf4dbfb04f36eec46866d1dbe2bb7e89179b268f1ed23323b5b58ec3169c7c02975758bcc8a3a512e4b4e0c4e947e421131ac1100e124cc38d795617615792ce0360529c4faf59e725d90a4fff8bc8b72e9c02e4962dcbb1f56622159a9185797a871f433d1608251f89e3b9329e85d59f55956c8aeeba55360454f77af85cb3288afb7a1b0fca0e73590cd9382f20fdfaebd25d14bae6ded67a90f1011a02d596e7df6e85b383cabc0b5621f1adff5c92159b827e4e00e20d6a43f07a388ffbad6372462c615fffa03d42e46747597b468b6cdbd48b1ebaa92560865c4d564b9d1fb8410da53b637e04fe40a652c3ee1c083d1257a714a8a82b4f9ce210470446698b37852ead866cc77bfee5c31d85b97d5e7a2e72e70193ebf0f1239c7785d41719293f3f9ad51cd875c61a986ec4ba0c91b790b4ea2d31a77b7e6c220f2f5b77bcf9301661506317f47cc7c6da16b85165bd6a0dd96f6fc891200913081df36e212bbd7ca947e6dbf18b435c1424a0d9881a97c8ef19ac7fdac8c3a740b302796fb5879d103f847721b15ba3c1f8557922a08f13e40f4af95ae7ee75040b1d8e8baca4a49a15b1f7144fca6f86b0f12e9442af0bbb40abb425c3ecb17fdc70717d29c42a212f80915a985140cd47a38a2b485268f06d8e8a7fcc008e396323ad746e7da9a3a9b7918010915ad7500f93b78bee08433fd363184d8d057dab2bd6b8a8efaebbdbe77c41ebe297a70ac38bea085fe8fcb62f4666f37c4526012b0b574bc6a9581d214915a1b7da4b5bf22deedf6118125d30d3df2f97871de606c0e6e6435556d9f51e69ba393a75c098fd52b33a4d45982952c6cc170b4b9a647702b4f458d241d540a374dc889d20b919fe3ffdf09f5ffd759f0827c05eac7cf99651bd3ddbd3cd8d44c310a8c853cec4897ec8d4609eb9db8e8308ed72c558a815714fe9fa09e954485a73b62d32a7207222d96f55907bd40cafe04fe900381072d159b830daca8e6d576272861f3205de07177f805833d589d591aef3f5d19f0446581c7763c79b63b7fb218c334ff60a882964887a244783822a932f6d37ef023d3e72d2ff4b2a8509fb8c610fc0c75936f7ef91c8452a6cbb237293546e36d1176abee79cf4712acd3bd5c16d8d98e72bd7e563014382d071ef0d25e87bab6ffc859d7b91622e1486825b7639ee43d23d8d57fefe0544ba4ccb813ebc2a2435d7e2e7d3b160a451ac9035900418c2f23127dc5a652dc632c710530e7238d2433d7f97c5bb37733cbaa0958518b90db12605a86a0d7a490cb1e61fd824cb8abdb9952925c4b5ad575549e3042a17be65807e295869d27a75526e7bd320a1c84b309e82b73c6b6d5f500bf5738ad9c02a0a9a48d1dd5aa45731ffa2258999a2ba66a527be04d05586e57953a6496ef33f94593c2cc15d2282522d002ca9c1daa2af2cc37a397138974df1b044219ccb32b148f9b37db370ed71ba7b69d2803df11d61191f115aa0c2befbf0b937de997e247f5a2c7626733e2b5b7439e51a020764d47b8e1b93c49261ccc65d357c33365d04c8dd4ff47a7ca28cff06a110a6ecc2ec4933e57b46309ce4728c0148152c94c0de9e03f7c698cdf1b636bc106f0db8da80f97caf4367e9a15baf009f27b1a45591f5f58f16a2d342be7b8bd99ff3f47c5b815f2be40446eb5ce071221d3ef807dac24e167c7a6f61947d68a219725ad9516a2eaa75ef51db0c9c8d3a9f0849203ee1b4b20b76861169a1ef837011e847761b9f6a9f6767d9c8f6f44d2321833a05c578e05ed88ed3eb18fff284648f7e53461615a67cf6085a33d4ca34fc7b1e8254f60d7ee7779cdab17c310f9d8b6a79d37d0c21c84fe4419b9cd75f45089ce17253e6e376536cefe58ad6e3e0d641f6bef3118a2b3a4de7a788db248b30c95cf5b2621646bcf5fc3494247e7074d0d7c828797a84782fee0ec76969dde4b27e117910e801530f77c6fa371a2c9652a77b92752293d3a2b323c454f79ae49d3e813cfe7fb556f6c6442aab0f233642d1235724a49d252fb8f869cf", 0xb85, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 09:53:30 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x164802, 0x2) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000180)={0x6, 0x0, [{0x80000007, 0x9, 0x0, 0x1126}, {0x40000005, 0x9, 0x4d279e8d, 0x836, 0x5}, {0x0, 0x5, 0x1ac9, 0x4, 0x9}, {0x4, 0x1818739, 0x800, 0x5, 0x8}, {0x40000001, 0xe36c, 0x7, 0x0, 0x8000}, {0x80000007, 0x7fffffff, 0x3f, 0x9, 0xffff}]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f0000000440)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_NMI(r2, 0xae9a) perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) add_key$user(0x0, 0x0, &(0x7f0000000480)="749d60de2332193ffd1dbff51469074d9c16dfcbcd7a1590c007aec3b884c257e10694a76a0c15d9420739862cb747e1589ef26059c349e1b2553578078f0dbe687c010763d0eb29235e62a27683d6236740d44d5d7ef4d3a70b0fda7aadbd9c1d7156ec8d06fb3a693d585709ced309780d878cd4bf3ddba1018cd4327ab95f4fe8a4f7d470b8af77baf55dab20310eda7497a4a32abe9815fddeabfbb6747a23fe3c5241757f071049a3e967273384408bbffa06f29a5091366d14be87e1677c41ceb26f6dc67579f9566482b239d2846509aa16ea55ba069a93a9e2e89f191d61eccf5e6810243972121dc62bdd7003fb74ba9b0e0700d7039aff7a91060b354554d9e17a83aed8839f6612128c035f06d875bcfeb471904f08119dfe1d7db0e6085ed25fcea42766c663d24e0f42450d371a157f61c6150d9eafaa8ae65c721c147f924d02777e295352a4c2aae89ff9fd553d051523fa8df2b6cb4ab50c672648518d3227cb97c437a434bcee4d849156a5dc420d21be21cf6d0006f0e6efe804ab2b355a4c6915e831fec874caa4e93c54b58c9a66f0d52d17b1433a7489d7e9b2f177e4b39e75e97a2c2d4538d5e33bfabb0a2183ed708f5812086006ff020cb3ee3bd638a2a4ac7451b23a65ab4e8c87b4b24f6b2caee38aa4e43c98596ebaf86ff36c445f6ddfc24342016c33e88b76ea26f713e4da5e96cd61f845ebc9b99f5a6b92ea01bd1a385cf2509646e224596f12d8cf042d34e2636c17a7ccc2128d0cab168048e61ad9e5f2c9453ad60f8d1742d564361862871d47bbe985de7af59ef97761802d7624a03597b8224343a066708ef2b6a2ea135cd1ee1e85ffd8208756441341ba820720d298522347f115cca2c2e7d34688ef29f714cf541939c1b2f21c5028f7a7fc2447e74884e2485d6f74160ca19f8defc10c87dc46a5f09f24a0b5bdc45278a49b8767a2b55e254730e64a8bbfae4f6427e9ca62a92bcfc801b7458ac046c79927e612d913868ee0732b17773a2e79dfef0b128a4d4f4561f86d62c726220b8faad6f3170cf1125e232d8b82413d18da79b7bd256a6f3bccec692e085c87c4c5be00e639d1aac3c091f4bc23206fd1d8bf3d5acdd8149593c6358752c85a92b7959c3f9c0dd66c287762661c1bdc90fdc1840ce7a626a56ef627670ed7493528b2fbb8bfe4f9981504a5f94e641a2cf0b6a640cdfd771d251ae91e67765509fd26e8d54e245d74941f3cc8d56249cc20053e5049382ba5c4759b46ea4e99a95a3d383a59dd8b334e4013b8315dc6a752860ba459649861daab71eb9435f4f231b16bf426d644fb2da53ac4b04bb70943ef5094cfc8feb0b27958b1e250f653842116374ff400d1ac0b0ed803ab8fb3c89f17cc02c11732b916cd78818d226078a863d6b67389a3fbed93d3529d5339bdd3e44b7ceff6a404d608e12af72bb74408bef09308a56af6d60ded1c78ece0d6ce1e06e53cde5eb2fc672d5ec8cde3238bfaa3051b649c4a4616a1b300ace4379cd234990ac8cedc1ce4a7c589fa9ed33fc3f040d0319d9095ed3b4be835df038aab41a4889e99f3819690fb0b7e5389e3063d86b021d08c37f3b82295ab376c693d90a21037eb814035bd11bb7d23b113cf838a1f48b9bc064aff7d02b020c7a2f822bf375781d247b775395ed4eb47871ec3c79da838c84a3a64a13720084e03a0897a26af658384ea4e056acebe2a1687a2b716ba147c553c408428d8e57c7b35e58b682ec1839f275e01fb538bd810876050e50a75a12e2cda19201a1222852f401c5c6429c89ba25197a515f7d4453b8601db153dd5ea2094a0d94690df2ed32199bfd86e6bae1b98ad62408607bde1f71a6ccbbfd2dd14df688d41acd32e9d84f05561c694b7a8ddc7d50c3b8e0e8fea418a1c27f20aa766e802a2d5178afce85baf0bfe89fac3f698d2acfb9d0470e4134e4c5f2ae73dbab06bdd5713c63ed4159b45b497c2be45807c2762cd08a8da9e787d5f62e4a651d9ed4b7ae53520b62ab0c5b6afe36d58d7c638d8d3c35ab707b9d06d85774106d9548bc5a1eec8ecc13fbbcd53b169a2daf7401d2e37d8eeaed89b4484bf4dbfb04f36eec46866d1dbe2bb7e89179b268f1ed23323b5b58ec3169c7c02975758bcc8a3a512e4b4e0c4e947e421131ac1100e124cc38d795617615792ce0360529c4faf59e725d90a4fff8bc8b72e9c02e4962dcbb1f56622159a9185797a871f433d1608251f89e3b9329e85d59f55956c8aeeba55360454f77af85cb3288afb7a1b0fca0e73590cd9382f20fdfaebd25d14bae6ded67a90f1011a02d596e7df6e85b383cabc0b5621f1adff5c92159b827e4e00e20d6a43f07a388ffbad6372462c615fffa03d42e46747597b468b6cdbd48b1ebaa92560865c4d564b9d1fb8410da53b637e04fe40a652c3ee1c083d1257a714a8a82b4f9ce210470446698b37852ead866cc77bfee5c31d85b97d5e7a2e72e70193ebf0f1239c7785d41719293f3f9ad51cd875c61a986ec4ba0c91b790b4ea2d31a77b7e6c220f2f5b77bcf9301661506317f47cc7c6da16b85165bd6a0dd96f6fc891200913081df36e212bbd7ca947e6dbf18b435c1424a0d9881a97c8ef19ac7fdac8c3a740b302796fb5879d103f847721b15ba3c1f8557922a08f13e40f4af95ae7ee75040b1d8e8baca4a49a15b1f7144fca6f86b0f12e9442af0bbb40abb425c3ecb17fdc70717d29c42a212f80915a985140cd47a38a2b485268f06d8e8a7fcc008e396323ad746e7da9a3a9b7918010915ad7500f93b78bee08433fd363184d8d057dab2bd6b8a8efaebbdbe77c41ebe297a70ac38bea085fe8fcb62f4666f37c4526012b0b574bc6a9581d214915a1b7da4b5bf22deedf6118125d30d3df2f97871de606c0e6e6435556d9f51e69ba393a75c098fd52b33a4d45982952c6cc170b4b9a647702b4f458d241d540a374dc889d20b919fe3ffdf09f5ffd759f0827c05eac7cf99651bd3ddbd3cd8d44c310a8c853cec4897ec8d4609eb9db8e8308ed72c558a815714fe9fa09e954485a73b62d32a7207222d96f55907bd40cafe04fe900381072d159b830daca8e6d576272861f3205de07177f805833d589d591aef3f5d19f0446581c7763c79b63b7fb218c334ff60a882964887a244783822a932f6d37ef023d3e72d2ff4b2a8509fb8c610fc0c75936f7ef91c8452a6cbb237293546e36d1176abee79cf4712acd3bd5c16d8d98e72bd7e563014382d071ef0d25e87bab6ffc859d7b91622e1486825b7639ee43d23d8d57fefe0544ba4ccb813ebc2a2435d7e2e7d3b160a451ac9035900418c2f23127dc5a652dc632c710530e7238d2433d7f97c5bb37733cbaa0958518b90db12605a86a0d7a490cb1e61fd824cb8abdb9952925c4b5ad575549e3042a17be65807e295869d27a75526e7bd320a1c84b309e82b73c6b6d5f500bf5738ad9c02a0a9a48d1dd5aa45731ffa2258999a2ba66a527be04d05586e57953a6496ef33f94593c2cc15d2282522d002ca9c1daa2af2cc37a397138974df1b044219ccb32b148f9b37db370ed71ba7b69d2803df11d61191f115aa0c2befbf0b937de997e247f5a2c7626733e2b5b7439e51a020764d47b8e1b93c49261ccc65d357c33365d04c8dd4ff47a7ca28cff06a110a6ecc2ec4933e57b46309ce4728c0148152c94c0de9e03f7c698cdf1b636bc106f0db8da80f97caf4367e9a15baf009f27b1a45591f5f58f16a2d342be7b8bd99ff3f47c5b815f2be40446eb5ce071221d3ef807dac24e167c7a6f61947d68a219725ad9516a2eaa75ef51db0c9c8d3a9f0849203ee1b4b20b76861169a1ef837011e847761b9f6a9f6767d9c8f6f44d2321833a05c578e05ed88ed3eb18fff284648f7e53461615a67cf6085a33d4ca34fc7b1e8254f60d7ee7779cdab17c310f9d8b6a79d37d0c21c84fe4419b9cd75f45089ce17253e6e376536cefe58ad6e3e0d641f6bef3118a2b3a4de7a788db248b30c95cf5b2621646bcf5fc3494247e7074d0d7c828797a84782fee0ec76969dde4b27e117910e801530f77c6fa371a2c9652a77b92752293d3a2b323c454f79ae49d3e813cfe7fb556f6c6442aab0f233642d1235724a49d252fb8f869cf", 0xb85, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 09:53:30 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x164802, 0x2) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000180)={0x6, 0x0, [{0x80000007, 0x9, 0x0, 0x1126}, {0x40000005, 0x9, 0x4d279e8d, 0x836, 0x5}, {0x0, 0x5, 0x1ac9, 0x4, 0x9}, {0x4, 0x1818739, 0x800, 0x5, 0x8}, {0x40000001, 0xe36c, 0x7, 0x0, 0x8000}, {0x80000007, 0x7fffffff, 0x3f, 0x9, 0xffff}]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f0000000440)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_NMI(r2, 0xae9a) perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) add_key$user(0x0, 0x0, &(0x7f0000000480)="749d60de2332193ffd1dbff51469074d9c16dfcbcd7a1590c007aec3b884c257e10694a76a0c15d9420739862cb747e1589ef26059c349e1b2553578078f0dbe687c010763d0eb29235e62a27683d6236740d44d5d7ef4d3a70b0fda7aadbd9c1d7156ec8d06fb3a693d585709ced309780d878cd4bf3ddba1018cd4327ab95f4fe8a4f7d470b8af77baf55dab20310eda7497a4a32abe9815fddeabfbb6747a23fe3c5241757f071049a3e967273384408bbffa06f29a5091366d14be87e1677c41ceb26f6dc67579f9566482b239d2846509aa16ea55ba069a93a9e2e89f191d61eccf5e6810243972121dc62bdd7003fb74ba9b0e0700d7039aff7a91060b354554d9e17a83aed8839f6612128c035f06d875bcfeb471904f08119dfe1d7db0e6085ed25fcea42766c663d24e0f42450d371a157f61c6150d9eafaa8ae65c721c147f924d02777e295352a4c2aae89ff9fd553d051523fa8df2b6cb4ab50c672648518d3227cb97c437a434bcee4d849156a5dc420d21be21cf6d0006f0e6efe804ab2b355a4c6915e831fec874caa4e93c54b58c9a66f0d52d17b1433a7489d7e9b2f177e4b39e75e97a2c2d4538d5e33bfabb0a2183ed708f5812086006ff020cb3ee3bd638a2a4ac7451b23a65ab4e8c87b4b24f6b2caee38aa4e43c98596ebaf86ff36c445f6ddfc24342016c33e88b76ea26f713e4da5e96cd61f845ebc9b99f5a6b92ea01bd1a385cf2509646e224596f12d8cf042d34e2636c17a7ccc2128d0cab168048e61ad9e5f2c9453ad60f8d1742d564361862871d47bbe985de7af59ef97761802d7624a03597b8224343a066708ef2b6a2ea135cd1ee1e85ffd8208756441341ba820720d298522347f115cca2c2e7d34688ef29f714cf541939c1b2f21c5028f7a7fc2447e74884e2485d6f74160ca19f8defc10c87dc46a5f09f24a0b5bdc45278a49b8767a2b55e254730e64a8bbfae4f6427e9ca62a92bcfc801b7458ac046c79927e612d913868ee0732b17773a2e79dfef0b128a4d4f4561f86d62c726220b8faad6f3170cf1125e232d8b82413d18da79b7bd256a6f3bccec692e085c87c4c5be00e639d1aac3c091f4bc23206fd1d8bf3d5acdd8149593c6358752c85a92b7959c3f9c0dd66c287762661c1bdc90fdc1840ce7a626a56ef627670ed7493528b2fbb8bfe4f9981504a5f94e641a2cf0b6a640cdfd771d251ae91e67765509fd26e8d54e245d74941f3cc8d56249cc20053e5049382ba5c4759b46ea4e99a95a3d383a59dd8b334e4013b8315dc6a752860ba459649861daab71eb9435f4f231b16bf426d644fb2da53ac4b04bb70943ef5094cfc8feb0b27958b1e250f653842116374ff400d1ac0b0ed803ab8fb3c89f17cc02c11732b916cd78818d226078a863d6b67389a3fbed93d3529d5339bdd3e44b7ceff6a404d608e12af72bb74408bef09308a56af6d60ded1c78ece0d6ce1e06e53cde5eb2fc672d5ec8cde3238bfaa3051b649c4a4616a1b300ace4379cd234990ac8cedc1ce4a7c589fa9ed33fc3f040d0319d9095ed3b4be835df038aab41a4889e99f3819690fb0b7e5389e3063d86b021d08c37f3b82295ab376c693d90a21037eb814035bd11bb7d23b113cf838a1f48b9bc064aff7d02b020c7a2f822bf375781d247b775395ed4eb47871ec3c79da838c84a3a64a13720084e03a0897a26af658384ea4e056acebe2a1687a2b716ba147c553c408428d8e57c7b35e58b682ec1839f275e01fb538bd810876050e50a75a12e2cda19201a1222852f401c5c6429c89ba25197a515f7d4453b8601db153dd5ea2094a0d94690df2ed32199bfd86e6bae1b98ad62408607bde1f71a6ccbbfd2dd14df688d41acd32e9d84f05561c694b7a8ddc7d50c3b8e0e8fea418a1c27f20aa766e802a2d5178afce85baf0bfe89fac3f698d2acfb9d0470e4134e4c5f2ae73dbab06bdd5713c63ed4159b45b497c2be45807c2762cd08a8da9e787d5f62e4a651d9ed4b7ae53520b62ab0c5b6afe36d58d7c638d8d3c35ab707b9d06d85774106d9548bc5a1eec8ecc13fbbcd53b169a2daf7401d2e37d8eeaed89b4484bf4dbfb04f36eec46866d1dbe2bb7e89179b268f1ed23323b5b58ec3169c7c02975758bcc8a3a512e4b4e0c4e947e421131ac1100e124cc38d795617615792ce0360529c4faf59e725d90a4fff8bc8b72e9c02e4962dcbb1f56622159a9185797a871f433d1608251f89e3b9329e85d59f55956c8aeeba55360454f77af85cb3288afb7a1b0fca0e73590cd9382f20fdfaebd25d14bae6ded67a90f1011a02d596e7df6e85b383cabc0b5621f1adff5c92159b827e4e00e20d6a43f07a388ffbad6372462c615fffa03d42e46747597b468b6cdbd48b1ebaa92560865c4d564b9d1fb8410da53b637e04fe40a652c3ee1c083d1257a714a8a82b4f9ce210470446698b37852ead866cc77bfee5c31d85b97d5e7a2e72e70193ebf0f1239c7785d41719293f3f9ad51cd875c61a986ec4ba0c91b790b4ea2d31a77b7e6c220f2f5b77bcf9301661506317f47cc7c6da16b85165bd6a0dd96f6fc891200913081df36e212bbd7ca947e6dbf18b435c1424a0d9881a97c8ef19ac7fdac8c3a740b302796fb5879d103f847721b15ba3c1f8557922a08f13e40f4af95ae7ee75040b1d8e8baca4a49a15b1f7144fca6f86b0f12e9442af0bbb40abb425c3ecb17fdc70717d29c42a212f80915a985140cd47a38a2b485268f06d8e8a7fcc008e396323ad746e7da9a3a9b7918010915ad7500f93b78bee08433fd363184d8d057dab2bd6b8a8efaebbdbe77c41ebe297a70ac38bea085fe8fcb62f4666f37c4526012b0b574bc6a9581d214915a1b7da4b5bf22deedf6118125d30d3df2f97871de606c0e6e6435556d9f51e69ba393a75c098fd52b33a4d45982952c6cc170b4b9a647702b4f458d241d540a374dc889d20b919fe3ffdf09f5ffd759f0827c05eac7cf99651bd3ddbd3cd8d44c310a8c853cec4897ec8d4609eb9db8e8308ed72c558a815714fe9fa09e954485a73b62d32a7207222d96f55907bd40cafe04fe900381072d159b830daca8e6d576272861f3205de07177f805833d589d591aef3f5d19f0446581c7763c79b63b7fb218c334ff60a882964887a244783822a932f6d37ef023d3e72d2ff4b2a8509fb8c610fc0c75936f7ef91c8452a6cbb237293546e36d1176abee79cf4712acd3bd5c16d8d98e72bd7e563014382d071ef0d25e87bab6ffc859d7b91622e1486825b7639ee43d23d8d57fefe0544ba4ccb813ebc2a2435d7e2e7d3b160a451ac9035900418c2f23127dc5a652dc632c710530e7238d2433d7f97c5bb37733cbaa0958518b90db12605a86a0d7a490cb1e61fd824cb8abdb9952925c4b5ad575549e3042a17be65807e295869d27a75526e7bd320a1c84b309e82b73c6b6d5f500bf5738ad9c02a0a9a48d1dd5aa45731ffa2258999a2ba66a527be04d05586e57953a6496ef33f94593c2cc15d2282522d002ca9c1daa2af2cc37a397138974df1b044219ccb32b148f9b37db370ed71ba7b69d2803df11d61191f115aa0c2befbf0b937de997e247f5a2c7626733e2b5b7439e51a020764d47b8e1b93c49261ccc65d357c33365d04c8dd4ff47a7ca28cff06a110a6ecc2ec4933e57b46309ce4728c0148152c94c0de9e03f7c698cdf1b636bc106f0db8da80f97caf4367e9a15baf009f27b1a45591f5f58f16a2d342be7b8bd99ff3f47c5b815f2be40446eb5ce071221d3ef807dac24e167c7a6f61947d68a219725ad9516a2eaa75ef51db0c9c8d3a9f0849203ee1b4b20b76861169a1ef837011e847761b9f6a9f6767d9c8f6f44d2321833a05c578e05ed88ed3eb18fff284648f7e53461615a67cf6085a33d4ca34fc7b1e8254f60d7ee7779cdab17c310f9d8b6a79d37d0c21c84fe4419b9cd75f45089ce17253e6e376536cefe58ad6e3e0d641f6bef3118a2b3a4de7a788db248b30c95cf5b2621646bcf5fc3494247e7074d0d7c828797a84782fee0ec76969dde4b27e117910e801530f77c6fa371a2c9652a77b92752293d3a2b323c454f79ae49d3e813cfe7fb556f6c6442aab0f233642d1235724a49d252fb8f869cf", 0xb85, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 09:53:30 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x164802, 0x2) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000180)={0x6, 0x0, [{0x80000007, 0x9, 0x0, 0x1126}, {0x40000005, 0x9, 0x4d279e8d, 0x836, 0x5}, {0x0, 0x5, 0x1ac9, 0x4, 0x9}, {0x4, 0x1818739, 0x800, 0x5, 0x8}, {0x40000001, 0xe36c, 0x7, 0x0, 0x8000}, {0x80000007, 0x7fffffff, 0x3f, 0x9, 0xffff}]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f0000000440)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_NMI(r2, 0xae9a) perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) add_key$user(0x0, 0x0, &(0x7f0000000480)="749d60de2332193ffd1dbff51469074d9c16dfcbcd7a1590c007aec3b884c257e10694a76a0c15d9420739862cb747e1589ef26059c349e1b2553578078f0dbe687c010763d0eb29235e62a27683d6236740d44d5d7ef4d3a70b0fda7aadbd9c1d7156ec8d06fb3a693d585709ced309780d878cd4bf3ddba1018cd4327ab95f4fe8a4f7d470b8af77baf55dab20310eda7497a4a32abe9815fddeabfbb6747a23fe3c5241757f071049a3e967273384408bbffa06f29a5091366d14be87e1677c41ceb26f6dc67579f9566482b239d2846509aa16ea55ba069a93a9e2e89f191d61eccf5e6810243972121dc62bdd7003fb74ba9b0e0700d7039aff7a91060b354554d9e17a83aed8839f6612128c035f06d875bcfeb471904f08119dfe1d7db0e6085ed25fcea42766c663d24e0f42450d371a157f61c6150d9eafaa8ae65c721c147f924d02777e295352a4c2aae89ff9fd553d051523fa8df2b6cb4ab50c672648518d3227cb97c437a434bcee4d849156a5dc420d21be21cf6d0006f0e6efe804ab2b355a4c6915e831fec874caa4e93c54b58c9a66f0d52d17b1433a7489d7e9b2f177e4b39e75e97a2c2d4538d5e33bfabb0a2183ed708f5812086006ff020cb3ee3bd638a2a4ac7451b23a65ab4e8c87b4b24f6b2caee38aa4e43c98596ebaf86ff36c445f6ddfc24342016c33e88b76ea26f713e4da5e96cd61f845ebc9b99f5a6b92ea01bd1a385cf2509646e224596f12d8cf042d34e2636c17a7ccc2128d0cab168048e61ad9e5f2c9453ad60f8d1742d564361862871d47bbe985de7af59ef97761802d7624a03597b8224343a066708ef2b6a2ea135cd1ee1e85ffd8208756441341ba820720d298522347f115cca2c2e7d34688ef29f714cf541939c1b2f21c5028f7a7fc2447e74884e2485d6f74160ca19f8defc10c87dc46a5f09f24a0b5bdc45278a49b8767a2b55e254730e64a8bbfae4f6427e9ca62a92bcfc801b7458ac046c79927e612d913868ee0732b17773a2e79dfef0b128a4d4f4561f86d62c726220b8faad6f3170cf1125e232d8b82413d18da79b7bd256a6f3bccec692e085c87c4c5be00e639d1aac3c091f4bc23206fd1d8bf3d5acdd8149593c6358752c85a92b7959c3f9c0dd66c287762661c1bdc90fdc1840ce7a626a56ef627670ed7493528b2fbb8bfe4f9981504a5f94e641a2cf0b6a640cdfd771d251ae91e67765509fd26e8d54e245d74941f3cc8d56249cc20053e5049382ba5c4759b46ea4e99a95a3d383a59dd8b334e4013b8315dc6a752860ba459649861daab71eb9435f4f231b16bf426d644fb2da53ac4b04bb70943ef5094cfc8feb0b27958b1e250f653842116374ff400d1ac0b0ed803ab8fb3c89f17cc02c11732b916cd78818d226078a863d6b67389a3fbed93d3529d5339bdd3e44b7ceff6a404d608e12af72bb74408bef09308a56af6d60ded1c78ece0d6ce1e06e53cde5eb2fc672d5ec8cde3238bfaa3051b649c4a4616a1b300ace4379cd234990ac8cedc1ce4a7c589fa9ed33fc3f040d0319d9095ed3b4be835df038aab41a4889e99f3819690fb0b7e5389e3063d86b021d08c37f3b82295ab376c693d90a21037eb814035bd11bb7d23b113cf838a1f48b9bc064aff7d02b020c7a2f822bf375781d247b775395ed4eb47871ec3c79da838c84a3a64a13720084e03a0897a26af658384ea4e056acebe2a1687a2b716ba147c553c408428d8e57c7b35e58b682ec1839f275e01fb538bd810876050e50a75a12e2cda19201a1222852f401c5c6429c89ba25197a515f7d4453b8601db153dd5ea2094a0d94690df2ed32199bfd86e6bae1b98ad62408607bde1f71a6ccbbfd2dd14df688d41acd32e9d84f05561c694b7a8ddc7d50c3b8e0e8fea418a1c27f20aa766e802a2d5178afce85baf0bfe89fac3f698d2acfb9d0470e4134e4c5f2ae73dbab06bdd5713c63ed4159b45b497c2be45807c2762cd08a8da9e787d5f62e4a651d9ed4b7ae53520b62ab0c5b6afe36d58d7c638d8d3c35ab707b9d06d85774106d9548bc5a1eec8ecc13fbbcd53b169a2daf7401d2e37d8eeaed89b4484bf4dbfb04f36eec46866d1dbe2bb7e89179b268f1ed23323b5b58ec3169c7c02975758bcc8a3a512e4b4e0c4e947e421131ac1100e124cc38d795617615792ce0360529c4faf59e725d90a4fff8bc8b72e9c02e4962dcbb1f56622159a9185797a871f433d1608251f89e3b9329e85d59f55956c8aeeba55360454f77af85cb3288afb7a1b0fca0e73590cd9382f20fdfaebd25d14bae6ded67a90f1011a02d596e7df6e85b383cabc0b5621f1adff5c92159b827e4e00e20d6a43f07a388ffbad6372462c615fffa03d42e46747597b468b6cdbd48b1ebaa92560865c4d564b9d1fb8410da53b637e04fe40a652c3ee1c083d1257a714a8a82b4f9ce210470446698b37852ead866cc77bfee5c31d85b97d5e7a2e72e70193ebf0f1239c7785d41719293f3f9ad51cd875c61a986ec4ba0c91b790b4ea2d31a77b7e6c220f2f5b77bcf9301661506317f47cc7c6da16b85165bd6a0dd96f6fc891200913081df36e212bbd7ca947e6dbf18b435c1424a0d9881a97c8ef19ac7fdac8c3a740b302796fb5879d103f847721b15ba3c1f8557922a08f13e40f4af95ae7ee75040b1d8e8baca4a49a15b1f7144fca6f86b0f12e9442af0bbb40abb425c3ecb17fdc70717d29c42a212f80915a985140cd47a38a2b485268f06d8e8a7fcc008e396323ad746e7da9a3a9b7918010915ad7500f93b78bee08433fd363184d8d057dab2bd6b8a8efaebbdbe77c41ebe297a70ac38bea085fe8fcb62f4666f37c4526012b0b574bc6a9581d214915a1b7da4b5bf22deedf6118125d30d3df2f97871de606c0e6e6435556d9f51e69ba393a75c098fd52b33a4d45982952c6cc170b4b9a647702b4f458d241d540a374dc889d20b919fe3ffdf09f5ffd759f0827c05eac7cf99651bd3ddbd3cd8d44c310a8c853cec4897ec8d4609eb9db8e8308ed72c558a815714fe9fa09e954485a73b62d32a7207222d96f55907bd40cafe04fe900381072d159b830daca8e6d576272861f3205de07177f805833d589d591aef3f5d19f0446581c7763c79b63b7fb218c334ff60a882964887a244783822a932f6d37ef023d3e72d2ff4b2a8509fb8c610fc0c75936f7ef91c8452a6cbb237293546e36d1176abee79cf4712acd3bd5c16d8d98e72bd7e563014382d071ef0d25e87bab6ffc859d7b91622e1486825b7639ee43d23d8d57fefe0544ba4ccb813ebc2a2435d7e2e7d3b160a451ac9035900418c2f23127dc5a652dc632c710530e7238d2433d7f97c5bb37733cbaa0958518b90db12605a86a0d7a490cb1e61fd824cb8abdb9952925c4b5ad575549e3042a17be65807e295869d27a75526e7bd320a1c84b309e82b73c6b6d5f500bf5738ad9c02a0a9a48d1dd5aa45731ffa2258999a2ba66a527be04d05586e57953a6496ef33f94593c2cc15d2282522d002ca9c1daa2af2cc37a397138974df1b044219ccb32b148f9b37db370ed71ba7b69d2803df11d61191f115aa0c2befbf0b937de997e247f5a2c7626733e2b5b7439e51a020764d47b8e1b93c49261ccc65d357c33365d04c8dd4ff47a7ca28cff06a110a6ecc2ec4933e57b46309ce4728c0148152c94c0de9e03f7c698cdf1b636bc106f0db8da80f97caf4367e9a15baf009f27b1a45591f5f58f16a2d342be7b8bd99ff3f47c5b815f2be40446eb5ce071221d3ef807dac24e167c7a6f61947d68a219725ad9516a2eaa75ef51db0c9c8d3a9f0849203ee1b4b20b76861169a1ef837011e847761b9f6a9f6767d9c8f6f44d2321833a05c578e05ed88ed3eb18fff284648f7e53461615a67cf6085a33d4ca34fc7b1e8254f60d7ee7779cdab17c310f9d8b6a79d37d0c21c84fe4419b9cd75f45089ce17253e6e376536cefe58ad6e3e0d641f6bef3118a2b3a4de7a788db248b30c95cf5b2621646bcf5fc3494247e7074d0d7c828797a84782fee0ec76969dde4b27e117910e801530f77c6fa371a2c9652a77b92752293d3a2b323c454f79ae49d3e813cfe7fb556f6c6442aab0f233642d1235724a49d252fb8f869cf", 0xb85, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 772.392821][T31284] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. 09:53:31 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x164802, 0x2) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000180)={0x6, 0x0, [{0x80000007, 0x9, 0x0, 0x1126}, {0x40000005, 0x9, 0x4d279e8d, 0x836, 0x5}, {0x0, 0x5, 0x1ac9, 0x4, 0x9}, {0x4, 0x1818739, 0x800, 0x5, 0x8}, {0x40000001, 0xe36c, 0x7, 0x0, 0x8000}, {0x80000007, 0x7fffffff, 0x3f, 0x9, 0xffff}]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f0000000440)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_NMI(r2, 0xae9a) perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) add_key$user(0x0, 0x0, &(0x7f0000000480)="749d60de2332193ffd1dbff51469074d9c16dfcbcd7a1590c007aec3b884c257e10694a76a0c15d9420739862cb747e1589ef26059c349e1b2553578078f0dbe687c010763d0eb29235e62a27683d6236740d44d5d7ef4d3a70b0fda7aadbd9c1d7156ec8d06fb3a693d585709ced309780d878cd4bf3ddba1018cd4327ab95f4fe8a4f7d470b8af77baf55dab20310eda7497a4a32abe9815fddeabfbb6747a23fe3c5241757f071049a3e967273384408bbffa06f29a5091366d14be87e1677c41ceb26f6dc67579f9566482b239d2846509aa16ea55ba069a93a9e2e89f191d61eccf5e6810243972121dc62bdd7003fb74ba9b0e0700d7039aff7a91060b354554d9e17a83aed8839f6612128c035f06d875bcfeb471904f08119dfe1d7db0e6085ed25fcea42766c663d24e0f42450d371a157f61c6150d9eafaa8ae65c721c147f924d02777e295352a4c2aae89ff9fd553d051523fa8df2b6cb4ab50c672648518d3227cb97c437a434bcee4d849156a5dc420d21be21cf6d0006f0e6efe804ab2b355a4c6915e831fec874caa4e93c54b58c9a66f0d52d17b1433a7489d7e9b2f177e4b39e75e97a2c2d4538d5e33bfabb0a2183ed708f5812086006ff020cb3ee3bd638a2a4ac7451b23a65ab4e8c87b4b24f6b2caee38aa4e43c98596ebaf86ff36c445f6ddfc24342016c33e88b76ea26f713e4da5e96cd61f845ebc9b99f5a6b92ea01bd1a385cf2509646e224596f12d8cf042d34e2636c17a7ccc2128d0cab168048e61ad9e5f2c9453ad60f8d1742d564361862871d47bbe985de7af59ef97761802d7624a03597b8224343a066708ef2b6a2ea135cd1ee1e85ffd8208756441341ba820720d298522347f115cca2c2e7d34688ef29f714cf541939c1b2f21c5028f7a7fc2447e74884e2485d6f74160ca19f8defc10c87dc46a5f09f24a0b5bdc45278a49b8767a2b55e254730e64a8bbfae4f6427e9ca62a92bcfc801b7458ac046c79927e612d913868ee0732b17773a2e79dfef0b128a4d4f4561f86d62c726220b8faad6f3170cf1125e232d8b82413d18da79b7bd256a6f3bccec692e085c87c4c5be00e639d1aac3c091f4bc23206fd1d8bf3d5acdd8149593c6358752c85a92b7959c3f9c0dd66c287762661c1bdc90fdc1840ce7a626a56ef627670ed7493528b2fbb8bfe4f9981504a5f94e641a2cf0b6a640cdfd771d251ae91e67765509fd26e8d54e245d74941f3cc8d56249cc20053e5049382ba5c4759b46ea4e99a95a3d383a59dd8b334e4013b8315dc6a752860ba459649861daab71eb9435f4f231b16bf426d644fb2da53ac4b04bb70943ef5094cfc8feb0b27958b1e250f653842116374ff400d1ac0b0ed803ab8fb3c89f17cc02c11732b916cd78818d226078a863d6b67389a3fbed93d3529d5339bdd3e44b7ceff6a404d608e12af72bb74408bef09308a56af6d60ded1c78ece0d6ce1e06e53cde5eb2fc672d5ec8cde3238bfaa3051b649c4a4616a1b300ace4379cd234990ac8cedc1ce4a7c589fa9ed33fc3f040d0319d9095ed3b4be835df038aab41a4889e99f3819690fb0b7e5389e3063d86b021d08c37f3b82295ab376c693d90a21037eb814035bd11bb7d23b113cf838a1f48b9bc064aff7d02b020c7a2f822bf375781d247b775395ed4eb47871ec3c79da838c84a3a64a13720084e03a0897a26af658384ea4e056acebe2a1687a2b716ba147c553c408428d8e57c7b35e58b682ec1839f275e01fb538bd810876050e50a75a12e2cda19201a1222852f401c5c6429c89ba25197a515f7d4453b8601db153dd5ea2094a0d94690df2ed32199bfd86e6bae1b98ad62408607bde1f71a6ccbbfd2dd14df688d41acd32e9d84f05561c694b7a8ddc7d50c3b8e0e8fea418a1c27f20aa766e802a2d5178afce85baf0bfe89fac3f698d2acfb9d0470e4134e4c5f2ae73dbab06bdd5713c63ed4159b45b497c2be45807c2762cd08a8da9e787d5f62e4a651d9ed4b7ae53520b62ab0c5b6afe36d58d7c638d8d3c35ab707b9d06d85774106d9548bc5a1eec8ecc13fbbcd53b169a2daf7401d2e37d8eeaed89b4484bf4dbfb04f36eec46866d1dbe2bb7e89179b268f1ed23323b5b58ec3169c7c02975758bcc8a3a512e4b4e0c4e947e421131ac1100e124cc38d795617615792ce0360529c4faf59e725d90a4fff8bc8b72e9c02e4962dcbb1f56622159a9185797a871f433d1608251f89e3b9329e85d59f55956c8aeeba55360454f77af85cb3288afb7a1b0fca0e73590cd9382f20fdfaebd25d14bae6ded67a90f1011a02d596e7df6e85b383cabc0b5621f1adff5c92159b827e4e00e20d6a43f07a388ffbad6372462c615fffa03d42e46747597b468b6cdbd48b1ebaa92560865c4d564b9d1fb8410da53b637e04fe40a652c3ee1c083d1257a714a8a82b4f9ce210470446698b37852ead866cc77bfee5c31d85b97d5e7a2e72e70193ebf0f1239c7785d41719293f3f9ad51cd875c61a986ec4ba0c91b790b4ea2d31a77b7e6c220f2f5b77bcf9301661506317f47cc7c6da16b85165bd6a0dd96f6fc891200913081df36e212bbd7ca947e6dbf18b435c1424a0d9881a97c8ef19ac7fdac8c3a740b302796fb5879d103f847721b15ba3c1f8557922a08f13e40f4af95ae7ee75040b1d8e8baca4a49a15b1f7144fca6f86b0f12e9442af0bbb40abb425c3ecb17fdc70717d29c42a212f80915a985140cd47a38a2b485268f06d8e8a7fcc008e396323ad746e7da9a3a9b7918010915ad7500f93b78bee08433fd363184d8d057dab2bd6b8a8efaebbdbe77c41ebe297a70ac38bea085fe8fcb62f4666f37c4526012b0b574bc6a9581d214915a1b7da4b5bf22deedf6118125d30d3df2f97871de606c0e6e6435556d9f51e69ba393a75c098fd52b33a4d45982952c6cc170b4b9a647702b4f458d241d540a374dc889d20b919fe3ffdf09f5ffd759f0827c05eac7cf99651bd3ddbd3cd8d44c310a8c853cec4897ec8d4609eb9db8e8308ed72c558a815714fe9fa09e954485a73b62d32a7207222d96f55907bd40cafe04fe900381072d159b830daca8e6d576272861f3205de07177f805833d589d591aef3f5d19f0446581c7763c79b63b7fb218c334ff60a882964887a244783822a932f6d37ef023d3e72d2ff4b2a8509fb8c610fc0c75936f7ef91c8452a6cbb237293546e36d1176abee79cf4712acd3bd5c16d8d98e72bd7e563014382d071ef0d25e87bab6ffc859d7b91622e1486825b7639ee43d23d8d57fefe0544ba4ccb813ebc2a2435d7e2e7d3b160a451ac9035900418c2f23127dc5a652dc632c710530e7238d2433d7f97c5bb37733cbaa0958518b90db12605a86a0d7a490cb1e61fd824cb8abdb9952925c4b5ad575549e3042a17be65807e295869d27a75526e7bd320a1c84b309e82b73c6b6d5f500bf5738ad9c02a0a9a48d1dd5aa45731ffa2258999a2ba66a527be04d05586e57953a6496ef33f94593c2cc15d2282522d002ca9c1daa2af2cc37a397138974df1b044219ccb32b148f9b37db370ed71ba7b69d2803df11d61191f115aa0c2befbf0b937de997e247f5a2c7626733e2b5b7439e51a020764d47b8e1b93c49261ccc65d357c33365d04c8dd4ff47a7ca28cff06a110a6ecc2ec4933e57b46309ce4728c0148152c94c0de9e03f7c698cdf1b636bc106f0db8da80f97caf4367e9a15baf009f27b1a45591f5f58f16a2d342be7b8bd99ff3f47c5b815f2be40446eb5ce071221d3ef807dac24e167c7a6f61947d68a219725ad9516a2eaa75ef51db0c9c8d3a9f0849203ee1b4b20b76861169a1ef837011e847761b9f6a9f6767d9c8f6f44d2321833a05c578e05ed88ed3eb18fff284648f7e53461615a67cf6085a33d4ca34fc7b1e8254f60d7ee7779cdab17c310f9d8b6a79d37d0c21c84fe4419b9cd75f45089ce17253e6e376536cefe58ad6e3e0d641f6bef3118a2b3a4de7a788db248b30c95cf5b2621646bcf5fc3494247e7074d0d7c828797a84782fee0ec76969dde4b27e117910e801530f77c6fa371a2c9652a77b92752293d3a2b323c454f79ae49d3e813cfe7fb556f6c6442aab0f233642d1235724a49d252fb8f869cf", 0xb85, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 09:53:31 executing program 1: socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) dup3(r0, r1, 0x0) recvmmsg(r1, &(0x7f0000001a00)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/63, 0x3f}], 0x1, &(0x7f0000000280)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000001940)=[{&(0x7f0000000580)=""/91, 0x5b}], 0x1, 0x0, 0x2}}], 0x2, 0x2123, 0x0) 09:53:31 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x164802, 0x2) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000180)={0x6, 0x0, [{0x80000007, 0x9, 0x0, 0x1126}, {0x40000005, 0x9, 0x4d279e8d, 0x836, 0x5}, {0x0, 0x5, 0x1ac9, 0x4, 0x9}, {0x4, 0x1818739, 0x800, 0x5, 0x8}, {0x40000001, 0xe36c, 0x7, 0x0, 0x8000}, {0x80000007, 0x7fffffff, 0x3f, 0x9, 0xffff}]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f0000000440)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_NMI(r2, 0xae9a) perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) add_key$user(0x0, 0x0, &(0x7f0000000480)="749d60de2332193ffd1dbff51469074d9c16dfcbcd7a1590c007aec3b884c257e10694a76a0c15d9420739862cb747e1589ef26059c349e1b2553578078f0dbe687c010763d0eb29235e62a27683d6236740d44d5d7ef4d3a70b0fda7aadbd9c1d7156ec8d06fb3a693d585709ced309780d878cd4bf3ddba1018cd4327ab95f4fe8a4f7d470b8af77baf55dab20310eda7497a4a32abe9815fddeabfbb6747a23fe3c5241757f071049a3e967273384408bbffa06f29a5091366d14be87e1677c41ceb26f6dc67579f9566482b239d2846509aa16ea55ba069a93a9e2e89f191d61eccf5e6810243972121dc62bdd7003fb74ba9b0e0700d7039aff7a91060b354554d9e17a83aed8839f6612128c035f06d875bcfeb471904f08119dfe1d7db0e6085ed25fcea42766c663d24e0f42450d371a157f61c6150d9eafaa8ae65c721c147f924d02777e295352a4c2aae89ff9fd553d051523fa8df2b6cb4ab50c672648518d3227cb97c437a434bcee4d849156a5dc420d21be21cf6d0006f0e6efe804ab2b355a4c6915e831fec874caa4e93c54b58c9a66f0d52d17b1433a7489d7e9b2f177e4b39e75e97a2c2d4538d5e33bfabb0a2183ed708f5812086006ff020cb3ee3bd638a2a4ac7451b23a65ab4e8c87b4b24f6b2caee38aa4e43c98596ebaf86ff36c445f6ddfc24342016c33e88b76ea26f713e4da5e96cd61f845ebc9b99f5a6b92ea01bd1a385cf2509646e224596f12d8cf042d34e2636c17a7ccc2128d0cab168048e61ad9e5f2c9453ad60f8d1742d564361862871d47bbe985de7af59ef97761802d7624a03597b8224343a066708ef2b6a2ea135cd1ee1e85ffd8208756441341ba820720d298522347f115cca2c2e7d34688ef29f714cf541939c1b2f21c5028f7a7fc2447e74884e2485d6f74160ca19f8defc10c87dc46a5f09f24a0b5bdc45278a49b8767a2b55e254730e64a8bbfae4f6427e9ca62a92bcfc801b7458ac046c79927e612d913868ee0732b17773a2e79dfef0b128a4d4f4561f86d62c726220b8faad6f3170cf1125e232d8b82413d18da79b7bd256a6f3bccec692e085c87c4c5be00e639d1aac3c091f4bc23206fd1d8bf3d5acdd8149593c6358752c85a92b7959c3f9c0dd66c287762661c1bdc90fdc1840ce7a626a56ef627670ed7493528b2fbb8bfe4f9981504a5f94e641a2cf0b6a640cdfd771d251ae91e67765509fd26e8d54e245d74941f3cc8d56249cc20053e5049382ba5c4759b46ea4e99a95a3d383a59dd8b334e4013b8315dc6a752860ba459649861daab71eb9435f4f231b16bf426d644fb2da53ac4b04bb70943ef5094cfc8feb0b27958b1e250f653842116374ff400d1ac0b0ed803ab8fb3c89f17cc02c11732b916cd78818d226078a863d6b67389a3fbed93d3529d5339bdd3e44b7ceff6a404d608e12af72bb74408bef09308a56af6d60ded1c78ece0d6ce1e06e53cde5eb2fc672d5ec8cde3238bfaa3051b649c4a4616a1b300ace4379cd234990ac8cedc1ce4a7c589fa9ed33fc3f040d0319d9095ed3b4be835df038aab41a4889e99f3819690fb0b7e5389e3063d86b021d08c37f3b82295ab376c693d90a21037eb814035bd11bb7d23b113cf838a1f48b9bc064aff7d02b020c7a2f822bf375781d247b775395ed4eb47871ec3c79da838c84a3a64a13720084e03a0897a26af658384ea4e056acebe2a1687a2b716ba147c553c408428d8e57c7b35e58b682ec1839f275e01fb538bd810876050e50a75a12e2cda19201a1222852f401c5c6429c89ba25197a515f7d4453b8601db153dd5ea2094a0d94690df2ed32199bfd86e6bae1b98ad62408607bde1f71a6ccbbfd2dd14df688d41acd32e9d84f05561c694b7a8ddc7d50c3b8e0e8fea418a1c27f20aa766e802a2d5178afce85baf0bfe89fac3f698d2acfb9d0470e4134e4c5f2ae73dbab06bdd5713c63ed4159b45b497c2be45807c2762cd08a8da9e787d5f62e4a651d9ed4b7ae53520b62ab0c5b6afe36d58d7c638d8d3c35ab707b9d06d85774106d9548bc5a1eec8ecc13fbbcd53b169a2daf7401d2e37d8eeaed89b4484bf4dbfb04f36eec46866d1dbe2bb7e89179b268f1ed23323b5b58ec3169c7c02975758bcc8a3a512e4b4e0c4e947e421131ac1100e124cc38d795617615792ce0360529c4faf59e725d90a4fff8bc8b72e9c02e4962dcbb1f56622159a9185797a871f433d1608251f89e3b9329e85d59f55956c8aeeba55360454f77af85cb3288afb7a1b0fca0e73590cd9382f20fdfaebd25d14bae6ded67a90f1011a02d596e7df6e85b383cabc0b5621f1adff5c92159b827e4e00e20d6a43f07a388ffbad6372462c615fffa03d42e46747597b468b6cdbd48b1ebaa92560865c4d564b9d1fb8410da53b637e04fe40a652c3ee1c083d1257a714a8a82b4f9ce210470446698b37852ead866cc77bfee5c31d85b97d5e7a2e72e70193ebf0f1239c7785d41719293f3f9ad51cd875c61a986ec4ba0c91b790b4ea2d31a77b7e6c220f2f5b77bcf9301661506317f47cc7c6da16b85165bd6a0dd96f6fc891200913081df36e212bbd7ca947e6dbf18b435c1424a0d9881a97c8ef19ac7fdac8c3a740b302796fb5879d103f847721b15ba3c1f8557922a08f13e40f4af95ae7ee75040b1d8e8baca4a49a15b1f7144fca6f86b0f12e9442af0bbb40abb425c3ecb17fdc70717d29c42a212f80915a985140cd47a38a2b485268f06d8e8a7fcc008e396323ad746e7da9a3a9b7918010915ad7500f93b78bee08433fd363184d8d057dab2bd6b8a8efaebbdbe77c41ebe297a70ac38bea085fe8fcb62f4666f37c4526012b0b574bc6a9581d214915a1b7da4b5bf22deedf6118125d30d3df2f97871de606c0e6e6435556d9f51e69ba393a75c098fd52b33a4d45982952c6cc170b4b9a647702b4f458d241d540a374dc889d20b919fe3ffdf09f5ffd759f0827c05eac7cf99651bd3ddbd3cd8d44c310a8c853cec4897ec8d4609eb9db8e8308ed72c558a815714fe9fa09e954485a73b62d32a7207222d96f55907bd40cafe04fe900381072d159b830daca8e6d576272861f3205de07177f805833d589d591aef3f5d19f0446581c7763c79b63b7fb218c334ff60a882964887a244783822a932f6d37ef023d3e72d2ff4b2a8509fb8c610fc0c75936f7ef91c8452a6cbb237293546e36d1176abee79cf4712acd3bd5c16d8d98e72bd7e563014382d071ef0d25e87bab6ffc859d7b91622e1486825b7639ee43d23d8d57fefe0544ba4ccb813ebc2a2435d7e2e7d3b160a451ac9035900418c2f23127dc5a652dc632c710530e7238d2433d7f97c5bb37733cbaa0958518b90db12605a86a0d7a490cb1e61fd824cb8abdb9952925c4b5ad575549e3042a17be65807e295869d27a75526e7bd320a1c84b309e82b73c6b6d5f500bf5738ad9c02a0a9a48d1dd5aa45731ffa2258999a2ba66a527be04d05586e57953a6496ef33f94593c2cc15d2282522d002ca9c1daa2af2cc37a397138974df1b044219ccb32b148f9b37db370ed71ba7b69d2803df11d61191f115aa0c2befbf0b937de997e247f5a2c7626733e2b5b7439e51a020764d47b8e1b93c49261ccc65d357c33365d04c8dd4ff47a7ca28cff06a110a6ecc2ec4933e57b46309ce4728c0148152c94c0de9e03f7c698cdf1b636bc106f0db8da80f97caf4367e9a15baf009f27b1a45591f5f58f16a2d342be7b8bd99ff3f47c5b815f2be40446eb5ce071221d3ef807dac24e167c7a6f61947d68a219725ad9516a2eaa75ef51db0c9c8d3a9f0849203ee1b4b20b76861169a1ef837011e847761b9f6a9f6767d9c8f6f44d2321833a05c578e05ed88ed3eb18fff284648f7e53461615a67cf6085a33d4ca34fc7b1e8254f60d7ee7779cdab17c310f9d8b6a79d37d0c21c84fe4419b9cd75f45089ce17253e6e376536cefe58ad6e3e0d641f6bef3118a2b3a4de7a788db248b30c95cf5b2621646bcf5fc3494247e7074d0d7c828797a84782fee0ec76969dde4b27e117910e801530f77c6fa371a2c9652a77b92752293d3a2b323c454f79ae49d3e813cfe7fb556f6c6442aab0f233642d1235724a49d252fb8f869cf", 0xb85, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 09:53:31 executing program 1: socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) dup3(r0, r1, 0x0) recvmmsg(r1, &(0x7f0000001a00)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/63, 0x3f}], 0x1, &(0x7f0000000280)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000001940)=[{&(0x7f0000000580)=""/91, 0x5b}], 0x1, 0x0, 0x2}}], 0x2, 0x2123, 0x0) 09:53:31 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x164802, 0x2) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000180)={0x6, 0x0, [{0x80000007, 0x9, 0x0, 0x1126}, {0x40000005, 0x9, 0x4d279e8d, 0x836, 0x5}, {0x0, 0x5, 0x1ac9, 0x4, 0x9}, {0x4, 0x1818739, 0x800, 0x5, 0x8}, {0x40000001, 0xe36c, 0x7, 0x0, 0x8000}, {0x80000007, 0x7fffffff, 0x3f, 0x9, 0xffff}]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f0000000440)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_NMI(r2, 0xae9a) perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) add_key$user(0x0, 0x0, &(0x7f0000000480)="749d60de2332193ffd1dbff51469074d9c16dfcbcd7a1590c007aec3b884c257e10694a76a0c15d9420739862cb747e1589ef26059c349e1b2553578078f0dbe687c010763d0eb29235e62a27683d6236740d44d5d7ef4d3a70b0fda7aadbd9c1d7156ec8d06fb3a693d585709ced309780d878cd4bf3ddba1018cd4327ab95f4fe8a4f7d470b8af77baf55dab20310eda7497a4a32abe9815fddeabfbb6747a23fe3c5241757f071049a3e967273384408bbffa06f29a5091366d14be87e1677c41ceb26f6dc67579f9566482b239d2846509aa16ea55ba069a93a9e2e89f191d61eccf5e6810243972121dc62bdd7003fb74ba9b0e0700d7039aff7a91060b354554d9e17a83aed8839f6612128c035f06d875bcfeb471904f08119dfe1d7db0e6085ed25fcea42766c663d24e0f42450d371a157f61c6150d9eafaa8ae65c721c147f924d02777e295352a4c2aae89ff9fd553d051523fa8df2b6cb4ab50c672648518d3227cb97c437a434bcee4d849156a5dc420d21be21cf6d0006f0e6efe804ab2b355a4c6915e831fec874caa4e93c54b58c9a66f0d52d17b1433a7489d7e9b2f177e4b39e75e97a2c2d4538d5e33bfabb0a2183ed708f5812086006ff020cb3ee3bd638a2a4ac7451b23a65ab4e8c87b4b24f6b2caee38aa4e43c98596ebaf86ff36c445f6ddfc24342016c33e88b76ea26f713e4da5e96cd61f845ebc9b99f5a6b92ea01bd1a385cf2509646e224596f12d8cf042d34e2636c17a7ccc2128d0cab168048e61ad9e5f2c9453ad60f8d1742d564361862871d47bbe985de7af59ef97761802d7624a03597b8224343a066708ef2b6a2ea135cd1ee1e85ffd8208756441341ba820720d298522347f115cca2c2e7d34688ef29f714cf541939c1b2f21c5028f7a7fc2447e74884e2485d6f74160ca19f8defc10c87dc46a5f09f24a0b5bdc45278a49b8767a2b55e254730e64a8bbfae4f6427e9ca62a92bcfc801b7458ac046c79927e612d913868ee0732b17773a2e79dfef0b128a4d4f4561f86d62c726220b8faad6f3170cf1125e232d8b82413d18da79b7bd256a6f3bccec692e085c87c4c5be00e639d1aac3c091f4bc23206fd1d8bf3d5acdd8149593c6358752c85a92b7959c3f9c0dd66c287762661c1bdc90fdc1840ce7a626a56ef627670ed7493528b2fbb8bfe4f9981504a5f94e641a2cf0b6a640cdfd771d251ae91e67765509fd26e8d54e245d74941f3cc8d56249cc20053e5049382ba5c4759b46ea4e99a95a3d383a59dd8b334e4013b8315dc6a752860ba459649861daab71eb9435f4f231b16bf426d644fb2da53ac4b04bb70943ef5094cfc8feb0b27958b1e250f653842116374ff400d1ac0b0ed803ab8fb3c89f17cc02c11732b916cd78818d226078a863d6b67389a3fbed93d3529d5339bdd3e44b7ceff6a404d608e12af72bb74408bef09308a56af6d60ded1c78ece0d6ce1e06e53cde5eb2fc672d5ec8cde3238bfaa3051b649c4a4616a1b300ace4379cd234990ac8cedc1ce4a7c589fa9ed33fc3f040d0319d9095ed3b4be835df038aab41a4889e99f3819690fb0b7e5389e3063d86b021d08c37f3b82295ab376c693d90a21037eb814035bd11bb7d23b113cf838a1f48b9bc064aff7d02b020c7a2f822bf375781d247b775395ed4eb47871ec3c79da838c84a3a64a13720084e03a0897a26af658384ea4e056acebe2a1687a2b716ba147c553c408428d8e57c7b35e58b682ec1839f275e01fb538bd810876050e50a75a12e2cda19201a1222852f401c5c6429c89ba25197a515f7d4453b8601db153dd5ea2094a0d94690df2ed32199bfd86e6bae1b98ad62408607bde1f71a6ccbbfd2dd14df688d41acd32e9d84f05561c694b7a8ddc7d50c3b8e0e8fea418a1c27f20aa766e802a2d5178afce85baf0bfe89fac3f698d2acfb9d0470e4134e4c5f2ae73dbab06bdd5713c63ed4159b45b497c2be45807c2762cd08a8da9e787d5f62e4a651d9ed4b7ae53520b62ab0c5b6afe36d58d7c638d8d3c35ab707b9d06d85774106d9548bc5a1eec8ecc13fbbcd53b169a2daf7401d2e37d8eeaed89b4484bf4dbfb04f36eec46866d1dbe2bb7e89179b268f1ed23323b5b58ec3169c7c02975758bcc8a3a512e4b4e0c4e947e421131ac1100e124cc38d795617615792ce0360529c4faf59e725d90a4fff8bc8b72e9c02e4962dcbb1f56622159a9185797a871f433d1608251f89e3b9329e85d59f55956c8aeeba55360454f77af85cb3288afb7a1b0fca0e73590cd9382f20fdfaebd25d14bae6ded67a90f1011a02d596e7df6e85b383cabc0b5621f1adff5c92159b827e4e00e20d6a43f07a388ffbad6372462c615fffa03d42e46747597b468b6cdbd48b1ebaa92560865c4d564b9d1fb8410da53b637e04fe40a652c3ee1c083d1257a714a8a82b4f9ce210470446698b37852ead866cc77bfee5c31d85b97d5e7a2e72e70193ebf0f1239c7785d41719293f3f9ad51cd875c61a986ec4ba0c91b790b4ea2d31a77b7e6c220f2f5b77bcf9301661506317f47cc7c6da16b85165bd6a0dd96f6fc891200913081df36e212bbd7ca947e6dbf18b435c1424a0d9881a97c8ef19ac7fdac8c3a740b302796fb5879d103f847721b15ba3c1f8557922a08f13e40f4af95ae7ee75040b1d8e8baca4a49a15b1f7144fca6f86b0f12e9442af0bbb40abb425c3ecb17fdc70717d29c42a212f80915a985140cd47a38a2b485268f06d8e8a7fcc008e396323ad746e7da9a3a9b7918010915ad7500f93b78bee08433fd363184d8d057dab2bd6b8a8efaebbdbe77c41ebe297a70ac38bea085fe8fcb62f4666f37c4526012b0b574bc6a9581d214915a1b7da4b5bf22deedf6118125d30d3df2f97871de606c0e6e6435556d9f51e69ba393a75c098fd52b33a4d45982952c6cc170b4b9a647702b4f458d241d540a374dc889d20b919fe3ffdf09f5ffd759f0827c05eac7cf99651bd3ddbd3cd8d44c310a8c853cec4897ec8d4609eb9db8e8308ed72c558a815714fe9fa09e954485a73b62d32a7207222d96f55907bd40cafe04fe900381072d159b830daca8e6d576272861f3205de07177f805833d589d591aef3f5d19f0446581c7763c79b63b7fb218c334ff60a882964887a244783822a932f6d37ef023d3e72d2ff4b2a8509fb8c610fc0c75936f7ef91c8452a6cbb237293546e36d1176abee79cf4712acd3bd5c16d8d98e72bd7e563014382d071ef0d25e87bab6ffc859d7b91622e1486825b7639ee43d23d8d57fefe0544ba4ccb813ebc2a2435d7e2e7d3b160a451ac9035900418c2f23127dc5a652dc632c710530e7238d2433d7f97c5bb37733cbaa0958518b90db12605a86a0d7a490cb1e61fd824cb8abdb9952925c4b5ad575549e3042a17be65807e295869d27a75526e7bd320a1c84b309e82b73c6b6d5f500bf5738ad9c02a0a9a48d1dd5aa45731ffa2258999a2ba66a527be04d05586e57953a6496ef33f94593c2cc15d2282522d002ca9c1daa2af2cc37a397138974df1b044219ccb32b148f9b37db370ed71ba7b69d2803df11d61191f115aa0c2befbf0b937de997e247f5a2c7626733e2b5b7439e51a020764d47b8e1b93c49261ccc65d357c33365d04c8dd4ff47a7ca28cff06a110a6ecc2ec4933e57b46309ce4728c0148152c94c0de9e03f7c698cdf1b636bc106f0db8da80f97caf4367e9a15baf009f27b1a45591f5f58f16a2d342be7b8bd99ff3f47c5b815f2be40446eb5ce071221d3ef807dac24e167c7a6f61947d68a219725ad9516a2eaa75ef51db0c9c8d3a9f0849203ee1b4b20b76861169a1ef837011e847761b9f6a9f6767d9c8f6f44d2321833a05c578e05ed88ed3eb18fff284648f7e53461615a67cf6085a33d4ca34fc7b1e8254f60d7ee7779cdab17c310f9d8b6a79d37d0c21c84fe4419b9cd75f45089ce17253e6e376536cefe58ad6e3e0d641f6bef3118a2b3a4de7a788db248b30c95cf5b2621646bcf5fc3494247e7074d0d7c828797a84782fee0ec76969dde4b27e117910e801530f77c6fa371a2c9652a77b92752293d3a2b323c454f79ae49d3e813cfe7fb556f6c6442aab0f233642d1235724a49d252fb8f869cf", 0xb85, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 09:53:31 executing program 1: socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) dup3(r0, r1, 0x0) recvmmsg(r1, &(0x7f0000001a00)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/63, 0x3f}], 0x1, &(0x7f0000000280)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000001940)=[{&(0x7f0000000580)=""/91, 0x5b}], 0x1, 0x0, 0x2}}], 0x2, 0x2123, 0x0) 09:53:31 executing program 1: socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) dup3(r0, r1, 0x0) recvmmsg(r1, &(0x7f0000001a00)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/63, 0x3f}], 0x1, &(0x7f0000000280)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000001940)=[{&(0x7f0000000580)=""/91, 0x5b}], 0x1, 0x0, 0x2}}], 0x2, 0x2123, 0x0) 09:53:32 executing program 1: socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) dup3(r0, r1, 0x0) recvmmsg(r1, &(0x7f0000001a00)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/63, 0x3f}], 0x1, &(0x7f0000000280)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000001940)=[{&(0x7f0000000580)=""/91, 0x5b}], 0x1, 0x0, 0x2}}], 0x2, 0x2123, 0x0) 09:53:32 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x164802, 0x2) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000180)={0x6, 0x0, [{0x80000007, 0x9, 0x0, 0x1126}, {0x40000005, 0x9, 0x4d279e8d, 0x836, 0x5}, {0x0, 0x5, 0x1ac9, 0x4, 0x9}, {0x4, 0x1818739, 0x800, 0x5, 0x8}, {0x40000001, 0xe36c, 0x7, 0x0, 0x8000}, {0x80000007, 0x7fffffff, 0x3f, 0x9, 0xffff}]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f0000000440)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_NMI(r2, 0xae9a) perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) add_key$user(0x0, 0x0, &(0x7f0000000480)="749d60de2332193ffd1dbff51469074d9c16dfcbcd7a1590c007aec3b884c257e10694a76a0c15d9420739862cb747e1589ef26059c349e1b2553578078f0dbe687c010763d0eb29235e62a27683d6236740d44d5d7ef4d3a70b0fda7aadbd9c1d7156ec8d06fb3a693d585709ced309780d878cd4bf3ddba1018cd4327ab95f4fe8a4f7d470b8af77baf55dab20310eda7497a4a32abe9815fddeabfbb6747a23fe3c5241757f071049a3e967273384408bbffa06f29a5091366d14be87e1677c41ceb26f6dc67579f9566482b239d2846509aa16ea55ba069a93a9e2e89f191d61eccf5e6810243972121dc62bdd7003fb74ba9b0e0700d7039aff7a91060b354554d9e17a83aed8839f6612128c035f06d875bcfeb471904f08119dfe1d7db0e6085ed25fcea42766c663d24e0f42450d371a157f61c6150d9eafaa8ae65c721c147f924d02777e295352a4c2aae89ff9fd553d051523fa8df2b6cb4ab50c672648518d3227cb97c437a434bcee4d849156a5dc420d21be21cf6d0006f0e6efe804ab2b355a4c6915e831fec874caa4e93c54b58c9a66f0d52d17b1433a7489d7e9b2f177e4b39e75e97a2c2d4538d5e33bfabb0a2183ed708f5812086006ff020cb3ee3bd638a2a4ac7451b23a65ab4e8c87b4b24f6b2caee38aa4e43c98596ebaf86ff36c445f6ddfc24342016c33e88b76ea26f713e4da5e96cd61f845ebc9b99f5a6b92ea01bd1a385cf2509646e224596f12d8cf042d34e2636c17a7ccc2128d0cab168048e61ad9e5f2c9453ad60f8d1742d564361862871d47bbe985de7af59ef97761802d7624a03597b8224343a066708ef2b6a2ea135cd1ee1e85ffd8208756441341ba820720d298522347f115cca2c2e7d34688ef29f714cf541939c1b2f21c5028f7a7fc2447e74884e2485d6f74160ca19f8defc10c87dc46a5f09f24a0b5bdc45278a49b8767a2b55e254730e64a8bbfae4f6427e9ca62a92bcfc801b7458ac046c79927e612d913868ee0732b17773a2e79dfef0b128a4d4f4561f86d62c726220b8faad6f3170cf1125e232d8b82413d18da79b7bd256a6f3bccec692e085c87c4c5be00e639d1aac3c091f4bc23206fd1d8bf3d5acdd8149593c6358752c85a92b7959c3f9c0dd66c287762661c1bdc90fdc1840ce7a626a56ef627670ed7493528b2fbb8bfe4f9981504a5f94e641a2cf0b6a640cdfd771d251ae91e67765509fd26e8d54e245d74941f3cc8d56249cc20053e5049382ba5c4759b46ea4e99a95a3d383a59dd8b334e4013b8315dc6a752860ba459649861daab71eb9435f4f231b16bf426d644fb2da53ac4b04bb70943ef5094cfc8feb0b27958b1e250f653842116374ff400d1ac0b0ed803ab8fb3c89f17cc02c11732b916cd78818d226078a863d6b67389a3fbed93d3529d5339bdd3e44b7ceff6a404d608e12af72bb74408bef09308a56af6d60ded1c78ece0d6ce1e06e53cde5eb2fc672d5ec8cde3238bfaa3051b649c4a4616a1b300ace4379cd234990ac8cedc1ce4a7c589fa9ed33fc3f040d0319d9095ed3b4be835df038aab41a4889e99f3819690fb0b7e5389e3063d86b021d08c37f3b82295ab376c693d90a21037eb814035bd11bb7d23b113cf838a1f48b9bc064aff7d02b020c7a2f822bf375781d247b775395ed4eb47871ec3c79da838c84a3a64a13720084e03a0897a26af658384ea4e056acebe2a1687a2b716ba147c553c408428d8e57c7b35e58b682ec1839f275e01fb538bd810876050e50a75a12e2cda19201a1222852f401c5c6429c89ba25197a515f7d4453b8601db153dd5ea2094a0d94690df2ed32199bfd86e6bae1b98ad62408607bde1f71a6ccbbfd2dd14df688d41acd32e9d84f05561c694b7a8ddc7d50c3b8e0e8fea418a1c27f20aa766e802a2d5178afce85baf0bfe89fac3f698d2acfb9d0470e4134e4c5f2ae73dbab06bdd5713c63ed4159b45b497c2be45807c2762cd08a8da9e787d5f62e4a651d9ed4b7ae53520b62ab0c5b6afe36d58d7c638d8d3c35ab707b9d06d85774106d9548bc5a1eec8ecc13fbbcd53b169a2daf7401d2e37d8eeaed89b4484bf4dbfb04f36eec46866d1dbe2bb7e89179b268f1ed23323b5b58ec3169c7c02975758bcc8a3a512e4b4e0c4e947e421131ac1100e124cc38d795617615792ce0360529c4faf59e725d90a4fff8bc8b72e9c02e4962dcbb1f56622159a9185797a871f433d1608251f89e3b9329e85d59f55956c8aeeba55360454f77af85cb3288afb7a1b0fca0e73590cd9382f20fdfaebd25d14bae6ded67a90f1011a02d596e7df6e85b383cabc0b5621f1adff5c92159b827e4e00e20d6a43f07a388ffbad6372462c615fffa03d42e46747597b468b6cdbd48b1ebaa92560865c4d564b9d1fb8410da53b637e04fe40a652c3ee1c083d1257a714a8a82b4f9ce210470446698b37852ead866cc77bfee5c31d85b97d5e7a2e72e70193ebf0f1239c7785d41719293f3f9ad51cd875c61a986ec4ba0c91b790b4ea2d31a77b7e6c220f2f5b77bcf9301661506317f47cc7c6da16b85165bd6a0dd96f6fc891200913081df36e212bbd7ca947e6dbf18b435c1424a0d9881a97c8ef19ac7fdac8c3a740b302796fb5879d103f847721b15ba3c1f8557922a08f13e40f4af95ae7ee75040b1d8e8baca4a49a15b1f7144fca6f86b0f12e9442af0bbb40abb425c3ecb17fdc70717d29c42a212f80915a985140cd47a38a2b485268f06d8e8a7fcc008e396323ad746e7da9a3a9b7918010915ad7500f93b78bee08433fd363184d8d057dab2bd6b8a8efaebbdbe77c41ebe297a70ac38bea085fe8fcb62f4666f37c4526012b0b574bc6a9581d214915a1b7da4b5bf22deedf6118125d30d3df2f97871de606c0e6e6435556d9f51e69ba393a75c098fd52b33a4d45982952c6cc170b4b9a647702b4f458d241d540a374dc889d20b919fe3ffdf09f5ffd759f0827c05eac7cf99651bd3ddbd3cd8d44c310a8c853cec4897ec8d4609eb9db8e8308ed72c558a815714fe9fa09e954485a73b62d32a7207222d96f55907bd40cafe04fe900381072d159b830daca8e6d576272861f3205de07177f805833d589d591aef3f5d19f0446581c7763c79b63b7fb218c334ff60a882964887a244783822a932f6d37ef023d3e72d2ff4b2a8509fb8c610fc0c75936f7ef91c8452a6cbb237293546e36d1176abee79cf4712acd3bd5c16d8d98e72bd7e563014382d071ef0d25e87bab6ffc859d7b91622e1486825b7639ee43d23d8d57fefe0544ba4ccb813ebc2a2435d7e2e7d3b160a451ac9035900418c2f23127dc5a652dc632c710530e7238d2433d7f97c5bb37733cbaa0958518b90db12605a86a0d7a490cb1e61fd824cb8abdb9952925c4b5ad575549e3042a17be65807e295869d27a75526e7bd320a1c84b309e82b73c6b6d5f500bf5738ad9c02a0a9a48d1dd5aa45731ffa2258999a2ba66a527be04d05586e57953a6496ef33f94593c2cc15d2282522d002ca9c1daa2af2cc37a397138974df1b044219ccb32b148f9b37db370ed71ba7b69d2803df11d61191f115aa0c2befbf0b937de997e247f5a2c7626733e2b5b7439e51a020764d47b8e1b93c49261ccc65d357c33365d04c8dd4ff47a7ca28cff06a110a6ecc2ec4933e57b46309ce4728c0148152c94c0de9e03f7c698cdf1b636bc106f0db8da80f97caf4367e9a15baf009f27b1a45591f5f58f16a2d342be7b8bd99ff3f47c5b815f2be40446eb5ce071221d3ef807dac24e167c7a6f61947d68a219725ad9516a2eaa75ef51db0c9c8d3a9f0849203ee1b4b20b76861169a1ef837011e847761b9f6a9f6767d9c8f6f44d2321833a05c578e05ed88ed3eb18fff284648f7e53461615a67cf6085a33d4ca34fc7b1e8254f60d7ee7779cdab17c310f9d8b6a79d37d0c21c84fe4419b9cd75f45089ce17253e6e376536cefe58ad6e3e0d641f6bef3118a2b3a4de7a788db248b30c95cf5b2621646bcf5fc3494247e7074d0d7c828797a84782fee0ec76969dde4b27e117910e801530f77c6fa371a2c9652a77b92752293d3a2b323c454f79ae49d3e813cfe7fb556f6c6442aab0f233642d1235724a49d252fb8f869cf", 0xb85, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 09:53:32 executing program 0: socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) dup3(r0, r1, 0x0) recvmmsg(r1, &(0x7f0000001a00)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/63, 0x3f}], 0x1, &(0x7f0000000280)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000001940)=[{&(0x7f0000000580)=""/91, 0x5b}], 0x1, 0x0, 0x2}}], 0x2, 0x2123, 0x0) 09:53:32 executing program 1: socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) dup3(r0, r1, 0x0) recvmmsg(r1, &(0x7f0000001a00)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/63, 0x3f}], 0x1, &(0x7f0000000280)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000001940)=[{&(0x7f0000000580)=""/91, 0x5b}], 0x1, 0x0, 0x2}}], 0x2, 0x2123, 0x0) 09:53:32 executing program 0: socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) dup3(r0, r1, 0x0) recvmmsg(r1, &(0x7f0000001a00)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/63, 0x3f}], 0x1, &(0x7f0000000280)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000001940)=[{&(0x7f0000000580)=""/91, 0x5b}], 0x1, 0x0, 0x2}}], 0x2, 0x2123, 0x0) 09:53:32 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x164802, 0x2) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000180)={0x6, 0x0, [{0x80000007, 0x9, 0x0, 0x1126}, {0x40000005, 0x9, 0x4d279e8d, 0x836, 0x5}, {0x0, 0x5, 0x1ac9, 0x4, 0x9}, {0x4, 0x1818739, 0x800, 0x5, 0x8}, {0x40000001, 0xe36c, 0x7, 0x0, 0x8000}, {0x80000007, 0x7fffffff, 0x3f, 0x9, 0xffff}]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f0000000440)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_NMI(r2, 0xae9a) perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) add_key$user(0x0, 0x0, &(0x7f0000000480)="749d60de2332193ffd1dbff51469074d9c16dfcbcd7a1590c007aec3b884c257e10694a76a0c15d9420739862cb747e1589ef26059c349e1b2553578078f0dbe687c010763d0eb29235e62a27683d6236740d44d5d7ef4d3a70b0fda7aadbd9c1d7156ec8d06fb3a693d585709ced309780d878cd4bf3ddba1018cd4327ab95f4fe8a4f7d470b8af77baf55dab20310eda7497a4a32abe9815fddeabfbb6747a23fe3c5241757f071049a3e967273384408bbffa06f29a5091366d14be87e1677c41ceb26f6dc67579f9566482b239d2846509aa16ea55ba069a93a9e2e89f191d61eccf5e6810243972121dc62bdd7003fb74ba9b0e0700d7039aff7a91060b354554d9e17a83aed8839f6612128c035f06d875bcfeb471904f08119dfe1d7db0e6085ed25fcea42766c663d24e0f42450d371a157f61c6150d9eafaa8ae65c721c147f924d02777e295352a4c2aae89ff9fd553d051523fa8df2b6cb4ab50c672648518d3227cb97c437a434bcee4d849156a5dc420d21be21cf6d0006f0e6efe804ab2b355a4c6915e831fec874caa4e93c54b58c9a66f0d52d17b1433a7489d7e9b2f177e4b39e75e97a2c2d4538d5e33bfabb0a2183ed708f5812086006ff020cb3ee3bd638a2a4ac7451b23a65ab4e8c87b4b24f6b2caee38aa4e43c98596ebaf86ff36c445f6ddfc24342016c33e88b76ea26f713e4da5e96cd61f845ebc9b99f5a6b92ea01bd1a385cf2509646e224596f12d8cf042d34e2636c17a7ccc2128d0cab168048e61ad9e5f2c9453ad60f8d1742d564361862871d47bbe985de7af59ef97761802d7624a03597b8224343a066708ef2b6a2ea135cd1ee1e85ffd8208756441341ba820720d298522347f115cca2c2e7d34688ef29f714cf541939c1b2f21c5028f7a7fc2447e74884e2485d6f74160ca19f8defc10c87dc46a5f09f24a0b5bdc45278a49b8767a2b55e254730e64a8bbfae4f6427e9ca62a92bcfc801b7458ac046c79927e612d913868ee0732b17773a2e79dfef0b128a4d4f4561f86d62c726220b8faad6f3170cf1125e232d8b82413d18da79b7bd256a6f3bccec692e085c87c4c5be00e639d1aac3c091f4bc23206fd1d8bf3d5acdd8149593c6358752c85a92b7959c3f9c0dd66c287762661c1bdc90fdc1840ce7a626a56ef627670ed7493528b2fbb8bfe4f9981504a5f94e641a2cf0b6a640cdfd771d251ae91e67765509fd26e8d54e245d74941f3cc8d56249cc20053e5049382ba5c4759b46ea4e99a95a3d383a59dd8b334e4013b8315dc6a752860ba459649861daab71eb9435f4f231b16bf426d644fb2da53ac4b04bb70943ef5094cfc8feb0b27958b1e250f653842116374ff400d1ac0b0ed803ab8fb3c89f17cc02c11732b916cd78818d226078a863d6b67389a3fbed93d3529d5339bdd3e44b7ceff6a404d608e12af72bb74408bef09308a56af6d60ded1c78ece0d6ce1e06e53cde5eb2fc672d5ec8cde3238bfaa3051b649c4a4616a1b300ace4379cd234990ac8cedc1ce4a7c589fa9ed33fc3f040d0319d9095ed3b4be835df038aab41a4889e99f3819690fb0b7e5389e3063d86b021d08c37f3b82295ab376c693d90a21037eb814035bd11bb7d23b113cf838a1f48b9bc064aff7d02b020c7a2f822bf375781d247b775395ed4eb47871ec3c79da838c84a3a64a13720084e03a0897a26af658384ea4e056acebe2a1687a2b716ba147c553c408428d8e57c7b35e58b682ec1839f275e01fb538bd810876050e50a75a12e2cda19201a1222852f401c5c6429c89ba25197a515f7d4453b8601db153dd5ea2094a0d94690df2ed32199bfd86e6bae1b98ad62408607bde1f71a6ccbbfd2dd14df688d41acd32e9d84f05561c694b7a8ddc7d50c3b8e0e8fea418a1c27f20aa766e802a2d5178afce85baf0bfe89fac3f698d2acfb9d0470e4134e4c5f2ae73dbab06bdd5713c63ed4159b45b497c2be45807c2762cd08a8da9e787d5f62e4a651d9ed4b7ae53520b62ab0c5b6afe36d58d7c638d8d3c35ab707b9d06d85774106d9548bc5a1eec8ecc13fbbcd53b169a2daf7401d2e37d8eeaed89b4484bf4dbfb04f36eec46866d1dbe2bb7e89179b268f1ed23323b5b58ec3169c7c02975758bcc8a3a512e4b4e0c4e947e421131ac1100e124cc38d795617615792ce0360529c4faf59e725d90a4fff8bc8b72e9c02e4962dcbb1f56622159a9185797a871f433d1608251f89e3b9329e85d59f55956c8aeeba55360454f77af85cb3288afb7a1b0fca0e73590cd9382f20fdfaebd25d14bae6ded67a90f1011a02d596e7df6e85b383cabc0b5621f1adff5c92159b827e4e00e20d6a43f07a388ffbad6372462c615fffa03d42e46747597b468b6cdbd48b1ebaa92560865c4d564b9d1fb8410da53b637e04fe40a652c3ee1c083d1257a714a8a82b4f9ce210470446698b37852ead866cc77bfee5c31d85b97d5e7a2e72e70193ebf0f1239c7785d41719293f3f9ad51cd875c61a986ec4ba0c91b790b4ea2d31a77b7e6c220f2f5b77bcf9301661506317f47cc7c6da16b85165bd6a0dd96f6fc891200913081df36e212bbd7ca947e6dbf18b435c1424a0d9881a97c8ef19ac7fdac8c3a740b302796fb5879d103f847721b15ba3c1f8557922a08f13e40f4af95ae7ee75040b1d8e8baca4a49a15b1f7144fca6f86b0f12e9442af0bbb40abb425c3ecb17fdc70717d29c42a212f80915a985140cd47a38a2b485268f06d8e8a7fcc008e396323ad746e7da9a3a9b7918010915ad7500f93b78bee08433fd363184d8d057dab2bd6b8a8efaebbdbe77c41ebe297a70ac38bea085fe8fcb62f4666f37c4526012b0b574bc6a9581d214915a1b7da4b5bf22deedf6118125d30d3df2f97871de606c0e6e6435556d9f51e69ba393a75c098fd52b33a4d45982952c6cc170b4b9a647702b4f458d241d540a374dc889d20b919fe3ffdf09f5ffd759f0827c05eac7cf99651bd3ddbd3cd8d44c310a8c853cec4897ec8d4609eb9db8e8308ed72c558a815714fe9fa09e954485a73b62d32a7207222d96f55907bd40cafe04fe900381072d159b830daca8e6d576272861f3205de07177f805833d589d591aef3f5d19f0446581c7763c79b63b7fb218c334ff60a882964887a244783822a932f6d37ef023d3e72d2ff4b2a8509fb8c610fc0c75936f7ef91c8452a6cbb237293546e36d1176abee79cf4712acd3bd5c16d8d98e72bd7e563014382d071ef0d25e87bab6ffc859d7b91622e1486825b7639ee43d23d8d57fefe0544ba4ccb813ebc2a2435d7e2e7d3b160a451ac9035900418c2f23127dc5a652dc632c710530e7238d2433d7f97c5bb37733cbaa0958518b90db12605a86a0d7a490cb1e61fd824cb8abdb9952925c4b5ad575549e3042a17be65807e295869d27a75526e7bd320a1c84b309e82b73c6b6d5f500bf5738ad9c02a0a9a48d1dd5aa45731ffa2258999a2ba66a527be04d05586e57953a6496ef33f94593c2cc15d2282522d002ca9c1daa2af2cc37a397138974df1b044219ccb32b148f9b37db370ed71ba7b69d2803df11d61191f115aa0c2befbf0b937de997e247f5a2c7626733e2b5b7439e51a020764d47b8e1b93c49261ccc65d357c33365d04c8dd4ff47a7ca28cff06a110a6ecc2ec4933e57b46309ce4728c0148152c94c0de9e03f7c698cdf1b636bc106f0db8da80f97caf4367e9a15baf009f27b1a45591f5f58f16a2d342be7b8bd99ff3f47c5b815f2be40446eb5ce071221d3ef807dac24e167c7a6f61947d68a219725ad9516a2eaa75ef51db0c9c8d3a9f0849203ee1b4b20b76861169a1ef837011e847761b9f6a9f6767d9c8f6f44d2321833a05c578e05ed88ed3eb18fff284648f7e53461615a67cf6085a33d4ca34fc7b1e8254f60d7ee7779cdab17c310f9d8b6a79d37d0c21c84fe4419b9cd75f45089ce17253e6e376536cefe58ad6e3e0d641f6bef3118a2b3a4de7a788db248b30c95cf5b2621646bcf5fc3494247e7074d0d7c828797a84782fee0ec76969dde4b27e117910e801530f77c6fa371a2c9652a77b92752293d3a2b323c454f79ae49d3e813cfe7fb556f6c6442aab0f233642d1235724a49d252fb8f869cf", 0xb85, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 09:53:32 executing program 1: socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) dup3(r0, r1, 0x0) recvmmsg(r1, &(0x7f0000001a00)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/63, 0x3f}], 0x1, &(0x7f0000000280)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000001940)=[{&(0x7f0000000580)=""/91, 0x5b}], 0x1, 0x0, 0x2}}], 0x2, 0x2123, 0x0) 09:53:32 executing program 0: socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) dup3(r0, r1, 0x0) recvmmsg(r1, &(0x7f0000001a00)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/63, 0x3f}], 0x1, &(0x7f0000000280)=""/71, 0x47}}, {{0x0, 0x0, &(0x7f0000001940)=[{&(0x7f0000000580)=""/91, 0x5b}], 0x1, 0x0, 0x2}}], 0x2, 0x2123, 0x0) 09:53:32 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000480)=@updsa={0xfc, 0x1a, 0xf0bef7d845881af1, 0x0, 0x0, {{@in6=@mcast1, @in=@loopback}, {@in=@remote, 0x0, 0x2b}, @in=@loopback, {}, {}, {}, 0x0, 0x0, 0x2}, [@sec_ctx={0xc, 0x8, {0x8}}]}, 0xfc}}, 0x0) 09:53:32 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x164802, 0x2) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000180)={0x6, 0x0, [{0x80000007, 0x9, 0x0, 0x1126}, {0x40000005, 0x9, 0x4d279e8d, 0x836, 0x5}, {0x0, 0x5, 0x1ac9, 0x4, 0x9}, {0x4, 0x1818739, 0x800, 0x5, 0x8}, {0x40000001, 0xe36c, 0x7, 0x0, 0x8000}, {0x80000007, 0x7fffffff, 0x3f, 0x9, 0xffff}]}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000001000/0x18000)=nil, &(0x7f0000000440)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_NMI(r2, 0xae9a) perf_event_open(&(0x7f000001d000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) add_key$user(0x0, 0x0, &(0x7f0000000480)="749d60de2332193ffd1dbff51469074d9c16dfcbcd7a1590c007aec3b884c257e10694a76a0c15d9420739862cb747e1589ef26059c349e1b2553578078f0dbe687c010763d0eb29235e62a27683d6236740d44d5d7ef4d3a70b0fda7aadbd9c1d7156ec8d06fb3a693d585709ced309780d878cd4bf3ddba1018cd4327ab95f4fe8a4f7d470b8af77baf55dab20310eda7497a4a32abe9815fddeabfbb6747a23fe3c5241757f071049a3e967273384408bbffa06f29a5091366d14be87e1677c41ceb26f6dc67579f9566482b239d2846509aa16ea55ba069a93a9e2e89f191d61eccf5e6810243972121dc62bdd7003fb74ba9b0e0700d7039aff7a91060b354554d9e17a83aed8839f6612128c035f06d875bcfeb471904f08119dfe1d7db0e6085ed25fcea42766c663d24e0f42450d371a157f61c6150d9eafaa8ae65c721c147f924d02777e295352a4c2aae89ff9fd553d051523fa8df2b6cb4ab50c672648518d3227cb97c437a434bcee4d849156a5dc420d21be21cf6d0006f0e6efe804ab2b355a4c6915e831fec874caa4e93c54b58c9a66f0d52d17b1433a7489d7e9b2f177e4b39e75e97a2c2d4538d5e33bfabb0a2183ed708f5812086006ff020cb3ee3bd638a2a4ac7451b23a65ab4e8c87b4b24f6b2caee38aa4e43c98596ebaf86ff36c445f6ddfc24342016c33e88b76ea26f713e4da5e96cd61f845ebc9b99f5a6b92ea01bd1a385cf2509646e224596f12d8cf042d34e2636c17a7ccc2128d0cab168048e61ad9e5f2c9453ad60f8d1742d564361862871d47bbe985de7af59ef97761802d7624a03597b8224343a066708ef2b6a2ea135cd1ee1e85ffd8208756441341ba820720d298522347f115cca2c2e7d34688ef29f714cf541939c1b2f21c5028f7a7fc2447e74884e2485d6f74160ca19f8defc10c87dc46a5f09f24a0b5bdc45278a49b8767a2b55e254730e64a8bbfae4f6427e9ca62a92bcfc801b7458ac046c79927e612d913868ee0732b17773a2e79dfef0b128a4d4f4561f86d62c726220b8faad6f3170cf1125e232d8b82413d18da79b7bd256a6f3bccec692e085c87c4c5be00e639d1aac3c091f4bc23206fd1d8bf3d5acdd8149593c6358752c85a92b7959c3f9c0dd66c287762661c1bdc90fdc1840ce7a626a56ef627670ed7493528b2fbb8bfe4f9981504a5f94e641a2cf0b6a640cdfd771d251ae91e67765509fd26e8d54e245d74941f3cc8d56249cc20053e5049382ba5c4759b46ea4e99a95a3d383a59dd8b334e4013b8315dc6a752860ba459649861daab71eb9435f4f231b16bf426d644fb2da53ac4b04bb70943ef5094cfc8feb0b27958b1e250f653842116374ff400d1ac0b0ed803ab8fb3c89f17cc02c11732b916cd78818d226078a863d6b67389a3fbed93d3529d5339bdd3e44b7ceff6a404d608e12af72bb74408bef09308a56af6d60ded1c78ece0d6ce1e06e53cde5eb2fc672d5ec8cde3238bfaa3051b649c4a4616a1b300ace4379cd234990ac8cedc1ce4a7c589fa9ed33fc3f040d0319d9095ed3b4be835df038aab41a4889e99f3819690fb0b7e5389e3063d86b021d08c37f3b82295ab376c693d90a21037eb814035bd11bb7d23b113cf838a1f48b9bc064aff7d02b020c7a2f822bf375781d247b775395ed4eb47871ec3c79da838c84a3a64a13720084e03a0897a26af658384ea4e056acebe2a1687a2b716ba147c553c408428d8e57c7b35e58b682ec1839f275e01fb538bd810876050e50a75a12e2cda19201a1222852f401c5c6429c89ba25197a515f7d4453b8601db153dd5ea2094a0d94690df2ed32199bfd86e6bae1b98ad62408607bde1f71a6ccbbfd2dd14df688d41acd32e9d84f05561c694b7a8ddc7d50c3b8e0e8fea418a1c27f20aa766e802a2d5178afce85baf0bfe89fac3f698d2acfb9d0470e4134e4c5f2ae73dbab06bdd5713c63ed4159b45b497c2be45807c2762cd08a8da9e787d5f62e4a651d9ed4b7ae53520b62ab0c5b6afe36d58d7c638d8d3c35ab707b9d06d85774106d9548bc5a1eec8ecc13fbbcd53b169a2daf7401d2e37d8eeaed89b4484bf4dbfb04f36eec46866d1dbe2bb7e89179b268f1ed23323b5b58ec3169c7c02975758bcc8a3a512e4b4e0c4e947e421131ac1100e124cc38d795617615792ce0360529c4faf59e725d90a4fff8bc8b72e9c02e4962dcbb1f56622159a9185797a871f433d1608251f89e3b9329e85d59f55956c8aeeba55360454f77af85cb3288afb7a1b0fca0e73590cd9382f20fdfaebd25d14bae6ded67a90f1011a02d596e7df6e85b383cabc0b5621f1adff5c92159b827e4e00e20d6a43f07a388ffbad6372462c615fffa03d42e46747597b468b6cdbd48b1ebaa92560865c4d564b9d1fb8410da53b637e04fe40a652c3ee1c083d1257a714a8a82b4f9ce210470446698b37852ead866cc77bfee5c31d85b97d5e7a2e72e70193ebf0f1239c7785d41719293f3f9ad51cd875c61a986ec4ba0c91b790b4ea2d31a77b7e6c220f2f5b77bcf9301661506317f47cc7c6da16b85165bd6a0dd96f6fc891200913081df36e212bbd7ca947e6dbf18b435c1424a0d9881a97c8ef19ac7fdac8c3a740b302796fb5879d103f847721b15ba3c1f8557922a08f13e40f4af95ae7ee75040b1d8e8baca4a49a15b1f7144fca6f86b0f12e9442af0bbb40abb425c3ecb17fdc70717d29c42a212f80915a985140cd47a38a2b485268f06d8e8a7fcc008e396323ad746e7da9a3a9b7918010915ad7500f93b78bee08433fd363184d8d057dab2bd6b8a8efaebbdbe77c41ebe297a70ac38bea085fe8fcb62f4666f37c4526012b0b574bc6a9581d214915a1b7da4b5bf22deedf6118125d30d3df2f97871de606c0e6e6435556d9f51e69ba393a75c098fd52b33a4d45982952c6cc170b4b9a647702b4f458d241d540a374dc889d20b919fe3ffdf09f5ffd759f0827c05eac7cf99651bd3ddbd3cd8d44c310a8c853cec4897ec8d4609eb9db8e8308ed72c558a815714fe9fa09e954485a73b62d32a7207222d96f55907bd40cafe04fe900381072d159b830daca8e6d576272861f3205de07177f805833d589d591aef3f5d19f0446581c7763c79b63b7fb218c334ff60a882964887a244783822a932f6d37ef023d3e72d2ff4b2a8509fb8c610fc0c75936f7ef91c8452a6cbb237293546e36d1176abee79cf4712acd3bd5c16d8d98e72bd7e563014382d071ef0d25e87bab6ffc859d7b91622e1486825b7639ee43d23d8d57fefe0544ba4ccb813ebc2a2435d7e2e7d3b160a451ac9035900418c2f23127dc5a652dc632c710530e7238d2433d7f97c5bb37733cbaa0958518b90db12605a86a0d7a490cb1e61fd824cb8abdb9952925c4b5ad575549e3042a17be65807e295869d27a75526e7bd320a1c84b309e82b73c6b6d5f500bf5738ad9c02a0a9a48d1dd5aa45731ffa2258999a2ba66a527be04d05586e57953a6496ef33f94593c2cc15d2282522d002ca9c1daa2af2cc37a397138974df1b044219ccb32b148f9b37db370ed71ba7b69d2803df11d61191f115aa0c2befbf0b937de997e247f5a2c7626733e2b5b7439e51a020764d47b8e1b93c49261ccc65d357c33365d04c8dd4ff47a7ca28cff06a110a6ecc2ec4933e57b46309ce4728c0148152c94c0de9e03f7c698cdf1b636bc106f0db8da80f97caf4367e9a15baf009f27b1a45591f5f58f16a2d342be7b8bd99ff3f47c5b815f2be40446eb5ce071221d3ef807dac24e167c7a6f61947d68a219725ad9516a2eaa75ef51db0c9c8d3a9f0849203ee1b4b20b76861169a1ef837011e847761b9f6a9f6767d9c8f6f44d2321833a05c578e05ed88ed3eb18fff284648f7e53461615a67cf6085a33d4ca34fc7b1e8254f60d7ee7779cdab17c310f9d8b6a79d37d0c21c84fe4419b9cd75f45089ce17253e6e376536cefe58ad6e3e0d641f6bef3118a2b3a4de7a788db248b30c95cf5b2621646bcf5fc3494247e7074d0d7c828797a84782fee0ec76969dde4b27e117910e801530f77c6fa371a2c9652a77b92752293d3a2b323c454f79ae49d3e813cfe7fb556f6c6442aab0f233642d1235724a49d252fb8f869cf", 0xb85, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 09:53:32 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000840)={0x18, 0x13, 0x77bf804d73c998b5, 0x0, 0x0, "", [@typed={0x7, 0x0, 0x0, 0x0, @binary="a37a9a"}]}, 0x18}], 0x1}, 0x0) 09:53:33 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000480)=@updsa={0xfc, 0x1a, 0xf0bef7d845881af1, 0x0, 0x0, {{@in6=@mcast1, @in=@loopback}, {@in=@remote, 0x0, 0x2b}, @in=@loopback, {}, {}, {}, 0x0, 0x0, 0x2}, [@sec_ctx={0xc, 0x8, {0x8}}]}, 0xfc}}, 0x0) 09:53:33 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000840)={0x18, 0x13, 0x77bf804d73c998b5, 0x0, 0x0, "", [@typed={0x7, 0x0, 0x0, 0x0, @binary="a37a9a"}]}, 0x18}], 0x1}, 0x0) 09:53:33 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000840)={0x18, 0x13, 0x77bf804d73c998b5, 0x0, 0x0, "", [@typed={0x7, 0x0, 0x0, 0x0, @binary="a37a9a"}]}, 0x18}], 0x1}, 0x0) 09:53:33 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000480)=@updsa={0xfc, 0x1a, 0xf0bef7d845881af1, 0x0, 0x0, {{@in6=@mcast1, @in=@loopback}, {@in=@remote, 0x0, 0x2b}, @in=@loopback, {}, {}, {}, 0x0, 0x0, 0x2}, [@sec_ctx={0xc, 0x8, {0x8}}]}, 0xfc}}, 0x0) 09:53:34 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000840)={0x18, 0x13, 0x77bf804d73c998b5, 0x0, 0x0, "", [@typed={0x7, 0x0, 0x0, 0x0, @binary="a37a9a"}]}, 0x18}], 0x1}, 0x0) 09:53:34 executing program 3: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x7, 0x4, &(0x7f0000000040)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x1b}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 09:53:34 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000480)=@updsa={0xfc, 0x1a, 0xf0bef7d845881af1, 0x0, 0x0, {{@in6=@mcast1, @in=@loopback}, {@in=@remote, 0x0, 0x2b}, @in=@loopback, {}, {}, {}, 0x0, 0x0, 0x2}, [@sec_ctx={0xc, 0x8, {0x8}}]}, 0xfc}}, 0x0) 09:53:34 executing program 2: pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet6(0xa, 0x3, 0x2c) connect$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c) bind$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, 0x14) write$binfmt_misc(r1, &(0x7f0000000080)=ANY=[], 0x2bb98205) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TUNSETLINK(r3, 0x8912, 0x400308) splice(r0, 0x0, r2, 0x0, 0x4ff9c, 0x0) 09:53:34 executing program 0: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$SNDCTL_DSP_SPEED(r0, 0x80044d76, &(0x7f0000000100)) 09:53:34 executing program 3: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x7, 0x4, &(0x7f0000000040)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x1b}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 09:53:34 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000024c0)={0xe, 0x4, 0x8, 0x4}, 0x40) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000100)={r0, &(0x7f0000000080)}, 0x20) 09:53:34 executing program 3: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x7, 0x4, &(0x7f0000000040)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x1b}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 09:53:34 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000024c0)={0xe, 0x4, 0x8, 0x4}, 0x40) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000100)={r0, &(0x7f0000000080)}, 0x20) 09:53:34 executing program 0: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$SNDCTL_DSP_SPEED(r0, 0x80044d76, &(0x7f0000000100)) 09:53:34 executing program 3: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x7, 0x4, &(0x7f0000000040)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x1b}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 09:53:35 executing program 2: pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet6(0xa, 0x3, 0x2c) connect$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c) bind$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, 0x14) write$binfmt_misc(r1, &(0x7f0000000080)=ANY=[], 0x2bb98205) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TUNSETLINK(r3, 0x8912, 0x400308) splice(r0, 0x0, r2, 0x0, 0x4ff9c, 0x0) 09:53:35 executing program 0: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$SNDCTL_DSP_SPEED(r0, 0x80044d76, &(0x7f0000000100)) 09:53:35 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000024c0)={0xe, 0x4, 0x8, 0x4}, 0x40) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000100)={r0, &(0x7f0000000080)}, 0x20) 09:53:35 executing program 3: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$SNDCTL_DSP_SPEED(r0, 0x80044d76, &(0x7f0000000100)) 09:53:35 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000024c0)={0xe, 0x4, 0x8, 0x4}, 0x40) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000100)={r0, &(0x7f0000000080)}, 0x20) 09:53:35 executing program 3: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$SNDCTL_DSP_SPEED(r0, 0x80044d76, &(0x7f0000000100)) 09:53:35 executing program 0: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$SNDCTL_DSP_SPEED(r0, 0x80044d76, &(0x7f0000000100)) 09:53:35 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000024c0)={0xe, 0x4, 0x8, 0x4}, 0x40) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000100)={r0, &(0x7f0000000080)}, 0x20) 09:53:36 executing program 2: pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet6(0xa, 0x3, 0x2c) connect$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c) bind$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, 0x14) write$binfmt_misc(r1, &(0x7f0000000080)=ANY=[], 0x2bb98205) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TUNSETLINK(r3, 0x8912, 0x400308) splice(r0, 0x0, r2, 0x0, 0x4ff9c, 0x0) 09:53:36 executing program 3: r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$SNDCTL_DSP_SPEED(r0, 0x80044d76, &(0x7f0000000100)) 09:53:36 executing program 0: syslog(0x2, &(0x7f0000000000)=""/49, 0xfffffffffffffe28) 09:53:36 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000024c0)={0xe, 0x4, 0x8, 0x4}, 0x40) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000100)={r0, &(0x7f0000000080)}, 0x20) 09:53:36 executing program 0: syslog(0x2, &(0x7f0000000000)=""/49, 0xfffffffffffffe28) 09:53:36 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000024c0)={0xe, 0x4, 0x8, 0x4}, 0x40) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000100)={r0, &(0x7f0000000080)}, 0x20) 09:53:36 executing program 0: syslog(0x2, &(0x7f0000000000)=""/49, 0xfffffffffffffe28) 09:53:36 executing program 0: syslog(0x2, &(0x7f0000000000)=""/49, 0xfffffffffffffe28) 09:53:37 executing program 2: pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet6(0xa, 0x3, 0x2c) connect$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c) bind$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, 0x14) write$binfmt_misc(r1, &(0x7f0000000080)=ANY=[], 0x2bb98205) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TUNSETLINK(r3, 0x8912, 0x400308) splice(r0, 0x0, r2, 0x0, 0x4ff9c, 0x0) 09:53:37 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x7) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000100)={@loopback, 0x800, 0x0, 0x2000000000903, 0x1}, 0x20) setsockopt$inet6_IPV6_RTHDRDSTOPTS(r0, 0x29, 0x37, &(0x7f0000000140), 0x8) setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x7fff, 0x4) r1 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x0) r2 = dup(r1) ioctl$SG_SCSI_RESET(r2, 0x2286, 0x816d000) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x380000, @mcast1}, 0x1c) sendmmsg$alg(r0, &(0x7f00000000c0)=[{0x20000000, 0xff00, 0x0, 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="10"], 0x10}], 0x1, 0x0) 09:53:37 executing program 1: r0 = socket(0x1000000000000010, 0x80802, 0x0) write(r0, &(0x7f0000000000)="240000004e0001000000f4f9002304000a04f51104000100020000000800028001000000", 0x24) 09:53:37 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_PROBE_CLIENT(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x1c, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}}, 0x0) 09:53:37 executing program 1: r0 = socket(0x1000000000000010, 0x80802, 0x0) write(r0, &(0x7f0000000000)="240000004e0001000000f4f9002304000a04f51104000100020000000800028001000000", 0x24) 09:53:37 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_PROBE_CLIENT(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x1c, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}}, 0x0) 09:53:37 executing program 1: r0 = socket(0x1000000000000010, 0x80802, 0x0) write(r0, &(0x7f0000000000)="240000004e0001000000f4f9002304000a04f51104000100020000000800028001000000", 0x24) 09:53:37 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_PROBE_CLIENT(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x1c, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}}, 0x0) 09:53:38 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_PROBE_CLIENT(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x1c, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}}, 0x0) 09:53:38 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x7) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000100)={@loopback, 0x800, 0x0, 0x2000000000903, 0x1}, 0x20) setsockopt$inet6_IPV6_RTHDRDSTOPTS(r0, 0x29, 0x37, &(0x7f0000000140), 0x8) setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x7fff, 0x4) r1 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x0) r2 = dup(r1) ioctl$SG_SCSI_RESET(r2, 0x2286, 0x816d000) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x380000, @mcast1}, 0x1c) sendmmsg$alg(r0, &(0x7f00000000c0)=[{0x20000000, 0xff00, 0x0, 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="10"], 0x10}], 0x1, 0x0) 09:53:38 executing program 1: r0 = socket(0x1000000000000010, 0x80802, 0x0) write(r0, &(0x7f0000000000)="240000004e0001000000f4f9002304000a04f51104000100020000000800028001000000", 0x24) 09:53:38 executing program 2: r0 = socket$inet6(0xa, 0x3, 0x7) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000100)={@loopback, 0x800, 0x0, 0x2000000000903, 0x1}, 0x20) setsockopt$inet6_IPV6_RTHDRDSTOPTS(r0, 0x29, 0x37, &(0x7f0000000140), 0x8) setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x7fff, 0x4) r1 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x0) r2 = dup(r1) ioctl$SG_SCSI_RESET(r2, 0x2286, 0x816d000) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x380000, @mcast1}, 0x1c) sendmmsg$alg(r0, &(0x7f00000000c0)=[{0x20000000, 0xff00, 0x0, 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="10"], 0x10}], 0x1, 0x0) 09:53:38 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x7) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000100)={@loopback, 0x800, 0x0, 0x2000000000903, 0x1}, 0x20) setsockopt$inet6_IPV6_RTHDRDSTOPTS(r0, 0x29, 0x37, &(0x7f0000000140), 0x8) setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x7fff, 0x4) r1 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x0) r2 = dup(r1) ioctl$SG_SCSI_RESET(r2, 0x2286, 0x816d000) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x380000, @mcast1}, 0x1c) sendmmsg$alg(r0, &(0x7f00000000c0)=[{0x20000000, 0xff00, 0x0, 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="10"], 0x10}], 0x1, 0x0) 09:53:38 executing program 1: r0 = socket$inet6(0xa, 0x3, 0x7) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000100)={@loopback, 0x800, 0x0, 0x2000000000903, 0x1}, 0x20) setsockopt$inet6_IPV6_RTHDRDSTOPTS(r0, 0x29, 0x37, &(0x7f0000000140), 0x8) setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x7fff, 0x4) r1 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x0) r2 = dup(r1) ioctl$SG_SCSI_RESET(r2, 0x2286, 0x816d000) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x380000, @mcast1}, 0x1c) sendmmsg$alg(r0, &(0x7f00000000c0)=[{0x20000000, 0xff00, 0x0, 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="10"], 0x10}], 0x1, 0x0) 09:53:38 executing program 0: r0 = socket$inet6(0xa, 0x3, 0x7) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000100)={@loopback, 0x800, 0x0, 0x2000000000903, 0x1}, 0x20) setsockopt$inet6_IPV6_RTHDRDSTOPTS(r0, 0x29, 0x37, &(0x7f0000000140), 0x8) setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x7fff, 0x4) r1 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x0) r2 = dup(r1) ioctl$SG_SCSI_RESET(r2, 0x2286, 0x816d000) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x380000, @mcast1}, 0x1c) sendmmsg$alg(r0, &(0x7f00000000c0)=[{0x20000000, 0xff00, 0x0, 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="10"], 0x10}], 0x1, 0x0) 09:53:38 executing program 2: r0 = socket$inet6(0xa, 0x3, 0x7) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000100)={@loopback, 0x800, 0x0, 0x2000000000903, 0x1}, 0x20) setsockopt$inet6_IPV6_RTHDRDSTOPTS(r0, 0x29, 0x37, &(0x7f0000000140), 0x8) setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x7fff, 0x4) r1 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x0) r2 = dup(r1) ioctl$SG_SCSI_RESET(r2, 0x2286, 0x816d000) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x380000, @mcast1}, 0x1c) sendmmsg$alg(r0, &(0x7f00000000c0)=[{0x20000000, 0xff00, 0x0, 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="10"], 0x10}], 0x1, 0x0) 09:53:38 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x7) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000100)={@loopback, 0x800, 0x0, 0x2000000000903, 0x1}, 0x20) setsockopt$inet6_IPV6_RTHDRDSTOPTS(r0, 0x29, 0x37, &(0x7f0000000140), 0x8) setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x7fff, 0x4) r1 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x0) r2 = dup(r1) ioctl$SG_SCSI_RESET(r2, 0x2286, 0x816d000) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x380000, @mcast1}, 0x1c) sendmmsg$alg(r0, &(0x7f00000000c0)=[{0x20000000, 0xff00, 0x0, 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="10"], 0x10}], 0x1, 0x0) 09:53:38 executing program 2: r0 = socket$inet6(0xa, 0x3, 0x7) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000100)={@loopback, 0x800, 0x0, 0x2000000000903, 0x1}, 0x20) setsockopt$inet6_IPV6_RTHDRDSTOPTS(r0, 0x29, 0x37, &(0x7f0000000140), 0x8) setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x7fff, 0x4) r1 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x0) r2 = dup(r1) ioctl$SG_SCSI_RESET(r2, 0x2286, 0x816d000) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x380000, @mcast1}, 0x1c) sendmmsg$alg(r0, &(0x7f00000000c0)=[{0x20000000, 0xff00, 0x0, 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="10"], 0x10}], 0x1, 0x0) 09:53:38 executing program 0: r0 = socket$inet6(0xa, 0x3, 0x7) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000100)={@loopback, 0x800, 0x0, 0x2000000000903, 0x1}, 0x20) setsockopt$inet6_IPV6_RTHDRDSTOPTS(r0, 0x29, 0x37, &(0x7f0000000140), 0x8) setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x7fff, 0x4) r1 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x0) r2 = dup(r1) ioctl$SG_SCSI_RESET(r2, 0x2286, 0x816d000) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x380000, @mcast1}, 0x1c) sendmmsg$alg(r0, &(0x7f00000000c0)=[{0x20000000, 0xff00, 0x0, 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="10"], 0x10}], 0x1, 0x0) 09:53:38 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x7) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000100)={@loopback, 0x800, 0x0, 0x2000000000903, 0x1}, 0x20) setsockopt$inet6_IPV6_RTHDRDSTOPTS(r0, 0x29, 0x37, &(0x7f0000000140), 0x8) setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x7fff, 0x4) r1 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x0) r2 = dup(r1) ioctl$SG_SCSI_RESET(r2, 0x2286, 0x816d000) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x380000, @mcast1}, 0x1c) sendmmsg$alg(r0, &(0x7f00000000c0)=[{0x20000000, 0xff00, 0x0, 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="10"], 0x10}], 0x1, 0x0) 09:53:38 executing program 1: r0 = socket$inet6(0xa, 0x3, 0x7) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000100)={@loopback, 0x800, 0x0, 0x2000000000903, 0x1}, 0x20) setsockopt$inet6_IPV6_RTHDRDSTOPTS(r0, 0x29, 0x37, &(0x7f0000000140), 0x8) setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x7fff, 0x4) r1 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x0) r2 = dup(r1) ioctl$SG_SCSI_RESET(r2, 0x2286, 0x816d000) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x380000, @mcast1}, 0x1c) sendmmsg$alg(r0, &(0x7f00000000c0)=[{0x20000000, 0xff00, 0x0, 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="10"], 0x10}], 0x1, 0x0) 09:53:38 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_PROBE_CLIENT(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x1c, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}}, 0x0) 09:53:38 executing program 0: r0 = socket$inet6(0xa, 0x3, 0x7) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000100)={@loopback, 0x800, 0x0, 0x2000000000903, 0x1}, 0x20) setsockopt$inet6_IPV6_RTHDRDSTOPTS(r0, 0x29, 0x37, &(0x7f0000000140), 0x8) setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x7fff, 0x4) r1 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x0) r2 = dup(r1) ioctl$SG_SCSI_RESET(r2, 0x2286, 0x816d000) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x380000, @mcast1}, 0x1c) sendmmsg$alg(r0, &(0x7f00000000c0)=[{0x20000000, 0xff00, 0x0, 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="10"], 0x10}], 0x1, 0x0) 09:53:38 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x7) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000100)={@loopback, 0x800, 0x0, 0x2000000000903, 0x1}, 0x20) setsockopt$inet6_IPV6_RTHDRDSTOPTS(r0, 0x29, 0x37, &(0x7f0000000140), 0x8) setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x7fff, 0x4) r1 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x0) r2 = dup(r1) ioctl$SG_SCSI_RESET(r2, 0x2286, 0x816d000) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x380000, @mcast1}, 0x1c) sendmmsg$alg(r0, &(0x7f00000000c0)=[{0x20000000, 0xff00, 0x0, 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="10"], 0x10}], 0x1, 0x0) 09:53:38 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_PROBE_CLIENT(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x1c, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}}, 0x0) 09:53:38 executing program 1: r0 = socket$inet6(0xa, 0x3, 0x7) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000100)={@loopback, 0x800, 0x0, 0x2000000000903, 0x1}, 0x20) setsockopt$inet6_IPV6_RTHDRDSTOPTS(r0, 0x29, 0x37, &(0x7f0000000140), 0x8) setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x7fff, 0x4) r1 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x0) r2 = dup(r1) ioctl$SG_SCSI_RESET(r2, 0x2286, 0x816d000) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x380000, @mcast1}, 0x1c) sendmmsg$alg(r0, &(0x7f00000000c0)=[{0x20000000, 0xff00, 0x0, 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="10"], 0x10}], 0x1, 0x0) 09:53:38 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_PROBE_CLIENT(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x1c, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}}, 0x0) 09:53:38 executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)={0x1b, 0x0, 0x0, 0x2000}, 0x40) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000080)={r0, 0x0, 0x0}, 0x1c) 09:53:38 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x7) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000100)={@loopback, 0x800, 0x0, 0x2000000000903, 0x1}, 0x20) setsockopt$inet6_IPV6_RTHDRDSTOPTS(r0, 0x29, 0x37, &(0x7f0000000140), 0x8) setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x7fff, 0x4) r1 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x0) r2 = dup(r1) ioctl$SG_SCSI_RESET(r2, 0x2286, 0x816d000) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x380000, @mcast1}, 0x1c) sendmmsg$alg(r0, &(0x7f00000000c0)=[{0x20000000, 0xff00, 0x0, 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="10"], 0x10}], 0x1, 0x0) 09:53:38 executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)={0x1b, 0x0, 0x0, 0x2000}, 0x40) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000080)={r0, 0x0, 0x0}, 0x1c) 09:53:38 executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)={0x1b, 0x0, 0x0, 0x2000}, 0x40) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000080)={r0, 0x0, 0x0}, 0x1c) 09:53:39 executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)={0x1b, 0x0, 0x0, 0x2000}, 0x40) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000080)={r0, 0x0, 0x0}, 0x1c) 09:53:39 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)={0x1b, 0x0, 0x0, 0x2000}, 0x40) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000080)={r0, 0x0, 0x0}, 0x1c) 09:53:39 executing program 3: r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = epoll_create(0xaa) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000000c0)) 09:53:39 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)={0x3c, 0x0, 0x8, 0x101, 0x0, 0x0, {}, [@CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}, @CTA_TIMEOUT_DATA={0xc, 0x4, 0x0, 0x1, @tcp=[@CTA_TIMEOUT_TCP_SYN_SENT={0x8}]}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x2}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x1}]}, 0x3c}}, 0x0) 09:53:39 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000880)=@newlink={0x3c, 0x10, 0x925, 0x0, 0x0, {}, [@IFLA_XDP={0x14, 0x2b, 0x0, 0x1, [@IFLA_XDP_FLAGS={0x8, 0x3, 0x4}, @IFLA_XDP_FD={0x8}]}, @IFLA_GROUP={0x8}]}, 0x3c}}, 0x0) 09:53:39 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)={0x1b, 0x0, 0x0, 0x2000}, 0x40) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000080)={r0, 0x0, 0x0}, 0x1c) 09:53:39 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)={0x3c, 0x0, 0x8, 0x101, 0x0, 0x0, {}, [@CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}, @CTA_TIMEOUT_DATA={0xc, 0x4, 0x0, 0x1, @tcp=[@CTA_TIMEOUT_TCP_SYN_SENT={0x8}]}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x2}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x1}]}, 0x3c}}, 0x0) 09:53:39 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000880)=@newlink={0x3c, 0x10, 0x925, 0x0, 0x0, {}, [@IFLA_XDP={0x14, 0x2b, 0x0, 0x1, [@IFLA_XDP_FLAGS={0x8, 0x3, 0x4}, @IFLA_XDP_FD={0x8}]}, @IFLA_GROUP={0x8}]}, 0x3c}}, 0x0) 09:53:39 executing program 3: r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = epoll_create(0xaa) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000000c0)) 09:53:39 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000880)=@newlink={0x3c, 0x10, 0x925, 0x0, 0x0, {}, [@IFLA_XDP={0x14, 0x2b, 0x0, 0x1, [@IFLA_XDP_FLAGS={0x8, 0x3, 0x4}, @IFLA_XDP_FD={0x8}]}, @IFLA_GROUP={0x8}]}, 0x3c}}, 0x0) 09:53:39 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)={0x3c, 0x0, 0x8, 0x101, 0x0, 0x0, {}, [@CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}, @CTA_TIMEOUT_DATA={0xc, 0x4, 0x0, 0x1, @tcp=[@CTA_TIMEOUT_TCP_SYN_SENT={0x8}]}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x2}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x1}]}, 0x3c}}, 0x0) 09:53:39 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)={0x1b, 0x0, 0x0, 0x2000}, 0x40) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000080)={r0, 0x0, 0x0}, 0x1c) 09:53:39 executing program 3: r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = epoll_create(0xaa) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000000c0)) 09:53:39 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)={0x3c, 0x0, 0x8, 0x101, 0x0, 0x0, {}, [@CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}, @CTA_TIMEOUT_DATA={0xc, 0x4, 0x0, 0x1, @tcp=[@CTA_TIMEOUT_TCP_SYN_SENT={0x8}]}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x2}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x1}]}, 0x3c}}, 0x0) 09:53:39 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000880)=@newlink={0x3c, 0x10, 0x925, 0x0, 0x0, {}, [@IFLA_XDP={0x14, 0x2b, 0x0, 0x1, [@IFLA_XDP_FLAGS={0x8, 0x3, 0x4}, @IFLA_XDP_FD={0x8}]}, @IFLA_GROUP={0x8}]}, 0x3c}}, 0x0) 09:53:39 executing program 1 (fault-call:0 fault-nth:0): syz_mount_image$cramfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="453dcd28002000000300000000000000436f6d7072657373656420524f4d46537d359c1c000000000600000008000000436f6d70726573736564000000000000c0415cf968000053c0040000ed815cf964000053c30d000066696c652e636f6c64000000ed415cf928000053420b000066696c6530000000ed815cf90a0000534214000066696c6531000000ed815cf928230053c215000066696c6532000000ed815cf928230053c215000066696c6533000000ed815cf91a040053420f000066696c6530000000ffa15cf9260000534211000066696c6531000000f4000000789c2baeacca4eccc9492d2aa61d030085492b1f13010000789c2baeacca4eccc9492d2a1e658c324619a30c1803005565c4a20041010000789cd32fc92dd02faeacd2cdcc4d4c4f4d4fcd3330373235b330b434d54fcbcc4935809000fab10c590000005a010000789c2baeacca4eccc9492d2a0600181e045500008301000093010000789cedc1010d000000c2a0f74f6d0e37a00000000000000080770320000001789c63601805a360141002000328000100"/416, 0x1a0}], 0x0, &(0x7f0000010200)) [ 781.195583][T31621] FAULT_INJECTION: forcing a failure. 09:53:39 executing program 3: r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = epoll_create(0xaa) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000000c0)) [ 781.195583][T31621] name failslab, interval 1, probability 0, space 0, times 1 [ 781.234234][T31621] CPU: 1 PID: 31621 Comm: syz-executor.1 Not tainted 5.14.0-rc2-syzkaller #0 [ 781.261847][T31621] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 [ 781.275002][T31621] Call Trace: 09:53:39 executing program 0: r0 = perf_event_open(&(0x7f0000000000)={0x1000000002, 0x80, 0x800000000000013, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = epoll_create1(0x0) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000000)={0x6000000f}) epoll_pwait(r2, &(0x7f0000000100)=[{}], 0x1, 0x200035, 0x0, 0x0) writev(r0, 0x0, 0x0) dup3(r1, r2, 0x0) r3 = socket$unix(0x1, 0x1, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, &(0x7f0000000240)) [ 781.289560][T31621] dump_stack_lvl+0xcd/0x134 [ 781.302102][T31621] should_fail.cold+0x5/0xa [ 781.308573][T31621] ? __do_sys_memfd_create+0xf7/0x5a0 [ 781.319100][T31621] should_failslab+0x5/0x10 [ 781.330860][T31621] __kmalloc+0x7e/0x4d0 09:53:39 executing program 2: r0 = syz_open_dev$mouse(&(0x7f0000001cc0), 0x0, 0x841) write$tun(r0, &(0x7f0000000000)={@void, @void, @eth={@broadcast, @random="d7c633e4aca6", @val, {@arp={0x806, @generic={0x0, 0x0, 0x6, 0x0, 0x0, @random="a859e4ea8602", "", @random="afe610832170"}}}}}, 0x2000002a) [ 781.338987][T31621] ? strnlen_user+0x1df/0x2a0 [ 781.361096][T31621] __do_sys_memfd_create+0xf7/0x5a0 [ 781.367195][T31621] ? hmm_vma_walk_hugetlb_entry+0x8b0/0x8b0 [ 781.376662][T31621] ? syscall_enter_from_user_mode+0x21/0x70 09:53:39 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00001f0000), 0x1000002, 0x0) r1 = dup(r0) r2 = open(&(0x7f0000000100)='./bus\x00', 0x141042, 0x0) ftruncate(r2, 0xee72) sendfile(r1, r2, 0x0, 0x8000fffffffe) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x3) [ 781.387257][T31621] do_syscall_64+0x35/0xb0 [ 781.395010][T31621] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 781.404459][T31621] RIP: 0033:0x4665e9 [ 781.410644][T31621] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 781.443652][T31621] RSP: 002b:00007f275d915f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 781.456448][T31621] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00000000004665e9 [ 781.467943][T31621] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bee86 [ 781.480427][T31621] RBP: 0000000000000001 R08: 0000000000000000 R09: ffffffffffffffff [ 781.495269][T31621] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000008100000 [ 781.508830][T31621] R13: 0000000020000100 R14: 0000000000002000 R15: 0000000020010200 [ 781.556523][ T51] audit: type=1400 audit(1626688420.079:195): avc: denied { block_suspend } for pid=31627 comm="syz-executor.0" capability=36 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1 09:53:40 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00001f0000), 0x1000002, 0x0) r1 = dup(r0) r2 = open(&(0x7f0000000100)='./bus\x00', 0x141042, 0x0) ftruncate(r2, 0xee72) sendfile(r1, r2, 0x0, 0x8000fffffffe) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x3) 09:53:40 executing program 1 (fault-call:0 fault-nth:1): syz_mount_image$cramfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="453dcd28002000000300000000000000436f6d7072657373656420524f4d46537d359c1c000000000600000008000000436f6d70726573736564000000000000c0415cf968000053c0040000ed815cf964000053c30d000066696c652e636f6c64000000ed415cf928000053420b000066696c6530000000ed815cf90a0000534214000066696c6531000000ed815cf928230053c215000066696c6532000000ed815cf928230053c215000066696c6533000000ed815cf91a040053420f000066696c6530000000ffa15cf9260000534211000066696c6531000000f4000000789c2baeacca4eccc9492d2aa61d030085492b1f13010000789c2baeacca4eccc9492d2a1e658c324619a30c1803005565c4a20041010000789cd32fc92dd02faeacd2cdcc4d4c4f4d4fcd3330373235b330b434d54fcbcc4935809000fab10c590000005a010000789c2baeacca4eccc9492d2a0600181e045500008301000093010000789cedc1010d000000c2a0f74f6d0e37a00000000000000080770320000001789c63601805a360141002000328000100"/416, 0x1a0}], 0x0, &(0x7f0000010200)) [ 781.852444][T31646] FAULT_INJECTION: forcing a failure. [ 781.852444][T31646] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 781.877139][T31646] CPU: 0 PID: 31646 Comm: syz-executor.1 Not tainted 5.14.0-rc2-syzkaller #0 [ 781.894082][T31646] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 [ 781.909308][T31646] Call Trace: [ 781.914843][T31646] dump_stack_lvl+0xcd/0x134 [ 781.921181][T31646] should_fail.cold+0x5/0xa [ 781.928297][T31646] _copy_from_user+0x2c/0x180 [ 781.935926][T31646] __do_sys_memfd_create+0x169/0x5a0 [ 781.944043][T31646] ? hmm_vma_walk_hugetlb_entry+0x8b0/0x8b0 [ 781.952847][T31646] ? syscall_enter_from_user_mode+0x21/0x70 [ 781.961423][T31646] do_syscall_64+0x35/0xb0 [ 781.967674][T31646] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 781.975790][T31646] RIP: 0033:0x4665e9 [ 781.981842][T31646] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 782.008744][T31646] RSP: 002b:00007f275d915f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 782.022357][T31646] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00000000004665e9 [ 782.032348][T31646] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bee86 [ 782.042045][T31646] RBP: 0000000000000001 R08: 0000000000000000 R09: ffffffffffffffff [ 782.051443][T31646] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000008100000 [ 782.062356][T31646] R13: 0000000020000100 R14: 0000000000002000 R15: 0000000020010200 09:53:40 executing program 0: r0 = perf_event_open(&(0x7f0000000000)={0x1000000002, 0x80, 0x800000000000013, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = epoll_create1(0x0) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000000)={0x6000000f}) epoll_pwait(r2, &(0x7f0000000100)=[{}], 0x1, 0x200035, 0x0, 0x0) writev(r0, 0x0, 0x0) dup3(r1, r2, 0x0) r3 = socket$unix(0x1, 0x1, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, &(0x7f0000000240)) 09:53:40 executing program 1 (fault-call:0 fault-nth:2): syz_mount_image$cramfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="453dcd28002000000300000000000000436f6d7072657373656420524f4d46537d359c1c000000000600000008000000436f6d70726573736564000000000000c0415cf968000053c0040000ed815cf964000053c30d000066696c652e636f6c64000000ed415cf928000053420b000066696c6530000000ed815cf90a0000534214000066696c6531000000ed815cf928230053c215000066696c6532000000ed815cf928230053c215000066696c6533000000ed815cf91a040053420f000066696c6530000000ffa15cf9260000534211000066696c6531000000f4000000789c2baeacca4eccc9492d2aa61d030085492b1f13010000789c2baeacca4eccc9492d2a1e658c324619a30c1803005565c4a20041010000789cd32fc92dd02faeacd2cdcc4d4c4f4d4fcd3330373235b330b434d54fcbcc4935809000fab10c590000005a010000789c2baeacca4eccc9492d2a0600181e045500008301000093010000789cedc1010d000000c2a0f74f6d0e37a00000000000000080770320000001789c63601805a360141002000328000100"/416, 0x1a0}], 0x0, &(0x7f0000010200)) 09:53:40 executing program 0: r0 = perf_event_open(&(0x7f0000000000)={0x1000000002, 0x80, 0x800000000000013, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = epoll_create1(0x0) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000000)={0x6000000f}) epoll_pwait(r2, &(0x7f0000000100)=[{}], 0x1, 0x200035, 0x0, 0x0) writev(r0, 0x0, 0x0) dup3(r1, r2, 0x0) r3 = socket$unix(0x1, 0x1, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, &(0x7f0000000240)) 09:53:41 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00001f0000), 0x1000002, 0x0) r1 = dup(r0) r2 = open(&(0x7f0000000100)='./bus\x00', 0x141042, 0x0) ftruncate(r2, 0xee72) sendfile(r1, r2, 0x0, 0x8000fffffffe) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x3) [ 782.498771][T31665] FAULT_INJECTION: forcing a failure. [ 782.498771][T31665] name failslab, interval 1, probability 0, space 0, times 0 [ 782.575634][T31665] CPU: 3 PID: 31665 Comm: syz-executor.1 Not tainted 5.14.0-rc2-syzkaller #0 [ 782.592751][T31665] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 [ 782.609212][T31665] Call Trace: [ 782.615065][T31665] dump_stack_lvl+0xcd/0x134 [ 782.624013][T31665] should_fail.cold+0x5/0xa [ 782.632674][T31665] should_failslab+0x5/0x10 [ 782.641638][T31665] kmem_cache_alloc+0x58/0x540 [ 782.653791][T31665] ? shmem_destroy_inode+0x70/0x70 [ 782.664401][T31665] shmem_alloc_inode+0x18/0x40 [ 782.674058][T31665] ? shmem_destroy_inode+0x70/0x70 [ 782.683921][T31665] alloc_inode+0x61/0x230 [ 782.692385][T31665] new_inode+0x27/0x2f0 [ 782.700961][T31665] shmem_get_inode+0x195/0xc20 [ 782.710326][T31665] __shmem_file_setup+0xb8/0x310 [ 782.718804][T31665] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 782.731625][T31665] __do_sys_memfd_create+0x26b/0x5a0 [ 782.742367][T31665] ? hmm_vma_walk_hugetlb_entry+0x8b0/0x8b0 [ 782.754507][T31665] ? syscall_enter_from_user_mode+0x21/0x70 [ 782.766040][T31665] do_syscall_64+0x35/0xb0 [ 782.774260][T31665] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 782.788474][T31665] RIP: 0033:0x4665e9 [ 782.797232][T31665] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 782.842410][T31665] RSP: 002b:00007f275d915f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 782.861710][T31665] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00000000004665e9 [ 782.880916][T31665] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bee86 [ 782.895805][T31665] RBP: 0000000000000001 R08: 0000000000000000 R09: ffffffffffffffff [ 782.915074][T31665] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000008100000 [ 782.940662][T31665] R13: 0000000020000100 R14: 0000000000002000 R15: 0000000020010200 [ 784.587304][ T3397] ieee802154 phy0 wpan0: encryption failed: -22 [ 784.622808][ T3397] ieee802154 phy1 wpan1: encryption failed: -22 09:54:17 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00001f0000), 0x1000002, 0x0) r1 = dup(r0) r2 = open(&(0x7f0000000100)='./bus\x00', 0x141042, 0x0) ftruncate(r2, 0xee72) sendfile(r1, r2, 0x0, 0x8000fffffffe) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x3) 09:54:17 executing program 2: r0 = syz_open_dev$mouse(&(0x7f0000001cc0), 0x0, 0x841) write$tun(r0, &(0x7f0000000000)={@void, @void, @eth={@broadcast, @random="d7c633e4aca6", @val, {@arp={0x806, @generic={0x0, 0x0, 0x6, 0x0, 0x0, @random="a859e4ea8602", "", @random="afe610832170"}}}}}, 0x2000002a) 09:54:17 executing program 0: r0 = perf_event_open(&(0x7f0000000000)={0x1000000002, 0x80, 0x800000000000013, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = epoll_create1(0x0) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000000)={0x6000000f}) epoll_pwait(r2, &(0x7f0000000100)=[{}], 0x1, 0x200035, 0x0, 0x0) writev(r0, 0x0, 0x0) dup3(r1, r2, 0x0) r3 = socket$unix(0x1, 0x1, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, &(0x7f0000000240)) 09:54:17 executing program 1 (fault-call:0 fault-nth:3): syz_mount_image$cramfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="453dcd28002000000300000000000000436f6d7072657373656420524f4d46537d359c1c000000000600000008000000436f6d70726573736564000000000000c0415cf968000053c0040000ed815cf964000053c30d000066696c652e636f6c64000000ed415cf928000053420b000066696c6530000000ed815cf90a0000534214000066696c6531000000ed815cf928230053c215000066696c6532000000ed815cf928230053c215000066696c6533000000ed815cf91a040053420f000066696c6530000000ffa15cf9260000534211000066696c6531000000f4000000789c2baeacca4eccc9492d2aa61d030085492b1f13010000789c2baeacca4eccc9492d2a1e658c324619a30c1803005565c4a20041010000789cd32fc92dd02faeacd2cdcc4d4c4f4d4fcd3330373235b330b434d54fcbcc4935809000fab10c590000005a010000789c2baeacca4eccc9492d2a0600181e045500008301000093010000789cedc1010d000000c2a0f74f6d0e37a00000000000000080770320000001789c63601805a360141002000328000100"/416, 0x1a0}], 0x0, &(0x7f0000010200)) [ 819.124052][T31680] FAULT_INJECTION: forcing a failure. [ 819.124052][T31680] name failslab, interval 1, probability 0, space 0, times 0 [ 819.149867][T31680] CPU: 2 PID: 31680 Comm: syz-executor.1 Not tainted 5.14.0-rc2-syzkaller #0 [ 819.164536][T31680] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 [ 819.178489][T31680] Call Trace: [ 819.183871][T31680] dump_stack_lvl+0xcd/0x134 [ 819.192095][T31680] should_fail.cold+0x5/0xa [ 819.198760][T31680] should_failslab+0x5/0x10 [ 819.206879][T31680] kmem_cache_alloc+0x58/0x540 [ 819.214337][T31680] security_inode_alloc+0x34/0x160 [ 819.222672][T31680] inode_init_always+0x5d8/0xd60 [ 819.228607][T31680] alloc_inode+0x82/0x230 [ 819.234434][T31680] new_inode+0x27/0x2f0 [ 819.239364][T31680] shmem_get_inode+0x195/0xc20 [ 819.246994][T31680] __shmem_file_setup+0xb8/0x310 [ 819.254896][T31680] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 819.264576][T31680] __do_sys_memfd_create+0x26b/0x5a0 [ 819.271606][T31680] ? hmm_vma_walk_hugetlb_entry+0x8b0/0x8b0 [ 819.280134][T31680] ? syscall_enter_from_user_mode+0x21/0x70 [ 819.290437][T31680] do_syscall_64+0x35/0xb0 [ 819.297205][T31680] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 819.305926][T31680] RIP: 0033:0x4665e9 [ 819.311327][T31680] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 819.338738][T31680] RSP: 002b:00007f275d915f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 819.353984][T31680] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00000000004665e9 [ 819.367848][T31680] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bee86 [ 819.381276][T31680] RBP: 0000000000000001 R08: 0000000000000000 R09: ffffffffffffffff [ 819.395030][T31680] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000008100000 [ 819.408958][T31680] R13: 0000000020000100 R14: 0000000000002000 R15: 0000000020010200 09:54:17 executing program 3: r0 = perf_event_open(&(0x7f0000000000)={0x1000000002, 0x80, 0x800000000000013, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = epoll_create1(0x0) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000000)={0x6000000f}) epoll_pwait(r2, &(0x7f0000000100)=[{}], 0x1, 0x200035, 0x0, 0x0) writev(r0, 0x0, 0x0) dup3(r1, r2, 0x0) r3 = socket$unix(0x1, 0x1, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, &(0x7f0000000240)) 09:54:18 executing program 1 (fault-call:0 fault-nth:4): syz_mount_image$cramfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="453dcd28002000000300000000000000436f6d7072657373656420524f4d46537d359c1c000000000600000008000000436f6d70726573736564000000000000c0415cf968000053c0040000ed815cf964000053c30d000066696c652e636f6c64000000ed415cf928000053420b000066696c6530000000ed815cf90a0000534214000066696c6531000000ed815cf928230053c215000066696c6532000000ed815cf928230053c215000066696c6533000000ed815cf91a040053420f000066696c6530000000ffa15cf9260000534211000066696c6531000000f4000000789c2baeacca4eccc9492d2aa61d030085492b1f13010000789c2baeacca4eccc9492d2a1e658c324619a30c1803005565c4a20041010000789cd32fc92dd02faeacd2cdcc4d4c4f4d4fcd3330373235b330b434d54fcbcc4935809000fab10c590000005a010000789c2baeacca4eccc9492d2a0600181e045500008301000093010000789cedc1010d000000c2a0f74f6d0e37a00000000000000080770320000001789c63601805a360141002000328000100"/416, 0x1a0}], 0x0, &(0x7f0000010200)) 09:54:18 executing program 2: r0 = syz_open_dev$mouse(&(0x7f0000001cc0), 0x0, 0x841) write$tun(r0, &(0x7f0000000000)={@void, @void, @eth={@broadcast, @random="d7c633e4aca6", @val, {@arp={0x806, @generic={0x0, 0x0, 0x6, 0x0, 0x0, @random="a859e4ea8602", "", @random="afe610832170"}}}}}, 0x2000002a) [ 819.520262][T31695] FAULT_INJECTION: forcing a failure. [ 819.520262][T31695] name failslab, interval 1, probability 0, space 0, times 0 [ 819.546484][T31695] CPU: 1 PID: 31695 Comm: syz-executor.1 Not tainted 5.14.0-rc2-syzkaller #0 [ 819.562612][T31695] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 [ 819.579069][T31695] Call Trace: [ 819.584299][T31695] dump_stack_lvl+0xcd/0x134 [ 819.591146][T31695] should_fail.cold+0x5/0xa 09:54:18 executing program 3: r0 = perf_event_open(&(0x7f0000000000)={0x1000000002, 0x80, 0x800000000000013, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = epoll_create1(0x0) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000000)={0x6000000f}) epoll_pwait(r2, &(0x7f0000000100)=[{}], 0x1, 0x200035, 0x0, 0x0) writev(r0, 0x0, 0x0) dup3(r1, r2, 0x0) r3 = socket$unix(0x1, 0x1, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, &(0x7f0000000240)) [ 819.602619][T31695] should_failslab+0x5/0x10 [ 819.612878][T31695] kmem_cache_alloc+0x58/0x540 [ 819.622531][T31695] ? lockdep_hardirqs_on+0x79/0x100 [ 819.632757][T31695] __d_alloc+0x2a/0x950 [ 819.642576][T31695] d_alloc_pseudo+0x19/0x70 [ 819.651326][T31695] alloc_file_pseudo+0xc6/0x250 [ 819.660665][T31695] ? alloc_file+0x590/0x590 [ 819.670402][T31695] ? __sanitizer_cov_trace_const_cmp2+0x22/0x80 [ 819.683398][T31695] ? shmem_get_inode+0x59a/0xc20 [ 819.697914][T31695] __shmem_file_setup+0x144/0x310 [ 819.708729][T31695] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 819.721762][T31695] __do_sys_memfd_create+0x26b/0x5a0 [ 819.731982][T31695] ? hmm_vma_walk_hugetlb_entry+0x8b0/0x8b0 [ 819.745046][T31695] ? syscall_enter_from_user_mode+0x21/0x70 [ 819.757236][T31695] do_syscall_64+0x35/0xb0 [ 819.765771][T31695] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 819.778376][T31695] RIP: 0033:0x4665e9 [ 819.786980][T31695] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 819.828647][T31695] RSP: 002b:00007f275d915f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 819.846357][T31695] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00000000004665e9 [ 819.860500][T31695] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bee86 [ 819.875148][T31695] RBP: 0000000000000001 R08: 0000000000000000 R09: ffffffffffffffff [ 819.890886][T31695] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000008100000 [ 819.906127][T31695] R13: 0000000020000100 R14: 0000000000002000 R15: 0000000020010200 09:54:18 executing program 3: r0 = perf_event_open(&(0x7f0000000000)={0x1000000002, 0x80, 0x800000000000013, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = epoll_create1(0x0) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000000)={0x6000000f}) epoll_pwait(r2, &(0x7f0000000100)=[{}], 0x1, 0x200035, 0x0, 0x0) writev(r0, 0x0, 0x0) dup3(r1, r2, 0x0) r3 = socket$unix(0x1, 0x1, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, &(0x7f0000000240)) 09:54:18 executing program 1 (fault-call:0 fault-nth:5): syz_mount_image$cramfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="453dcd28002000000300000000000000436f6d7072657373656420524f4d46537d359c1c000000000600000008000000436f6d70726573736564000000000000c0415cf968000053c0040000ed815cf964000053c30d000066696c652e636f6c64000000ed415cf928000053420b000066696c6530000000ed815cf90a0000534214000066696c6531000000ed815cf928230053c215000066696c6532000000ed815cf928230053c215000066696c6533000000ed815cf91a040053420f000066696c6530000000ffa15cf9260000534211000066696c6531000000f4000000789c2baeacca4eccc9492d2aa61d030085492b1f13010000789c2baeacca4eccc9492d2a1e658c324619a30c1803005565c4a20041010000789cd32fc92dd02faeacd2cdcc4d4c4f4d4fcd3330373235b330b434d54fcbcc4935809000fab10c590000005a010000789c2baeacca4eccc9492d2a0600181e045500008301000093010000789cedc1010d000000c2a0f74f6d0e37a00000000000000080770320000001789c63601805a360141002000328000100"/416, 0x1a0}], 0x0, &(0x7f0000010200)) 09:54:18 executing program 2: r0 = syz_open_dev$mouse(&(0x7f0000001cc0), 0x0, 0x841) write$tun(r0, &(0x7f0000000000)={@void, @void, @eth={@broadcast, @random="d7c633e4aca6", @val, {@arp={0x806, @generic={0x0, 0x0, 0x6, 0x0, 0x0, @random="a859e4ea8602", "", @random="afe610832170"}}}}}, 0x2000002a) 09:54:18 executing program 0: r0 = perf_event_open(&(0x7f0000000000)={0x1000000002, 0x80, 0x800000000000013, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = epoll_create1(0x0) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000000)={0x6000000f}) epoll_pwait(r2, &(0x7f0000000100)=[{}], 0x1, 0x200035, 0x0, 0x0) writev(r0, 0x0, 0x0) dup3(r1, r2, 0x0) r3 = socket$unix(0x1, 0x1, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, &(0x7f0000000240)) [ 820.059212][T31722] FAULT_INJECTION: forcing a failure. [ 820.059212][T31722] name failslab, interval 1, probability 0, space 0, times 0 [ 820.084160][T31722] CPU: 1 PID: 31722 Comm: syz-executor.1 Not tainted 5.14.0-rc2-syzkaller #0 [ 820.101440][T31722] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 [ 820.115154][T31722] Call Trace: [ 820.121576][T31722] dump_stack_lvl+0xcd/0x134 [ 820.129128][T31722] should_fail.cold+0x5/0xa [ 820.134943][T31722] should_failslab+0x5/0x10 [ 820.143232][T31722] kmem_cache_alloc+0x58/0x540 [ 820.151946][T31722] ? d_instantiate+0x75/0x90 [ 820.162456][T31722] __alloc_file+0x21/0x280 [ 820.170850][T31722] alloc_empty_file+0x6d/0x170 [ 820.179943][T31722] alloc_file+0x59/0x590 [ 820.191038][T31722] alloc_file_pseudo+0x165/0x250 [ 820.200142][T31722] ? alloc_file+0x590/0x590 [ 820.208074][T31722] ? __sanitizer_cov_trace_const_cmp2+0x22/0x80 [ 820.220600][T31722] ? shmem_get_inode+0x59a/0xc20 [ 820.231609][T31722] __shmem_file_setup+0x144/0x310 [ 820.240777][T31722] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 820.255929][T31722] __do_sys_memfd_create+0x26b/0x5a0 [ 820.267671][T31722] ? hmm_vma_walk_hugetlb_entry+0x8b0/0x8b0 [ 820.278710][T31722] ? syscall_enter_from_user_mode+0x21/0x70 [ 820.290126][T31722] do_syscall_64+0x35/0xb0 [ 820.300735][T31722] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 820.311301][T31722] RIP: 0033:0x4665e9 [ 820.319188][T31722] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 820.360280][T31722] RSP: 002b:00007f275d915f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 820.378142][T31722] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00000000004665e9 [ 820.395077][T31722] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bee86 [ 820.411136][T31722] RBP: 0000000000000001 R08: 0000000000000000 R09: ffffffffffffffff [ 820.426571][T31722] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000008100000 [ 820.441006][T31722] R13: 0000000020000100 R14: 0000000000002000 R15: 0000000020010200 09:54:19 executing program 3: r0 = perf_event_open(&(0x7f0000000000)={0x1000000002, 0x80, 0x800000000000013, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = epoll_create1(0x0) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000000)={0x6000000f}) epoll_pwait(r2, &(0x7f0000000100)=[{}], 0x1, 0x200035, 0x0, 0x0) writev(r0, 0x0, 0x0) dup3(r1, r2, 0x0) r3 = socket$unix(0x1, 0x1, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, &(0x7f0000000240)) 09:54:19 executing program 0: r0 = perf_event_open(&(0x7f0000000000)={0x1000000002, 0x80, 0x800000000000013, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = epoll_create1(0x0) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000000)={0x6000000f}) epoll_pwait(r2, &(0x7f0000000100)=[{}], 0x1, 0x200035, 0x0, 0x0) writev(r0, 0x0, 0x0) dup3(r1, r2, 0x0) r3 = socket$unix(0x1, 0x1, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, &(0x7f0000000240)) 09:54:19 executing program 1 (fault-call:0 fault-nth:6): syz_mount_image$cramfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="453dcd28002000000300000000000000436f6d7072657373656420524f4d46537d359c1c000000000600000008000000436f6d70726573736564000000000000c0415cf968000053c0040000ed815cf964000053c30d000066696c652e636f6c64000000ed415cf928000053420b000066696c6530000000ed815cf90a0000534214000066696c6531000000ed815cf928230053c215000066696c6532000000ed815cf928230053c215000066696c6533000000ed815cf91a040053420f000066696c6530000000ffa15cf9260000534211000066696c6531000000f4000000789c2baeacca4eccc9492d2aa61d030085492b1f13010000789c2baeacca4eccc9492d2a1e658c324619a30c1803005565c4a20041010000789cd32fc92dd02faeacd2cdcc4d4c4f4d4fcd3330373235b330b434d54fcbcc4935809000fab10c590000005a010000789c2baeacca4eccc9492d2a0600181e045500008301000093010000789cedc1010d000000c2a0f74f6d0e37a00000000000000080770320000001789c63601805a360141002000328000100"/416, 0x1a0}], 0x0, &(0x7f0000010200)) [ 820.578675][T31745] FAULT_INJECTION: forcing a failure. [ 820.578675][T31745] name failslab, interval 1, probability 0, space 0, times 0 [ 820.598903][T31745] CPU: 1 PID: 31745 Comm: syz-executor.1 Not tainted 5.14.0-rc2-syzkaller #0 [ 820.611781][T31745] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 [ 820.627048][T31745] Call Trace: [ 820.630964][T31745] dump_stack_lvl+0xcd/0x134 [ 820.640114][T31745] should_fail.cold+0x5/0xa [ 820.648059][T31745] should_failslab+0x5/0x10 [ 820.657619][T31745] kmem_cache_alloc+0x58/0x540 [ 820.667486][T31745] security_file_alloc+0x34/0x170 [ 820.676481][T31745] __alloc_file+0xd8/0x280 [ 820.684362][T31745] alloc_empty_file+0x6d/0x170 [ 820.692849][T31745] alloc_file+0x59/0x590 [ 820.701477][T31745] alloc_file_pseudo+0x165/0x250 [ 820.711390][T31745] ? alloc_file+0x590/0x590 [ 820.719772][T31745] ? __sanitizer_cov_trace_const_cmp2+0x22/0x80 [ 820.731840][T31745] ? shmem_get_inode+0x59a/0xc20 [ 820.741669][T31745] __shmem_file_setup+0x144/0x310 [ 820.750580][T31745] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 820.762970][T31745] __do_sys_memfd_create+0x26b/0x5a0 [ 820.772646][T31745] ? hmm_vma_walk_hugetlb_entry+0x8b0/0x8b0 [ 820.782718][T31745] ? syscall_enter_from_user_mode+0x21/0x70 [ 820.792790][T31745] do_syscall_64+0x35/0xb0 [ 820.800684][T31745] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 820.811685][T31745] RIP: 0033:0x4665e9 [ 820.818518][T31745] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 820.855130][T31745] RSP: 002b:00007f275d915f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 820.871537][T31745] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00000000004665e9 [ 820.887654][T31745] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bee86 [ 820.898852][T31745] RBP: 0000000000000001 R08: 0000000000000000 R09: ffffffffffffffff [ 820.910243][T31745] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000008100000 [ 820.922609][T31745] R13: 0000000020000100 R14: 0000000000002000 R15: 0000000020010200 09:54:19 executing program 0: r0 = perf_event_open(&(0x7f0000000000)={0x1000000002, 0x80, 0x800000000000013, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = epoll_create1(0x0) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000000)={0x6000000f}) epoll_pwait(r2, &(0x7f0000000100)=[{}], 0x1, 0x200035, 0x0, 0x0) writev(r0, 0x0, 0x0) dup3(r1, r2, 0x0) r3 = socket$unix(0x1, 0x1, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, &(0x7f0000000240)) 09:54:19 executing program 1 (fault-call:0 fault-nth:7): syz_mount_image$cramfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="453dcd28002000000300000000000000436f6d7072657373656420524f4d46537d359c1c000000000600000008000000436f6d70726573736564000000000000c0415cf968000053c0040000ed815cf964000053c30d000066696c652e636f6c64000000ed415cf928000053420b000066696c6530000000ed815cf90a0000534214000066696c6531000000ed815cf928230053c215000066696c6532000000ed815cf928230053c215000066696c6533000000ed815cf91a040053420f000066696c6530000000ffa15cf9260000534211000066696c6531000000f4000000789c2baeacca4eccc9492d2aa61d030085492b1f13010000789c2baeacca4eccc9492d2a1e658c324619a30c1803005565c4a20041010000789cd32fc92dd02faeacd2cdcc4d4c4f4d4fcd3330373235b330b434d54fcbcc4935809000fab10c590000005a010000789c2baeacca4eccc9492d2a0600181e045500008301000093010000789cedc1010d000000c2a0f74f6d0e37a00000000000000080770320000001789c63601805a360141002000328000100"/416, 0x1a0}], 0x0, &(0x7f0000010200)) 09:54:19 executing program 3: r0 = perf_event_open(&(0x7f0000000000)={0x1000000002, 0x80, 0x800000000000013, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = epoll_create1(0x0) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000000)={0x6000000f}) epoll_pwait(r2, &(0x7f0000000100)=[{}], 0x1, 0x200035, 0x0, 0x0) writev(r0, 0x0, 0x0) dup3(r1, r2, 0x0) r3 = socket$unix(0x1, 0x1, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, &(0x7f0000000240)) [ 821.060977][T31757] FAULT_INJECTION: forcing a failure. [ 821.060977][T31757] name failslab, interval 1, probability 0, space 0, times 0 [ 821.091303][T31757] CPU: 1 PID: 31757 Comm: syz-executor.1 Not tainted 5.14.0-rc2-syzkaller #0 [ 821.107593][T31757] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 [ 821.123496][T31757] Call Trace: [ 821.128443][T31757] dump_stack_lvl+0xcd/0x134 [ 821.136212][T31757] should_fail.cold+0x5/0xa [ 821.143420][T31757] ? tomoyo_realpath_from_path+0xc3/0x620 [ 821.155912][T31757] should_failslab+0x5/0x10 [ 821.168466][T31757] __kmalloc+0x7e/0x4d0 [ 821.176112][T31757] tomoyo_realpath_from_path+0xc3/0x620 [ 821.187668][T31757] ? tomoyo_profile+0x42/0x50 [ 821.195984][T31757] tomoyo_path_perm+0x21b/0x400 [ 821.203838][T31757] ? tomoyo_path_perm+0x1c1/0x400 [ 821.212842][T31757] ? tomoyo_check_open_permission+0x380/0x380 [ 821.224838][T31757] ? find_held_lock+0x2d/0x110 [ 821.233735][T31757] security_path_truncate+0xcf/0x140 [ 821.242171][T31757] do_sys_ftruncate+0x4d8/0x8e0 [ 821.253604][T31757] do_syscall_64+0x35/0xb0 [ 821.261190][T31757] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 821.270374][T31757] RIP: 0033:0x4665a7 [ 821.278390][T31757] Code: 48 89 e7 e8 cb e5 ff ff 48 8b 4c 24 18 64 48 2b 0c 25 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 1a 00 00 90 b8 4d 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 [ 821.314104][T31757] RSP: 002b:00007f275d915f48 EFLAGS: 00000217 ORIG_RAX: 000000000000004d [ 821.327382][T31757] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00000000004665a7 [ 821.341641][T31757] RDX: 0000000000000000 RSI: 0000000000002000 RDI: 0000000000000004 [ 821.357415][T31757] RBP: 0000000000000001 R08: 0000000000000000 R09: ffffffffffffffff [ 821.369991][T31757] R10: 0000000000000001 R11: 0000000000000217 R12: 0000000000000004 [ 821.383708][T31757] R13: 0000000000000004 R14: 0000000000002000 R15: 0000000020010200 [ 821.427902][T31757] ERROR: Out of memory at tomoyo_realpath_from_path. [ 821.443975][T31757] loop1: detected capacity change from 0 to 16 [ 821.470539][T31757] MTD: Attempt to mount non-MTD device "/dev/loop1" [ 846.023053][ T3397] ieee802154 phy0 wpan0: encryption failed: -22 [ 846.042246][ T3397] ieee802154 phy1 wpan1: encryption failed: -22 09:54:59 executing program 0: r0 = perf_event_open(&(0x7f0000000000)={0x1000000002, 0x80, 0x800000000000013, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = epoll_create1(0x0) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000000)={0x6000000f}) epoll_pwait(r2, &(0x7f0000000100)=[{}], 0x1, 0x200035, 0x0, 0x0) writev(r0, 0x0, 0x0) dup3(r1, r2, 0x0) r3 = socket$unix(0x1, 0x1, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, &(0x7f0000000240)) 09:54:59 executing program 1 (fault-call:0 fault-nth:8): syz_mount_image$cramfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="453dcd28002000000300000000000000436f6d7072657373656420524f4d46537d359c1c000000000600000008000000436f6d70726573736564000000000000c0415cf968000053c0040000ed815cf964000053c30d000066696c652e636f6c64000000ed415cf928000053420b000066696c6530000000ed815cf90a0000534214000066696c6531000000ed815cf928230053c215000066696c6532000000ed815cf928230053c215000066696c6533000000ed815cf91a040053420f000066696c6530000000ffa15cf9260000534211000066696c6531000000f4000000789c2baeacca4eccc9492d2aa61d030085492b1f13010000789c2baeacca4eccc9492d2a1e658c324619a30c1803005565c4a20041010000789cd32fc92dd02faeacd2cdcc4d4c4f4d4fcd3330373235b330b434d54fcbcc4935809000fab10c590000005a010000789c2baeacca4eccc9492d2a0600181e045500008301000093010000789cedc1010d000000c2a0f74f6d0e37a00000000000000080770320000001789c63601805a360141002000328000100"/416, 0x1a0}], 0x0, &(0x7f0000010200)) 09:54:59 executing program 3: r0 = perf_event_open(&(0x7f0000000000)={0x1000000002, 0x80, 0x800000000000013, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = epoll_create1(0x0) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000000)={0x6000000f}) epoll_pwait(r2, &(0x7f0000000100)=[{}], 0x1, 0x200035, 0x0, 0x0) writev(r0, 0x0, 0x0) dup3(r1, r2, 0x0) r3 = socket$unix(0x1, 0x1, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, &(0x7f0000000240)) 09:54:59 executing program 2: syz_mount_image$minix(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000180)=[{&(0x7f0000010000)="00040000000001000100440000000000ffffff7f800000005a4d", 0x1a, 0x400}, {&(0x7f0000000a00)="feffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0300000000e0ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0000000000000009ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffed4103", 0x783, 0x880}, {0x0, 0x0, 0x11000}], 0x0, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') creat(&(0x7f00000001c0)='./file0\x00', 0x0) rename(&(0x7f0000000080)='./file0\x00', &(0x7f00000002c0)='./file1\x00') [ 860.906838][T31787] FAULT_INJECTION: forcing a failure. [ 860.906838][T31787] name failslab, interval 1, probability 0, space 0, times 0 [ 860.928676][T31787] CPU: 0 PID: 31787 Comm: syz-executor.1 Not tainted 5.14.0-rc2-syzkaller #0 [ 860.943288][T31787] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 [ 860.954356][T31793] loop2: detected capacity change from 0 to 272 [ 860.957370][T31787] Call Trace: [ 860.970675][T31787] dump_stack_lvl+0xcd/0x134 [ 860.977426][T31787] should_fail.cold+0x5/0xa [ 860.983586][T31787] ? tomoyo_encode2.part.0+0xe9/0x3a0 [ 860.991089][T31787] should_failslab+0x5/0x10 [ 860.997546][T31787] __kmalloc+0x7e/0x4d0 [ 861.003302][T31787] ? tomoyo_realpath_from_path+0xc3/0x620 [ 861.011203][T31787] tomoyo_encode2.part.0+0xe9/0x3a0 [ 861.020297][T31787] tomoyo_encode+0x28/0x50 [ 861.027146][T31787] tomoyo_realpath_from_path+0x186/0x620 [ 861.036464][T31787] ? tomoyo_profile+0x42/0x50 [ 861.043796][T31787] tomoyo_path_perm+0x21b/0x400 [ 861.050538][T31787] ? tomoyo_path_perm+0x1c1/0x400 [ 861.058759][T31787] ? tomoyo_check_open_permission+0x380/0x380 [ 861.068964][T31787] ? find_held_lock+0x2d/0x110 [ 861.077371][T31787] security_path_truncate+0xcf/0x140 [ 861.086399][T31787] do_sys_ftruncate+0x4d8/0x8e0 [ 861.093873][T31787] do_syscall_64+0x35/0xb0 [ 861.100358][T31787] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 861.108693][T31787] RIP: 0033:0x4665a7 [ 861.113332][T31787] Code: 48 89 e7 e8 cb e5 ff ff 48 8b 4c 24 18 64 48 2b 0c 25 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 1a 00 00 90 b8 4d 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 [ 861.145281][T31787] RSP: 002b:00007f275d915f48 EFLAGS: 00000217 ORIG_RAX: 000000000000004d [ 861.159652][T31787] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00000000004665a7 [ 861.172374][T31787] RDX: 0000000000000000 RSI: 0000000000002000 RDI: 0000000000000004 [ 861.185064][T31787] RBP: 0000000000000001 R08: 0000000000000000 R09: ffffffffffffffff [ 861.196088][T31787] R10: 0000000000000001 R11: 0000000000000217 R12: 0000000000000004 [ 861.207214][T31787] R13: 0000000000000004 R14: 0000000000002000 R15: 0000000020010200 09:54:59 executing program 0: r0 = perf_event_open(&(0x7f0000000000)={0x1000000002, 0x80, 0x800000000000013, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = epoll_create1(0x0) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000000)={0x6000000f}) epoll_pwait(r2, &(0x7f0000000100)=[{}], 0x1, 0x200035, 0x0, 0x0) writev(r0, 0x0, 0x0) dup3(r1, r2, 0x0) r3 = socket$unix(0x1, 0x1, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, &(0x7f0000000240)) [ 861.281983][T31787] ERROR: Out of memory at tomoyo_realpath_from_path. 09:54:59 executing program 3: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x3f) getsockname$packet(r4, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a) sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000005c0)=ANY=[@ANYBLOB="3800000010000507000200"/20, @ANYRES32=r5, @ANYBLOB="19000016010000001800120008000100736974000c00020008000300", @ANYRES32=r6], 0x38}}, 0x0) sendmsg$nl_route(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=@ipv6_newaddr={0x2c, 0x14, 0x121, 0x0, 0x0, {0xa, 0x40, 0x0, 0x0, r6}, [@IFA_ADDRESS={0x14, 0x1, @rand_addr=' \x01\x00'}]}, 0x2c}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x121, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r6}, [@IFA_ADDRESS={0x14, 0x1, @rand_addr=' \x01\x00'}, @IFA_FLAGS={0x8, 0x8, 0x308}]}, 0x34}}, 0x0) sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0) [ 861.328320][T31787] loop1: detected capacity change from 0 to 16 [ 861.349543][T31787] MTD: Attempt to mount non-MTD device "/dev/loop1" 09:54:59 executing program 1 (fault-call:0 fault-nth:9): syz_mount_image$cramfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="453dcd28002000000300000000000000436f6d7072657373656420524f4d46537d359c1c000000000600000008000000436f6d70726573736564000000000000c0415cf968000053c0040000ed815cf964000053c30d000066696c652e636f6c64000000ed415cf928000053420b000066696c6530000000ed815cf90a0000534214000066696c6531000000ed815cf928230053c215000066696c6532000000ed815cf928230053c215000066696c6533000000ed815cf91a040053420f000066696c6530000000ffa15cf9260000534211000066696c6531000000f4000000789c2baeacca4eccc9492d2aa61d030085492b1f13010000789c2baeacca4eccc9492d2a1e658c324619a30c1803005565c4a20041010000789cd32fc92dd02faeacd2cdcc4d4c4f4d4fcd3330373235b330b434d54fcbcc4935809000fab10c590000005a010000789c2baeacca4eccc9492d2a0600181e045500008301000093010000789cedc1010d000000c2a0f74f6d0e37a00000000000000080770320000001789c63601805a360141002000328000100"/416, 0x1a0}], 0x0, &(0x7f0000010200)) 09:54:59 executing program 2: syz_mount_image$minix(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000180)=[{&(0x7f0000010000)="00040000000001000100440000000000ffffff7f800000005a4d", 0x1a, 0x400}, {&(0x7f0000000a00)="feffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0300000000e0ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0000000000000009ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffed4103", 0x783, 0x880}, {0x0, 0x0, 0x11000}], 0x0, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') creat(&(0x7f00000001c0)='./file0\x00', 0x0) rename(&(0x7f0000000080)='./file0\x00', &(0x7f00000002c0)='./file1\x00') 09:55:00 executing program 0: r0 = perf_event_open(&(0x7f0000000000)={0x1000000002, 0x80, 0x800000000000013, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = epoll_create1(0x0) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000000)={0x6000000f}) epoll_pwait(r2, &(0x7f0000000100)=[{}], 0x1, 0x200035, 0x0, 0x0) writev(r0, 0x0, 0x0) dup3(r1, r2, 0x0) r3 = socket$unix(0x1, 0x1, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, &(0x7f0000000240)) 09:55:00 executing program 3: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x3f) getsockname$packet(r4, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a) sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000005c0)=ANY=[@ANYBLOB="3800000010000507000200"/20, @ANYRES32=r5, @ANYBLOB="19000016010000001800120008000100736974000c00020008000300", @ANYRES32=r6], 0x38}}, 0x0) sendmsg$nl_route(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=@ipv6_newaddr={0x2c, 0x14, 0x121, 0x0, 0x0, {0xa, 0x40, 0x0, 0x0, r6}, [@IFA_ADDRESS={0x14, 0x1, @rand_addr=' \x01\x00'}]}, 0x2c}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x121, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r6}, [@IFA_ADDRESS={0x14, 0x1, @rand_addr=' \x01\x00'}, @IFA_FLAGS={0x8, 0x8, 0x308}]}, 0x34}}, 0x0) sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0) [ 861.569482][T31829] FAULT_INJECTION: forcing a failure. [ 861.569482][T31829] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 861.592210][T31829] CPU: 2 PID: 31829 Comm: syz-executor.1 Not tainted 5.14.0-rc2-syzkaller #0 [ 861.600837][T31836] loop2: detected capacity change from 0 to 272 [ 861.604112][T31829] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 [ 861.604204][T31829] Call Trace: [ 861.604218][T31829] dump_stack_lvl+0xcd/0x134 [ 861.637239][T31829] should_fail.cold+0x5/0xa [ 861.643762][T31829] prepare_alloc_pages+0x17b/0x580 [ 861.651207][T31829] __alloc_pages+0x12f/0x500 [ 861.657392][T31829] ? __alloc_pages_slowpath.constprop.0+0x21b0/0x21b0 [ 861.667755][T31829] ? avc_has_perm_noaudit+0x1c8/0x390 [ 861.675718][T31829] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 861.684615][T31829] alloc_pages_vma+0xd9/0x710 [ 861.691530][T31829] shmem_alloc_page+0x11f/0x1f0 [ 861.698562][T31829] ? shmem_link+0x360/0x360 [ 861.704632][T31829] ? lock_downgrade+0x6e0/0x6e0 [ 861.712318][T31829] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 861.721929][T31829] ? percpu_counter_add_batch+0xbd/0x180 [ 861.729512][T31829] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 861.735551][T31829] ? __vm_enough_memory+0x184/0x360 [ 861.741033][T31829] shmem_alloc_and_acct_page+0x161/0x8c0 [ 861.746922][T31829] shmem_getpage_gfp+0x6b2/0x2780 [ 861.752152][T31829] ? shmem_unuse_inode+0x1060/0x1060 [ 861.757659][T31829] ? ktime_get_coarse_real_ts64+0x1b7/0x200 [ 861.776523][T31829] ? lockdep_hardirqs_on+0x79/0x100 [ 861.784597][T31829] ? __sanitizer_cov_trace_cmp4+0x1c/0x70 [ 861.792403][T31829] shmem_write_begin+0xf9/0x1d0 [ 861.799184][T31829] generic_perform_write+0x202/0x500 [ 861.806361][T31829] ? generic_file_readonly_mmap+0x1b0/0x1b0 [ 861.819715][T31829] ? current_time+0x2c0/0x2c0 [ 861.825546][T31829] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 861.834187][T31829] ? generic_write_checks+0x2a9/0x380 [ 861.840935][T31829] __generic_file_write_iter+0x24e/0x610 [ 861.848581][T31829] generic_file_write_iter+0xd7/0x220 [ 861.856385][T31829] ? iov_iter_init+0x45/0x180 [ 861.863387][T31829] new_sync_write+0x426/0x650 [ 861.870181][T31829] ? new_sync_read+0x6e0/0x6e0 [ 861.876411][T31829] ? lock_release+0x720/0x720 [ 861.882781][T31829] ? selinux_file_permission+0x36/0x520 [ 861.890363][T31829] vfs_write+0x75a/0xa40 [ 861.896568][T31829] __x64_sys_pwrite64+0x1fd/0x250 [ 861.904760][T31829] ? ksys_pwrite64+0x1a0/0x1a0 [ 861.910376][T31829] ? syscall_enter_from_user_mode+0x21/0x70 [ 861.918254][T31829] do_syscall_64+0x35/0xb0 [ 861.925342][T31829] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 861.934510][T31829] RIP: 0033:0x419787 [ 861.939742][T31829] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 861.968927][T31829] RSP: 002b:00007f275d915f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 861.979963][T31829] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000419787 [ 861.990957][T31829] RDX: 00000000000001a0 RSI: 0000000020010000 RDI: 0000000000000004 [ 862.004686][T31829] RBP: 0000000000000001 R08: 0000000000000000 R09: ffffffffffffffff [ 862.032344][T31829] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 862.043771][T31829] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 09:55:00 executing program 3: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x3f) getsockname$packet(r4, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a) sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000005c0)=ANY=[@ANYBLOB="3800000010000507000200"/20, @ANYRES32=r5, @ANYBLOB="19000016010000001800120008000100736974000c00020008000300", @ANYRES32=r6], 0x38}}, 0x0) sendmsg$nl_route(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=@ipv6_newaddr={0x2c, 0x14, 0x121, 0x0, 0x0, {0xa, 0x40, 0x0, 0x0, r6}, [@IFA_ADDRESS={0x14, 0x1, @rand_addr=' \x01\x00'}]}, 0x2c}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x121, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r6}, [@IFA_ADDRESS={0x14, 0x1, @rand_addr=' \x01\x00'}, @IFA_FLAGS={0x8, 0x8, 0x308}]}, 0x34}}, 0x0) sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0) 09:55:00 executing program 2: syz_mount_image$minix(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000180)=[{&(0x7f0000010000)="00040000000001000100440000000000ffffff7f800000005a4d", 0x1a, 0x400}, {&(0x7f0000000a00)="feffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0300000000e0ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0000000000000009ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffed4103", 0x783, 0x880}, {0x0, 0x0, 0x11000}], 0x0, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') creat(&(0x7f00000001c0)='./file0\x00', 0x0) rename(&(0x7f0000000080)='./file0\x00', &(0x7f00000002c0)='./file1\x00') [ 862.097211][T31829] loop1: detected capacity change from 0 to 16 [ 862.127806][T31829] MTD: Attempt to mount non-MTD device "/dev/loop1" [ 862.145606][T31829] cramfs: wrong magic 09:55:00 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x3f) getsockname$packet(r4, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a) sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000005c0)=ANY=[@ANYBLOB="3800000010000507000200"/20, @ANYRES32=r5, @ANYBLOB="19000016010000001800120008000100736974000c00020008000300", @ANYRES32=r6], 0x38}}, 0x0) sendmsg$nl_route(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=@ipv6_newaddr={0x2c, 0x14, 0x121, 0x0, 0x0, {0xa, 0x40, 0x0, 0x0, r6}, [@IFA_ADDRESS={0x14, 0x1, @rand_addr=' \x01\x00'}]}, 0x2c}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x121, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r6}, [@IFA_ADDRESS={0x14, 0x1, @rand_addr=' \x01\x00'}, @IFA_FLAGS={0x8, 0x8, 0x308}]}, 0x34}}, 0x0) sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0) 09:55:00 executing program 3: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x3f) getsockname$packet(r4, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a) sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000005c0)=ANY=[@ANYBLOB="3800000010000507000200"/20, @ANYRES32=r5, @ANYBLOB="19000016010000001800120008000100736974000c00020008000300", @ANYRES32=r6], 0x38}}, 0x0) sendmsg$nl_route(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=@ipv6_newaddr={0x2c, 0x14, 0x121, 0x0, 0x0, {0xa, 0x40, 0x0, 0x0, r6}, [@IFA_ADDRESS={0x14, 0x1, @rand_addr=' \x01\x00'}]}, 0x2c}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x121, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r6}, [@IFA_ADDRESS={0x14, 0x1, @rand_addr=' \x01\x00'}, @IFA_FLAGS={0x8, 0x8, 0x308}]}, 0x34}}, 0x0) sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0) 09:55:00 executing program 1 (fault-call:0 fault-nth:10): syz_mount_image$cramfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="453dcd28002000000300000000000000436f6d7072657373656420524f4d46537d359c1c000000000600000008000000436f6d70726573736564000000000000c0415cf968000053c0040000ed815cf964000053c30d000066696c652e636f6c64000000ed415cf928000053420b000066696c6530000000ed815cf90a0000534214000066696c6531000000ed815cf928230053c215000066696c6532000000ed815cf928230053c215000066696c6533000000ed815cf91a040053420f000066696c6530000000ffa15cf9260000534211000066696c6531000000f4000000789c2baeacca4eccc9492d2aa61d030085492b1f13010000789c2baeacca4eccc9492d2a1e658c324619a30c1803005565c4a20041010000789cd32fc92dd02faeacd2cdcc4d4c4f4d4fcd3330373235b330b434d54fcbcc4935809000fab10c590000005a010000789c2baeacca4eccc9492d2a0600181e045500008301000093010000789cedc1010d000000c2a0f74f6d0e37a00000000000000080770320000001789c63601805a360141002000328000100"/416, 0x1a0}], 0x0, &(0x7f0000010200)) [ 862.227767][T31858] loop2: detected capacity change from 0 to 272 [ 862.277648][T31866] FAULT_INJECTION: forcing a failure. [ 862.277648][T31866] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 862.296370][T31866] CPU: 1 PID: 31866 Comm: syz-executor.1 Not tainted 5.14.0-rc2-syzkaller #0 09:55:00 executing program 3: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x3f) getsockname$packet(r4, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a) sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000005c0)=ANY=[@ANYBLOB="3800000010000507000200"/20, @ANYRES32=r5, @ANYBLOB="19000016010000001800120008000100736974000c00020008000300", @ANYRES32=r6], 0x38}}, 0x0) sendmsg$nl_route(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=@ipv6_newaddr={0x2c, 0x14, 0x121, 0x0, 0x0, {0xa, 0x40, 0x0, 0x0, r6}, [@IFA_ADDRESS={0x14, 0x1, @rand_addr=' \x01\x00'}]}, 0x2c}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x121, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r6}, [@IFA_ADDRESS={0x14, 0x1, @rand_addr=' \x01\x00'}, @IFA_FLAGS={0x8, 0x8, 0x308}]}, 0x34}}, 0x0) sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0) [ 862.321606][T31866] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 [ 862.336932][T31866] Call Trace: [ 862.341779][T31866] dump_stack_lvl+0xcd/0x134 [ 862.349303][T31866] should_fail.cold+0x5/0xa [ 862.356123][T31866] prepare_alloc_pages+0x17b/0x580 [ 862.363450][T31866] __alloc_pages+0x12f/0x500 [ 862.369375][T31866] ? __alloc_pages_slowpath.constprop.0+0x21b0/0x21b0 [ 862.377330][T31866] ? avc_has_perm_noaudit+0x1c8/0x390 [ 862.384680][T31866] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 862.393135][T31866] alloc_pages_vma+0xd9/0x710 [ 862.399621][T31866] shmem_alloc_page+0x11f/0x1f0 [ 862.407970][T31866] ? shmem_link+0x360/0x360 09:55:00 executing program 3: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x3f) getsockname$packet(r4, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a) sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000005c0)=ANY=[@ANYBLOB="3800000010000507000200"/20, @ANYRES32=r5, @ANYBLOB="19000016010000001800120008000100736974000c00020008000300", @ANYRES32=r6], 0x38}}, 0x0) sendmsg$nl_route(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=@ipv6_newaddr={0x2c, 0x14, 0x121, 0x0, 0x0, {0xa, 0x40, 0x0, 0x0, r6}, [@IFA_ADDRESS={0x14, 0x1, @rand_addr=' \x01\x00'}]}, 0x2c}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x121, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r6}, [@IFA_ADDRESS={0x14, 0x1, @rand_addr=' \x01\x00'}, @IFA_FLAGS={0x8, 0x8, 0x308}]}, 0x34}}, 0x0) sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0) [ 862.414661][T31866] ? lock_downgrade+0x6e0/0x6e0 [ 862.421965][T31866] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 862.431213][T31866] ? percpu_counter_add_batch+0xbd/0x180 [ 862.439960][T31866] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 862.449643][T31866] ? __vm_enough_memory+0x184/0x360 [ 862.457197][T31866] shmem_alloc_and_acct_page+0x161/0x8c0 [ 862.466846][T31866] shmem_getpage_gfp+0x6b2/0x2780 [ 862.477783][T31866] ? shmem_unuse_inode+0x1060/0x1060 [ 862.486695][T31866] ? ktime_get_coarse_real_ts64+0x1b7/0x200 [ 862.498541][T31866] ? lockdep_hardirqs_on+0x79/0x100 [ 862.505663][T31866] ? __sanitizer_cov_trace_cmp4+0x1c/0x70 [ 862.505704][T31866] shmem_write_begin+0xf9/0x1d0 [ 862.505733][T31866] generic_perform_write+0x202/0x500 [ 862.528524][T31866] ? generic_file_readonly_mmap+0x1b0/0x1b0 [ 862.535214][T31866] ? current_time+0x2c0/0x2c0 [ 862.541877][T31866] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 862.551187][T31866] ? generic_write_checks+0x2a9/0x380 [ 862.559835][T31866] __generic_file_write_iter+0x24e/0x610 [ 862.567560][T31866] generic_file_write_iter+0xd7/0x220 [ 862.576150][T31866] ? iov_iter_init+0x45/0x180 09:55:01 executing program 3: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x3f) getsockname$packet(r4, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a) sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000005c0)=ANY=[@ANYBLOB="3800000010000507000200"/20, @ANYRES32=r5, @ANYBLOB="19000016010000001800120008000100736974000c00020008000300", @ANYRES32=r6], 0x38}}, 0x0) sendmsg$nl_route(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=@ipv6_newaddr={0x2c, 0x14, 0x121, 0x0, 0x0, {0xa, 0x40, 0x0, 0x0, r6}, [@IFA_ADDRESS={0x14, 0x1, @rand_addr=' \x01\x00'}]}, 0x2c}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x121, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r6}, [@IFA_ADDRESS={0x14, 0x1, @rand_addr=' \x01\x00'}, @IFA_FLAGS={0x8, 0x8, 0x308}]}, 0x34}}, 0x0) sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0) [ 862.582573][T31866] new_sync_write+0x426/0x650 [ 862.588885][T31866] ? new_sync_read+0x6e0/0x6e0 [ 862.596561][T31866] ? lock_release+0x720/0x720 [ 862.603207][T31866] ? selinux_file_permission+0x36/0x520 [ 862.630289][T31866] vfs_write+0x75a/0xa40 [ 862.636076][T31866] __x64_sys_pwrite64+0x1fd/0x250 [ 862.644993][T31866] ? ksys_pwrite64+0x1a0/0x1a0 [ 862.652229][T31866] ? syscall_enter_from_user_mode+0x21/0x70 [ 862.662036][T31866] do_syscall_64+0x35/0xb0 [ 862.670713][T31866] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 862.679580][T31866] RIP: 0033:0x419787 [ 862.684790][T31866] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b [ 862.713631][T31866] RSP: 002b:00007f275d915f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 862.728461][T31866] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 0000000000419787 [ 862.741624][T31866] RDX: 00000000000001a0 RSI: 0000000020010000 RDI: 0000000000000004 [ 862.752714][T31866] RBP: 0000000000000001 R08: 0000000000000000 R09: ffffffffffffffff [ 862.764258][T31866] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 862.776378][T31866] R13: 0000000000000004 R14: 0000000020000200 R15: 0000000000000000 09:55:01 executing program 2: syz_mount_image$minix(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000180)=[{&(0x7f0000010000)="00040000000001000100440000000000ffffff7f800000005a4d", 0x1a, 0x400}, {&(0x7f0000000a00)="feffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0300000000e0ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0000000000000009ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffed4103", 0x783, 0x880}, {0x0, 0x0, 0x11000}], 0x0, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') creat(&(0x7f00000001c0)='./file0\x00', 0x0) rename(&(0x7f0000000080)='./file0\x00', &(0x7f00000002c0)='./file1\x00') 09:55:01 executing program 3: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x3f) getsockname$packet(r4, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a) sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000005c0)=ANY=[@ANYBLOB="3800000010000507000200"/20, @ANYRES32=r5, @ANYBLOB="19000016010000001800120008000100736974000c00020008000300", @ANYRES32=r6], 0x38}}, 0x0) sendmsg$nl_route(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=@ipv6_newaddr={0x2c, 0x14, 0x121, 0x0, 0x0, {0xa, 0x40, 0x0, 0x0, r6}, [@IFA_ADDRESS={0x14, 0x1, @rand_addr=' \x01\x00'}]}, 0x2c}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x121, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r6}, [@IFA_ADDRESS={0x14, 0x1, @rand_addr=' \x01\x00'}, @IFA_FLAGS={0x8, 0x8, 0x308}]}, 0x34}}, 0x0) sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0) 09:55:01 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x3f) getsockname$packet(r4, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a) sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000005c0)=ANY=[@ANYBLOB="3800000010000507000200"/20, @ANYRES32=r5, @ANYBLOB="19000016010000001800120008000100736974000c00020008000300", @ANYRES32=r6], 0x38}}, 0x0) sendmsg$nl_route(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=@ipv6_newaddr={0x2c, 0x14, 0x121, 0x0, 0x0, {0xa, 0x40, 0x0, 0x0, r6}, [@IFA_ADDRESS={0x14, 0x1, @rand_addr=' \x01\x00'}]}, 0x2c}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x121, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r6}, [@IFA_ADDRESS={0x14, 0x1, @rand_addr=' \x01\x00'}, @IFA_FLAGS={0x8, 0x8, 0x308}]}, 0x34}}, 0x0) sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0) [ 862.817800][T31866] loop1: detected capacity change from 0 to 16 [ 862.836744][T31866] MTD: Attempt to mount non-MTD device "/dev/loop1" 09:55:01 executing program 3: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x3f) getsockname$packet(r4, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a) sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000005c0)=ANY=[@ANYBLOB="3800000010000507000200"/20, @ANYRES32=r5, @ANYBLOB="19000016010000001800120008000100736974000c00020008000300", @ANYRES32=r6], 0x38}}, 0x0) sendmsg$nl_route(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=@ipv6_newaddr={0x2c, 0x14, 0x121, 0x0, 0x0, {0xa, 0x40, 0x0, 0x0, r6}, [@IFA_ADDRESS={0x14, 0x1, @rand_addr=' \x01\x00'}]}, 0x2c}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x121, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r6}, [@IFA_ADDRESS={0x14, 0x1, @rand_addr=' \x01\x00'}, @IFA_FLAGS={0x8, 0x8, 0x308}]}, 0x34}}, 0x0) sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0) [ 862.871227][T31866] cramfs: wrong magic [ 862.954928][T31893] loop2: detected capacity change from 0 to 272 09:55:01 executing program 1 (fault-call:0 fault-nth:11): syz_mount_image$cramfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="453dcd28002000000300000000000000436f6d7072657373656420524f4d46537d359c1c000000000600000008000000436f6d70726573736564000000000000c0415cf968000053c0040000ed815cf964000053c30d000066696c652e636f6c64000000ed415cf928000053420b000066696c6530000000ed815cf90a0000534214000066696c6531000000ed815cf928230053c215000066696c6532000000ed815cf928230053c215000066696c6533000000ed815cf91a040053420f000066696c6530000000ffa15cf9260000534211000066696c6531000000f4000000789c2baeacca4eccc9492d2aa61d030085492b1f13010000789c2baeacca4eccc9492d2a1e658c324619a30c1803005565c4a20041010000789cd32fc92dd02faeacd2cdcc4d4c4f4d4fcd3330373235b330b434d54fcbcc4935809000fab10c590000005a010000789c2baeacca4eccc9492d2a0600181e045500008301000093010000789cedc1010d000000c2a0f74f6d0e37a00000000000000080770320000001789c63601805a360141002000328000100"/416, 0x1a0}], 0x0, &(0x7f0000010200)) 09:55:01 executing program 3: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x3f) getsockname$packet(r4, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a) sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000005c0)=ANY=[@ANYBLOB="3800000010000507000200"/20, @ANYRES32=r5, @ANYBLOB="19000016010000001800120008000100736974000c00020008000300", @ANYRES32=r6], 0x38}}, 0x0) sendmsg$nl_route(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=@ipv6_newaddr={0x2c, 0x14, 0x121, 0x0, 0x0, {0xa, 0x40, 0x0, 0x0, r6}, [@IFA_ADDRESS={0x14, 0x1, @rand_addr=' \x01\x00'}]}, 0x2c}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x121, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r6}, [@IFA_ADDRESS={0x14, 0x1, @rand_addr=' \x01\x00'}, @IFA_FLAGS={0x8, 0x8, 0x308}]}, 0x34}}, 0x0) sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0) 09:55:01 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x3f) getsockname$packet(r4, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a) sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000005c0)=ANY=[@ANYBLOB="3800000010000507000200"/20, @ANYRES32=r5, @ANYBLOB="19000016010000001800120008000100736974000c00020008000300", @ANYRES32=r6], 0x38}}, 0x0) sendmsg$nl_route(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=@ipv6_newaddr={0x2c, 0x14, 0x121, 0x0, 0x0, {0xa, 0x40, 0x0, 0x0, r6}, [@IFA_ADDRESS={0x14, 0x1, @rand_addr=' \x01\x00'}]}, 0x2c}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x121, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r6}, [@IFA_ADDRESS={0x14, 0x1, @rand_addr=' \x01\x00'}, @IFA_FLAGS={0x8, 0x8, 0x308}]}, 0x34}}, 0x0) sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0) 09:55:01 executing program 2: syz_mount_image$minix(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000180)=[{&(0x7f0000010000)="00040000000001000100440000000000ffffff7f800000005a4d", 0x1a, 0x400}, {&(0x7f0000000a00)="feffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0300000000e0ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0000000000000009ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffed4103", 0x783, 0x880}, {0x0, 0x0, 0x11000}], 0x0, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') creat(&(0x7f00000001c0)='./file0\x00', 0x0) rename(&(0x7f0000000080)='./file0\x00', &(0x7f00000002c0)='./file1\x00') [ 863.055883][T31913] FAULT_INJECTION: forcing a failure. [ 863.055883][T31913] name failslab, interval 1, probability 0, space 0, times 0 [ 863.084731][T31913] CPU: 1 PID: 31913 Comm: syz-executor.1 Not tainted 5.14.0-rc2-syzkaller #0 [ 863.097042][T31913] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 [ 863.125985][T31913] Call Trace: [ 863.130566][T31913] dump_stack_lvl+0xcd/0x134 09:55:01 executing program 0: syz_mount_image$minix(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000180)=[{&(0x7f0000010000)="00040000000001000100440000000000ffffff7f800000005a4d", 0x1a, 0x400}, {&(0x7f0000000a00)="feffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0300000000e0ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0000000000000009ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffed4103", 0x783, 0x880}, {0x0, 0x0, 0x11000}], 0x0, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') creat(&(0x7f00000001c0)='./file0\x00', 0x0) rename(&(0x7f0000000080)='./file0\x00', &(0x7f00000002c0)='./file1\x00') [ 863.142166][T31913] should_fail.cold+0x5/0xa [ 863.149338][T31916] loop0: detected capacity change from 0 to 272 [ 863.156025][T31913] ? tomoyo_encode2.part.0+0xe9/0x3a0 [ 863.156076][T31913] should_failslab+0x5/0x10 [ 863.156112][T31913] __kmalloc+0x7e/0x4d0 [ 863.156136][T31913] ? tomoyo_realpath_from_path+0xc3/0x620 09:55:01 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3000002, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) r2 = dup(r1) [ 863.156176][T31913] tomoyo_encode2.part.0+0xe9/0x3a0 write$UHID_INPUT(r2, &(0x7f0000001040)={0x6806, {"a2e3ad21ed6b52f99cfbf4c087f70eb4d04fe7ff7fc6e5539b356e0e8b546a1b373194090890e0878f0e1ac6e7049b71b4959b409a242a5b67f3988f7ef319520100ffe8d178708c523c921b1b5d30070d9b44d336cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63e91c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecd03aded6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca5b6bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27afc953854a642c57519544ae15a7e454dea05918b4124351601611c8f11baa500a3621c56cea8d20ff911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a60560a22f1fca567e65d5e880572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae979babc7041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202fd28f28381aab144a5d429a04a689b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2f05dd3318271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eefc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a7288afe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf02b98a269b891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615f7084a607a7eceb6243378e0610060f02cca4051c2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c4e15a7b6eb65ca8104e1b4da1fbb77ab2fc043aead87c32ab875ee7c2e7b7019c902cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad948741b2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd73643de50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73c497579773767075428067e7f16f4dde374f8211fef42cb468e623daf60b3569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d3414442e863a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae44369ddb4581c55925d0f6f1ba571eba281f259152f85a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e05130935e00785ec27e923911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9ddbfb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee29165895ac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463181f4b87c10772d2b12f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76d57227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f84fad6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21e35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc238a081ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c60edddab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec014508e5247d33ae6c962d35603ff8454c16f8342856935125102bb784ed714887071f3d998efdd9923c954ab6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee658e4cb5e930ed624806c43a006dc9336d07c2b8081c128ad2706f48261f7897084c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da3932ba5c04c24a560ad80a3ce654578376e599aff3565b1d531f30912b99e6619ebe93cc0b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e6491953264d2700c838fa2c7b34252600c9654e502dcea39cb6bc3eb69992e234b4ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ff1aa70826ad01a9b03c37b0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006) [ 863.156205][T31913] tomoyo_encode+0x28/0x50 [ 863.156230][T31913] tomoyo_realpath_from_path+0x186/0x620 [ 863.224590][T31913] ? tomoyo_profile+0x42/0x50 [ 863.231999][T31913] tomoyo_path_perm+0x21b/0x400 [ 863.238837][T31913] ? tomoyo_path_perm+0x1c1/0x400 [ 863.247523][T31913] ? tomoyo_check_open_permission+0x380/0x380 [ 863.258062][T31913] ? find_held_lock+0x2d/0x110 [ 863.265672][T31913] security_path_truncate+0xcf/0x140 [ 863.274739][T31913] do_sys_ftruncate+0x4d8/0x8e0 [ 863.282636][T31913] do_syscall_64+0x35/0xb0 [ 863.289036][T31913] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 863.299428][T31913] RIP: 0033:0x4665a7 09:55:01 executing program 0: syz_mount_image$minix(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000180)=[{&(0x7f0000010000)="00040000000001000100440000000000ffffff7f800000005a4d", 0x1a, 0x400}, {&(0x7f0000000a00)="feffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0300000000e0ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0000000000000009ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffed4103", 0x783, 0x880}, {0x0, 0x0, 0x11000}], 0x0, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') creat(&(0x7f00000001c0)='./file0\x00', 0x0) rename(&(0x7f0000000080)='./file0\x00', &(0x7f00000002c0)='./file1\x00') [ 863.305394][T31913] Code: 48 89 e7 e8 cb e5 ff ff 48 8b 4c 24 18 64 48 2b 0c 25 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 1a 00 00 90 b8 4d 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 [ 863.337258][T31913] RSP: 002b:00007f275d915f48 EFLAGS: 00000217 ORIG_RAX: 000000000000004d [ 863.349769][T31913] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 00000000004665a7 [ 863.363596][T31913] RDX: 0000000000000000 RSI: 0000000000002000 RDI: 0000000000000004 [ 863.376747][T31913] RBP: 0000000000000001 R08: 0000000000000000 R09: ffffffffffffffff [ 863.389529][T31913] R10: 0000000000000001 R11: 0000000000000217 R12: 0000000000000004 [ 863.400987][T31913] R13: 0000000000000004 R14: 0000000000002000 R15: 0000000020010200 [ 863.418866][T31913] ERROR: Out of memory at tomoyo_realpath_from_path. [ 863.437550][T31913] loop1: detected capacity change from 0 to 16 [ 863.441687][T31913] MTD: Attempt to mount non-MTD device "/dev/loop1" 09:55:02 executing program 1 (fault-call:0 fault-nth:12): syz_mount_image$cramfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="453dcd28002000000300000000000000436f6d7072657373656420524f4d46537d359c1c000000000600000008000000436f6d70726573736564000000000000c0415cf968000053c0040000ed815cf964000053c30d000066696c652e636f6c64000000ed415cf928000053420b000066696c6530000000ed815cf90a0000534214000066696c6531000000ed815cf928230053c215000066696c6532000000ed815cf928230053c215000066696c6533000000ed815cf91a040053420f000066696c6530000000ffa15cf9260000534211000066696c6531000000f4000000789c2baeacca4eccc9492d2aa61d030085492b1f13010000789c2baeacca4eccc9492d2a1e658c324619a30c1803005565c4a20041010000789cd32fc92dd02faeacd2cdcc4d4c4f4d4fcd3330373235b330b434d54fcbcc4935809000fab10c590000005a010000789c2baeacca4eccc9492d2a0600181e045500008301000093010000789cedc1010d000000c2a0f74f6d0e37a00000000000000080770320000001789c63601805a360141002000328000100"/416, 0x1a0}], 0x0, &(0x7f0000010200)) 09:55:02 executing program 0: syz_mount_image$minix(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000180)=[{&(0x7f0000010000)="00040000000001000100440000000000ffffff7f800000005a4d", 0x1a, 0x400}, {&(0x7f0000000a00)="feffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0300000000e0ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0000000000000009ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffed4103", 0x783, 0x880}, {0x0, 0x0, 0x11000}], 0x0, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') creat(&(0x7f00000001c0)='./file0\x00', 0x0) rename(&(0x7f0000000080)='./file0\x00', &(0x7f00000002c0)='./file1\x00') 09:55:02 executing program 1 (fault-call:0 fault-nth:13): syz_mount_image$cramfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="453dcd28002000000300000000000000436f6d7072657373656420524f4d46537d359c1c000000000600000008000000436f6d70726573736564000000000000c0415cf968000053c0040000ed815cf964000053c30d000066696c652e636f6c64000000ed415cf928000053420b000066696c6530000000ed815cf90a0000534214000066696c6531000000ed815cf928230053c215000066696c6532000000ed815cf928230053c215000066696c6533000000ed815cf91a040053420f000066696c6530000000ffa15cf9260000534211000066696c6531000000f4000000789c2baeacca4eccc9492d2aa61d030085492b1f13010000789c2baeacca4eccc9492d2a1e658c324619a30c1803005565c4a20041010000789cd32fc92dd02faeacd2cdcc4d4c4f4d4fcd3330373235b330b434d54fcbcc4935809000fab10c590000005a010000789c2baeacca4eccc9492d2a0600181e045500008301000093010000789cedc1010d000000c2a0f74f6d0e37a00000000000000080770320000001789c63601805a360141002000328000100"/416, 0x1a0}], 0x0, &(0x7f0000010200)) 09:55:02 executing program 2: syz_mount_image$minix(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000180)=[{&(0x7f0000010000)="00040000000001000100440000000000ffffff7f800000005a4d", 0x1a, 0x400}, {&(0x7f0000000a00)="feffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0300000000e0ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0000000000000009ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffed4103", 0x783, 0x880}, {0x0, 0x0, 0x11000}], 0x0, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') creat(&(0x7f00000001c0)='./file0\x00', 0x0) rename(&(0x7f0000000080)='./file0\x00', &(0x7f00000002c0)='./file1\x00') [ 863.536981][T31925] loop0: detected capacity change from 0 to 272 [ 863.577080][T31930] loop2: detected capacity change from 0 to 272 [ 863.591157][T31931] FAULT_INJECTION: forcing a failure. [ 863.591157][T31931] name failslab, interval 1, probability 0, space 0, times 0 [ 863.591208][T31931] CPU: 0 PID: 31931 Comm: syz-executor.1 Not tainted 5.14.0-rc2-syzkaller #0 09:55:02 executing program 1 (fault-call:0 fault-nth:14): syz_mount_image$cramfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="453dcd28002000000300000000000000436f6d7072657373656420524f4d46537d359c1c000000000600000008000000436f6d70726573736564000000000000c0415cf968000053c0040000ed815cf964000053c30d000066696c652e636f6c64000000ed415cf928000053420b000066696c6530000000ed815cf90a0000534214000066696c6531000000ed815cf928230053c215000066696c6532000000ed815cf928230053c215000066696c6533000000ed815cf91a040053420f000066696c6530000000ffa15cf9260000534211000066696c6531000000f4000000789c2baeacca4eccc9492d2aa61d030085492b1f13010000789c2baeacca4eccc9492d2a1e658c324619a30c1803005565c4a20041010000789cd32fc92dd02faeacd2cdcc4d4c4f4d4fcd3330373235b330b434d54fcbcc4935809000fab10c590000005a010000789c2baeacca4eccc9492d2a0600181e045500008301000093010000789cedc1010d000000c2a0f74f6d0e37a00000000000000080770320000001789c63601805a360141002000328000100"/416, 0x1a0}], 0x0, &(0x7f0000010200)) [ 863.591230][T31931] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 [ 863.591243][T31931] Call Trace: [ 863.591256][T31931] dump_stack_lvl+0xcd/0x134 09:55:02 executing program 0: pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x803, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32, @ANYBLOB="ff03000000000000240012800b000100627269646765000014000280080001000004800008000500000001"], 0x44}}, 0x0) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x8001, 0x0) [ 863.591289][T31931] should_fail.cold+0x5/0xa [ 863.591328][T31931] should_failslab+0x5/0x10 [ 863.591365][T31931] kmem_cache_alloc+0x58/0x540 [ 863.591389][T31931] getname_flags.part.0+0x50/0x4f0 [ 863.591429][T31931] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 863.591467][T31931] getname+0x8e/0xd0 [ 863.591493][T31931] do_sys_openat2+0xf5/0x420 [ 863.591526][T31931] ? build_open_flags+0x6f0/0x6f0 [ 863.591559][T31931] ? __context_tracking_exit+0xb8/0xe0 [ 863.591660][T31931] ? lock_downgrade+0x6e0/0x6e0 [ 863.591691][T31931] __x64_sys_openat+0x13f/0x1f0 [ 863.591815][T31931] ? __ia32_sys_open+0x1c0/0x1c0 [ 863.591843][T31931] ? syscall_enter_from_user_mode+0x21/0x70 [ 863.591886][T31931] do_syscall_64+0x35/0xb0 [ 863.591912][T31931] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 863.591949][T31931] RIP: 0033:0x4196d4 [ 863.591969][T31931] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 863.591997][T31931] RSP: 002b:00007f275d915ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 863.592032][T31931] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 00000000004196d4 [ 863.592050][T31931] RDX: 0000000000000002 RSI: 00007f275d916000 RDI: 00000000ffffff9c [ 863.592071][T31931] RBP: 00007f275d916000 R08: 0000000000000000 R09: ffffffffffffffff [ 863.592091][T31931] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 863.592107][T31931] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 863.726622][T31938] loop0: detected capacity change from 0 to 272 [ 863.738251][T31940] FAULT_INJECTION: forcing a failure. [ 863.738251][T31940] name failslab, interval 1, probability 0, space 0, times 0 [ 863.738290][T31940] CPU: 0 PID: 31940 Comm: syz-executor.1 Not tainted 5.14.0-rc2-syzkaller #0 [ 863.738371][T31940] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 [ 863.738394][T31940] Call Trace: [ 863.738403][T31940] dump_stack_lvl+0xcd/0x134 [ 863.738442][T31940] should_fail.cold+0x5/0xa [ 863.738476][T31940] should_failslab+0x5/0x10 [ 863.738507][T31940] kmem_cache_alloc+0x58/0x540 [ 863.738541][T31940] __alloc_file+0x21/0x280 [ 863.738571][T31940] alloc_empty_file+0x6d/0x170 [ 863.738601][T31940] path_openat+0xde/0x27f0 [ 863.738636][T31940] ? __lock_acquire+0x162f/0x54a0 [ 863.738661][T31940] ? path_lookupat+0x860/0x860 [ 863.738738][T31940] ? mark_lock+0xef/0x17b0 [ 863.738772][T31940] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 863.738807][T31940] do_filp_open+0x1aa/0x400 [ 863.738836][T31940] ? may_open_dev+0xf0/0xf0 [ 863.738865][T31940] ? alloc_fd+0x2f0/0x670 [ 863.738934][T31940] ? lock_downgrade+0x6e0/0x6e0 [ 863.738960][T31940] ? rwlock_bug.part.0+0x90/0x90 [ 863.738983][T31940] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 863.739009][T31940] ? _find_next_bit+0x1e3/0x260 [ 863.739123][T31940] ? _raw_spin_unlock+0x24/0x40 [ 863.739155][T31940] ? alloc_fd+0x2f0/0x670 [ 863.739187][T31940] do_sys_openat2+0x16d/0x420 [ 863.739211][T31940] ? build_open_flags+0x6f0/0x6f0 [ 863.739242][T31940] ? __context_tracking_exit+0xb8/0xe0 [ 863.739267][T31940] ? lock_downgrade+0x6e0/0x6e0 [ 863.739294][T31940] __x64_sys_openat+0x13f/0x1f0 [ 863.739323][T31940] ? __ia32_sys_open+0x1c0/0x1c0 [ 863.739352][T31940] ? syscall_enter_from_user_mode+0x21/0x70 [ 863.739392][T31940] do_syscall_64+0x35/0xb0 [ 863.739426][T31940] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 863.739462][T31940] RIP: 0033:0x4196d4 [ 863.739481][T31940] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 863.739518][T31940] RSP: 002b:00007f275d915ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 863.739553][T31940] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 00000000004196d4 [ 863.739571][T31940] RDX: 0000000000000002 RSI: 00007f275d916000 RDI: 00000000ffffff9c [ 863.739595][T31940] RBP: 00007f275d916000 R08: 0000000000000000 R09: ffffffffffffffff [ 863.739611][T31940] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 863.739631][T31940] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 863.882545][T31943] loop2: detected capacity change from 0 to 272 [ 863.931619][T31946] FAULT_INJECTION: forcing a failure. [ 863.931619][T31946] name failslab, interval 1, probability 0, space 0, times 0 [ 863.931731][T31946] CPU: 2 PID: 31946 Comm: syz-executor.1 Not tainted 5.14.0-rc2-syzkaller #0 [ 863.931775][T31946] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 [ 863.931802][T31946] Call Trace: [ 863.931816][T31946] dump_stack_lvl+0xcd/0x134 [ 863.931855][T31946] should_fail.cold+0x5/0xa [ 863.931947][T31946] should_failslab+0x5/0x10 [ 863.931974][T31946] kmem_cache_alloc+0x58/0x540 [ 863.932006][T31946] __alloc_file+0x21/0x280 [ 863.932086][T31946] alloc_empty_file+0x6d/0x170 [ 864.050255][T31951] device bridge5 entered promiscuous mode [ 864.057016][T31946] path_openat+0xde/0x27f0 [ 864.057061][T31946] ? __lock_acquire+0x162f/0x54a0 [ 864.057092][T31946] ? path_lookupat+0x860/0x860 [ 864.057123][T31946] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 864.057152][T31946] do_filp_open+0x1aa/0x400 [ 864.057176][T31946] ? may_open_dev+0xf0/0xf0 [ 864.057198][T31946] ? alloc_fd+0x2f0/0x670 [ 864.676565][T31946] ? lock_downgrade+0x6e0/0x6e0 [ 864.676608][T31946] ? rwlock_bug.part.0+0x90/0x90 [ 864.676630][T31946] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 864.676655][T31946] ? _find_next_bit+0x1e3/0x260 [ 864.710470][T31946] ? _raw_spin_unlock+0x24/0x40 [ 864.718112][T31946] ? alloc_fd+0x2f0/0x670 [ 864.718149][T31946] do_sys_openat2+0x16d/0x420 [ 864.718172][T31946] ? build_open_flags+0x6f0/0x6f0 [ 864.718195][T31946] ? __context_tracking_exit+0xb8/0xe0 [ 864.718219][T31946] ? lock_downgrade+0x6e0/0x6e0 [ 864.718243][T31946] __x64_sys_openat+0x13f/0x1f0 [ 864.766826][T31946] ? __ia32_sys_open+0x1c0/0x1c0 [ 864.766871][T31946] ? syscall_enter_from_user_mode+0x21/0x70 [ 864.766911][T31946] do_syscall_64+0x35/0xb0 [ 864.766935][T31946] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 864.766963][T31946] RIP: 0033:0x4196d4 [ 864.766982][T31946] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 864.767006][T31946] RSP: 002b:00007f275d915ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 864.767039][T31946] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 00000000004196d4 [ 864.767056][T31946] RDX: 0000000000000002 RSI: 00007f275d916000 RDI: 00000000ffffff9c [ 864.767071][T31946] RBP: 00007f275d916000 R08: 0000000000000000 R09: ffffffffffffffff [ 864.767086][T31946] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 864.767110][T31946] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 09:55:03 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3000002, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) r2 = dup(r1) write$UHID_INPUT(r2, &(0x7f0000001040)={0x6806, {"a2e3ad21ed6b52f99cfbf4c087f70eb4d04fe7ff7fc6e5539b356e0e8b546a1b373194090890e0878f0e1ac6e7049b71b4959b409a242a5b67f3988f7ef319520100ffe8d178708c523c921b1b5d30070d9b44d336cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63e91c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecd03aded6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca5b6bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27afc953854a642c57519544ae15a7e454dea05918b4124351601611c8f11baa500a3621c56cea8d20ff911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a60560a22f1fca567e65d5e880572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae979babc7041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202fd28f28381aab144a5d429a04a689b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2f05dd3318271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eefc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a7288afe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf02b98a269b891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615f7084a607a7eceb6243378e0610060f02cca4051c2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c4e15a7b6eb65ca8104e1b4da1fbb77ab2fc043aead87c32ab875ee7c2e7b7019c902cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad948741b2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd73643de50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73c497579773767075428067e7f16f4dde374f8211fef42cb468e623daf60b3569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d3414442e863a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae44369ddb4581c55925d0f6f1ba571eba281f259152f85a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e05130935e00785ec27e923911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9ddbfb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee29165895ac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463181f4b87c10772d2b12f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76d57227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f84fad6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21e35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc238a081ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c60edddab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec014508e5247d33ae6c962d35603ff8454c16f8342856935125102bb784ed714887071f3d998efdd9923c954ab6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee658e4cb5e930ed624806c43a006dc9336d07c2b8081c128ad2706f48261f7897084c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da3932ba5c04c24a560ad80a3ce654578376e599aff3565b1d531f30912b99e6619ebe93cc0b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e6491953264d2700c838fa2c7b34252600c9654e502dcea39cb6bc3eb69992e234b4ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ff1aa70826ad01a9b03c37b0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006) 09:55:03 executing program 2: syz_mount_image$minix(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x3, &(0x7f0000000180)=[{&(0x7f0000010000)="00040000000001000100440000000000ffffff7f800000005a4d", 0x1a, 0x400}, {&(0x7f0000000a00)="feffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0300000000e0ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0000000000000009ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffed4103", 0x783, 0x880}, {0x0, 0x0, 0x11000}], 0x0, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f0000000040)='./file0\x00') creat(&(0x7f00000001c0)='./file0\x00', 0x0) rename(&(0x7f0000000080)='./file0\x00', &(0x7f00000002c0)='./file1\x00') 09:55:03 executing program 1 (fault-call:0 fault-nth:15): syz_mount_image$cramfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="453dcd28002000000300000000000000436f6d7072657373656420524f4d46537d359c1c000000000600000008000000436f6d70726573736564000000000000c0415cf968000053c0040000ed815cf964000053c30d000066696c652e636f6c64000000ed415cf928000053420b000066696c6530000000ed815cf90a0000534214000066696c6531000000ed815cf928230053c215000066696c6532000000ed815cf928230053c215000066696c6533000000ed815cf91a040053420f000066696c6530000000ffa15cf9260000534211000066696c6531000000f4000000789c2baeacca4eccc9492d2aa61d030085492b1f13010000789c2baeacca4eccc9492d2a1e658c324619a30c1803005565c4a20041010000789cd32fc92dd02faeacd2cdcc4d4c4f4d4fcd3330373235b330b434d54fcbcc4935809000fab10c590000005a010000789c2baeacca4eccc9492d2a0600181e045500008301000093010000789cedc1010d000000c2a0f74f6d0e37a00000000000000080770320000001789c63601805a360141002000328000100"/416, 0x1a0}], 0x0, &(0x7f0000010200)) 09:55:03 executing program 0: pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x803, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32, @ANYBLOB="ff03000000000000240012800b000100627269646765000014000280080001000004800008000500000001"], 0x44}}, 0x0) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x8001, 0x0) 09:55:03 executing program 1 (fault-call:0 fault-nth:16): syz_mount_image$cramfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="453dcd28002000000300000000000000436f6d7072657373656420524f4d46537d359c1c000000000600000008000000436f6d70726573736564000000000000c0415cf968000053c0040000ed815cf964000053c30d000066696c652e636f6c64000000ed415cf928000053420b000066696c6530000000ed815cf90a0000534214000066696c6531000000ed815cf928230053c215000066696c6532000000ed815cf928230053c215000066696c6533000000ed815cf91a040053420f000066696c6530000000ffa15cf9260000534211000066696c6531000000f4000000789c2baeacca4eccc9492d2aa61d030085492b1f13010000789c2baeacca4eccc9492d2a1e658c324619a30c1803005565c4a20041010000789cd32fc92dd02faeacd2cdcc4d4c4f4d4fcd3330373235b330b434d54fcbcc4935809000fab10c590000005a010000789c2baeacca4eccc9492d2a0600181e045500008301000093010000789cedc1010d000000c2a0f74f6d0e37a00000000000000080770320000001789c63601805a360141002000328000100"/416, 0x1a0}], 0x0, &(0x7f0000010200)) [ 865.141026][T31971] loop2: detected capacity change from 0 to 272 [ 865.148494][T31970] FAULT_INJECTION: forcing a failure. [ 865.148494][T31970] name failslab, interval 1, probability 0, space 0, times 0 [ 865.148546][T31970] CPU: 0 PID: 31970 Comm: syz-executor.1 Not tainted 5.14.0-rc2-syzkaller #0 [ 865.148578][T31970] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 09:55:03 executing program 2: pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x803, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32, @ANYBLOB="ff03000000000000240012800b000100627269646765000014000280080001000004800008000500000001"], 0x44}}, 0x0) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x8001, 0x0) [ 865.148595][T31970] Call Trace: [ 865.148605][T31970] dump_stack_lvl+0xcd/0x134 [ 865.148647][T31970] should_fail.cold+0x5/0xa [ 865.148681][T31970] should_failslab+0x5/0x10 [ 865.148744][T31970] kmem_cache_alloc+0x58/0x540 [ 865.148796][T31970] security_file_alloc+0x34/0x170 [ 865.148828][T31970] __alloc_file+0xd8/0x280 [ 865.148859][T31970] alloc_empty_file+0x6d/0x170 [ 865.148906][T31970] path_openat+0xde/0x27f0 [ 865.149108][T31970] ? __lock_acquire+0x162f/0x54a0 [ 865.149136][T31970] ? path_lookupat+0x860/0x860 [ 865.149167][T31970] ? mark_lock+0xef/0x17b0 [ 865.149186][T31970] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 865.149219][T31970] do_filp_open+0x1aa/0x400 [ 865.149281][T31970] ? may_open_dev+0xf0/0xf0 [ 865.149307][T31970] ? alloc_fd+0x2f0/0x670 [ 865.149342][T31970] ? lock_downgrade+0x6e0/0x6e0 [ 865.149368][T31970] ? rwlock_bug.part.0+0x90/0x90 [ 865.149394][T31970] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 865.149422][T31970] ? _find_next_bit+0x1e3/0x260 [ 865.149450][T31970] ? _raw_spin_unlock+0x24/0x40 [ 865.149475][T31970] ? alloc_fd+0x2f0/0x670 [ 865.149505][T31970] do_sys_openat2+0x16d/0x420 [ 865.149529][T31970] ? build_open_flags+0x6f0/0x6f0 [ 865.149557][T31970] ? __context_tracking_exit+0xb8/0xe0 [ 865.149582][T31970] ? lock_downgrade+0x6e0/0x6e0 [ 865.149606][T31970] __x64_sys_openat+0x13f/0x1f0 [ 865.149631][T31970] ? __ia32_sys_open+0x1c0/0x1c0 [ 865.149653][T31970] ? syscall_enter_from_user_mode+0x21/0x70 [ 865.149683][T31970] do_syscall_64+0x35/0xb0 [ 865.149797][T31970] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 865.149829][T31970] RIP: 0033:0x4196d4 [ 865.149850][T31970] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 865.149879][T31970] RSP: 002b:00007f275d915ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 865.149908][T31970] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 00000000004196d4 [ 865.149926][T31970] RDX: 0000000000000002 RSI: 00007f275d916000 RDI: 00000000ffffff9c [ 865.149942][T31970] RBP: 00007f275d916000 R08: 0000000000000000 R09: ffffffffffffffff [ 865.149961][T31970] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 865.149978][T31970] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 865.252944][T31977] FAULT_INJECTION: forcing a failure. [ 865.252944][T31977] name failslab, interval 1, probability 0, space 0, times 0 [ 865.759278][T31977] CPU: 2 PID: 31977 Comm: syz-executor.1 Not tainted 5.14.0-rc2-syzkaller #0 [ 865.778592][T31977] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 [ 865.778614][T31977] Call Trace: [ 865.778631][T31977] dump_stack_lvl+0xcd/0x134 [ 865.778676][T31977] should_fail.cold+0x5/0xa [ 865.778723][T31977] ? tomoyo_encode2.part.0+0xe9/0x3a0 [ 865.778761][T31977] should_failslab+0x5/0x10 [ 865.778801][T31977] __kmalloc+0x7e/0x4d0 [ 865.778830][T31977] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 865.778864][T31977] ? d_absolute_path+0x10f/0x170 [ 865.778943][T31977] tomoyo_encode2.part.0+0xe9/0x3a0 [ 865.778979][T31977] tomoyo_encode+0x28/0x50 [ 865.779015][T31977] tomoyo_realpath_from_path+0x186/0x620 [ 865.779051][T31977] tomoyo_check_open_permission+0x272/0x380 [ 865.930621][T31977] ? tomoyo_path_number_perm+0x590/0x590 [ 865.930696][T31977] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 865.930742][T31977] ? path_get+0x5d/0x80 [ 865.930787][T31977] ? lock_downgrade+0x6e0/0x6e0 [ 865.930824][T31977] ? do_raw_spin_lock+0x120/0x2b0 09:55:04 executing program 1 (fault-call:0 fault-nth:17): syz_mount_image$cramfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="453dcd28002000000300000000000000436f6d7072657373656420524f4d46537d359c1c000000000600000008000000436f6d70726573736564000000000000c0415cf968000053c0040000ed815cf964000053c30d000066696c652e636f6c64000000ed415cf928000053420b000066696c6530000000ed815cf90a0000534214000066696c6531000000ed815cf928230053c215000066696c6532000000ed815cf928230053c215000066696c6533000000ed815cf91a040053420f000066696c6530000000ffa15cf9260000534211000066696c6531000000f4000000789c2baeacca4eccc9492d2aa61d030085492b1f13010000789c2baeacca4eccc9492d2a1e658c324619a30c1803005565c4a20041010000789cd32fc92dd02faeacd2cdcc4d4c4f4d4fcd3330373235b330b434d54fcbcc4935809000fab10c590000005a010000789c2baeacca4eccc9492d2a0600181e045500008301000093010000789cedc1010d000000c2a0f74f6d0e37a00000000000000080770320000001789c63601805a360141002000328000100"/416, 0x1a0}], 0x0, &(0x7f0000010200)) [ 865.930861][T31977] tomoyo_file_open+0xa3/0xd0 [ 865.930900][T31977] security_file_open+0x52/0x4f0 [ 865.930943][T31977] do_dentry_open+0x353/0x11d0 [ 865.930971][T31977] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 865.931020][T31977] ? may_open+0x1f6/0x420 09:55:04 executing program 0: pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x803, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32, @ANYBLOB="ff03000000000000240012800b000100627269646765000014000280080001000004800008000500000001"], 0x44}}, 0x0) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x8001, 0x0) [ 865.931053][T31977] path_openat+0x1c23/0x27f0 [ 865.931091][T31977] ? path_lookupat+0x860/0x860 [ 865.931123][T31977] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 865.931166][T31977] do_filp_open+0x1aa/0x400 [ 865.931189][T31977] ? may_open_dev+0xf0/0xf0 [ 865.931553][T31977] ? rwlock_bug.part.0+0x90/0x90 [ 865.931598][T31977] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 865.931630][T31977] ? _find_next_bit+0x1e3/0x260 [ 865.931680][T31977] ? _raw_spin_unlock+0x24/0x40 [ 865.931723][T31977] ? alloc_fd+0x2f0/0x670 [ 865.931766][T31977] do_sys_openat2+0x16d/0x420 [ 865.931808][T31977] ? build_open_flags+0x6f0/0x6f0 [ 865.931850][T31977] ? __context_tracking_exit+0xb8/0xe0 [ 865.931883][T31977] ? lock_downgrade+0x6e0/0x6e0 [ 865.931916][T31977] __x64_sys_openat+0x13f/0x1f0 [ 865.931950][T31977] ? __ia32_sys_open+0x1c0/0x1c0 [ 865.931991][T31977] ? syscall_enter_from_user_mode+0x21/0x70 [ 865.932045][T31977] do_syscall_64+0x35/0xb0 [ 865.932088][T31977] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 865.932135][T31977] RIP: 0033:0x4196d4 [ 865.932160][T31977] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 865.932248][T31977] RSP: 002b:00007f275d915ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 865.932285][T31977] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 00000000004196d4 [ 865.932314][T31977] RDX: 0000000000000002 RSI: 00007f275d916000 RDI: 00000000ffffff9c [ 865.932341][T31977] RBP: 00007f275d916000 R08: 0000000000000000 R09: ffffffffffffffff [ 865.932363][T31977] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 865.932394][T31977] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 865.936353][T31977] ERROR: Out of memory at tomoyo_realpath_from_path. [ 865.937633][T31977] loop1: detected capacity change from 0 to 16 [ 865.941754][T31977] MTD: Attempt to mount non-MTD device "/dev/loop1" [ 866.142257][T31985] device bridge1 entered promiscuous mode [ 866.142285][T31990] FAULT_INJECTION: forcing a failure. [ 866.142285][T31990] name failslab, interval 1, probability 0, space 0, times 0 [ 866.142322][T31990] CPU: 2 PID: 31990 Comm: syz-executor.1 Not tainted 5.14.0-rc2-syzkaller #0 [ 866.142352][T31990] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 [ 866.142364][T31990] Call Trace: [ 866.142370][T31990] dump_stack_lvl+0xcd/0x134 [ 866.142405][T31990] should_fail.cold+0x5/0xa [ 866.142555][T31990] ? tomoyo_realpath_from_path+0xc3/0x620 [ 866.142585][T31990] should_failslab+0x5/0x10 [ 866.142611][T31990] __kmalloc+0x7e/0x4d0 [ 866.142632][T31990] tomoyo_realpath_from_path+0xc3/0x620 [ 866.142658][T31990] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 866.142681][T31990] tomoyo_check_open_permission+0x272/0x380 [ 866.142703][T31990] ? tomoyo_path_number_perm+0x590/0x590 [ 866.142730][T31990] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 866.142754][T31990] ? path_get+0x5d/0x80 [ 866.142773][T31990] ? lock_downgrade+0x6e0/0x6e0 [ 866.142789][T31990] ? do_raw_spin_lock+0x120/0x2b0 [ 866.142819][T31990] tomoyo_file_open+0xa3/0xd0 [ 866.142841][T31990] security_file_open+0x52/0x4f0 [ 866.142871][T31990] do_dentry_open+0x353/0x11d0 [ 866.142894][T31990] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 866.142917][T31990] ? may_open+0x1f6/0x420 [ 866.142941][T31990] path_openat+0x1c23/0x27f0 [ 866.142966][T31990] ? path_lookupat+0x860/0x860 [ 866.143002][T31990] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 866.143027][T31990] do_filp_open+0x1aa/0x400 [ 866.143049][T31990] ? may_open_dev+0xf0/0xf0 [ 866.143070][T31990] ? rwlock_bug.part.0+0x90/0x90 [ 866.143092][T31990] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 866.143116][T31990] ? _find_next_bit+0x1e3/0x260 [ 866.143140][T31990] ? _raw_spin_unlock+0x24/0x40 [ 866.143166][T31990] ? alloc_fd+0x2f0/0x670 [ 866.143184][T31990] do_sys_openat2+0x16d/0x420 [ 866.143202][T31990] ? build_open_flags+0x6f0/0x6f0 [ 866.143219][T31990] ? __context_tracking_exit+0xb8/0xe0 [ 866.143246][T31990] ? lock_downgrade+0x6e0/0x6e0 [ 866.143263][T31990] __x64_sys_openat+0x13f/0x1f0 [ 866.143289][T31990] ? __ia32_sys_open+0x1c0/0x1c0 [ 866.143306][T31990] ? syscall_enter_from_user_mode+0x21/0x70 [ 866.143339][T31990] do_syscall_64+0x35/0xb0 [ 866.143358][T31990] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 866.143377][T31990] RIP: 0033:0x4196d4 [ 866.143390][T31990] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 866.143417][T31990] RSP: 002b:00007f275d915ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 866.143437][T31990] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 00000000004196d4 [ 866.143455][T31990] RDX: 0000000000000002 RSI: 00007f275d916000 RDI: 00000000ffffff9c [ 866.143551][T31990] RBP: 00007f275d916000 R08: 0000000000000000 R09: ffffffffffffffff [ 866.143569][T31990] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 866.143582][T31990] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 866.143602][T31990] ERROR: Out of memory at tomoyo_realpath_from_path. [ 866.144776][T31990] loop1: detected capacity change from 0 to 16 [ 866.149550][T31990] MTD: Attempt to mount non-MTD device "/dev/loop1" 09:55:05 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3000002, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) r2 = dup(r1) write$UHID_INPUT(r2, &(0x7f0000001040)={0x6806, {"a2e3ad21ed6b52f99cfbf4c087f70eb4d04fe7ff7fc6e5539b356e0e8b546a1b373194090890e0878f0e1ac6e7049b71b4959b409a242a5b67f3988f7ef319520100ffe8d178708c523c921b1b5d30070d9b44d336cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63e91c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecd03aded6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca5b6bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27afc953854a642c57519544ae15a7e454dea05918b4124351601611c8f11baa500a3621c56cea8d20ff911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a60560a22f1fca567e65d5e880572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae979babc7041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202fd28f28381aab144a5d429a04a689b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2f05dd3318271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eefc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a7288afe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf02b98a269b891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615f7084a607a7eceb6243378e0610060f02cca4051c2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c4e15a7b6eb65ca8104e1b4da1fbb77ab2fc043aead87c32ab875ee7c2e7b7019c902cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad948741b2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd73643de50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73c497579773767075428067e7f16f4dde374f8211fef42cb468e623daf60b3569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d3414442e863a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae44369ddb4581c55925d0f6f1ba571eba281f259152f85a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e05130935e00785ec27e923911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9ddbfb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee29165895ac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463181f4b87c10772d2b12f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76d57227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f84fad6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21e35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc238a081ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c60edddab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec014508e5247d33ae6c962d35603ff8454c16f8342856935125102bb784ed714887071f3d998efdd9923c954ab6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee658e4cb5e930ed624806c43a006dc9336d07c2b8081c128ad2706f48261f7897084c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da3932ba5c04c24a560ad80a3ce654578376e599aff3565b1d531f30912b99e6619ebe93cc0b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e6491953264d2700c838fa2c7b34252600c9654e502dcea39cb6bc3eb69992e234b4ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ff1aa70826ad01a9b03c37b0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006) 09:55:05 executing program 1 (fault-call:0 fault-nth:18): syz_mount_image$cramfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="453dcd28002000000300000000000000436f6d7072657373656420524f4d46537d359c1c000000000600000008000000436f6d70726573736564000000000000c0415cf968000053c0040000ed815cf964000053c30d000066696c652e636f6c64000000ed415cf928000053420b000066696c6530000000ed815cf90a0000534214000066696c6531000000ed815cf928230053c215000066696c6532000000ed815cf928230053c215000066696c6533000000ed815cf91a040053420f000066696c6530000000ffa15cf9260000534211000066696c6531000000f4000000789c2baeacca4eccc9492d2aa61d030085492b1f13010000789c2baeacca4eccc9492d2a1e658c324619a30c1803005565c4a20041010000789cd32fc92dd02faeacd2cdcc4d4c4f4d4fcd3330373235b330b434d54fcbcc4935809000fab10c590000005a010000789c2baeacca4eccc9492d2a0600181e045500008301000093010000789cedc1010d000000c2a0f74f6d0e37a00000000000000080770320000001789c63601805a360141002000328000100"/416, 0x1a0}], 0x0, &(0x7f0000010200)) 09:55:05 executing program 2: pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x803, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32, @ANYBLOB="ff03000000000000240012800b000100627269646765000014000280080001000004800008000500000001"], 0x44}}, 0x0) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x8001, 0x0) [ 867.040329][T31998] FAULT_INJECTION: forcing a failure. [ 867.040329][T31998] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 867.059197][T31998] CPU: 2 PID: 31998 Comm: syz-executor.1 Not tainted 5.14.0-rc2-syzkaller #0 [ 867.072064][T31998] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 [ 867.084255][T31998] Call Trace: [ 867.089121][T31998] dump_stack_lvl+0xcd/0x134 09:55:05 executing program 0: pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x803, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32, @ANYBLOB="ff03000000000000240012800b000100627269646765000014000280080001000004800008000500000001"], 0x44}}, 0x0) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x8001, 0x0) [ 867.096170][T31998] should_fail.cold+0x5/0xa [ 867.096209][T31998] prepare_alloc_pages+0x17b/0x580 [ 867.096238][T31998] __alloc_pages+0x12f/0x500 [ 867.096259][T31998] ? __alloc_pages_slowpath.constprop.0+0x21b0/0x21b0 [ 867.096282][T31998] ? find_held_lock+0x2d/0x110 [ 867.096307][T31998] cache_grow_begin+0x75/0x460 [ 867.096332][T31998] cache_alloc_refill+0x27f/0x380 [ 867.096346][T31998] ? tomoyo_realpath_from_path+0xc3/0x620 [ 867.096363][T31998] __kmalloc+0x3d5/0x4d0 [ 867.096376][T31998] tomoyo_realpath_from_path+0xc3/0x620 [ 867.096400][T31998] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 867.096416][T31998] tomoyo_check_open_permission+0x272/0x380 [ 867.096432][T31998] ? tomoyo_path_number_perm+0x590/0x590 [ 867.096448][T31998] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 867.096471][T31998] ? path_get+0x5d/0x80 [ 867.096487][T31998] ? lock_downgrade+0x6e0/0x6e0 [ 867.096499][T31998] ? do_raw_spin_lock+0x120/0x2b0 [ 867.096513][T31998] tomoyo_file_open+0xa3/0xd0 [ 867.096528][T31998] security_file_open+0x52/0x4f0 [ 867.096552][T31998] do_dentry_open+0x353/0x11d0 [ 867.096566][T31998] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 867.096581][T31998] ? may_open+0x1f6/0x420 [ 867.096600][T31998] path_openat+0x1c23/0x27f0 [ 867.096621][T31998] ? path_lookupat+0x860/0x860 [ 867.096645][T31998] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 867.096660][T31998] do_filp_open+0x1aa/0x400 [ 867.096673][T31998] ? may_open_dev+0xf0/0xf0 [ 867.096693][T31998] ? rwlock_bug.part.0+0x90/0x90 [ 867.096707][T31998] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 867.096730][T31998] ? _find_next_bit+0x1e3/0x260 [ 867.096754][T31998] ? _raw_spin_unlock+0x24/0x40 [ 867.096769][T31998] ? alloc_fd+0x2f0/0x670 [ 867.096790][T31998] do_sys_openat2+0x16d/0x420 [ 867.096804][T31998] ? build_open_flags+0x6f0/0x6f0 [ 867.096827][T31998] ? __context_tracking_exit+0xb8/0xe0 [ 867.096846][T31998] ? lock_downgrade+0x6e0/0x6e0 [ 867.096863][T31998] __x64_sys_openat+0x13f/0x1f0 [ 867.096877][T31998] ? __ia32_sys_open+0x1c0/0x1c0 [ 867.096899][T31998] ? syscall_enter_from_user_mode+0x21/0x70 [ 867.096917][T31998] do_syscall_64+0x35/0xb0 [ 867.096940][T31998] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 867.096959][T31998] RIP: 0033:0x4196d4 [ 867.096994][T31998] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 867.097015][T31998] RSP: 002b:00007f275d915ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 867.097034][T31998] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 00000000004196d4 [ 867.097054][T31998] RDX: 0000000000000002 RSI: 00007f275d916000 RDI: 00000000ffffff9c [ 867.097067][T31998] RBP: 00007f275d916000 R08: 0000000000000000 R09: ffffffffffffffff [ 867.097077][T31998] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 867.097094][T31998] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 867.180053][T31998] loop1: detected capacity change from 0 to 16 [ 867.589822][T31998] MTD: Attempt to mount non-MTD device "/dev/loop1" 09:55:06 executing program 1 (fault-call:0 fault-nth:19): syz_mount_image$cramfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="453dcd28002000000300000000000000436f6d7072657373656420524f4d46537d359c1c000000000600000008000000436f6d70726573736564000000000000c0415cf968000053c0040000ed815cf964000053c30d000066696c652e636f6c64000000ed415cf928000053420b000066696c6530000000ed815cf90a0000534214000066696c6531000000ed815cf928230053c215000066696c6532000000ed815cf928230053c215000066696c6533000000ed815cf91a040053420f000066696c6530000000ffa15cf9260000534211000066696c6531000000f4000000789c2baeacca4eccc9492d2aa61d030085492b1f13010000789c2baeacca4eccc9492d2a1e658c324619a30c1803005565c4a20041010000789cd32fc92dd02faeacd2cdcc4d4c4f4d4fcd3330373235b330b434d54fcbcc4935809000fab10c590000005a010000789c2baeacca4eccc9492d2a0600181e045500008301000093010000789cedc1010d000000c2a0f74f6d0e37a00000000000000080770320000001789c63601805a360141002000328000100"/416, 0x1a0}], 0x0, &(0x7f0000010200)) 09:55:06 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3000002, 0x12, r0, 0x0) preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) r2 = dup(r1) write$UHID_INPUT(r2, &(0x7f0000001040)={0x6806, {"a2e3ad21ed6b52f99cfbf4c087f70eb4d04fe7ff7fc6e5539b356e0e8b546a1b373194090890e0878f0e1ac6e7049b71b4959b409a242a5b67f3988f7ef319520100ffe8d178708c523c921b1b5d30070d9b44d336cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63e91c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecd03aded6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca5b6bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27afc953854a642c57519544ae15a7e454dea05918b4124351601611c8f11baa500a3621c56cea8d20ff911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a60560a22f1fca567e65d5e880572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae979babc7041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202fd28f28381aab144a5d429a04a689b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2f05dd3318271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eefc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a7288afe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf02b98a269b891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615f7084a607a7eceb6243378e0610060f02cca4051c2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c4e15a7b6eb65ca8104e1b4da1fbb77ab2fc043aead87c32ab875ee7c2e7b7019c902cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad948741b2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd73643de50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73c497579773767075428067e7f16f4dde374f8211fef42cb468e623daf60b3569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d3414442e863a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae44369ddb4581c55925d0f6f1ba571eba281f259152f85a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e05130935e00785ec27e923911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9ddbfb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee29165895ac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463181f4b87c10772d2b12f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76d57227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f84fad6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21e35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc238a081ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c60edddab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec014508e5247d33ae6c962d35603ff8454c16f8342856935125102bb784ed714887071f3d998efdd9923c954ab6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee658e4cb5e930ed624806c43a006dc9336d07c2b8081c128ad2706f48261f7897084c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da3932ba5c04c24a560ad80a3ce654578376e599aff3565b1d531f30912b99e6619ebe93cc0b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e6491953264d2700c838fa2c7b34252600c9654e502dcea39cb6bc3eb69992e234b4ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ff1aa70826ad01a9b03c37b0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006) [ 867.761859][T32012] FAULT_INJECTION: forcing a failure. [ 867.761859][T32012] name failslab, interval 1, probability 0, space 0, times 0 [ 867.784443][T32012] CPU: 1 PID: 32012 Comm: syz-executor.1 Not tainted 5.14.0-rc2-syzkaller #0 [ 867.799742][T32012] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 [ 867.813502][T32012] Call Trace: [ 867.818599][T32012] dump_stack_lvl+0xcd/0x134 [ 867.825893][T32012] should_fail.cold+0x5/0xa [ 867.833053][T32012] ? tomoyo_encode2.part.0+0xe9/0x3a0 [ 867.843626][T32012] should_failslab+0x5/0x10 [ 867.843680][T32012] __kmalloc+0x7e/0x4d0 [ 867.843708][T32012] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 867.843741][T32012] ? d_absolute_path+0x10f/0x170 [ 867.843778][T32012] tomoyo_encode2.part.0+0xe9/0x3a0 [ 867.843817][T32012] tomoyo_encode+0x28/0x50 [ 867.843850][T32012] tomoyo_realpath_from_path+0x186/0x620 [ 867.843886][T32012] tomoyo_check_open_permission+0x272/0x380 [ 867.843918][T32012] ? tomoyo_path_number_perm+0x590/0x590 [ 867.843954][T32012] ? lockdep_hardirqs_on_prepare+0x400/0x400 09:55:06 executing program 1 (fault-call:0 fault-nth:20): syz_mount_image$cramfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="453dcd28002000000300000000000000436f6d7072657373656420524f4d46537d359c1c000000000600000008000000436f6d70726573736564000000000000c0415cf968000053c0040000ed815cf964000053c30d000066696c652e636f6c64000000ed415cf928000053420b000066696c6530000000ed815cf90a0000534214000066696c6531000000ed815cf928230053c215000066696c6532000000ed815cf928230053c215000066696c6533000000ed815cf91a040053420f000066696c6530000000ffa15cf9260000534211000066696c6531000000f4000000789c2baeacca4eccc9492d2aa61d030085492b1f13010000789c2baeacca4eccc9492d2a1e658c324619a30c1803005565c4a20041010000789cd32fc92dd02faeacd2cdcc4d4c4f4d4fcd3330373235b330b434d54fcbcc4935809000fab10c590000005a010000789c2baeacca4eccc9492d2a0600181e045500008301000093010000789cedc1010d000000c2a0f74f6d0e37a00000000000000080770320000001789c63601805a360141002000328000100"/416, 0x1a0}], 0x0, &(0x7f0000010200)) [ 867.843984][T32012] ? path_get+0x5d/0x80 09:55:06 executing program 2: pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket(0x10, 0x803, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32, @ANYBLOB="ff03000000000000240012800b000100627269646765000014000280080001000004800008000500000001"], 0x44}}, 0x0) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x8001, 0x0) [ 867.844010][T32012] ? lock_downgrade+0x6e0/0x6e0 [ 867.844033][T32012] ? do_raw_spin_lock+0x120/0x2b0 [ 867.844057][T32012] tomoyo_file_open+0xa3/0xd0 [ 867.844084][T32012] security_file_open+0x52/0x4f0 [ 867.844110][T32012] do_dentry_open+0x353/0x11d0 [ 867.844132][T32012] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 867.844158][T32012] ? may_open+0x1f6/0x420 [ 867.844186][T32012] path_openat+0x1c23/0x27f0 [ 867.844216][T32012] ? path_lookupat+0x860/0x860 09:55:06 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r2 = openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='.\x00', 0x0, 0x0) mkdirat(r2, &(0x7f0000000080)='./file0\x00', 0x0) ioctl$F2FS_IOC_RELEASE_COMPRESS_BLOCKS(r2, 0x8008f512, &(0x7f00000001c0)) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000240)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_KEY(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)={0x54, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_KEY_IDX={0x5}, @NL80211_ATTR_KEY_CIPHER={0x8, 0x9, 0xfac05}, @NL80211_ATTR_KEY_DATA_WEP104={0x11, 0x7, "d45c92dee64ca5263113cc418a"}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_KEY_TYPE={0x8}]}, 0x54}}, 0x0) r5 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141001) r6 = dup(r5) write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) r7 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000140)={'wlan0\x00'}) [ 867.844243][T32012] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 867.844298][T32012] do_filp_open+0x1aa/0x400 [ 867.844323][T32012] ? may_open_dev+0xf0/0xf0 [ 867.844346][T32012] ? rwlock_bug.part.0+0x90/0x90 [ 867.844371][T32012] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 867.844397][T32012] ? _find_next_bit+0x1e3/0x260 [ 867.844424][T32012] ? _raw_spin_unlock+0x24/0x40 [ 867.844450][T32012] ? alloc_fd+0x2f0/0x670 [ 867.844475][T32012] do_sys_openat2+0x16d/0x420 [ 867.844537][T32012] ? build_open_flags+0x6f0/0x6f0 [ 867.844562][T32012] ? __context_tracking_exit+0xb8/0xe0 [ 867.844624][T32012] ? lock_downgrade+0x6e0/0x6e0 [ 867.844649][T32012] __x64_sys_openat+0x13f/0x1f0 [ 867.844673][T32012] ? __ia32_sys_open+0x1c0/0x1c0 [ 867.844697][T32012] ? syscall_enter_from_user_mode+0x21/0x70 [ 867.844728][T32012] do_syscall_64+0x35/0xb0 [ 867.844753][T32012] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 867.844779][T32012] RIP: 0033:0x4196d4 [ 867.844798][T32012] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 867.844824][T32012] RSP: 002b:00007f275d915ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 867.844851][T32012] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 00000000004196d4 [ 867.844867][T32012] RDX: 0000000000000002 RSI: 00007f275d916000 RDI: 00000000ffffff9c [ 867.844884][T32012] RBP: 00007f275d916000 R08: 0000000000000000 R09: ffffffffffffffff [ 867.844900][T32012] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 867.844917][T32012] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 867.862807][T32012] ERROR: Out of memory at tomoyo_realpath_from_path. [ 867.893447][T32012] loop1: detected capacity change from 0 to 16 [ 867.909314][T32012] MTD: Attempt to mount non-MTD device "/dev/loop1" [ 868.127974][T32022] FAULT_INJECTION: forcing a failure. [ 868.127974][T32022] name failslab, interval 1, probability 0, space 0, times 0 [ 868.423661][T32022] CPU: 2 PID: 32022 Comm: syz-executor.1 Not tainted 5.14.0-rc2-syzkaller #0 [ 868.423742][T32022] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 [ 868.423841][T32022] Call Trace: [ 868.423856][T32022] dump_stack_lvl+0xcd/0x134 [ 868.423903][T32022] should_fail.cold+0x5/0xa [ 868.423955][T32022] ? tomoyo_realpath_from_path+0xc3/0x620 [ 868.423999][T32022] should_failslab+0x5/0x10 [ 868.424030][T32022] __kmalloc+0x7e/0x4d0 [ 868.424077][T32022] tomoyo_realpath_from_path+0xc3/0x620 [ 868.424128][T32022] ? tomoyo_profile+0x42/0x50 09:55:07 executing program 1 (fault-call:0 fault-nth:21): syz_mount_image$cramfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="453dcd28002000000300000000000000436f6d7072657373656420524f4d46537d359c1c000000000600000008000000436f6d70726573736564000000000000c0415cf968000053c0040000ed815cf964000053c30d000066696c652e636f6c64000000ed415cf928000053420b000066696c6530000000ed815cf90a0000534214000066696c6531000000ed815cf928230053c215000066696c6532000000ed815cf928230053c215000066696c6533000000ed815cf91a040053420f000066696c6530000000ffa15cf9260000534211000066696c6531000000f4000000789c2baeacca4eccc9492d2aa61d030085492b1f13010000789c2baeacca4eccc9492d2a1e658c324619a30c1803005565c4a20041010000789cd32fc92dd02faeacd2cdcc4d4c4f4d4fcd3330373235b330b434d54fcbcc4935809000fab10c590000005a010000789c2baeacca4eccc9492d2a0600181e045500008301000093010000789cedc1010d000000c2a0f74f6d0e37a00000000000000080770320000001789c63601805a360141002000328000100"/416, 0x1a0}], 0x0, &(0x7f0000010200)) [ 868.424197][T32022] tomoyo_path_number_perm+0x1d5/0x590 [ 868.424250][T32022] ? tomoyo_path_number_perm+0x18d/0x590 [ 868.424300][T32022] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 868.424333][T32022] ? lock_downgrade+0x6e0/0x6e0 [ 868.424376][T32022] ? __fget_files+0x23d/0x3e0 [ 868.424425][T32022] security_file_ioctl+0x50/0xb0 [ 868.424523][T32022] __x64_sys_ioctl+0xb3/0x200 [ 868.424578][T32022] do_syscall_64+0x35/0xb0 [ 868.424624][T32022] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 868.424667][T32022] RIP: 0033:0x4663a7 [ 868.424714][T32022] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 868.424761][T32022] RSP: 002b:00007f275d915f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 868.424824][T32022] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 00000000004663a7 [ 868.424862][T32022] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 868.424890][T32022] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 868.424928][T32022] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 868.424956][T32022] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 868.438870][T32022] ERROR: Out of memory at tomoyo_realpath_from_path. [ 868.442208][T32022] loop1: detected capacity change from 0 to 16 [ 868.471955][T32022] MTD: Attempt to mount non-MTD device "/dev/loop1" [ 868.640499][T32033] FAULT_INJECTION: forcing a failure. [ 868.640499][T32033] name failslab, interval 1, probability 0, space 0, times 0 [ 868.830238][T32033] CPU: 1 PID: 32033 Comm: syz-executor.1 Not tainted 5.14.0-rc2-syzkaller #0 [ 868.844625][T32033] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 [ 868.844659][T32033] Call Trace: [ 868.844675][T32033] dump_stack_lvl+0xcd/0x134 [ 868.844718][T32033] should_fail.cold+0x5/0xa [ 868.844757][T32033] ? tomoyo_encode2.part.0+0xe9/0x3a0 [ 868.844798][T32033] should_failslab+0x5/0x10 [ 868.844834][T32033] __kmalloc+0x7e/0x4d0 [ 868.912321][T32033] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 868.912362][T32033] ? d_absolute_path+0x10f/0x170 [ 868.912389][T32033] tomoyo_encode2.part.0+0xe9/0x3a0 09:55:07 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r2 = openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='.\x00', 0x0, 0x0) mkdirat(r2, &(0x7f0000000080)='./file0\x00', 0x0) ioctl$F2FS_IOC_RELEASE_COMPRESS_BLOCKS(r2, 0x8008f512, &(0x7f00000001c0)) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000240)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_KEY(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)={0x54, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_KEY_IDX={0x5}, @NL80211_ATTR_KEY_CIPHER={0x8, 0x9, 0xfac05}, @NL80211_ATTR_KEY_DATA_WEP104={0x11, 0x7, "d45c92dee64ca5263113cc418a"}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_KEY_TYPE={0x8}]}, 0x54}}, 0x0) r5 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141001) r6 = dup(r5) write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) r7 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000140)={'wlan0\x00'}) [ 868.974762][T32033] tomoyo_encode+0x28/0x50 09:55:07 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r2 = openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='.\x00', 0x0, 0x0) mkdirat(r2, &(0x7f0000000080)='./file0\x00', 0x0) ioctl$F2FS_IOC_RELEASE_COMPRESS_BLOCKS(r2, 0x8008f512, &(0x7f00000001c0)) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000240)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_KEY(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)={0x54, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_KEY_IDX={0x5}, @NL80211_ATTR_KEY_CIPHER={0x8, 0x9, 0xfac05}, @NL80211_ATTR_KEY_DATA_WEP104={0x11, 0x7, "d45c92dee64ca5263113cc418a"}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_KEY_TYPE={0x8}]}, 0x54}}, 0x0) r5 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141001) r6 = dup(r5) write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) r7 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000140)={'wlan0\x00'}) [ 868.974807][T32033] tomoyo_realpath_from_path+0x186/0x620 [ 868.974837][T32033] tomoyo_path_number_perm+0x1d5/0x590 [ 868.974872][T32033] ? tomoyo_path_number_perm+0x18d/0x590 [ 868.974897][T32033] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 868.974927][T32033] ? lock_downgrade+0x6e0/0x6e0 [ 868.974958][T32033] ? __fget_files+0x23d/0x3e0 [ 868.974983][T32033] security_file_ioctl+0x50/0xb0 [ 868.975019][T32033] __x64_sys_ioctl+0xb3/0x200 [ 868.975048][T32033] do_syscall_64+0x35/0xb0 [ 868.975078][T32033] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 868.975104][T32033] RIP: 0033:0x4663a7 [ 868.975123][T32033] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 868.975155][T32033] RSP: 002b:00007f275d915f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 868.975188][T32033] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 00000000004663a7 [ 868.975205][T32033] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 868.975287][T32033] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 868.975305][T32033] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 868.975317][T32033] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 868.984830][T32033] ERROR: Out of memory at tomoyo_realpath_from_path. 09:55:07 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r2 = openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='.\x00', 0x0, 0x0) mkdirat(r2, &(0x7f0000000080)='./file0\x00', 0x0) ioctl$F2FS_IOC_RELEASE_COMPRESS_BLOCKS(r2, 0x8008f512, &(0x7f00000001c0)) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000240)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_KEY(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)={0x54, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_KEY_IDX={0x5}, @NL80211_ATTR_KEY_CIPHER={0x8, 0x9, 0xfac05}, @NL80211_ATTR_KEY_DATA_WEP104={0x11, 0x7, "d45c92dee64ca5263113cc418a"}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_KEY_TYPE={0x8}]}, 0x54}}, 0x0) r5 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141001) r6 = dup(r5) write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) r7 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000140)={'wlan0\x00'}) 09:55:07 executing program 1 (fault-call:0 fault-nth:22): syz_mount_image$cramfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="453dcd28002000000300000000000000436f6d7072657373656420524f4d46537d359c1c000000000600000008000000436f6d70726573736564000000000000c0415cf968000053c0040000ed815cf964000053c30d000066696c652e636f6c64000000ed415cf928000053420b000066696c6530000000ed815cf90a0000534214000066696c6531000000ed815cf928230053c215000066696c6532000000ed815cf928230053c215000066696c6533000000ed815cf91a040053420f000066696c6530000000ffa15cf9260000534211000066696c6531000000f4000000789c2baeacca4eccc9492d2aa61d030085492b1f13010000789c2baeacca4eccc9492d2a1e658c324619a30c1803005565c4a20041010000789cd32fc92dd02faeacd2cdcc4d4c4f4d4fcd3330373235b330b434d54fcbcc4935809000fab10c590000005a010000789c2baeacca4eccc9492d2a0600181e045500008301000093010000789cedc1010d000000c2a0f74f6d0e37a00000000000000080770320000001789c63601805a360141002000328000100"/416, 0x1a0}], 0x0, &(0x7f0000010200)) [ 869.457938][T32044] FAULT_INJECTION: forcing a failure. [ 869.457938][T32044] name failslab, interval 1, probability 0, space 0, times 0 [ 869.485254][T32044] CPU: 0 PID: 32044 Comm: syz-executor.1 Not tainted 5.14.0-rc2-syzkaller #0 [ 869.497889][T32044] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 [ 869.512161][T32044] Call Trace: [ 869.517517][T32044] dump_stack_lvl+0xcd/0x134 [ 869.524496][T32044] should_fail.cold+0x5/0xa [ 869.533106][T32044] ? alloc_workqueue+0x16d/0xef0 [ 869.557689][T32044] should_failslab+0x5/0x10 [ 869.563943][T32044] __kmalloc+0x7e/0x4d0 [ 869.569014][T32044] alloc_workqueue+0x16d/0xef0 [ 869.575432][T32044] ? __mutex_lock+0x5bf/0x10a0 [ 869.582852][T32044] ? _raw_spin_unlock+0x24/0x40 [ 869.591913][T32044] ? loop_configure+0xc2/0x1580 [ 869.602523][T32044] ? loop_set_status_from_info+0xa60/0xa60 [ 869.611290][T32044] ? workqueue_sysfs_register+0x3e0/0x3e0 [ 869.619334][T32044] ? mutex_lock_io_nested+0xf00/0xf00 [ 869.627821][T32044] ? memcpy+0x39/0x60 [ 869.634401][T32044] ? loop_configure+0x416/0x1580 [ 869.641949][T32044] loop_configure+0x4d8/0x1580 [ 869.650702][T32044] lo_ioctl+0x403/0x1600 [ 869.658311][T32044] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 869.667457][T32044] ? loop_set_status_old+0x250/0x250 [ 869.674924][T32044] ? avc_ss_reset+0x170/0x170 [ 869.681704][T32044] ? kfree+0x1cc/0x2c0 [ 869.687744][T32044] ? tomoyo_path_number_perm+0x441/0x590 [ 869.696133][T32044] ? lockdep_hardirqs_on+0x79/0x100 [ 869.703393][T32044] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 869.714170][T32044] ? tomoyo_path_number_perm+0x24e/0x590 [ 869.724265][T32044] ? selinux_file_ioctl+0x10f/0x5d0 [ 869.732984][T32044] ? selinux_inode_getsecctx+0x90/0x90 [ 869.740921][T32044] ? loop_set_status_old+0x250/0x250 [ 869.749001][T32044] blkdev_ioctl+0x2a1/0x6d0 [ 869.755400][T32044] ? blkdev_common_ioctl+0x1830/0x1830 [ 869.762995][T32044] ? __fget_files+0x23d/0x3e0 [ 869.769758][T32044] block_ioctl+0xf9/0x140 [ 869.775636][T32044] ? bd_unlink_disk_holder+0x430/0x430 [ 869.783599][T32044] __x64_sys_ioctl+0x193/0x200 [ 869.790339][T32044] do_syscall_64+0x35/0xb0 [ 869.796239][T32044] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 869.804677][T32044] RIP: 0033:0x4663a7 [ 869.810548][T32044] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 869.838900][T32044] RSP: 002b:00007f275d915f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 869.853883][T32044] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 00000000004663a7 [ 869.870026][T32044] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 869.882644][T32044] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 869.902767][T32044] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 869.916221][T32044] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 09:55:08 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r2 = openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='.\x00', 0x0, 0x0) mkdirat(r2, &(0x7f0000000080)='./file0\x00', 0x0) ioctl$F2FS_IOC_RELEASE_COMPRESS_BLOCKS(r2, 0x8008f512, &(0x7f00000001c0)) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000240)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_KEY(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)={0x54, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_KEY_IDX={0x5}, @NL80211_ATTR_KEY_CIPHER={0x8, 0x9, 0xfac05}, @NL80211_ATTR_KEY_DATA_WEP104={0x11, 0x7, "d45c92dee64ca5263113cc418a"}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_KEY_TYPE={0x8}]}, 0x54}}, 0x0) r5 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141001) r6 = dup(r5) write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) r7 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000140)={'wlan0\x00'}) 09:55:08 executing program 1 (fault-call:0 fault-nth:23): syz_mount_image$cramfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="453dcd28002000000300000000000000436f6d7072657373656420524f4d46537d359c1c000000000600000008000000436f6d70726573736564000000000000c0415cf968000053c0040000ed815cf964000053c30d000066696c652e636f6c64000000ed415cf928000053420b000066696c6530000000ed815cf90a0000534214000066696c6531000000ed815cf928230053c215000066696c6532000000ed815cf928230053c215000066696c6533000000ed815cf91a040053420f000066696c6530000000ffa15cf9260000534211000066696c6531000000f4000000789c2baeacca4eccc9492d2aa61d030085492b1f13010000789c2baeacca4eccc9492d2a1e658c324619a30c1803005565c4a20041010000789cd32fc92dd02faeacd2cdcc4d4c4f4d4fcd3330373235b330b434d54fcbcc4935809000fab10c590000005a010000789c2baeacca4eccc9492d2a0600181e045500008301000093010000789cedc1010d000000c2a0f74f6d0e37a00000000000000080770320000001789c63601805a360141002000328000100"/416, 0x1a0}], 0x0, &(0x7f0000010200)) [ 870.078848][T32052] FAULT_INJECTION: forcing a failure. [ 870.078848][T32052] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 870.103771][T32052] CPU: 3 PID: 32052 Comm: syz-executor.1 Not tainted 5.14.0-rc2-syzkaller #0 [ 870.121595][T32052] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 [ 870.154837][T32052] Call Trace: 09:55:08 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r2 = openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='.\x00', 0x0, 0x0) mkdirat(r2, &(0x7f0000000080)='./file0\x00', 0x0) ioctl$F2FS_IOC_RELEASE_COMPRESS_BLOCKS(r2, 0x8008f512, &(0x7f00000001c0)) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000240)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_KEY(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)={0x54, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_KEY_IDX={0x5}, @NL80211_ATTR_KEY_CIPHER={0x8, 0x9, 0xfac05}, @NL80211_ATTR_KEY_DATA_WEP104={0x11, 0x7, "d45c92dee64ca5263113cc418a"}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_KEY_TYPE={0x8}]}, 0x54}}, 0x0) r5 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141001) r6 = dup(r5) write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) r7 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000140)={'wlan0\x00'}) [ 870.159766][T32052] dump_stack_lvl+0xcd/0x134 [ 870.181099][T32052] should_fail.cold+0x5/0xa [ 870.188408][T32052] prepare_alloc_pages+0x17b/0x580 [ 870.220054][T32052] __alloc_pages+0x12f/0x500 [ 870.229876][T32052] ? __alloc_pages_slowpath.constprop.0+0x21b0/0x21b0 [ 870.243861][T32052] ? find_held_lock+0x2d/0x110 [ 870.250387][T32052] ? lock_downgrade+0x6e0/0x6e0 [ 870.258032][T32052] ? do_raw_spin_lock+0x120/0x2b0 [ 870.264553][T32052] cache_grow_begin+0x75/0x460 [ 870.272630][T32052] ____cache_alloc_node+0x171/0x1d0 [ 870.281673][T32052] ? tomoyo_realpath_from_path+0xc3/0x620 [ 870.290321][T32052] __kmalloc+0x367/0x4d0 [ 870.296642][T32052] tomoyo_realpath_from_path+0xc3/0x620 [ 870.304593][T32052] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 870.313811][T32052] tomoyo_check_open_permission+0x272/0x380 [ 870.324398][T32052] ? tomoyo_path_number_perm+0x590/0x590 [ 870.336839][T32052] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 870.345860][T32052] ? path_get+0x5d/0x80 [ 870.353886][T32052] ? lock_downgrade+0x6e0/0x6e0 [ 870.361994][T32052] ? do_raw_spin_lock+0x120/0x2b0 [ 870.369506][T32052] tomoyo_file_open+0xa3/0xd0 [ 870.375470][T32052] security_file_open+0x52/0x4f0 [ 870.384564][T32052] do_dentry_open+0x353/0x11d0 [ 870.392831][T32052] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 870.402911][T32052] ? may_open+0x1f6/0x420 [ 870.410839][T32052] path_openat+0x1c23/0x27f0 [ 870.419150][T32052] ? path_lookupat+0x860/0x860 [ 870.427226][T32052] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 870.437821][T32052] do_filp_open+0x1aa/0x400 [ 870.445397][T32052] ? may_open_dev+0xf0/0xf0 [ 870.452574][T32052] ? rwlock_bug.part.0+0x90/0x90 [ 870.460263][T32052] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 870.469647][T32052] ? _find_next_bit+0x1e3/0x260 [ 870.477496][T32052] ? _raw_spin_unlock+0x24/0x40 [ 870.485959][T32052] ? alloc_fd+0x2f0/0x670 [ 870.492974][T32052] do_sys_openat2+0x16d/0x420 [ 870.500366][T32052] ? build_open_flags+0x6f0/0x6f0 [ 870.508187][T32052] ? __context_tracking_exit+0xb8/0xe0 [ 870.516272][T32052] ? lock_downgrade+0x6e0/0x6e0 [ 870.525847][T32052] __x64_sys_openat+0x13f/0x1f0 [ 870.533811][T32052] ? __ia32_sys_open+0x1c0/0x1c0 [ 870.541941][T32052] ? syscall_enter_from_user_mode+0x21/0x70 [ 870.550971][T32052] do_syscall_64+0x35/0xb0 [ 870.558004][T32052] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 870.566633][T32052] RIP: 0033:0x4196d4 [ 870.573326][T32052] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 870.606507][T32052] RSP: 002b:00007f275d915ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 870.619428][T32052] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 00000000004196d4 [ 870.628593][T32052] RDX: 0000000000000002 RSI: 00007f275d916000 RDI: 00000000ffffff9c [ 870.639467][T32052] RBP: 00007f275d916000 R08: 0000000000000000 R09: ffffffffffffffff [ 870.651004][T32052] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 870.663230][T32052] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 09:55:09 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r2 = openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='.\x00', 0x0, 0x0) mkdirat(r2, &(0x7f0000000080)='./file0\x00', 0x0) ioctl$F2FS_IOC_RELEASE_COMPRESS_BLOCKS(r2, 0x8008f512, &(0x7f00000001c0)) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000240)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_KEY(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)={0x54, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_KEY_IDX={0x5}, @NL80211_ATTR_KEY_CIPHER={0x8, 0x9, 0xfac05}, @NL80211_ATTR_KEY_DATA_WEP104={0x11, 0x7, "d45c92dee64ca5263113cc418a"}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_KEY_TYPE={0x8}]}, 0x54}}, 0x0) r5 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141001) r6 = dup(r5) write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) r7 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000140)={'wlan0\x00'}) [ 870.712445][T32052] loop1: detected capacity change from 0 to 16 [ 870.726798][T32052] MTD: Attempt to mount non-MTD device "/dev/loop1" 09:55:09 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r2 = openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='.\x00', 0x0, 0x0) mkdirat(r2, &(0x7f0000000080)='./file0\x00', 0x0) ioctl$F2FS_IOC_RELEASE_COMPRESS_BLOCKS(r2, 0x8008f512, &(0x7f00000001c0)) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000240)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_KEY(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)={0x54, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_KEY_IDX={0x5}, @NL80211_ATTR_KEY_CIPHER={0x8, 0x9, 0xfac05}, @NL80211_ATTR_KEY_DATA_WEP104={0x11, 0x7, "d45c92dee64ca5263113cc418a"}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_KEY_TYPE={0x8}]}, 0x54}}, 0x0) r5 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141001) r6 = dup(r5) write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) r7 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000140)={'wlan0\x00'}) 09:55:09 executing program 1 (fault-call:0 fault-nth:24): syz_mount_image$cramfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="453dcd28002000000300000000000000436f6d7072657373656420524f4d46537d359c1c000000000600000008000000436f6d70726573736564000000000000c0415cf968000053c0040000ed815cf964000053c30d000066696c652e636f6c64000000ed415cf928000053420b000066696c6530000000ed815cf90a0000534214000066696c6531000000ed815cf928230053c215000066696c6532000000ed815cf928230053c215000066696c6533000000ed815cf91a040053420f000066696c6530000000ffa15cf9260000534211000066696c6531000000f4000000789c2baeacca4eccc9492d2aa61d030085492b1f13010000789c2baeacca4eccc9492d2a1e658c324619a30c1803005565c4a20041010000789cd32fc92dd02faeacd2cdcc4d4c4f4d4fcd3330373235b330b434d54fcbcc4935809000fab10c590000005a010000789c2baeacca4eccc9492d2a0600181e045500008301000093010000789cedc1010d000000c2a0f74f6d0e37a00000000000000080770320000001789c63601805a360141002000328000100"/416, 0x1a0}], 0x0, &(0x7f0000010200)) [ 870.869829][T32067] FAULT_INJECTION: forcing a failure. [ 870.869829][T32067] name failslab, interval 1, probability 0, space 0, times 0 09:55:09 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r2 = openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='.\x00', 0x0, 0x0) mkdirat(r2, &(0x7f0000000080)='./file0\x00', 0x0) ioctl$F2FS_IOC_RELEASE_COMPRESS_BLOCKS(r2, 0x8008f512, &(0x7f00000001c0)) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000240)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_KEY(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)={0x54, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_KEY_IDX={0x5}, @NL80211_ATTR_KEY_CIPHER={0x8, 0x9, 0xfac05}, @NL80211_ATTR_KEY_DATA_WEP104={0x11, 0x7, "d45c92dee64ca5263113cc418a"}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_KEY_TYPE={0x8}]}, 0x54}}, 0x0) r5 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141001) r6 = dup(r5) write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) r7 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000140)={'wlan0\x00'}) [ 870.920934][T32067] CPU: 3 PID: 32067 Comm: syz-executor.1 Not tainted 5.14.0-rc2-syzkaller #0 [ 870.936410][T32067] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 [ 870.950817][T32067] Call Trace: [ 870.956041][T32067] dump_stack_lvl+0xcd/0x134 [ 870.963491][T32067] should_fail.cold+0x5/0xa [ 870.970176][T32067] should_failslab+0x5/0x10 [ 870.977176][T32067] kmem_cache_alloc_trace+0x57/0x480 [ 870.986449][T32067] alloc_workqueue_attrs+0x38/0x80 [ 870.995163][T32067] apply_wqattrs_prepare+0xbc/0x890 [ 871.004164][T32067] apply_workqueue_attrs_locked+0xc1/0x140 [ 871.013572][T32067] alloc_workqueue+0xafb/0xef0 [ 871.020966][T32067] ? _raw_spin_unlock+0x24/0x40 [ 871.027863][T32067] ? workqueue_sysfs_register+0x3e0/0x3e0 [ 871.036636][T32067] ? memcpy+0x39/0x60 [ 871.042449][T32067] ? loop_configure+0x416/0x1580 [ 871.050349][T32067] loop_configure+0x4d8/0x1580 [ 871.057908][T32067] lo_ioctl+0x403/0x1600 [ 871.065266][T32067] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 871.076321][T32067] ? loop_set_status_old+0x250/0x250 [ 871.083309][T32067] ? avc_ss_reset+0x170/0x170 [ 871.089862][T32067] ? kfree+0x1cc/0x2c0 [ 871.096312][T32067] ? tomoyo_path_number_perm+0x441/0x590 [ 871.104118][T32067] ? lockdep_hardirqs_on+0x79/0x100 [ 871.112275][T32067] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 871.121796][T32067] ? tomoyo_path_number_perm+0x24e/0x590 [ 871.130574][T32067] ? selinux_file_ioctl+0x10f/0x5d0 [ 871.138317][T32067] ? selinux_inode_getsecctx+0x90/0x90 [ 871.146669][T32067] ? loop_set_status_old+0x250/0x250 [ 871.154670][T32067] blkdev_ioctl+0x2a1/0x6d0 [ 871.162059][T32067] ? blkdev_common_ioctl+0x1830/0x1830 [ 871.170496][T32067] ? __fget_files+0x23d/0x3e0 [ 871.177106][T32067] block_ioctl+0xf9/0x140 [ 871.183693][T32067] ? bd_unlink_disk_holder+0x430/0x430 [ 871.191764][T32067] __x64_sys_ioctl+0x193/0x200 [ 871.198732][T32067] do_syscall_64+0x35/0xb0 [ 871.205000][T32067] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 871.213985][T32067] RIP: 0033:0x4663a7 [ 871.220333][T32067] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 871.248221][T32067] RSP: 002b:00007f275d915f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 871.260428][T32067] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 00000000004663a7 [ 871.271810][T32067] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 871.283629][T32067] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 871.295282][T32067] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 871.305317][T32067] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 09:55:09 executing program 1 (fault-call:0 fault-nth:25): syz_mount_image$cramfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="453dcd28002000000300000000000000436f6d7072657373656420524f4d46537d359c1c000000000600000008000000436f6d70726573736564000000000000c0415cf968000053c0040000ed815cf964000053c30d000066696c652e636f6c64000000ed415cf928000053420b000066696c6530000000ed815cf90a0000534214000066696c6531000000ed815cf928230053c215000066696c6532000000ed815cf928230053c215000066696c6533000000ed815cf91a040053420f000066696c6530000000ffa15cf9260000534211000066696c6531000000f4000000789c2baeacca4eccc9492d2aa61d030085492b1f13010000789c2baeacca4eccc9492d2a1e658c324619a30c1803005565c4a20041010000789cd32fc92dd02faeacd2cdcc4d4c4f4d4fcd3330373235b330b434d54fcbcc4935809000fab10c590000005a010000789c2baeacca4eccc9492d2a0600181e045500008301000093010000789cedc1010d000000c2a0f74f6d0e37a00000000000000080770320000001789c63601805a360141002000328000100"/416, 0x1a0}], 0x0, &(0x7f0000010200)) 09:55:09 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r2 = openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='.\x00', 0x0, 0x0) mkdirat(r2, &(0x7f0000000080)='./file0\x00', 0x0) ioctl$F2FS_IOC_RELEASE_COMPRESS_BLOCKS(r2, 0x8008f512, &(0x7f00000001c0)) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000240)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_KEY(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)={0x54, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_KEY_IDX={0x5}, @NL80211_ATTR_KEY_CIPHER={0x8, 0x9, 0xfac05}, @NL80211_ATTR_KEY_DATA_WEP104={0x11, 0x7, "d45c92dee64ca5263113cc418a"}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_KEY_TYPE={0x8}]}, 0x54}}, 0x0) r5 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141001) r6 = dup(r5) write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) r7 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000140)={'wlan0\x00'}) 09:55:09 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r2 = openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='.\x00', 0x0, 0x0) mkdirat(r2, &(0x7f0000000080)='./file0\x00', 0x0) ioctl$F2FS_IOC_RELEASE_COMPRESS_BLOCKS(r2, 0x8008f512, &(0x7f00000001c0)) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000240)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_KEY(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)={0x54, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_KEY_IDX={0x5}, @NL80211_ATTR_KEY_CIPHER={0x8, 0x9, 0xfac05}, @NL80211_ATTR_KEY_DATA_WEP104={0x11, 0x7, "d45c92dee64ca5263113cc418a"}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_KEY_TYPE={0x8}]}, 0x54}}, 0x0) r5 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141001) r6 = dup(r5) write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) r7 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000140)={'wlan0\x00'}) [ 871.466272][T32081] FAULT_INJECTION: forcing a failure. [ 871.466272][T32081] name failslab, interval 1, probability 0, space 0, times 0 [ 871.486464][T32081] CPU: 1 PID: 32081 Comm: syz-executor.1 Not tainted 5.14.0-rc2-syzkaller #0 [ 871.497911][T32081] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 [ 871.509572][T32081] Call Trace: [ 871.514261][T32081] dump_stack_lvl+0xcd/0x134 [ 871.520899][T32081] should_fail.cold+0x5/0xa [ 871.538230][T32081] ? tomoyo_encode2.part.0+0xe9/0x3a0 [ 871.544870][T32081] should_failslab+0x5/0x10 [ 871.552146][T32081] __kmalloc+0x7e/0x4d0 [ 871.558239][T32081] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 871.567486][T32081] ? d_absolute_path+0x10f/0x170 [ 871.573926][T32081] tomoyo_encode2.part.0+0xe9/0x3a0 [ 871.580910][T32081] tomoyo_encode+0x28/0x50 [ 871.587151][T32081] tomoyo_realpath_from_path+0x186/0x620 [ 871.596379][T32081] tomoyo_check_open_permission+0x272/0x380 [ 871.605330][T32081] ? tomoyo_path_number_perm+0x590/0x590 [ 871.614203][T32081] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 871.623700][T32081] ? path_get+0x5d/0x80 [ 871.630187][T32081] ? lock_downgrade+0x6e0/0x6e0 [ 871.638898][T32081] ? do_raw_spin_lock+0x120/0x2b0 [ 871.646857][T32081] tomoyo_file_open+0xa3/0xd0 [ 871.667701][T32081] security_file_open+0x52/0x4f0 [ 871.675962][T32081] do_dentry_open+0x353/0x11d0 [ 871.685039][T32081] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 871.694367][T32081] ? may_open+0x1f6/0x420 [ 871.700947][T32081] path_openat+0x1c23/0x27f0 09:55:10 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r2 = openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='.\x00', 0x0, 0x0) mkdirat(r2, &(0x7f0000000080)='./file0\x00', 0x0) ioctl$F2FS_IOC_RELEASE_COMPRESS_BLOCKS(r2, 0x8008f512, &(0x7f00000001c0)) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000240)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_KEY(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)={0x54, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_KEY_IDX={0x5}, @NL80211_ATTR_KEY_CIPHER={0x8, 0x9, 0xfac05}, @NL80211_ATTR_KEY_DATA_WEP104={0x11, 0x7, "d45c92dee64ca5263113cc418a"}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_KEY_TYPE={0x8}]}, 0x54}}, 0x0) r5 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141001) r6 = dup(r5) write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) r7 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000140)={'wlan0\x00'}) [ 871.708517][T32081] ? path_lookupat+0x860/0x860 [ 871.716659][T32081] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 871.727525][T32081] do_filp_open+0x1aa/0x400 [ 871.734280][T32081] ? may_open_dev+0xf0/0xf0 [ 871.740831][T32081] ? rwlock_bug.part.0+0x90/0x90 [ 871.747537][T32081] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 871.758049][T32081] ? _find_next_bit+0x1e3/0x260 [ 871.765099][T32081] ? _raw_spin_unlock+0x24/0x40 [ 871.771834][T32081] ? alloc_fd+0x2f0/0x670 [ 871.778149][T32081] do_sys_openat2+0x16d/0x420 [ 871.785130][T32081] ? build_open_flags+0x6f0/0x6f0 [ 871.792571][T32081] ? __context_tracking_exit+0xb8/0xe0 [ 871.801037][T32081] ? lock_downgrade+0x6e0/0x6e0 [ 871.808800][T32081] __x64_sys_openat+0x13f/0x1f0 [ 871.816015][T32081] ? __ia32_sys_open+0x1c0/0x1c0 [ 871.823114][T32081] ? syscall_enter_from_user_mode+0x21/0x70 [ 871.834500][T32081] do_syscall_64+0x35/0xb0 [ 871.841891][T32081] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 871.851525][T32081] RIP: 0033:0x4196d4 [ 871.871400][T32081] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 871.917470][T32081] RSP: 002b:00007f275d915ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 871.931301][T32081] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 00000000004196d4 [ 871.943012][T32081] RDX: 0000000000000002 RSI: 00007f275d916000 RDI: 00000000ffffff9c [ 871.955468][T32081] RBP: 00007f275d916000 R08: 0000000000000000 R09: ffffffffffffffff [ 871.969117][T32081] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 871.983652][T32081] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 872.186501][T32081] ERROR: Out of memory at tomoyo_realpath_from_path. [ 872.200199][T32081] loop1: detected capacity change from 0 to 16 09:55:10 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r2 = openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='.\x00', 0x0, 0x0) mkdirat(r2, &(0x7f0000000080)='./file0\x00', 0x0) ioctl$F2FS_IOC_RELEASE_COMPRESS_BLOCKS(r2, 0x8008f512, &(0x7f00000001c0)) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000240)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_KEY(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)={0x54, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_KEY_IDX={0x5}, @NL80211_ATTR_KEY_CIPHER={0x8, 0x9, 0xfac05}, @NL80211_ATTR_KEY_DATA_WEP104={0x11, 0x7, "d45c92dee64ca5263113cc418a"}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_KEY_TYPE={0x8}]}, 0x54}}, 0x0) r5 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141001) r6 = dup(r5) write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) r7 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000140)={'wlan0\x00'}) [ 872.248063][T32081] MTD: Attempt to mount non-MTD device "/dev/loop1" 09:55:10 executing program 1 (fault-call:0 fault-nth:26): syz_mount_image$cramfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="453dcd28002000000300000000000000436f6d7072657373656420524f4d46537d359c1c000000000600000008000000436f6d70726573736564000000000000c0415cf968000053c0040000ed815cf964000053c30d000066696c652e636f6c64000000ed415cf928000053420b000066696c6530000000ed815cf90a0000534214000066696c6531000000ed815cf928230053c215000066696c6532000000ed815cf928230053c215000066696c6533000000ed815cf91a040053420f000066696c6530000000ffa15cf9260000534211000066696c6531000000f4000000789c2baeacca4eccc9492d2aa61d030085492b1f13010000789c2baeacca4eccc9492d2a1e658c324619a30c1803005565c4a20041010000789cd32fc92dd02faeacd2cdcc4d4c4f4d4fcd3330373235b330b434d54fcbcc4935809000fab10c590000005a010000789c2baeacca4eccc9492d2a0600181e045500008301000093010000789cedc1010d000000c2a0f74f6d0e37a00000000000000080770320000001789c63601805a360141002000328000100"/416, 0x1a0}], 0x0, &(0x7f0000010200)) 09:55:10 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r2 = openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='.\x00', 0x0, 0x0) mkdirat(r2, &(0x7f0000000080)='./file0\x00', 0x0) ioctl$F2FS_IOC_RELEASE_COMPRESS_BLOCKS(r2, 0x8008f512, &(0x7f00000001c0)) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000240)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_KEY(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)={0x54, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_KEY_IDX={0x5}, @NL80211_ATTR_KEY_CIPHER={0x8, 0x9, 0xfac05}, @NL80211_ATTR_KEY_DATA_WEP104={0x11, 0x7, "d45c92dee64ca5263113cc418a"}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_KEY_TYPE={0x8}]}, 0x54}}, 0x0) r5 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141001) r6 = dup(r5) write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) r7 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000140)={'wlan0\x00'}) [ 872.504701][T32103] FAULT_INJECTION: forcing a failure. [ 872.504701][T32103] name failslab, interval 1, probability 0, space 0, times 0 [ 872.536469][T32103] CPU: 3 PID: 32103 Comm: syz-executor.1 Not tainted 5.14.0-rc2-syzkaller #0 [ 872.552344][T32103] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 [ 872.567266][T32103] Call Trace: [ 872.573212][T32103] dump_stack_lvl+0xcd/0x134 [ 872.580964][T32103] should_fail.cold+0x5/0xa [ 872.588892][T32103] ? apply_wqattrs_prepare+0xac/0x890 [ 872.598762][T32103] should_failslab+0x5/0x10 [ 872.608299][T32103] __kmalloc+0x7e/0x4d0 [ 872.615871][T32103] apply_wqattrs_prepare+0xac/0x890 [ 872.625871][T32103] apply_workqueue_attrs_locked+0xc1/0x140 [ 872.635191][T32103] alloc_workqueue+0xafb/0xef0 [ 872.642557][T32103] ? _raw_spin_unlock+0x24/0x40 [ 872.650379][T32103] ? workqueue_sysfs_register+0x3e0/0x3e0 [ 872.660273][T32103] ? memcpy+0x39/0x60 [ 872.666432][T32103] ? loop_configure+0x416/0x1580 [ 872.674948][T32103] loop_configure+0x4d8/0x1580 [ 872.682771][T32103] lo_ioctl+0x403/0x1600 [ 872.689478][T32103] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 872.700126][T32103] ? loop_set_status_old+0x250/0x250 [ 872.709202][T32103] ? avc_ss_reset+0x170/0x170 [ 872.716912][T32103] ? kfree+0x1cc/0x2c0 [ 872.723645][T32103] ? tomoyo_path_number_perm+0x441/0x590 [ 872.731875][T32103] ? lockdep_hardirqs_on+0x79/0x100 [ 872.741556][T32103] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 872.751984][T32103] ? tomoyo_path_number_perm+0x24e/0x590 [ 872.760536][T32103] ? selinux_file_ioctl+0x10f/0x5d0 [ 872.768774][T32103] ? selinux_inode_getsecctx+0x90/0x90 [ 872.777425][T32103] ? loop_set_status_old+0x250/0x250 [ 872.785957][T32103] blkdev_ioctl+0x2a1/0x6d0 [ 872.792881][T32103] ? blkdev_common_ioctl+0x1830/0x1830 [ 872.803475][T32103] ? __fget_files+0x23d/0x3e0 [ 872.809846][T32103] block_ioctl+0xf9/0x140 [ 872.817342][T32103] ? bd_unlink_disk_holder+0x430/0x430 [ 872.827001][T32103] __x64_sys_ioctl+0x193/0x200 [ 872.834833][T32103] do_syscall_64+0x35/0xb0 [ 872.842045][T32103] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 872.853772][T32103] RIP: 0033:0x4663a7 [ 872.860484][T32103] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 872.893099][T32103] RSP: 002b:00007f275d915f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 872.907364][T32103] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 00000000004663a7 [ 872.922506][T32103] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 872.936233][T32103] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 872.949351][T32103] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 872.962340][T32103] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 09:55:11 executing program 1 (fault-call:0 fault-nth:27): syz_mount_image$cramfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="453dcd28002000000300000000000000436f6d7072657373656420524f4d46537d359c1c000000000600000008000000436f6d70726573736564000000000000c0415cf968000053c0040000ed815cf964000053c30d000066696c652e636f6c64000000ed415cf928000053420b000066696c6530000000ed815cf90a0000534214000066696c6531000000ed815cf928230053c215000066696c6532000000ed815cf928230053c215000066696c6533000000ed815cf91a040053420f000066696c6530000000ffa15cf9260000534211000066696c6531000000f4000000789c2baeacca4eccc9492d2aa61d030085492b1f13010000789c2baeacca4eccc9492d2a1e658c324619a30c1803005565c4a20041010000789cd32fc92dd02faeacd2cdcc4d4c4f4d4fcd3330373235b330b434d54fcbcc4935809000fab10c590000005a010000789c2baeacca4eccc9492d2a0600181e045500008301000093010000789cedc1010d000000c2a0f74f6d0e37a00000000000000080770320000001789c63601805a360141002000328000100"/416, 0x1a0}], 0x0, &(0x7f0000010200)) 09:55:11 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r2 = openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='.\x00', 0x0, 0x0) mkdirat(r2, &(0x7f0000000080)='./file0\x00', 0x0) ioctl$F2FS_IOC_RELEASE_COMPRESS_BLOCKS(r2, 0x8008f512, &(0x7f00000001c0)) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000240)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_KEY(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)={0x54, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_KEY_IDX={0x5}, @NL80211_ATTR_KEY_CIPHER={0x8, 0x9, 0xfac05}, @NL80211_ATTR_KEY_DATA_WEP104={0x11, 0x7, "d45c92dee64ca5263113cc418a"}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_KEY_TYPE={0x8}]}, 0x54}}, 0x0) r5 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141001) r6 = dup(r5) write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) r7 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000140)={'wlan0\x00'}) 09:55:11 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r2 = openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='.\x00', 0x0, 0x0) mkdirat(r2, &(0x7f0000000080)='./file0\x00', 0x0) ioctl$F2FS_IOC_RELEASE_COMPRESS_BLOCKS(r2, 0x8008f512, &(0x7f00000001c0)) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000240)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_KEY(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)={0x54, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_KEY_IDX={0x5}, @NL80211_ATTR_KEY_CIPHER={0x8, 0x9, 0xfac05}, @NL80211_ATTR_KEY_DATA_WEP104={0x11, 0x7, "d45c92dee64ca5263113cc418a"}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_KEY_TYPE={0x8}]}, 0x54}}, 0x0) r5 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141001) r6 = dup(r5) write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) r7 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000140)={'wlan0\x00'}) [ 873.151714][T32113] FAULT_INJECTION: forcing a failure. [ 873.151714][T32113] name failslab, interval 1, probability 0, space 0, times 0 09:55:11 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r2 = openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='.\x00', 0x0, 0x0) mkdirat(r2, &(0x7f0000000080)='./file0\x00', 0x0) ioctl$F2FS_IOC_RELEASE_COMPRESS_BLOCKS(r2, 0x8008f512, &(0x7f00000001c0)) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000240)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_KEY(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)={0x54, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_KEY_IDX={0x5}, @NL80211_ATTR_KEY_CIPHER={0x8, 0x9, 0xfac05}, @NL80211_ATTR_KEY_DATA_WEP104={0x11, 0x7, "d45c92dee64ca5263113cc418a"}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_KEY_TYPE={0x8}]}, 0x54}}, 0x0) r5 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141001) r6 = dup(r5) write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) r7 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000140)={'wlan0\x00'}) [ 873.215978][T32113] CPU: 2 PID: 32113 Comm: syz-executor.1 Not tainted 5.14.0-rc2-syzkaller #0 [ 873.236487][T32113] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 [ 873.250187][T32113] Call Trace: [ 873.255420][T32113] dump_stack_lvl+0xcd/0x134 [ 873.264817][T32113] should_fail.cold+0x5/0xa [ 873.271145][T32113] should_failslab+0x5/0x10 [ 873.279397][T32113] kmem_cache_alloc_trace+0x57/0x480 [ 873.288094][T32113] ? __kmalloc+0x22b/0x4d0 [ 873.294648][T32113] alloc_workqueue_attrs+0x38/0x80 [ 873.302767][T32113] apply_wqattrs_prepare+0xb4/0x890 [ 873.310510][T32113] apply_workqueue_attrs_locked+0xc1/0x140 [ 873.319160][T32113] alloc_workqueue+0xafb/0xef0 [ 873.326622][T32113] ? _raw_spin_unlock+0x24/0x40 [ 873.334075][T32113] ? workqueue_sysfs_register+0x3e0/0x3e0 [ 873.342874][T32113] ? memcpy+0x39/0x60 [ 873.348146][T32113] ? loop_configure+0x416/0x1580 [ 873.355336][T32113] loop_configure+0x4d8/0x1580 [ 873.363971][T32113] lo_ioctl+0x403/0x1600 [ 873.370363][T32113] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 873.378994][T32113] ? loop_set_status_old+0x250/0x250 [ 873.387429][T32113] ? avc_ss_reset+0x170/0x170 [ 873.395152][T32113] ? kfree+0x1cc/0x2c0 [ 873.401642][T32113] ? tomoyo_path_number_perm+0x441/0x590 [ 873.411947][T32113] ? lockdep_hardirqs_on+0x79/0x100 [ 873.423859][T32113] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 873.436376][T32113] ? tomoyo_path_number_perm+0x24e/0x590 [ 873.445404][T32113] ? selinux_file_ioctl+0x10f/0x5d0 [ 873.455392][T32113] ? selinux_inode_getsecctx+0x90/0x90 [ 873.464535][T32113] ? loop_set_status_old+0x250/0x250 [ 873.473966][T32113] blkdev_ioctl+0x2a1/0x6d0 [ 873.482405][T32113] ? blkdev_common_ioctl+0x1830/0x1830 [ 873.493177][T32113] ? __fget_files+0x23d/0x3e0 [ 873.501467][T32113] block_ioctl+0xf9/0x140 [ 873.508612][T32113] ? bd_unlink_disk_holder+0x430/0x430 [ 873.518311][T32113] __x64_sys_ioctl+0x193/0x200 [ 873.524736][T32113] do_syscall_64+0x35/0xb0 [ 873.529646][T32113] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 873.537874][T32113] RIP: 0033:0x4663a7 [ 873.542526][T32113] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 873.574468][T32113] RSP: 002b:00007f275d915f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 873.587639][T32113] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 00000000004663a7 [ 873.601457][T32113] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 873.614604][T32113] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 873.627237][T32113] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 873.640470][T32113] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 09:55:12 executing program 1 (fault-call:0 fault-nth:28): syz_mount_image$cramfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="453dcd28002000000300000000000000436f6d7072657373656420524f4d46537d359c1c000000000600000008000000436f6d70726573736564000000000000c0415cf968000053c0040000ed815cf964000053c30d000066696c652e636f6c64000000ed415cf928000053420b000066696c6530000000ed815cf90a0000534214000066696c6531000000ed815cf928230053c215000066696c6532000000ed815cf928230053c215000066696c6533000000ed815cf91a040053420f000066696c6530000000ffa15cf9260000534211000066696c6531000000f4000000789c2baeacca4eccc9492d2aa61d030085492b1f13010000789c2baeacca4eccc9492d2a1e658c324619a30c1803005565c4a20041010000789cd32fc92dd02faeacd2cdcc4d4c4f4d4fcd3330373235b330b434d54fcbcc4935809000fab10c590000005a010000789c2baeacca4eccc9492d2a0600181e045500008301000093010000789cedc1010d000000c2a0f74f6d0e37a00000000000000080770320000001789c63601805a360141002000328000100"/416, 0x1a0}], 0x0, &(0x7f0000010200)) 09:55:12 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r2 = openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='.\x00', 0x0, 0x0) mkdirat(r2, &(0x7f0000000080)='./file0\x00', 0x0) ioctl$F2FS_IOC_RELEASE_COMPRESS_BLOCKS(r2, 0x8008f512, &(0x7f00000001c0)) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000240)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_KEY(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)={0x54, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_KEY_IDX={0x5}, @NL80211_ATTR_KEY_CIPHER={0x8, 0x9, 0xfac05}, @NL80211_ATTR_KEY_DATA_WEP104={0x11, 0x7, "d45c92dee64ca5263113cc418a"}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_KEY_TYPE={0x8}]}, 0x54}}, 0x0) r5 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141001) r6 = dup(r5) write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) r7 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000140)={'wlan0\x00'}) [ 874.063717][T32126] FAULT_INJECTION: forcing a failure. [ 874.063717][T32126] name failslab, interval 1, probability 0, space 0, times 0 [ 874.085903][T32126] CPU: 2 PID: 32126 Comm: syz-executor.1 Not tainted 5.14.0-rc2-syzkaller #0 [ 874.102930][T32126] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 [ 874.118998][T32126] Call Trace: [ 874.124882][T32126] dump_stack_lvl+0xcd/0x134 [ 874.133262][T32126] should_fail.cold+0x5/0xa [ 874.140148][T32126] should_failslab+0x5/0x10 [ 874.147246][T32126] kmem_cache_alloc+0x58/0x540 [ 874.153976][T32126] __kernfs_new_node+0xd4/0x8b0 [ 874.161773][T32126] ? kernfs_path_from_node+0x60/0x60 [ 874.170046][T32126] ? mark_held_locks+0x9f/0xe0 [ 874.177517][T32126] ? _raw_spin_unlock_irqrestore+0x50/0x70 [ 874.186989][T32126] kernfs_create_dir_ns+0x9c/0x220 [ 874.196001][T32126] internal_create_group+0x798/0xb20 [ 874.205695][T32126] ? debug_object_destroy+0x210/0x210 [ 874.214391][T32126] ? sysfs_remove_group+0x170/0x170 [ 874.222876][T32126] ? __sanitizer_cov_trace_cmp1+0x22/0x80 [ 874.233511][T32126] ? __loop_update_dio+0x2d2/0x690 [ 874.243054][T32126] loop_configure+0xc3b/0x1580 [ 874.251274][T32126] lo_ioctl+0x403/0x1600 [ 874.259341][T32126] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 874.268775][T32126] ? loop_set_status_old+0x250/0x250 [ 874.277339][T32126] ? avc_ss_reset+0x170/0x170 [ 874.284576][T32126] ? kfree+0x1cc/0x2c0 [ 874.290175][T32126] ? tomoyo_path_number_perm+0x441/0x590 [ 874.300230][T32126] ? lockdep_hardirqs_on+0x79/0x100 [ 874.309266][T32126] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 874.326644][T32126] ? tomoyo_path_number_perm+0x24e/0x590 [ 874.336453][T32126] ? selinux_file_ioctl+0x10f/0x5d0 [ 874.345898][T32126] ? selinux_inode_getsecctx+0x90/0x90 [ 874.356734][T32126] ? loop_set_status_old+0x250/0x250 [ 874.365188][T32126] blkdev_ioctl+0x2a1/0x6d0 [ 874.372006][T32126] ? blkdev_common_ioctl+0x1830/0x1830 [ 874.382077][T32126] ? __fget_files+0x23d/0x3e0 [ 874.390266][T32126] block_ioctl+0xf9/0x140 [ 874.397105][T32126] ? bd_unlink_disk_holder+0x430/0x430 [ 874.407981][T32126] __x64_sys_ioctl+0x193/0x200 [ 874.432004][T32126] do_syscall_64+0x35/0xb0 [ 874.438258][T32126] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 874.463475][T32126] RIP: 0033:0x4663a7 [ 874.468298][T32126] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 874.514226][T32126] RSP: 002b:00007f275d915f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 874.542253][T32126] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 00000000004663a7 09:55:13 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r2 = openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='.\x00', 0x0, 0x0) mkdirat(r2, &(0x7f0000000080)='./file0\x00', 0x0) ioctl$F2FS_IOC_RELEASE_COMPRESS_BLOCKS(r2, 0x8008f512, &(0x7f00000001c0)) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000240)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_KEY(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)={0x54, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_KEY_IDX={0x5}, @NL80211_ATTR_KEY_CIPHER={0x8, 0x9, 0xfac05}, @NL80211_ATTR_KEY_DATA_WEP104={0x11, 0x7, "d45c92dee64ca5263113cc418a"}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_KEY_TYPE={0x8}]}, 0x54}}, 0x0) r5 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141001) r6 = dup(r5) write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) r7 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000140)={'wlan0\x00'}) [ 874.570648][T32126] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 874.609330][T32126] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 874.622256][T32126] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 874.647594][T32126] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 874.710604][T32126] loop1: detected capacity change from 0 to 16 [ 874.751430][T32126] MTD: Attempt to mount non-MTD device "/dev/loop1" 09:55:13 executing program 1 (fault-call:0 fault-nth:29): syz_mount_image$cramfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="453dcd28002000000300000000000000436f6d7072657373656420524f4d46537d359c1c000000000600000008000000436f6d70726573736564000000000000c0415cf968000053c0040000ed815cf964000053c30d000066696c652e636f6c64000000ed415cf928000053420b000066696c6530000000ed815cf90a0000534214000066696c6531000000ed815cf928230053c215000066696c6532000000ed815cf928230053c215000066696c6533000000ed815cf91a040053420f000066696c6530000000ffa15cf9260000534211000066696c6531000000f4000000789c2baeacca4eccc9492d2aa61d030085492b1f13010000789c2baeacca4eccc9492d2a1e658c324619a30c1803005565c4a20041010000789cd32fc92dd02faeacd2cdcc4d4c4f4d4fcd3330373235b330b434d54fcbcc4935809000fab10c590000005a010000789c2baeacca4eccc9492d2a0600181e045500008301000093010000789cedc1010d000000c2a0f74f6d0e37a00000000000000080770320000001789c63601805a360141002000328000100"/416, 0x1a0}], 0x0, &(0x7f0000010200)) 09:55:13 executing program 2: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x2200, 0x0) ioctl$RTC_AIE_OFF(r0, 0x7003) ioctl$RTC_AIE_ON(r0, 0x7001) ioctl$RTC_AIE_OFF(r0, 0x7002) 09:55:13 executing program 0: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x83, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 09:55:13 executing program 2: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x2200, 0x0) ioctl$RTC_AIE_OFF(r0, 0x7003) ioctl$RTC_AIE_ON(r0, 0x7001) ioctl$RTC_AIE_OFF(r0, 0x7002) [ 875.074991][T32146] FAULT_INJECTION: forcing a failure. [ 875.074991][T32146] name fail_page_alloc, interval 1, probability 0, space 0, times 0 09:55:13 executing program 0: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x83, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 875.112143][T32146] CPU: 0 PID: 32146 Comm: syz-executor.1 Not tainted 5.14.0-rc2-syzkaller #0 [ 875.130296][T32146] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 [ 875.164552][T32146] Call Trace: [ 875.173450][T32146] dump_stack_lvl+0xcd/0x134 [ 875.187435][T32146] should_fail.cold+0x5/0xa [ 875.206371][T32146] prepare_alloc_pages+0x17b/0x580 [ 875.231844][T32146] __alloc_pages+0x12f/0x500 09:55:13 executing program 2: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x2200, 0x0) ioctl$RTC_AIE_OFF(r0, 0x7003) ioctl$RTC_AIE_ON(r0, 0x7001) ioctl$RTC_AIE_OFF(r0, 0x7002) [ 875.244467][T32146] ? __alloc_pages_slowpath.constprop.0+0x21b0/0x21b0 [ 875.283700][T32146] ? find_held_lock+0x2d/0x110 [ 875.297490][T32146] cache_grow_begin+0x75/0x460 [ 875.307635][T32146] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 875.330523][T32146] fallback_alloc+0x1e4/0x2e0 [ 875.338454][T32146] ? tomoyo_realpath_from_path+0xc3/0x620 [ 875.367773][T32146] __kmalloc+0x367/0x4d0 [ 875.381584][T32146] tomoyo_realpath_from_path+0xc3/0x620 [ 875.393610][T32146] ? tomoyo_profile+0x42/0x50 [ 875.404110][T32146] tomoyo_path_number_perm+0x1d5/0x590 [ 875.415541][T32146] ? tomoyo_path_number_perm+0x18d/0x590 [ 875.423983][T32146] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 875.433171][T32146] ? lock_downgrade+0x6e0/0x6e0 [ 875.442731][T32146] ? __fget_files+0x23d/0x3e0 [ 875.451175][T32146] security_file_ioctl+0x50/0xb0 [ 875.466248][T32146] __x64_sys_ioctl+0xb3/0x200 [ 875.477104][T32146] do_syscall_64+0x35/0xb0 [ 875.486106][T32146] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 875.503284][T32146] RIP: 0033:0x4663a7 [ 875.509759][T32146] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 875.553094][T32146] RSP: 002b:00007f275d915f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 875.567124][T32146] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 00000000004663a7 [ 875.579344][T32146] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 875.591249][T32146] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 875.602850][T32146] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 875.615131][T32146] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 875.652033][T32146] ERROR: Out of memory at tomoyo_realpath_from_path. [ 875.668877][T32146] loop1: detected capacity change from 0 to 16 09:55:14 executing program 2: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x2200, 0x0) ioctl$RTC_AIE_OFF(r0, 0x7003) ioctl$RTC_AIE_ON(r0, 0x7001) ioctl$RTC_AIE_OFF(r0, 0x7002) [ 875.777716][T32146] MTD: Attempt to mount non-MTD device "/dev/loop1" 09:55:14 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x2200, 0x0) ioctl$RTC_AIE_OFF(r0, 0x7003) ioctl$RTC_AIE_ON(r0, 0x7001) ioctl$RTC_AIE_OFF(r0, 0x7002) 09:55:14 executing program 1 (fault-call:0 fault-nth:30): syz_mount_image$cramfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="453dcd28002000000300000000000000436f6d7072657373656420524f4d46537d359c1c000000000600000008000000436f6d70726573736564000000000000c0415cf968000053c0040000ed815cf964000053c30d000066696c652e636f6c64000000ed415cf928000053420b000066696c6530000000ed815cf90a0000534214000066696c6531000000ed815cf928230053c215000066696c6532000000ed815cf928230053c215000066696c6533000000ed815cf91a040053420f000066696c6530000000ffa15cf9260000534211000066696c6531000000f4000000789c2baeacca4eccc9492d2aa61d030085492b1f13010000789c2baeacca4eccc9492d2a1e658c324619a30c1803005565c4a20041010000789cd32fc92dd02faeacd2cdcc4d4c4f4d4fcd3330373235b330b434d54fcbcc4935809000fab10c590000005a010000789c2baeacca4eccc9492d2a0600181e045500008301000093010000789cedc1010d000000c2a0f74f6d0e37a00000000000000080770320000001789c63601805a360141002000328000100"/416, 0x1a0}], 0x0, &(0x7f0000010200)) 09:55:14 executing program 0: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x83, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 09:55:14 executing program 2: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x2200, 0x0) ioctl$RTC_AIE_OFF(r0, 0x7003) ioctl$RTC_AIE_ON(r0, 0x7001) ioctl$RTC_AIE_OFF(r0, 0x7002) 09:55:14 executing program 0: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x83, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 09:55:14 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x2200, 0x0) ioctl$RTC_AIE_OFF(r0, 0x7003) ioctl$RTC_AIE_ON(r0, 0x7001) ioctl$RTC_AIE_OFF(r0, 0x7002) 09:55:14 executing program 2: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x2200, 0x0) ioctl$RTC_AIE_OFF(r0, 0x7003) ioctl$RTC_AIE_ON(r0, 0x7001) ioctl$RTC_AIE_OFF(r0, 0x7002) [ 875.981369][T32173] FAULT_INJECTION: forcing a failure. [ 875.981369][T32173] name failslab, interval 1, probability 0, space 0, times 0 09:55:14 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x2200, 0x0) ioctl$RTC_AIE_OFF(r0, 0x7003) ioctl$RTC_AIE_ON(r0, 0x7001) ioctl$RTC_AIE_OFF(r0, 0x7002) [ 876.020169][T32173] CPU: 1 PID: 32173 Comm: syz-executor.1 Not tainted 5.14.0-rc2-syzkaller #0 [ 876.034526][T32173] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 [ 876.052751][T32173] Call Trace: [ 876.061071][T32173] dump_stack_lvl+0xcd/0x134 [ 876.067778][T32173] should_fail.cold+0x5/0xa [ 876.078457][T32173] should_failslab+0x5/0x10 [ 876.089847][T32173] kmem_cache_alloc+0x58/0x540 [ 876.097133][T32173] __kernfs_new_node+0xd4/0x8b0 [ 876.109891][T32173] ? kernfs_path_from_node+0x60/0x60 [ 876.121861][T32173] ? lock_downgrade+0x6e0/0x6e0 [ 876.132997][T32173] ? kernfs_activate+0x2c/0x1d0 [ 876.140520][T32173] ? mutex_lock_io_nested+0xf00/0xf00 09:55:14 executing program 2: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x2200, 0x0) ioctl$RTC_AIE_OFF(r0, 0x7003) ioctl$RTC_AIE_ON(r0, 0x7001) ioctl$RTC_AIE_OFF(r0, 0x7002) [ 876.161449][T32173] ? __mutex_unlock_slowpath+0xe2/0x610 [ 876.170443][T32173] kernfs_new_node+0x93/0x120 [ 876.178711][T32173] __kernfs_create_file+0x51/0x350 [ 876.186863][T32173] sysfs_add_file_mode_ns+0x226/0x540 [ 876.196073][T32173] internal_create_group+0x328/0xb20 [ 876.207150][T32173] ? sysfs_remove_group+0x170/0x170 [ 876.219076][T32173] ? __sanitizer_cov_trace_cmp1+0x22/0x80 [ 876.251627][T32173] ? __loop_update_dio+0x2d2/0x690 [ 876.259926][T32173] loop_configure+0xc3b/0x1580 [ 876.274672][T32173] lo_ioctl+0x403/0x1600 [ 876.281443][T32173] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 876.290243][T32173] ? loop_set_status_old+0x250/0x250 [ 876.305098][T32173] ? avc_ss_reset+0x170/0x170 [ 876.312730][T32173] ? kfree+0x1cc/0x2c0 [ 876.319922][T32173] ? tomoyo_path_number_perm+0x441/0x590 [ 876.327693][T32173] ? lockdep_hardirqs_on+0x79/0x100 [ 876.344787][T32173] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 876.368445][T32173] ? tomoyo_path_number_perm+0x24e/0x590 [ 876.394799][T32173] ? selinux_file_ioctl+0x10f/0x5d0 [ 876.416883][T32173] ? selinux_inode_getsecctx+0x90/0x90 [ 876.431914][T32173] ? loop_set_status_old+0x250/0x250 [ 876.449082][T32173] blkdev_ioctl+0x2a1/0x6d0 [ 876.463363][T32173] ? blkdev_common_ioctl+0x1830/0x1830 [ 876.475206][T32173] ? __fget_files+0x23d/0x3e0 [ 876.483314][T32173] block_ioctl+0xf9/0x140 [ 876.491236][T32173] ? bd_unlink_disk_holder+0x430/0x430 [ 876.499185][T32173] __x64_sys_ioctl+0x193/0x200 [ 876.507724][T32173] do_syscall_64+0x35/0xb0 [ 876.515322][T32173] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 876.523549][T32173] RIP: 0033:0x4663a7 [ 876.529073][T32173] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 876.561498][T32173] RSP: 002b:00007f275d915f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 876.576341][T32173] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 00000000004663a7 [ 876.597411][T32173] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 876.619325][T32173] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 876.633960][T32173] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 876.655291][T32173] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 876.683621][T32173] loop1: detected capacity change from 0 to 16 [ 876.698416][T32173] MTD: Attempt to mount non-MTD device "/dev/loop1" 09:55:15 executing program 1 (fault-call:0 fault-nth:31): syz_mount_image$cramfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="453dcd28002000000300000000000000436f6d7072657373656420524f4d46537d359c1c000000000600000008000000436f6d70726573736564000000000000c0415cf968000053c0040000ed815cf964000053c30d000066696c652e636f6c64000000ed415cf928000053420b000066696c6530000000ed815cf90a0000534214000066696c6531000000ed815cf928230053c215000066696c6532000000ed815cf928230053c215000066696c6533000000ed815cf91a040053420f000066696c6530000000ffa15cf9260000534211000066696c6531000000f4000000789c2baeacca4eccc9492d2aa61d030085492b1f13010000789c2baeacca4eccc9492d2a1e658c324619a30c1803005565c4a20041010000789cd32fc92dd02faeacd2cdcc4d4c4f4d4fcd3330373235b330b434d54fcbcc4935809000fab10c590000005a010000789c2baeacca4eccc9492d2a0600181e045500008301000093010000789cedc1010d000000c2a0f74f6d0e37a00000000000000080770320000001789c63601805a360141002000328000100"/416, 0x1a0}], 0x0, &(0x7f0000010200)) 09:55:15 executing program 3: r0 = socket$caif_seqpacket(0x25, 0x5, 0x0) recvfrom(r0, 0x0, 0x0, 0x121, 0x0, 0x0) 09:55:15 executing program 2: ioctl$BTRFS_IOC_DEV_REPLACE(0xffffffffffffffff, 0xca289435, &(0x7f00000003c0)={0x1, 0x9, @start={0x0, 0x0, "92b6ab19870fa30ea8c5b5203b76dd8a582355e25b36b82d31ca7f7059dc6a78e7205e9eb28bd0d62515a018f0174263bec0a7fab63ac00cb93344fd9f4260d115f4c3e19aaffe41d598a140105e377e7ced50852695e86945a017b8de3af5824d3742e2b24f137c3e49ce56c02fddc0e590f861b32423eef9391d46a4665ca110100b525b9fed7dc51f107062857e988bba0fa80455f28a0d5cacdadf90d1aec69b1344be181825e8ba5d0b08ba65e03e9e6b8cffb7a7974b996ff778375e4ec157881d3d4f4291601eaf37d3a0a4e119d7528b93b8d6f435316fd698d7f70e6aed254c46f8053af938d0340e13465f801d5164af67de7b3924d95b4798556160d2241919e04eba2f95f7b685fde05dc1a25332a0f25497f30ca9a7b9ac7e101974bdf775eafab4a950c0651b8f78feb40e26851581bff40b118eab891c054e2deb8e3cf44b61d9e7c9e67c4e0510dc2424e064362c1f9a73d5f5477cb2bf2a0cf68c4764e7d23f0f26439673b76f78f3250e7905149ad2559b045d0884d76ae16adde2bfd3e2990b964d19efb8b29c97b13ec8e069fe6c7dd17d11d26e43a95dc11302ad83e78caf06519d00fc44c32056d182f0eade28a5680d94a88219ea7308a18a7761d3fc4f5999165b4fb2466010bcf941181828dd9cefe02fcdbc23605f5d824cbbd398edd89e3207a3b71e28202817d81a9a588aa849f8fcbd2c6f84c4c6e3c45e2bf01b2ff29767f6b5a23cfeea5b64054b68c32dfcb93d05e90f0cfb4fa56a2aac8502adcb7c118dfe15ed6ea3098f8f3fbc794b0848acb679a21541bc16c41164e34d38da8c9a20f93db67f7d9e79214de225640ebaa55403a393cf3d6873da3bc85f29f630be5a3c184d62d8e77e1d1403098e979c72dd30569851c3c104d6ebbfe7f5b3f5744be7962a8965931c7fdf9bcd4f94ed5c4f89c7905b93d877dfabd4051e128d700aedbf96ad47399896ec2c2dc7bf2fd7f57f91fa633883d103661d7173bfcdc38643ff7b6b6a55af9a4fcc366ca03e7db8f0c2566c6217982f95dd47ee0d5165ae6548dd700862d83f46e1f59ab27dc3d9517eba3c65e730f13f8213e8b452b2629e6a0df050c69b6bf576898b266bcfc54577fac51c28aba796ac877364d059e1e602e65f86e25e401fe1b671846454089b680313bbe90195ca39f44a7f165bf216f9bf66a56b7ea38d9d0726932125ef815a0fdb99967fc7dc7d771d1a94b785b1c545e601de5bc8722fd508d0afdd3d6a568c0b594ed179d1be54caf4b22cebdce565bfd6d942c3caf6d176a13c117a991582b8c55adf7d59c664b3cce2f36d2caeeb71c0c90597791eaafb658f3f3034fab523f5ac206ad5fb52705d32e7476e72b709dc3e986bd6bcb876d1c8519bf02569584d292891335b6384868ff62f54887495344381979b13afc400e0c0a857c20a", "e5bfcbf5e84637b37a079c72d58bbe56d10e19e5ea207c5cd5cb4d1173ae7bc7286e6844d023a281ba810ca587b6be5d41c3cf74497653949d1605476244e1d39d31d90db955a48c070b27c4892c2a94039ced55e13e427cd487629abe864a69c9a993a8cdfabefb18db91be58f937fd9bcb2f9faa74d65799a094bec1948b6b08074d74dca085e13ddb5258c52f14e9dd11354b095c12a069a68df12622d59beaa7a6172fac023b5c0bb75094ff573f7b2c607e2a736d7136f710bf7d29d933a44060d848a02c24e97c48825c8e0a74c9356edf8ae90dd010189e07c37bcae114832bbeb26c6b461339321aaecfec69a9072d00abf772e3df80f7e4e3076eac222c6ca131c25271eaae67ed70512a0b4cd1ecf8bda7760fa9fa9997d50e0f8f59382c8b58aaed40e319cac87cdd032a61783a9fb170611f39ab446311eacd578dd7a1176257c8b942025ee2b76ba6ba12e313cea76bd267655889e100ef135a86431e003d9590f5df72f26f8a0e4ce5d5bf201d33f3658ec15e538b837422e2a53277b6130e4430397fa37b1d4876e9ac28e803e56005d9ead944556b8019167fa84a299689736e937f9f4d57cc8e543e7845ae3ec2ce282ade65c62c2d95d60657aad79c450724f7e8bd56a57f0734fc166f35e1184f096154d2d58db6dcdced9af3c2a97e9c3abbecfd03c69a540da4df79fd3453a87dc0ac4eb4d37429cbe702ce92b477da65500c2ee356a3d173449b4b169c975192a11fa81d1066fe4a7621cd3e691ad95e56176d51a0b24ca7fb30f4e5012a723edcd33e3421c9072cbc95d39d233800574f8e34b8f8452e4eee29ea51dc6337886199c469d32a218b79ded9fb15df1e4d6f01ca5e6dbf45e5689f290920baf266c02c83661e06d574543e03f140d574200fce03da4142d263a675a6c12d67a3e1463ec606bfff1c141b8535a2588aed0ce5129dcd8295151cb26cfd2c67d90647f6f51a5dd3a23557fdd22012a8fdbee704bc9cbec0632b31a236f7544b729da0c58ba77fea31eb103c498b4cd566fa8de4b3ac9704a29fbaee22e6fd1fbc1f06e049dd23259c363fb44bf7a8a9378f058877fde2b32ab4a4f84781f80521e8115c60cbac0c2fd775b4a47493b6c8bb3a0eeaa104ac1bdac780e400582877eae976f51f31cd6a93612b27eea7516c7085770feeed040e33b133ea967e95951be0d7467217bf67f2517a5bca1b132ed42237c98735bbfe356d5d65d796a28ceec7480998a06c7d4f9f1d952b82b30efbd57f8bf50044223137ec8eddb562a2f4aecc533115c50f99603a488c0818f520e5e4a5217e7166b92ff82f54dd0e2bf152656ff49ebc95ef9b60d16d3bc1f8cee5b9e965a56c1f880b171ef053050d8b7f4557472032e246d0631aed0a6390a2d6206907c4c7611b9739244d71adda40e566280917181db81e62"}, [0x2623fbd8, 0x7fff, 0xfe00000000000000, 0x4, 0x7, 0x800, 0x9, 0x5, 0x2, 0x3, 0xfffffffffffffff9, 0x8, 0x5, 0x3e00000000000000, 0xf432, 0x1, 0x20, 0x6, 0x400, 0x7, 0x1, 0x5, 0x8, 0x7, 0xfff, 0x400, 0x8086, 0x0, 0x6, 0x3, 0x7, 0x4, 0xf9, 0x8000, 0x100, 0xff, 0xfffffffffffffff7, 0x1f, 0x7, 0xab9, 0xfffffffffffffffa, 0xffff, 0x7176, 0x79, 0x5, 0x7, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x6308]}) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nbd(&(0x7f0000000380), r0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) r4 = dup(r3) ioctl$VIDIOC_REQBUFS(r4, 0xc0145608, &(0x7f0000000180)={0x2, 0x3, 0x3}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) sendmsg$NBD_CMD_CONNECT(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)={0x90, r2, 0x1, 0x0, 0x0, {}, [@NBD_ATTR_SERVER_FLAGS={0xc}, @NBD_ATTR_SIZE_BYTES={0xc}, @NBD_ATTR_SOCKETS={0x4}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SOCKETS={0x44, 0x7, 0x0, 0x1, [{0x8}, {0x38, 0x1, r5}, {0x8}, {0x8}, {0x8}, {0x8}, {0x8}, {0x8}]}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}]}, 0x90}}, 0x0) [ 876.847745][T32187] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. 09:55:15 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', 0x0}) r2 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=@bridge_setlink={0x2c, 0x11, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r1}, [@IFLA_AF_SPEC={0xc, 0x1a, 0x0, 0x1, [@AF_INET={0x8, 0x5, 0x0, 0x1, {0x4, 0x5}}]}]}, 0x2c}}, 0x0) [ 876.992276][T32195] FAULT_INJECTION: forcing a failure. 09:55:15 executing program 3: r0 = socket$caif_seqpacket(0x25, 0x5, 0x0) recvfrom(r0, 0x0, 0x0, 0x121, 0x0, 0x0) [ 876.992276][T32195] name failslab, interval 1, probability 0, space 0, times 0 09:55:15 executing program 2: ioctl$BTRFS_IOC_DEV_REPLACE(0xffffffffffffffff, 0xca289435, &(0x7f00000003c0)={0x1, 0x9, @start={0x0, 0x0, "92b6ab19870fa30ea8c5b5203b76dd8a582355e25b36b82d31ca7f7059dc6a78e7205e9eb28bd0d62515a018f0174263bec0a7fab63ac00cb93344fd9f4260d115f4c3e19aaffe41d598a140105e377e7ced50852695e86945a017b8de3af5824d3742e2b24f137c3e49ce56c02fddc0e590f861b32423eef9391d46a4665ca110100b525b9fed7dc51f107062857e988bba0fa80455f28a0d5cacdadf90d1aec69b1344be181825e8ba5d0b08ba65e03e9e6b8cffb7a7974b996ff778375e4ec157881d3d4f4291601eaf37d3a0a4e119d7528b93b8d6f435316fd698d7f70e6aed254c46f8053af938d0340e13465f801d5164af67de7b3924d95b4798556160d2241919e04eba2f95f7b685fde05dc1a25332a0f25497f30ca9a7b9ac7e101974bdf775eafab4a950c0651b8f78feb40e26851581bff40b118eab891c054e2deb8e3cf44b61d9e7c9e67c4e0510dc2424e064362c1f9a73d5f5477cb2bf2a0cf68c4764e7d23f0f26439673b76f78f3250e7905149ad2559b045d0884d76ae16adde2bfd3e2990b964d19efb8b29c97b13ec8e069fe6c7dd17d11d26e43a95dc11302ad83e78caf06519d00fc44c32056d182f0eade28a5680d94a88219ea7308a18a7761d3fc4f5999165b4fb2466010bcf941181828dd9cefe02fcdbc23605f5d824cbbd398edd89e3207a3b71e28202817d81a9a588aa849f8fcbd2c6f84c4c6e3c45e2bf01b2ff29767f6b5a23cfeea5b64054b68c32dfcb93d05e90f0cfb4fa56a2aac8502adcb7c118dfe15ed6ea3098f8f3fbc794b0848acb679a21541bc16c41164e34d38da8c9a20f93db67f7d9e79214de225640ebaa55403a393cf3d6873da3bc85f29f630be5a3c184d62d8e77e1d1403098e979c72dd30569851c3c104d6ebbfe7f5b3f5744be7962a8965931c7fdf9bcd4f94ed5c4f89c7905b93d877dfabd4051e128d700aedbf96ad47399896ec2c2dc7bf2fd7f57f91fa633883d103661d7173bfcdc38643ff7b6b6a55af9a4fcc366ca03e7db8f0c2566c6217982f95dd47ee0d5165ae6548dd700862d83f46e1f59ab27dc3d9517eba3c65e730f13f8213e8b452b2629e6a0df050c69b6bf576898b266bcfc54577fac51c28aba796ac877364d059e1e602e65f86e25e401fe1b671846454089b680313bbe90195ca39f44a7f165bf216f9bf66a56b7ea38d9d0726932125ef815a0fdb99967fc7dc7d771d1a94b785b1c545e601de5bc8722fd508d0afdd3d6a568c0b594ed179d1be54caf4b22cebdce565bfd6d942c3caf6d176a13c117a991582b8c55adf7d59c664b3cce2f36d2caeeb71c0c90597791eaafb658f3f3034fab523f5ac206ad5fb52705d32e7476e72b709dc3e986bd6bcb876d1c8519bf02569584d292891335b6384868ff62f54887495344381979b13afc400e0c0a857c20a", "e5bfcbf5e84637b37a079c72d58bbe56d10e19e5ea207c5cd5cb4d1173ae7bc7286e6844d023a281ba810ca587b6be5d41c3cf74497653949d1605476244e1d39d31d90db955a48c070b27c4892c2a94039ced55e13e427cd487629abe864a69c9a993a8cdfabefb18db91be58f937fd9bcb2f9faa74d65799a094bec1948b6b08074d74dca085e13ddb5258c52f14e9dd11354b095c12a069a68df12622d59beaa7a6172fac023b5c0bb75094ff573f7b2c607e2a736d7136f710bf7d29d933a44060d848a02c24e97c48825c8e0a74c9356edf8ae90dd010189e07c37bcae114832bbeb26c6b461339321aaecfec69a9072d00abf772e3df80f7e4e3076eac222c6ca131c25271eaae67ed70512a0b4cd1ecf8bda7760fa9fa9997d50e0f8f59382c8b58aaed40e319cac87cdd032a61783a9fb170611f39ab446311eacd578dd7a1176257c8b942025ee2b76ba6ba12e313cea76bd267655889e100ef135a86431e003d9590f5df72f26f8a0e4ce5d5bf201d33f3658ec15e538b837422e2a53277b6130e4430397fa37b1d4876e9ac28e803e56005d9ead944556b8019167fa84a299689736e937f9f4d57cc8e543e7845ae3ec2ce282ade65c62c2d95d60657aad79c450724f7e8bd56a57f0734fc166f35e1184f096154d2d58db6dcdced9af3c2a97e9c3abbecfd03c69a540da4df79fd3453a87dc0ac4eb4d37429cbe702ce92b477da65500c2ee356a3d173449b4b169c975192a11fa81d1066fe4a7621cd3e691ad95e56176d51a0b24ca7fb30f4e5012a723edcd33e3421c9072cbc95d39d233800574f8e34b8f8452e4eee29ea51dc6337886199c469d32a218b79ded9fb15df1e4d6f01ca5e6dbf45e5689f290920baf266c02c83661e06d574543e03f140d574200fce03da4142d263a675a6c12d67a3e1463ec606bfff1c141b8535a2588aed0ce5129dcd8295151cb26cfd2c67d90647f6f51a5dd3a23557fdd22012a8fdbee704bc9cbec0632b31a236f7544b729da0c58ba77fea31eb103c498b4cd566fa8de4b3ac9704a29fbaee22e6fd1fbc1f06e049dd23259c363fb44bf7a8a9378f058877fde2b32ab4a4f84781f80521e8115c60cbac0c2fd775b4a47493b6c8bb3a0eeaa104ac1bdac780e400582877eae976f51f31cd6a93612b27eea7516c7085770feeed040e33b133ea967e95951be0d7467217bf67f2517a5bca1b132ed42237c98735bbfe356d5d65d796a28ceec7480998a06c7d4f9f1d952b82b30efbd57f8bf50044223137ec8eddb562a2f4aecc533115c50f99603a488c0818f520e5e4a5217e7166b92ff82f54dd0e2bf152656ff49ebc95ef9b60d16d3bc1f8cee5b9e965a56c1f880b171ef053050d8b7f4557472032e246d0631aed0a6390a2d6206907c4c7611b9739244d71adda40e566280917181db81e62"}, [0x2623fbd8, 0x7fff, 0xfe00000000000000, 0x4, 0x7, 0x800, 0x9, 0x5, 0x2, 0x3, 0xfffffffffffffff9, 0x8, 0x5, 0x3e00000000000000, 0xf432, 0x1, 0x20, 0x6, 0x400, 0x7, 0x1, 0x5, 0x8, 0x7, 0xfff, 0x400, 0x8086, 0x0, 0x6, 0x3, 0x7, 0x4, 0xf9, 0x8000, 0x100, 0xff, 0xfffffffffffffff7, 0x1f, 0x7, 0xab9, 0xfffffffffffffffa, 0xffff, 0x7176, 0x79, 0x5, 0x7, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x6308]}) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nbd(&(0x7f0000000380), r0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) r4 = dup(r3) ioctl$VIDIOC_REQBUFS(r4, 0xc0145608, &(0x7f0000000180)={0x2, 0x3, 0x3}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) sendmsg$NBD_CMD_CONNECT(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)={0x90, r2, 0x1, 0x0, 0x0, {}, [@NBD_ATTR_SERVER_FLAGS={0xc}, @NBD_ATTR_SIZE_BYTES={0xc}, @NBD_ATTR_SOCKETS={0x4}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SOCKETS={0x44, 0x7, 0x0, 0x1, [{0x8}, {0x38, 0x1, r5}, {0x8}, {0x8}, {0x8}, {0x8}, {0x8}, {0x8}]}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}]}, 0x90}}, 0x0) [ 877.024796][T32195] CPU: 0 PID: 32195 Comm: syz-executor.1 Not tainted 5.14.0-rc2-syzkaller #0 [ 877.054701][T32195] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 [ 877.084943][T32195] Call Trace: [ 877.090717][T32195] dump_stack_lvl+0xcd/0x134 09:55:15 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', 0x0}) r2 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=@bridge_setlink={0x2c, 0x11, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r1}, [@IFLA_AF_SPEC={0xc, 0x1a, 0x0, 0x1, [@AF_INET={0x8, 0x5, 0x0, 0x1, {0x4, 0x5}}]}]}, 0x2c}}, 0x0) [ 877.099902][T32195] should_fail.cold+0x5/0xa [ 877.108567][T32195] should_failslab+0x5/0x10 [ 877.115313][T32195] kmem_cache_alloc+0x58/0x540 [ 877.125259][T32201] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 877.134292][T32195] ? kernfs_add_one+0x36a/0x4c0 [ 877.174523][T32195] __kernfs_new_node+0xd4/0x8b0 [ 877.183833][T32195] ? kernfs_path_from_node+0x60/0x60 [ 877.192227][T32195] ? __mutex_unlock_slowpath+0xe2/0x610 [ 877.202407][T32195] ? wait_for_completion_io+0x280/0x280 [ 877.213388][T32195] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 877.224274][T32195] ? kernfs_next_descendant_post+0x1a3/0x290 [ 877.243978][T32195] kernfs_new_node+0x93/0x120 [ 877.253769][T32195] __kernfs_create_file+0x51/0x350 [ 877.278162][T32195] sysfs_add_file_mode_ns+0x226/0x540 [ 877.293739][T32195] internal_create_group+0x328/0xb20 [ 877.308938][T32195] ? sysfs_remove_group+0x170/0x170 [ 877.319878][T32195] ? __sanitizer_cov_trace_cmp1+0x22/0x80 [ 877.337064][T32195] ? __loop_update_dio+0x2d2/0x690 [ 877.380624][T32195] loop_configure+0xc3b/0x1580 [ 877.389149][T32195] lo_ioctl+0x403/0x1600 [ 877.420052][T32195] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 877.439756][T32195] ? loop_set_status_old+0x250/0x250 [ 877.449578][T32195] ? avc_ss_reset+0x170/0x170 [ 877.458507][T32195] ? kfree+0x1cc/0x2c0 [ 877.470371][T32195] ? tomoyo_path_number_perm+0x441/0x590 [ 877.484324][T32195] ? lockdep_hardirqs_on+0x79/0x100 09:55:15 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', 0x0}) r2 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=@bridge_setlink={0x2c, 0x11, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r1}, [@IFLA_AF_SPEC={0xc, 0x1a, 0x0, 0x1, [@AF_INET={0x8, 0x5, 0x0, 0x1, {0x4, 0x5}}]}]}, 0x2c}}, 0x0) [ 877.495078][T32195] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 877.515370][T32195] ? tomoyo_path_number_perm+0x24e/0x590 [ 877.525853][T32195] ? selinux_file_ioctl+0x10f/0x5d0 [ 877.539445][T32195] ? selinux_inode_getsecctx+0x90/0x90 [ 877.551347][T32195] ? loop_set_status_old+0x250/0x250 [ 877.562220][T32195] blkdev_ioctl+0x2a1/0x6d0 [ 877.571229][T32195] ? blkdev_common_ioctl+0x1830/0x1830 [ 877.580110][T32195] ? __fget_files+0x23d/0x3e0 [ 877.588600][T32195] block_ioctl+0xf9/0x140 [ 877.604937][T32195] ? bd_unlink_disk_holder+0x430/0x430 [ 877.636162][T32195] __x64_sys_ioctl+0x193/0x200 [ 877.644092][T32195] do_syscall_64+0x35/0xb0 [ 877.653303][T32195] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 877.675050][T32195] RIP: 0033:0x4663a7 [ 877.681078][T32195] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 877.727000][T32195] RSP: 002b:00007f275d915f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 877.749771][T32195] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 00000000004663a7 [ 877.772344][T32195] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 877.786496][T32195] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 877.803611][T32195] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 877.821508][T32195] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 877.849114][T32195] loop1: detected capacity change from 0 to 16 [ 877.895273][T32195] MTD: Attempt to mount non-MTD device "/dev/loop1" 09:55:16 executing program 1 (fault-call:0 fault-nth:32): syz_mount_image$cramfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="453dcd28002000000300000000000000436f6d7072657373656420524f4d46537d359c1c000000000600000008000000436f6d70726573736564000000000000c0415cf968000053c0040000ed815cf964000053c30d000066696c652e636f6c64000000ed415cf928000053420b000066696c6530000000ed815cf90a0000534214000066696c6531000000ed815cf928230053c215000066696c6532000000ed815cf928230053c215000066696c6533000000ed815cf91a040053420f000066696c6530000000ffa15cf9260000534211000066696c6531000000f4000000789c2baeacca4eccc9492d2aa61d030085492b1f13010000789c2baeacca4eccc9492d2a1e658c324619a30c1803005565c4a20041010000789cd32fc92dd02faeacd2cdcc4d4c4f4d4fcd3330373235b330b434d54fcbcc4935809000fab10c590000005a010000789c2baeacca4eccc9492d2a0600181e045500008301000093010000789cedc1010d000000c2a0f74f6d0e37a00000000000000080770320000001789c63601805a360141002000328000100"/416, 0x1a0}], 0x0, &(0x7f0000010200)) 09:55:16 executing program 2: ioctl$BTRFS_IOC_DEV_REPLACE(0xffffffffffffffff, 0xca289435, &(0x7f00000003c0)={0x1, 0x9, @start={0x0, 0x0, "92b6ab19870fa30ea8c5b5203b76dd8a582355e25b36b82d31ca7f7059dc6a78e7205e9eb28bd0d62515a018f0174263bec0a7fab63ac00cb93344fd9f4260d115f4c3e19aaffe41d598a140105e377e7ced50852695e86945a017b8de3af5824d3742e2b24f137c3e49ce56c02fddc0e590f861b32423eef9391d46a4665ca110100b525b9fed7dc51f107062857e988bba0fa80455f28a0d5cacdadf90d1aec69b1344be181825e8ba5d0b08ba65e03e9e6b8cffb7a7974b996ff778375e4ec157881d3d4f4291601eaf37d3a0a4e119d7528b93b8d6f435316fd698d7f70e6aed254c46f8053af938d0340e13465f801d5164af67de7b3924d95b4798556160d2241919e04eba2f95f7b685fde05dc1a25332a0f25497f30ca9a7b9ac7e101974bdf775eafab4a950c0651b8f78feb40e26851581bff40b118eab891c054e2deb8e3cf44b61d9e7c9e67c4e0510dc2424e064362c1f9a73d5f5477cb2bf2a0cf68c4764e7d23f0f26439673b76f78f3250e7905149ad2559b045d0884d76ae16adde2bfd3e2990b964d19efb8b29c97b13ec8e069fe6c7dd17d11d26e43a95dc11302ad83e78caf06519d00fc44c32056d182f0eade28a5680d94a88219ea7308a18a7761d3fc4f5999165b4fb2466010bcf941181828dd9cefe02fcdbc23605f5d824cbbd398edd89e3207a3b71e28202817d81a9a588aa849f8fcbd2c6f84c4c6e3c45e2bf01b2ff29767f6b5a23cfeea5b64054b68c32dfcb93d05e90f0cfb4fa56a2aac8502adcb7c118dfe15ed6ea3098f8f3fbc794b0848acb679a21541bc16c41164e34d38da8c9a20f93db67f7d9e79214de225640ebaa55403a393cf3d6873da3bc85f29f630be5a3c184d62d8e77e1d1403098e979c72dd30569851c3c104d6ebbfe7f5b3f5744be7962a8965931c7fdf9bcd4f94ed5c4f89c7905b93d877dfabd4051e128d700aedbf96ad47399896ec2c2dc7bf2fd7f57f91fa633883d103661d7173bfcdc38643ff7b6b6a55af9a4fcc366ca03e7db8f0c2566c6217982f95dd47ee0d5165ae6548dd700862d83f46e1f59ab27dc3d9517eba3c65e730f13f8213e8b452b2629e6a0df050c69b6bf576898b266bcfc54577fac51c28aba796ac877364d059e1e602e65f86e25e401fe1b671846454089b680313bbe90195ca39f44a7f165bf216f9bf66a56b7ea38d9d0726932125ef815a0fdb99967fc7dc7d771d1a94b785b1c545e601de5bc8722fd508d0afdd3d6a568c0b594ed179d1be54caf4b22cebdce565bfd6d942c3caf6d176a13c117a991582b8c55adf7d59c664b3cce2f36d2caeeb71c0c90597791eaafb658f3f3034fab523f5ac206ad5fb52705d32e7476e72b709dc3e986bd6bcb876d1c8519bf02569584d292891335b6384868ff62f54887495344381979b13afc400e0c0a857c20a", "e5bfcbf5e84637b37a079c72d58bbe56d10e19e5ea207c5cd5cb4d1173ae7bc7286e6844d023a281ba810ca587b6be5d41c3cf74497653949d1605476244e1d39d31d90db955a48c070b27c4892c2a94039ced55e13e427cd487629abe864a69c9a993a8cdfabefb18db91be58f937fd9bcb2f9faa74d65799a094bec1948b6b08074d74dca085e13ddb5258c52f14e9dd11354b095c12a069a68df12622d59beaa7a6172fac023b5c0bb75094ff573f7b2c607e2a736d7136f710bf7d29d933a44060d848a02c24e97c48825c8e0a74c9356edf8ae90dd010189e07c37bcae114832bbeb26c6b461339321aaecfec69a9072d00abf772e3df80f7e4e3076eac222c6ca131c25271eaae67ed70512a0b4cd1ecf8bda7760fa9fa9997d50e0f8f59382c8b58aaed40e319cac87cdd032a61783a9fb170611f39ab446311eacd578dd7a1176257c8b942025ee2b76ba6ba12e313cea76bd267655889e100ef135a86431e003d9590f5df72f26f8a0e4ce5d5bf201d33f3658ec15e538b837422e2a53277b6130e4430397fa37b1d4876e9ac28e803e56005d9ead944556b8019167fa84a299689736e937f9f4d57cc8e543e7845ae3ec2ce282ade65c62c2d95d60657aad79c450724f7e8bd56a57f0734fc166f35e1184f096154d2d58db6dcdced9af3c2a97e9c3abbecfd03c69a540da4df79fd3453a87dc0ac4eb4d37429cbe702ce92b477da65500c2ee356a3d173449b4b169c975192a11fa81d1066fe4a7621cd3e691ad95e56176d51a0b24ca7fb30f4e5012a723edcd33e3421c9072cbc95d39d233800574f8e34b8f8452e4eee29ea51dc6337886199c469d32a218b79ded9fb15df1e4d6f01ca5e6dbf45e5689f290920baf266c02c83661e06d574543e03f140d574200fce03da4142d263a675a6c12d67a3e1463ec606bfff1c141b8535a2588aed0ce5129dcd8295151cb26cfd2c67d90647f6f51a5dd3a23557fdd22012a8fdbee704bc9cbec0632b31a236f7544b729da0c58ba77fea31eb103c498b4cd566fa8de4b3ac9704a29fbaee22e6fd1fbc1f06e049dd23259c363fb44bf7a8a9378f058877fde2b32ab4a4f84781f80521e8115c60cbac0c2fd775b4a47493b6c8bb3a0eeaa104ac1bdac780e400582877eae976f51f31cd6a93612b27eea7516c7085770feeed040e33b133ea967e95951be0d7467217bf67f2517a5bca1b132ed42237c98735bbfe356d5d65d796a28ceec7480998a06c7d4f9f1d952b82b30efbd57f8bf50044223137ec8eddb562a2f4aecc533115c50f99603a488c0818f520e5e4a5217e7166b92ff82f54dd0e2bf152656ff49ebc95ef9b60d16d3bc1f8cee5b9e965a56c1f880b171ef053050d8b7f4557472032e246d0631aed0a6390a2d6206907c4c7611b9739244d71adda40e566280917181db81e62"}, [0x2623fbd8, 0x7fff, 0xfe00000000000000, 0x4, 0x7, 0x800, 0x9, 0x5, 0x2, 0x3, 0xfffffffffffffff9, 0x8, 0x5, 0x3e00000000000000, 0xf432, 0x1, 0x20, 0x6, 0x400, 0x7, 0x1, 0x5, 0x8, 0x7, 0xfff, 0x400, 0x8086, 0x0, 0x6, 0x3, 0x7, 0x4, 0xf9, 0x8000, 0x100, 0xff, 0xfffffffffffffff7, 0x1f, 0x7, 0xab9, 0xfffffffffffffffa, 0xffff, 0x7176, 0x79, 0x5, 0x7, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x6308]}) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nbd(&(0x7f0000000380), r0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) r4 = dup(r3) ioctl$VIDIOC_REQBUFS(r4, 0xc0145608, &(0x7f0000000180)={0x2, 0x3, 0x3}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) sendmsg$NBD_CMD_CONNECT(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)={0x90, r2, 0x1, 0x0, 0x0, {}, [@NBD_ATTR_SERVER_FLAGS={0xc}, @NBD_ATTR_SIZE_BYTES={0xc}, @NBD_ATTR_SOCKETS={0x4}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SOCKETS={0x44, 0x7, 0x0, 0x1, [{0x8}, {0x38, 0x1, r5}, {0x8}, {0x8}, {0x8}, {0x8}, {0x8}, {0x8}]}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}]}, 0x90}}, 0x0) 09:55:16 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', 0x0}) r2 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=@bridge_setlink={0x2c, 0x11, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r1}, [@IFLA_AF_SPEC={0xc, 0x1a, 0x0, 0x1, [@AF_INET={0x8, 0x5, 0x0, 0x1, {0x4, 0x5}}]}]}, 0x2c}}, 0x0) 09:55:16 executing program 3: r0 = socket$caif_seqpacket(0x25, 0x5, 0x0) recvfrom(r0, 0x0, 0x0, 0x121, 0x0, 0x0) 09:55:16 executing program 0: io_setup(0x0, 0x0) io_setup(0x0, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = gettid() r2 = creat(&(0x7f0000000280)='./file0\x00', 0x3) prctl$PR_SET_PTRACER(0x59616d61, r1) write$binfmt_script(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="019d13569783507b111526e44844d8db42d9ff16775fb5927b9efb9eadc13485ab37b27ca02b883874555523373bbfa8605843"], 0x191) write(0xffffffffffffffff, 0x0, 0x0) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000240)={'syz_tun\x00', 0x0}) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) close(r2) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) setresuid(0x0, 0xee00, 0x0) [ 878.116182][T32214] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. 09:55:16 executing program 3: r0 = socket$caif_seqpacket(0x25, 0x5, 0x0) recvfrom(r0, 0x0, 0x0, 0x121, 0x0, 0x0) 09:55:16 executing program 2: [ 878.194630][T32219] FAULT_INJECTION: forcing a failure. ioctl$BTRFS_IOC_DEV_REPLACE(0xffffffffffffffff, 0xca289435, &(0x7f00000003c0)={0x1, 0x9, @start={0x0, 0x0, "92b6ab19870fa30ea8c5b5203b76dd8a582355e25b36b82d31ca7f7059dc6a78e7205e9eb28bd0d62515a018f0174263bec0a7fab63ac00cb93344fd9f4260d115f4c3e19aaffe41d598a140105e377e7ced50852695e86945a017b8de3af5824d3742e2b24f137c3e49ce56c02fddc0e590f861b32423eef9391d46a4665ca110100b525b9fed7dc51f107062857e988bba0fa80455f28a0d5cacdadf90d1aec69b1344be181825e8ba5d0b08ba65e03e9e6b8cffb7a7974b996ff778375e4ec157881d3d4f4291601eaf37d3a0a4e119d7528b93b8d6f435316fd698d7f70e6aed254c46f8053af938d0340e13465f801d5164af67de7b3924d95b4798556160d2241919e04eba2f95f7b685fde05dc1a25332a0f25497f30ca9a7b9ac7e101974bdf775eafab4a950c0651b8f78feb40e26851581bff40b118eab891c054e2deb8e3cf44b61d9e7c9e67c4e0510dc2424e064362c1f9a73d5f5477cb2bf2a0cf68c4764e7d23f0f26439673b76f78f3250e7905149ad2559b045d0884d76ae16adde2bfd3e2990b964d19efb8b29c97b13ec8e069fe6c7dd17d11d26e43a95dc11302ad83e78caf06519d00fc44c32056d182f0eade28a5680d94a88219ea7308a18a7761d3fc4f5999165b4fb2466010bcf941181828dd9cefe02fcdbc23605f5d824cbbd398edd89e3207a3b71e28202817d81a9a588aa849f8fcbd2c6f84c4c6e3c45e2bf01b2ff29767f6b5a23cfeea5b64054b68c32dfcb93d05e90f0cfb4fa56a2aac8502adcb7c118dfe15ed6ea3098f8f3fbc794b0848acb679a21541bc16c41164e34d38da8c9a20f93db67f7d9e79214de225640ebaa55403a393cf3d6873da3bc85f29f630be5a3c184d62d8e77e1d1403098e979c72dd30569851c3c104d6ebbfe7f5b3f5744be7962a8965931c7fdf9bcd4f94ed5c4f89c7905b93d877dfabd4051e128d700aedbf96ad47399896ec2c2dc7bf2fd7f57f91fa633883d103661d7173bfcdc38643ff7b6b6a55af9a4fcc366ca03e7db8f0c2566c6217982f95dd47ee0d5165ae6548dd700862d83f46e1f59ab27dc3d9517eba3c65e730f13f8213e8b452b2629e6a0df050c69b6bf576898b266bcfc54577fac51c28aba796ac877364d059e1e602e65f86e25e401fe1b671846454089b680313bbe90195ca39f44a7f165bf216f9bf66a56b7ea38d9d0726932125ef815a0fdb99967fc7dc7d771d1a94b785b1c545e601de5bc8722fd508d0afdd3d6a568c0b594ed179d1be54caf4b22cebdce565bfd6d942c3caf6d176a13c117a991582b8c55adf7d59c664b3cce2f36d2caeeb71c0c90597791eaafb658f3f3034fab523f5ac206ad5fb52705d32e7476e72b709dc3e986bd6bcb876d1c8519bf02569584d292891335b6384868ff62f54887495344381979b13afc400e0c0a857c20a", "e5bfcbf5e84637b37a079c72d58bbe56d10e19e5ea207c5cd5cb4d1173ae7bc7286e6844d023a281ba810ca587b6be5d41c3cf74497653949d1605476244e1d39d31d90db955a48c070b27c4892c2a94039ced55e13e427cd487629abe864a69c9a993a8cdfabefb18db91be58f937fd9bcb2f9faa74d65799a094bec1948b6b08074d74dca085e13ddb5258c52f14e9dd11354b095c12a069a68df12622d59beaa7a6172fac023b5c0bb75094ff573f7b2c607e2a736d7136f710bf7d29d933a44060d848a02c24e97c48825c8e0a74c9356edf8ae90dd010189e07c37bcae114832bbeb26c6b461339321aaecfec69a9072d00abf772e3df80f7e4e3076eac222c6ca131c25271eaae67ed70512a0b4cd1ecf8bda7760fa9fa9997d50e0f8f59382c8b58aaed40e319cac87cdd032a61783a9fb170611f39ab446311eacd578dd7a1176257c8b942025ee2b76ba6ba12e313cea76bd267655889e100ef135a86431e003d9590f5df72f26f8a0e4ce5d5bf201d33f3658ec15e538b837422e2a53277b6130e4430397fa37b1d4876e9ac28e803e56005d9ead944556b8019167fa84a299689736e937f9f4d57cc8e543e7845ae3ec2ce282ade65c62c2d95d60657aad79c450724f7e8bd56a57f0734fc166f35e1184f096154d2d58db6dcdced9af3c2a97e9c3abbecfd03c69a540da4df79fd3453a87dc0ac4eb4d37429cbe702ce92b477da65500c2ee356a3d173449b4b169c975192a11fa81d1066fe4a7621cd3e691ad95e56176d51a0b24ca7fb30f4e5012a723edcd33e3421c9072cbc95d39d233800574f8e34b8f8452e4eee29ea51dc6337886199c469d32a218b79ded9fb15df1e4d6f01ca5e6dbf45e5689f290920baf266c02c83661e06d574543e03f140d574200fce03da4142d263a675a6c12d67a3e1463ec606bfff1c141b8535a2588aed0ce5129dcd8295151cb26cfd2c67d90647f6f51a5dd3a23557fdd22012a8fdbee704bc9cbec0632b31a236f7544b729da0c58ba77fea31eb103c498b4cd566fa8de4b3ac9704a29fbaee22e6fd1fbc1f06e049dd23259c363fb44bf7a8a9378f058877fde2b32ab4a4f84781f80521e8115c60cbac0c2fd775b4a47493b6c8bb3a0eeaa104ac1bdac780e400582877eae976f51f31cd6a93612b27eea7516c7085770feeed040e33b133ea967e95951be0d7467217bf67f2517a5bca1b132ed42237c98735bbfe356d5d65d796a28ceec7480998a06c7d4f9f1d952b82b30efbd57f8bf50044223137ec8eddb562a2f4aecc533115c50f99603a488c0818f520e5e4a5217e7166b92ff82f54dd0e2bf152656ff49ebc95ef9b60d16d3bc1f8cee5b9e965a56c1f880b171ef053050d8b7f4557472032e246d0631aed0a6390a2d6206907c4c7611b9739244d71adda40e566280917181db81e62"}, [0x2623fbd8, 0x7fff, 0xfe00000000000000, 0x4, 0x7, 0x800, 0x9, 0x5, 0x2, 0x3, 0xfffffffffffffff9, 0x8, 0x5, 0x3e00000000000000, 0xf432, 0x1, 0x20, 0x6, 0x400, 0x7, 0x1, 0x5, 0x8, 0x7, 0xfff, 0x400, 0x8086, 0x0, 0x6, 0x3, 0x7, 0x4, 0xf9, 0x8000, 0x100, 0xff, 0xfffffffffffffff7, 0x1f, 0x7, 0xab9, 0xfffffffffffffffa, 0xffff, 0x7176, 0x79, 0x5, 0x7, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x6308]}) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nbd(&(0x7f0000000380), r0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) r4 = dup(r3) ioctl$VIDIOC_REQBUFS(r4, 0xc0145608, &(0x7f0000000180)={0x2, 0x3, 0x3}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) sendmsg$NBD_CMD_CONNECT(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)={0x90, r2, 0x1, 0x0, 0x0, {}, [@NBD_ATTR_SERVER_FLAGS={0xc}, @NBD_ATTR_SIZE_BYTES={0xc}, @NBD_ATTR_SOCKETS={0x4}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SOCKETS={0x44, 0x7, 0x0, 0x1, [{0x8}, {0x38, 0x1, r5}, {0x8}, {0x8}, {0x8}, {0x8}, {0x8}, {0x8}]}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}]}, 0x90}}, 0x0) [ 878.194630][T32219] name failslab, interval 1, probability 0, space 0, times 0 [ 878.217531][T32219] CPU: 1 PID: 32219 Comm: syz-executor.1 Not tainted 5.14.0-rc2-syzkaller #0 [ 878.244118][T32219] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 [ 878.264486][T32219] Call Trace: [ 878.264507][T32219] dump_stack_lvl+0xcd/0x134 [ 878.264556][T32219] should_fail.cold+0x5/0xa [ 878.264595][T32219] should_failslab+0x5/0x10 [ 878.264629][T32219] kmem_cache_alloc_trace+0x57/0x480 [ 878.264704][T32219] ? __kmalloc+0x22b/0x4d0 [ 878.264735][T32219] alloc_workqueue_attrs+0x38/0x80 [ 878.264778][T32219] alloc_workqueue+0x192/0xef0 [ 878.264816][T32219] ? __mutex_lock+0x5bf/0x10a0 [ 878.264851][T32219] ? _raw_spin_unlock+0x24/0x40 [ 878.361211][T32219] ? loop_configure+0xc2/0x1580 [ 878.368341][T32219] ? loop_set_status_from_info+0xa60/0xa60 [ 878.378006][T32219] ? workqueue_sysfs_register+0x3e0/0x3e0 [ 878.387808][T32219] ? mutex_lock_io_nested+0xf00/0xf00 [ 878.398057][T32219] ? memcpy+0x39/0x60 [ 878.406307][T32219] ? loop_configure+0x416/0x1580 [ 878.413284][T32219] loop_configure+0x4d8/0x1580 [ 878.420827][T32219] lo_ioctl+0x403/0x1600 [ 878.428409][T32219] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 878.440035][T32219] ? loop_set_status_old+0x250/0x250 [ 878.448493][T32219] ? avc_ss_reset+0x170/0x170 [ 878.456203][T32219] ? kfree+0x1cc/0x2c0 [ 878.462228][T32219] ? tomoyo_path_number_perm+0x441/0x590 [ 878.470607][T32219] ? lockdep_hardirqs_on+0x79/0x100 [ 878.479460][T32219] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 878.489062][T32219] ? tomoyo_path_number_perm+0x24e/0x590 [ 878.503351][T32219] ? selinux_file_ioctl+0x10f/0x5d0 [ 878.526446][T32219] ? selinux_inode_getsecctx+0x90/0x90 [ 878.545216][T32219] ? loop_set_status_old+0x250/0x250 [ 878.552579][T32219] blkdev_ioctl+0x2a1/0x6d0 [ 878.560120][T32219] ? blkdev_common_ioctl+0x1830/0x1830 [ 878.567857][T32219] ? __fget_files+0x23d/0x3e0 [ 878.576440][T32219] block_ioctl+0xf9/0x140 [ 878.585374][T32219] ? bd_unlink_disk_holder+0x430/0x430 [ 878.592817][T32219] __x64_sys_ioctl+0x193/0x200 [ 878.600394][T32219] do_syscall_64+0x35/0xb0 [ 878.607007][T32219] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 878.614684][T32219] RIP: 0033:0x4663a7 [ 878.620392][T32219] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 878.651370][T32219] RSP: 002b:00007f275d915f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 878.663475][T32219] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 00000000004663a7 [ 878.675372][T32219] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 878.690371][T32219] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 878.707452][T32219] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 878.727054][T32219] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 09:55:17 executing program 1 (fault-call:0 fault-nth:33): syz_mount_image$cramfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="453dcd28002000000300000000000000436f6d7072657373656420524f4d46537d359c1c000000000600000008000000436f6d70726573736564000000000000c0415cf968000053c0040000ed815cf964000053c30d000066696c652e636f6c64000000ed415cf928000053420b000066696c6530000000ed815cf90a0000534214000066696c6531000000ed815cf928230053c215000066696c6532000000ed815cf928230053c215000066696c6533000000ed815cf91a040053420f000066696c6530000000ffa15cf9260000534211000066696c6531000000f4000000789c2baeacca4eccc9492d2aa61d030085492b1f13010000789c2baeacca4eccc9492d2a1e658c324619a30c1803005565c4a20041010000789cd32fc92dd02faeacd2cdcc4d4c4f4d4fcd3330373235b330b434d54fcbcc4935809000fab10c590000005a010000789c2baeacca4eccc9492d2a0600181e045500008301000093010000789cedc1010d000000c2a0f74f6d0e37a00000000000000080770320000001789c63601805a360141002000328000100"/416, 0x1a0}], 0x0, &(0x7f0000010200)) 09:55:17 executing program 3: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000100)={0x2, 0x3, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, [@sadb_key={0x1, 0x18}, @sadb_address={0x3, 0x6}, @sadb_sa={0x2}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @broadcast}}]}, 0x58}, 0x1, 0x7}, 0x0) [ 878.920429][T32234] FAULT_INJECTION: forcing a failure. [ 878.920429][T32234] name failslab, interval 1, probability 0, space 0, times 0 [ 878.949386][T32234] CPU: 1 PID: 32234 Comm: syz-executor.1 Not tainted 5.14.0-rc2-syzkaller #0 [ 878.966103][T32234] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 [ 878.987830][T32234] Call Trace: [ 878.996070][T32234] dump_stack_lvl+0xcd/0x134 [ 879.007526][T32234] should_fail.cold+0x5/0xa [ 879.018677][T32234] should_failslab+0x5/0x10 [ 879.027197][T32234] kmem_cache_alloc+0x58/0x540 [ 879.033123][T32234] ? kernfs_add_one+0x36a/0x4c0 [ 879.039170][T32234] __kernfs_new_node+0xd4/0x8b0 [ 879.045288][T32234] ? kernfs_path_from_node+0x60/0x60 [ 879.051972][T32234] ? __mutex_unlock_slowpath+0xe2/0x610 [ 879.058081][T32234] ? wait_for_completion_io+0x280/0x280 [ 879.064046][T32234] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 879.070759][T32234] ? kernfs_next_descendant_post+0x1a3/0x290 [ 879.077447][T32234] kernfs_new_node+0x93/0x120 [ 879.082945][T32234] __kernfs_create_file+0x51/0x350 [ 879.095141][T32234] sysfs_add_file_mode_ns+0x226/0x540 [ 879.111931][T32234] internal_create_group+0x328/0xb20 [ 879.126431][T32234] ? sysfs_remove_group+0x170/0x170 [ 879.136518][T32234] ? __sanitizer_cov_trace_cmp1+0x22/0x80 [ 879.145293][T32234] ? __loop_update_dio+0x2d2/0x690 [ 879.152763][T32234] loop_configure+0xc3b/0x1580 [ 879.164716][T32234] lo_ioctl+0x403/0x1600 [ 879.175178][T32234] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 879.205278][T32234] ? loop_set_status_old+0x250/0x250 [ 879.227280][T32234] ? avc_ss_reset+0x170/0x170 [ 879.237120][T32234] ? kfree+0x1cc/0x2c0 [ 879.245837][T32234] ? tomoyo_path_number_perm+0x441/0x590 [ 879.258660][T32234] ? lockdep_hardirqs_on+0x79/0x100 09:55:17 executing program 3: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000100)={0x2, 0x3, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, [@sadb_key={0x1, 0x18}, @sadb_address={0x3, 0x6}, @sadb_sa={0x2}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @broadcast}}]}, 0x58}, 0x1, 0x7}, 0x0) 09:55:17 executing program 2: perf_event_open(&(0x7f00000002c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) close(r0) r1 = socket(0x40000000002, 0x3, 0x2) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f00000000c0)='batadv0\x00', 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff) connect$inet(r0, &(0x7f0000000440)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f0000000540), 0x187, 0x2) [ 879.268825][T32234] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 879.282756][T32234] ? tomoyo_path_number_perm+0x24e/0x590 [ 879.294147][T32234] ? selinux_file_ioctl+0x10f/0x5d0 [ 879.304912][T32234] ? selinux_inode_getsecctx+0x90/0x90 [ 879.315829][T32234] ? loop_set_status_old+0x250/0x250 [ 879.326199][T32234] blkdev_ioctl+0x2a1/0x6d0 [ 879.336538][T32234] ? blkdev_common_ioctl+0x1830/0x1830 [ 879.348260][T32234] ? __fget_files+0x23d/0x3e0 [ 879.357202][T32234] block_ioctl+0xf9/0x140 [ 879.365515][T32234] ? bd_unlink_disk_holder+0x430/0x430 [ 879.375157][T32234] __x64_sys_ioctl+0x193/0x200 [ 879.382733][T32234] do_syscall_64+0x35/0xb0 [ 879.391320][T32234] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 879.402434][T32234] RIP: 0033:0x4663a7 [ 879.408448][T32234] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 879.441792][T32234] RSP: 002b:00007f275d915f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 879.456229][T32234] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 00000000004663a7 [ 879.469709][T32234] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 879.482431][T32234] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 879.494925][T32234] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 879.509697][T32234] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 879.556715][T32234] loop1: detected capacity change from 0 to 16 09:55:18 executing program 0: io_setup(0x0, 0x0) io_setup(0x0, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = gettid() r2 = creat(&(0x7f0000000280)='./file0\x00', 0x3) prctl$PR_SET_PTRACER(0x59616d61, r1) write$binfmt_script(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="019d13569783507b111526e44844d8db42d9ff16775fb5927b9efb9eadc13485ab37b27ca02b883874555523373bbfa8605843"], 0x191) write(0xffffffffffffffff, 0x0, 0x0) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000240)={'syz_tun\x00', 0x0}) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) close(r2) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) setresuid(0x0, 0xee00, 0x0) [ 879.577594][T32234] MTD: Attempt to mount non-MTD device "/dev/loop1" 09:55:18 executing program 2: perf_event_open(&(0x7f00000002c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) close(r0) r1 = socket(0x40000000002, 0x3, 0x2) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f00000000c0)='batadv0\x00', 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff) connect$inet(r0, &(0x7f0000000440)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f0000000540), 0x187, 0x2) 09:55:18 executing program 3: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000100)={0x2, 0x3, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, [@sadb_key={0x1, 0x18}, @sadb_address={0x3, 0x6}, @sadb_sa={0x2}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @broadcast}}]}, 0x58}, 0x1, 0x7}, 0x0) 09:55:18 executing program 1 (fault-call:0 fault-nth:34): syz_mount_image$cramfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="453dcd28002000000300000000000000436f6d7072657373656420524f4d46537d359c1c000000000600000008000000436f6d70726573736564000000000000c0415cf968000053c0040000ed815cf964000053c30d000066696c652e636f6c64000000ed415cf928000053420b000066696c6530000000ed815cf90a0000534214000066696c6531000000ed815cf928230053c215000066696c6532000000ed815cf928230053c215000066696c6533000000ed815cf91a040053420f000066696c6530000000ffa15cf9260000534211000066696c6531000000f4000000789c2baeacca4eccc9492d2aa61d030085492b1f13010000789c2baeacca4eccc9492d2a1e658c324619a30c1803005565c4a20041010000789cd32fc92dd02faeacd2cdcc4d4c4f4d4fcd3330373235b330b434d54fcbcc4935809000fab10c590000005a010000789c2baeacca4eccc9492d2a0600181e045500008301000093010000789cedc1010d000000c2a0f74f6d0e37a00000000000000080770320000001789c63601805a360141002000328000100"/416, 0x1a0}], 0x0, &(0x7f0000010200)) 09:55:18 executing program 3: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000100)={0x2, 0x3, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, [@sadb_key={0x1, 0x18}, @sadb_address={0x3, 0x6}, @sadb_sa={0x2}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @broadcast}}]}, 0x58}, 0x1, 0x7}, 0x0) [ 879.948944][T32260] FAULT_INJECTION: forcing a failure. 09:55:18 executing program 2: perf_event_open(&(0x7f00000002c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) close(r0) r1 = socket(0x40000000002, 0x3, 0x2) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f00000000c0)='batadv0\x00', 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff) connect$inet(r0, &(0x7f0000000440)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f0000000540), 0x187, 0x2) [ 879.948944][T32260] name failslab, interval 1, probability 0, space 0, times 0 [ 879.991031][T32260] CPU: 0 PID: 32260 Comm: syz-executor.1 Not tainted 5.14.0-rc2-syzkaller #0 [ 880.007994][T32260] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 [ 880.026929][T32260] Call Trace: [ 880.033518][T32260] dump_stack_lvl+0xcd/0x134 [ 880.043223][T32260] should_fail.cold+0x5/0xa 09:55:18 executing program 2: perf_event_open(&(0x7f00000002c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) close(r0) r1 = socket(0x40000000002, 0x3, 0x2) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f00000000c0)='batadv0\x00', 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff) connect$inet(r0, &(0x7f0000000440)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f0000000540), 0x187, 0x2) [ 880.051241][T32260] should_failslab+0x5/0x10 [ 880.059393][T32260] kmem_cache_alloc+0x58/0x540 [ 880.067778][T32260] ? kernfs_add_one+0x36a/0x4c0 [ 880.076922][T32260] __kernfs_new_node+0xd4/0x8b0 [ 880.085407][T32260] ? kernfs_path_from_node+0x60/0x60 [ 880.097462][T32260] ? __mutex_unlock_slowpath+0xe2/0x610 [ 880.108042][T32260] ? wait_for_completion_io+0x280/0x280 [ 880.117202][T32260] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 880.129134][T32260] ? kernfs_next_descendant_post+0x1a3/0x290 [ 880.142646][T32260] kernfs_new_node+0x93/0x120 [ 880.152105][T32260] __kernfs_create_file+0x51/0x350 [ 880.161106][T32260] sysfs_add_file_mode_ns+0x226/0x540 [ 880.170269][T32260] internal_create_group+0x328/0xb20 [ 880.181622][T32260] ? sysfs_remove_group+0x170/0x170 [ 880.191536][T32260] ? __sanitizer_cov_trace_cmp1+0x22/0x80 [ 880.202629][T32260] ? __loop_update_dio+0x2d2/0x690 [ 880.216248][T32260] loop_configure+0xc3b/0x1580 [ 880.228009][T32260] lo_ioctl+0x403/0x1600 [ 880.238497][T32260] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 880.254569][T32260] ? loop_set_status_old+0x250/0x250 [ 880.264394][T32260] ? avc_ss_reset+0x170/0x170 [ 880.279060][T32260] ? kfree+0x1cc/0x2c0 [ 880.288419][T32260] ? tomoyo_path_number_perm+0x441/0x590 [ 880.302579][T32260] ? lockdep_hardirqs_on+0x79/0x100 [ 880.315761][T32260] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 880.330602][T32260] ? tomoyo_path_number_perm+0x24e/0x590 [ 880.342972][T32260] ? selinux_file_ioctl+0x10f/0x5d0 [ 880.351810][T32260] ? selinux_inode_getsecctx+0x90/0x90 [ 880.361661][T32260] ? loop_set_status_old+0x250/0x250 [ 880.370842][T32260] blkdev_ioctl+0x2a1/0x6d0 [ 880.379012][T32260] ? blkdev_common_ioctl+0x1830/0x1830 [ 880.387173][T32260] ? __fget_files+0x23d/0x3e0 [ 880.395498][T32260] block_ioctl+0xf9/0x140 [ 880.403601][T32260] ? bd_unlink_disk_holder+0x430/0x430 [ 880.411346][T32260] __x64_sys_ioctl+0x193/0x200 [ 880.419387][T32260] do_syscall_64+0x35/0xb0 [ 880.427635][T32260] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 880.437102][T32260] RIP: 0033:0x4663a7 09:55:18 executing program 0: io_setup(0x0, 0x0) io_setup(0x0, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = gettid() r2 = creat(&(0x7f0000000280)='./file0\x00', 0x3) prctl$PR_SET_PTRACER(0x59616d61, r1) write$binfmt_script(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="019d13569783507b111526e44844d8db42d9ff16775fb5927b9efb9eadc13485ab37b27ca02b883874555523373bbfa8605843"], 0x191) write(0xffffffffffffffff, 0x0, 0x0) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000240)={'syz_tun\x00', 0x0}) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) close(r2) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) setresuid(0x0, 0xee00, 0x0) [ 880.444202][T32260] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 09:55:19 executing program 2: io_setup(0x0, 0x0) io_setup(0x0, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = gettid() r2 = creat(&(0x7f0000000280)='./file0\x00', 0x3) prctl$PR_SET_PTRACER(0x59616d61, r1) write$binfmt_script(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="019d13569783507b111526e44844d8db42d9ff16775fb5927b9efb9eadc13485ab37b27ca02b883874555523373bbfa8605843"], 0x191) write(0xffffffffffffffff, 0x0, 0x0) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000240)={'syz_tun\x00', 0x0}) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) close(r2) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) setresuid(0x0, 0xee00, 0x0) [ 880.477625][T32260] RSP: 002b:00007f275d915f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 880.495543][T32260] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 00000000004663a7 [ 880.508989][T32260] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 880.523362][T32260] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 880.535461][T32260] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 880.547376][T32260] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 880.563202][T32260] loop1: detected capacity change from 0 to 16 [ 880.585470][T32260] MTD: Attempt to mount non-MTD device "/dev/loop1" 09:55:19 executing program 1 (fault-call:0 fault-nth:35): syz_mount_image$cramfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="453dcd28002000000300000000000000436f6d7072657373656420524f4d46537d359c1c000000000600000008000000436f6d70726573736564000000000000c0415cf968000053c0040000ed815cf964000053c30d000066696c652e636f6c64000000ed415cf928000053420b000066696c6530000000ed815cf90a0000534214000066696c6531000000ed815cf928230053c215000066696c6532000000ed815cf928230053c215000066696c6533000000ed815cf91a040053420f000066696c6530000000ffa15cf9260000534211000066696c6531000000f4000000789c2baeacca4eccc9492d2aa61d030085492b1f13010000789c2baeacca4eccc9492d2a1e658c324619a30c1803005565c4a20041010000789cd32fc92dd02faeacd2cdcc4d4c4f4d4fcd3330373235b330b434d54fcbcc4935809000fab10c590000005a010000789c2baeacca4eccc9492d2a0600181e045500008301000093010000789cedc1010d000000c2a0f74f6d0e37a00000000000000080770320000001789c63601805a360141002000328000100"/416, 0x1a0}], 0x0, &(0x7f0000010200)) 09:55:19 executing program 3: io_setup(0x0, 0x0) io_setup(0x0, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = gettid() r2 = creat(&(0x7f0000000280)='./file0\x00', 0x3) prctl$PR_SET_PTRACER(0x59616d61, r1) write$binfmt_script(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="019d13569783507b111526e44844d8db42d9ff16775fb5927b9efb9eadc13485ab37b27ca02b883874555523373bbfa8605843"], 0x191) write(0xffffffffffffffff, 0x0, 0x0) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000240)={'syz_tun\x00', 0x0}) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) close(r2) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) setresuid(0x0, 0xee00, 0x0) 09:55:19 executing program 0: io_setup(0x0, 0x0) io_setup(0x0, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = gettid() r2 = creat(&(0x7f0000000280)='./file0\x00', 0x3) prctl$PR_SET_PTRACER(0x59616d61, r1) write$binfmt_script(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="019d13569783507b111526e44844d8db42d9ff16775fb5927b9efb9eadc13485ab37b27ca02b883874555523373bbfa8605843"], 0x191) write(0xffffffffffffffff, 0x0, 0x0) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000240)={'syz_tun\x00', 0x0}) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) close(r2) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) setresuid(0x0, 0xee00, 0x0) [ 880.947842][T32286] FAULT_INJECTION: forcing a failure. [ 880.947842][T32286] name failslab, interval 1, probability 0, space 0, times 0 [ 880.978323][T32286] CPU: 3 PID: 32286 Comm: syz-executor.1 Not tainted 5.14.0-rc2-syzkaller #0 [ 880.993444][T32286] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 [ 881.027125][T32286] Call Trace: [ 881.035118][T32286] dump_stack_lvl+0xcd/0x134 09:55:19 executing program 2: io_setup(0x0, 0x0) io_setup(0x0, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = gettid() r2 = creat(&(0x7f0000000280)='./file0\x00', 0x3) prctl$PR_SET_PTRACER(0x59616d61, r1) write$binfmt_script(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="019d13569783507b111526e44844d8db42d9ff16775fb5927b9efb9eadc13485ab37b27ca02b883874555523373bbfa8605843"], 0x191) write(0xffffffffffffffff, 0x0, 0x0) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000240)={'syz_tun\x00', 0x0}) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) close(r2) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) setresuid(0x0, 0xee00, 0x0) [ 881.043797][T32286] should_fail.cold+0x5/0xa [ 881.062695][T32286] should_failslab+0x5/0x10 [ 881.071036][T32286] kmem_cache_alloc_trace+0x57/0x480 [ 881.079531][T32286] ? __kmalloc+0x22b/0x4d0 [ 881.087500][T32286] alloc_workqueue_attrs+0x38/0x80 [ 881.096930][T32286] apply_wqattrs_prepare+0xb4/0x890 [ 881.104844][T32286] apply_workqueue_attrs_locked+0xc1/0x140 [ 881.115364][T32286] alloc_workqueue+0xafb/0xef0 [ 881.124767][T32286] ? _raw_spin_unlock+0x24/0x40 [ 881.133067][T32286] ? workqueue_sysfs_register+0x3e0/0x3e0 [ 881.142168][T32286] ? memcpy+0x39/0x60 [ 881.148878][T32286] ? loop_configure+0x416/0x1580 [ 881.156222][T32286] loop_configure+0x4d8/0x1580 [ 881.163836][T32286] lo_ioctl+0x403/0x1600 [ 881.170501][T32286] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 881.181568][T32286] ? loop_set_status_old+0x250/0x250 [ 881.190886][T32286] ? avc_ss_reset+0x170/0x170 [ 881.199331][T32286] ? kfree+0x1cc/0x2c0 [ 881.205674][T32286] ? tomoyo_path_number_perm+0x441/0x590 [ 881.215723][T32286] ? lockdep_hardirqs_on+0x79/0x100 [ 881.224337][T32286] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 881.235926][T32286] ? tomoyo_path_number_perm+0x24e/0x590 [ 881.244093][T32286] ? selinux_file_ioctl+0x10f/0x5d0 [ 881.251930][T32286] ? selinux_inode_getsecctx+0x90/0x90 [ 881.259794][T32286] ? loop_set_status_old+0x250/0x250 [ 881.267957][T32286] blkdev_ioctl+0x2a1/0x6d0 [ 881.276382][T32286] ? blkdev_common_ioctl+0x1830/0x1830 [ 881.287917][T32286] ? __fget_files+0x23d/0x3e0 [ 881.297468][T32286] block_ioctl+0xf9/0x140 [ 881.306672][T32286] ? bd_unlink_disk_holder+0x430/0x430 [ 881.315518][T32286] __x64_sys_ioctl+0x193/0x200 [ 881.323759][T32286] do_syscall_64+0x35/0xb0 [ 881.332669][T32286] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 881.342431][T32286] RIP: 0033:0x4663a7 [ 881.348348][T32286] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 881.378254][T32286] RSP: 002b:00007f275d915f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 881.392791][T32286] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 00000000004663a7 [ 881.405116][T32286] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 881.418376][T32286] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 881.430492][T32286] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 881.443247][T32286] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 09:55:20 executing program 0: io_setup(0x0, 0x0) io_setup(0x0, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = gettid() r2 = creat(&(0x7f0000000280)='./file0\x00', 0x3) prctl$PR_SET_PTRACER(0x59616d61, r1) write$binfmt_script(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="019d13569783507b111526e44844d8db42d9ff16775fb5927b9efb9eadc13485ab37b27ca02b883874555523373bbfa8605843"], 0x191) write(0xffffffffffffffff, 0x0, 0x0) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000240)={'syz_tun\x00', 0x0}) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) close(r2) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) setresuid(0x0, 0xee00, 0x0) 09:55:20 executing program 1 (fault-call:0 fault-nth:36): syz_mount_image$cramfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="453dcd28002000000300000000000000436f6d7072657373656420524f4d46537d359c1c000000000600000008000000436f6d70726573736564000000000000c0415cf968000053c0040000ed815cf964000053c30d000066696c652e636f6c64000000ed415cf928000053420b000066696c6530000000ed815cf90a0000534214000066696c6531000000ed815cf928230053c215000066696c6532000000ed815cf928230053c215000066696c6533000000ed815cf91a040053420f000066696c6530000000ffa15cf9260000534211000066696c6531000000f4000000789c2baeacca4eccc9492d2aa61d030085492b1f13010000789c2baeacca4eccc9492d2a1e658c324619a30c1803005565c4a20041010000789cd32fc92dd02faeacd2cdcc4d4c4f4d4fcd3330373235b330b434d54fcbcc4935809000fab10c590000005a010000789c2baeacca4eccc9492d2a0600181e045500008301000093010000789cedc1010d000000c2a0f74f6d0e37a00000000000000080770320000001789c63601805a360141002000328000100"/416, 0x1a0}], 0x0, &(0x7f0000010200)) 09:55:20 executing program 3: io_setup(0x0, 0x0) io_setup(0x0, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = gettid() r2 = creat(&(0x7f0000000280)='./file0\x00', 0x3) prctl$PR_SET_PTRACER(0x59616d61, r1) write$binfmt_script(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="019d13569783507b111526e44844d8db42d9ff16775fb5927b9efb9eadc13485ab37b27ca02b883874555523373bbfa8605843"], 0x191) write(0xffffffffffffffff, 0x0, 0x0) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000240)={'syz_tun\x00', 0x0}) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) close(r2) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) setresuid(0x0, 0xee00, 0x0) [ 881.706677][T32303] FAULT_INJECTION: forcing a failure. [ 881.706677][T32303] name failslab, interval 1, probability 0, space 0, times 0 [ 881.762463][T32303] CPU: 3 PID: 32303 Comm: syz-executor.1 Not tainted 5.14.0-rc2-syzkaller #0 [ 881.780050][T32303] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 09:55:20 executing program 0: io_setup(0x0, 0x0) io_setup(0x0, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = gettid() r2 = creat(&(0x7f0000000280)='./file0\x00', 0x3) prctl$PR_SET_PTRACER(0x59616d61, r1) write$binfmt_script(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="019d13569783507b111526e44844d8db42d9ff16775fb5927b9efb9eadc13485ab37b27ca02b883874555523373bbfa8605843"], 0x191) write(0xffffffffffffffff, 0x0, 0x0) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000240)={'syz_tun\x00', 0x0}) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) close(r2) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) setresuid(0x0, 0xee00, 0x0) [ 881.797370][T32303] Call Trace: [ 881.804203][T32303] dump_stack_lvl+0xcd/0x134 [ 881.812576][T32303] should_fail.cold+0x5/0xa [ 881.819536][T32303] should_failslab+0x5/0x10 [ 881.828846][T32303] kmem_cache_alloc_trace+0x57/0x480 [ 881.837347][T32303] alloc_workqueue_attrs+0x38/0x80 [ 881.846330][T32303] apply_wqattrs_prepare+0xbc/0x890 [ 881.853862][T32303] apply_workqueue_attrs_locked+0xc1/0x140 [ 881.862112][T32303] alloc_workqueue+0xafb/0xef0 [ 881.870361][T32303] ? _raw_spin_unlock+0x24/0x40 [ 881.878790][T32303] ? workqueue_sysfs_register+0x3e0/0x3e0 [ 881.887733][T32303] ? memcpy+0x39/0x60 [ 881.893512][T32303] ? loop_configure+0x416/0x1580 [ 881.901035][T32303] loop_configure+0x4d8/0x1580 [ 881.908297][T32303] lo_ioctl+0x403/0x1600 [ 881.915122][T32303] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 881.925110][T32303] ? loop_set_status_old+0x250/0x250 [ 881.932535][T32303] ? avc_ss_reset+0x170/0x170 [ 881.938976][T32303] ? kfree+0x1cc/0x2c0 [ 881.947688][T32303] ? tomoyo_path_number_perm+0x441/0x590 [ 881.957408][T32303] ? lockdep_hardirqs_on+0x79/0x100 [ 881.967998][T32303] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 881.979866][T32303] ? tomoyo_path_number_perm+0x24e/0x590 [ 881.991799][T32303] ? selinux_file_ioctl+0x10f/0x5d0 [ 881.999811][T32303] ? selinux_inode_getsecctx+0x90/0x90 [ 882.008631][T32303] ? loop_set_status_old+0x250/0x250 [ 882.015954][T32303] blkdev_ioctl+0x2a1/0x6d0 [ 882.022396][T32303] ? blkdev_common_ioctl+0x1830/0x1830 [ 882.031153][T32303] ? __fget_files+0x23d/0x3e0 [ 882.038179][T32303] block_ioctl+0xf9/0x140 [ 882.044954][T32303] ? bd_unlink_disk_holder+0x430/0x430 [ 882.051917][T32303] __x64_sys_ioctl+0x193/0x200 [ 882.058285][T32303] do_syscall_64+0x35/0xb0 [ 882.064409][T32303] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 882.072317][T32303] RIP: 0033:0x4663a7 [ 882.077618][T32303] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 882.111648][T32303] RSP: 002b:00007f275d915f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 882.123812][T32303] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 00000000004663a7 [ 882.137580][T32303] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 882.148993][T32303] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff 09:55:20 executing program 3: io_setup(0x0, 0x0) io_setup(0x0, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = gettid() r2 = creat(&(0x7f0000000280)='./file0\x00', 0x3) prctl$PR_SET_PTRACER(0x59616d61, r1) write$binfmt_script(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="019d13569783507b111526e44844d8db42d9ff16775fb5927b9efb9eadc13485ab37b27ca02b883874555523373bbfa8605843"], 0x191) write(0xffffffffffffffff, 0x0, 0x0) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000240)={'syz_tun\x00', 0x0}) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) close(r2) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) setresuid(0x0, 0xee00, 0x0) [ 882.159838][T32303] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 882.171379][T32303] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 09:55:20 executing program 1 (fault-call:0 fault-nth:37): syz_mount_image$cramfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="453dcd28002000000300000000000000436f6d7072657373656420524f4d46537d359c1c000000000600000008000000436f6d70726573736564000000000000c0415cf968000053c0040000ed815cf964000053c30d000066696c652e636f6c64000000ed415cf928000053420b000066696c6530000000ed815cf90a0000534214000066696c6531000000ed815cf928230053c215000066696c6532000000ed815cf928230053c215000066696c6533000000ed815cf91a040053420f000066696c6530000000ffa15cf9260000534211000066696c6531000000f4000000789c2baeacca4eccc9492d2aa61d030085492b1f13010000789c2baeacca4eccc9492d2a1e658c324619a30c1803005565c4a20041010000789cd32fc92dd02faeacd2cdcc4d4c4f4d4fcd3330373235b330b434d54fcbcc4935809000fab10c590000005a010000789c2baeacca4eccc9492d2a0600181e045500008301000093010000789cedc1010d000000c2a0f74f6d0e37a00000000000000080770320000001789c63601805a360141002000328000100"/416, 0x1a0}], 0x0, &(0x7f0000010200)) 09:55:20 executing program 2: io_setup(0x0, 0x0) io_setup(0x0, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = gettid() r2 = creat(&(0x7f0000000280)='./file0\x00', 0x3) prctl$PR_SET_PTRACER(0x59616d61, r1) write$binfmt_script(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="019d13569783507b111526e44844d8db42d9ff16775fb5927b9efb9eadc13485ab37b27ca02b883874555523373bbfa8605843"], 0x191) write(0xffffffffffffffff, 0x0, 0x0) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000240)={'syz_tun\x00', 0x0}) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) close(r2) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) setresuid(0x0, 0xee00, 0x0) [ 882.338618][T32316] FAULT_INJECTION: forcing a failure. [ 882.338618][T32316] name failslab, interval 1, probability 0, space 0, times 0 [ 882.367877][T32316] CPU: 0 PID: 32316 Comm: syz-executor.1 Not tainted 5.14.0-rc2-syzkaller #0 [ 882.389635][T32316] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 [ 882.405725][T32316] Call Trace: [ 882.411125][T32316] dump_stack_lvl+0xcd/0x134 [ 882.417552][T32316] should_fail.cold+0x5/0xa [ 882.424332][T32316] should_failslab+0x5/0x10 [ 882.430899][T32316] kmem_cache_alloc_node+0x68/0x590 [ 882.438944][T32316] alloc_unbound_pwq+0x4a5/0xcd0 [ 882.446109][T32316] apply_wqattrs_prepare+0x2b6/0x890 [ 882.455170][T32316] apply_workqueue_attrs_locked+0xc1/0x140 [ 882.463645][T32316] alloc_workqueue+0xafb/0xef0 [ 882.470520][T32316] ? _raw_spin_unlock+0x24/0x40 [ 882.476999][T32316] ? workqueue_sysfs_register+0x3e0/0x3e0 [ 882.486641][T32316] ? memcpy+0x39/0x60 [ 882.492166][T32316] ? loop_configure+0x416/0x1580 [ 882.499340][T32316] loop_configure+0x4d8/0x1580 09:55:21 executing program 0: io_setup(0x0, 0x0) io_setup(0x0, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = gettid() r2 = creat(&(0x7f0000000280)='./file0\x00', 0x3) prctl$PR_SET_PTRACER(0x59616d61, r1) write$binfmt_script(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="019d13569783507b111526e44844d8db42d9ff16775fb5927b9efb9eadc13485ab37b27ca02b883874555523373bbfa8605843"], 0x191) write(0xffffffffffffffff, 0x0, 0x0) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000240)={'syz_tun\x00', 0x0}) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) close(r2) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) setresuid(0x0, 0xee00, 0x0) [ 882.506088][T32316] lo_ioctl+0x403/0x1600 [ 882.513121][T32316] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 882.522486][T32316] ? loop_set_status_old+0x250/0x250 [ 882.531223][T32316] ? avc_ss_reset+0x170/0x170 [ 882.537777][T32316] ? kfree+0x1cc/0x2c0 [ 882.544129][T32316] ? tomoyo_path_number_perm+0x441/0x590 [ 882.552451][T32316] ? lockdep_hardirqs_on+0x79/0x100 [ 882.561132][T32316] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 882.571739][T32316] ? tomoyo_path_number_perm+0x24e/0x590 [ 882.579227][T32316] ? selinux_file_ioctl+0x10f/0x5d0 [ 882.586718][T32316] ? selinux_inode_getsecctx+0x90/0x90 [ 882.593830][T32316] ? loop_set_status_old+0x250/0x250 [ 882.601873][T32316] blkdev_ioctl+0x2a1/0x6d0 [ 882.608216][T32316] ? blkdev_common_ioctl+0x1830/0x1830 [ 882.617251][T32316] ? __fget_files+0x23d/0x3e0 [ 882.624716][T32316] block_ioctl+0xf9/0x140 [ 882.631079][T32316] ? bd_unlink_disk_holder+0x430/0x430 [ 882.638985][T32316] __x64_sys_ioctl+0x193/0x200 [ 882.647127][T32316] do_syscall_64+0x35/0xb0 [ 882.654626][T32316] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 882.664355][T32316] RIP: 0033:0x4663a7 [ 882.670347][T32316] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 882.704228][T32316] RSP: 002b:00007f275d915f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 882.720882][T32316] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 00000000004663a7 [ 882.736260][T32316] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 882.748132][T32316] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 882.761325][T32316] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 882.779524][T32316] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 09:55:21 executing program 3: io_setup(0x0, 0x0) io_setup(0x0, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = gettid() r2 = creat(&(0x7f0000000280)='./file0\x00', 0x3) prctl$PR_SET_PTRACER(0x59616d61, r1) write$binfmt_script(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="019d13569783507b111526e44844d8db42d9ff16775fb5927b9efb9eadc13485ab37b27ca02b883874555523373bbfa8605843"], 0x191) write(0xffffffffffffffff, 0x0, 0x0) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000240)={'syz_tun\x00', 0x0}) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) close(r2) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) setresuid(0x0, 0xee00, 0x0) 09:55:21 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001040)=@bridge_setlink={0x40, 0x10, 0x1, 0x0, 0x0, {}, [@IFLA_AF_SPEC={0x20, 0x1a, 0x0, 0x1, [@AF_INET={0x10, 0x2, 0x0, 0x1, {0x7, 0x1, 0x0, 0x1, [{0x8}]}}, @AF_INET6={0xc, 0xa, 0x0, 0x1, [@IFLA_INET6_ADDR_GEN_MODE={0x5}]}]}]}, 0x40}}, 0x0) 09:55:21 executing program 1 (fault-call:0 fault-nth:38): syz_mount_image$cramfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="453dcd28002000000300000000000000436f6d7072657373656420524f4d46537d359c1c000000000600000008000000436f6d70726573736564000000000000c0415cf968000053c0040000ed815cf964000053c30d000066696c652e636f6c64000000ed415cf928000053420b000066696c6530000000ed815cf90a0000534214000066696c6531000000ed815cf928230053c215000066696c6532000000ed815cf928230053c215000066696c6533000000ed815cf91a040053420f000066696c6530000000ffa15cf9260000534211000066696c6531000000f4000000789c2baeacca4eccc9492d2aa61d030085492b1f13010000789c2baeacca4eccc9492d2a1e658c324619a30c1803005565c4a20041010000789cd32fc92dd02faeacd2cdcc4d4c4f4d4fcd3330373235b330b434d54fcbcc4935809000fab10c590000005a010000789c2baeacca4eccc9492d2a0600181e045500008301000093010000789cedc1010d000000c2a0f74f6d0e37a00000000000000080770320000001789c63601805a360141002000328000100"/416, 0x1a0}], 0x0, &(0x7f0000010200)) 09:55:21 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001040)=@bridge_setlink={0x40, 0x10, 0x1, 0x0, 0x0, {}, [@IFLA_AF_SPEC={0x20, 0x1a, 0x0, 0x1, [@AF_INET={0x10, 0x2, 0x0, 0x1, {0x7, 0x1, 0x0, 0x1, [{0x8}]}}, @AF_INET6={0xc, 0xa, 0x0, 0x1, [@IFLA_INET6_ADDR_GEN_MODE={0x5}]}]}]}, 0x40}}, 0x0) [ 883.025243][T32335] FAULT_INJECTION: forcing a failure. [ 883.025243][T32335] name failslab, interval 1, probability 0, space 0, times 0 [ 883.065683][T32335] CPU: 1 PID: 32335 Comm: syz-executor.1 Not tainted 5.14.0-rc2-syzkaller #0 [ 883.092765][T32335] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 [ 883.106106][T32335] Call Trace: [ 883.110816][T32335] dump_stack_lvl+0xcd/0x134 [ 883.119048][T32335] should_fail.cold+0x5/0xa [ 883.140870][T32335] should_failslab+0x5/0x10 [ 883.147678][T32335] kmem_cache_alloc+0x58/0x540 [ 883.155119][T32335] ? kernfs_add_one+0x36a/0x4c0 [ 883.162256][T32335] __kernfs_new_node+0xd4/0x8b0 [ 883.170141][T32335] ? kernfs_path_from_node+0x60/0x60 [ 883.178596][T32335] ? __mutex_unlock_slowpath+0xe2/0x610 09:55:21 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001040)=@bridge_setlink={0x40, 0x10, 0x1, 0x0, 0x0, {}, [@IFLA_AF_SPEC={0x20, 0x1a, 0x0, 0x1, [@AF_INET={0x10, 0x2, 0x0, 0x1, {0x7, 0x1, 0x0, 0x1, [{0x8}]}}, @AF_INET6={0xc, 0xa, 0x0, 0x1, [@IFLA_INET6_ADDR_GEN_MODE={0x5}]}]}]}, 0x40}}, 0x0) [ 883.186744][T32335] ? wait_for_completion_io+0x280/0x280 09:55:21 executing program 0: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x2, &(0x7f0000000200)=ANY=[@ANYBLOB="850000000700000095"], &(0x7f0000000180)='syzkaller\x00', 0x2, 0xe5, &(0x7f0000000000)=""/229, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) [ 883.195560][T32335] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 883.209407][T32335] ? kernfs_next_descendant_post+0x1a3/0x290 [ 883.221896][T32335] kernfs_new_node+0x93/0x120 [ 883.228921][T32335] __kernfs_create_file+0x51/0x350 [ 883.235933][T32335] sysfs_add_file_mode_ns+0x226/0x540 [ 883.243862][T32335] internal_create_group+0x328/0xb20 [ 883.251553][T32335] ? sysfs_remove_group+0x170/0x170 [ 883.259574][T32335] ? __sanitizer_cov_trace_cmp1+0x22/0x80 09:55:21 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001040)=@bridge_setlink={0x40, 0x10, 0x1, 0x0, 0x0, {}, [@IFLA_AF_SPEC={0x20, 0x1a, 0x0, 0x1, [@AF_INET={0x10, 0x2, 0x0, 0x1, {0x7, 0x1, 0x0, 0x1, [{0x8}]}}, @AF_INET6={0xc, 0xa, 0x0, 0x1, [@IFLA_INET6_ADDR_GEN_MODE={0x5}]}]}]}, 0x40}}, 0x0) [ 883.266215][T32335] ? __loop_update_dio+0x2d2/0x690 [ 883.278095][T32335] loop_configure+0xc3b/0x1580 [ 883.287591][T32335] lo_ioctl+0x403/0x1600 [ 883.296040][T32335] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 883.307294][T32335] ? loop_set_status_old+0x250/0x250 [ 883.317147][T32335] ? avc_ss_reset+0x170/0x170 [ 883.326054][T32335] ? kfree+0x1cc/0x2c0 09:55:21 executing program 0: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x2, &(0x7f0000000200)=ANY=[@ANYBLOB="850000000700000095"], &(0x7f0000000180)='syzkaller\x00', 0x2, 0xe5, &(0x7f0000000000)=""/229, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) [ 883.333705][T32335] ? tomoyo_path_number_perm+0x441/0x590 [ 883.344537][T32335] ? lockdep_hardirqs_on+0x79/0x100 [ 883.354153][T32335] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 883.365876][T32335] ? tomoyo_path_number_perm+0x24e/0x590 [ 883.376287][T32335] ? selinux_file_ioctl+0x10f/0x5d0 [ 883.385375][T32335] ? selinux_inode_getsecctx+0x90/0x90 [ 883.396301][T32335] ? loop_set_status_old+0x250/0x250 [ 883.406307][T32335] blkdev_ioctl+0x2a1/0x6d0 [ 883.414091][T32335] ? blkdev_common_ioctl+0x1830/0x1830 [ 883.424402][T32335] ? __fget_files+0x23d/0x3e0 [ 883.433076][T32335] block_ioctl+0xf9/0x140 [ 883.440097][T32335] ? bd_unlink_disk_holder+0x430/0x430 [ 883.449427][T32335] __x64_sys_ioctl+0x193/0x200 [ 883.458817][T32335] do_syscall_64+0x35/0xb0 [ 883.464986][T32335] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 883.474897][T32335] RIP: 0033:0x4663a7 [ 883.480286][T32335] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 883.508920][T32335] RSP: 002b:00007f275d915f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 883.520718][T32335] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 00000000004663a7 [ 883.532013][T32335] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 883.544265][T32335] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 883.557562][T32335] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 883.570671][T32335] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 883.589644][T32335] loop1: detected capacity change from 0 to 16 [ 883.615598][T32335] MTD: Attempt to mount non-MTD device "/dev/loop1" [ 883.808583][ T51] audit: type=1800 audit(1626688522.329:196): pid=32332 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed comm="syz-executor.3" name="file0" dev="sda1" ino=13958 res=0 errno=0 09:55:22 executing program 3: io_setup(0x0, 0x0) io_setup(0x0, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = gettid() r2 = creat(&(0x7f0000000280)='./file0\x00', 0x3) prctl$PR_SET_PTRACER(0x59616d61, r1) write$binfmt_script(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="019d13569783507b111526e44844d8db42d9ff16775fb5927b9efb9eadc13485ab37b27ca02b883874555523373bbfa8605843"], 0x191) write(0xffffffffffffffff, 0x0, 0x0) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000240)={'syz_tun\x00', 0x0}) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) close(r2) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) setresuid(0x0, 0xee00, 0x0) 09:55:22 executing program 2: r0 = socket$inet(0x2b, 0x801, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040), 0x4) 09:55:22 executing program 0: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x2, &(0x7f0000000200)=ANY=[@ANYBLOB="850000000700000095"], &(0x7f0000000180)='syzkaller\x00', 0x2, 0xe5, &(0x7f0000000000)=""/229, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) 09:55:22 executing program 1 (fault-call:0 fault-nth:39): syz_mount_image$cramfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="453dcd28002000000300000000000000436f6d7072657373656420524f4d46537d359c1c000000000600000008000000436f6d70726573736564000000000000c0415cf968000053c0040000ed815cf964000053c30d000066696c652e636f6c64000000ed415cf928000053420b000066696c6530000000ed815cf90a0000534214000066696c6531000000ed815cf928230053c215000066696c6532000000ed815cf928230053c215000066696c6533000000ed815cf91a040053420f000066696c6530000000ffa15cf9260000534211000066696c6531000000f4000000789c2baeacca4eccc9492d2aa61d030085492b1f13010000789c2baeacca4eccc9492d2a1e658c324619a30c1803005565c4a20041010000789cd32fc92dd02faeacd2cdcc4d4c4f4d4fcd3330373235b330b434d54fcbcc4935809000fab10c590000005a010000789c2baeacca4eccc9492d2a0600181e045500008301000093010000789cedc1010d000000c2a0f74f6d0e37a00000000000000080770320000001789c63601805a360141002000328000100"/416, 0x1a0}], 0x0, &(0x7f0000010200)) [ 883.904102][T32359] loop1: detected capacity change from 0 to 16 [ 883.915679][T32359] FAULT_INJECTION: forcing a failure. [ 883.915679][T32359] name failslab, interval 1, probability 0, space 0, times 0 [ 883.938257][T32359] CPU: 1 PID: 32359 Comm: syz-executor.1 Not tainted 5.14.0-rc2-syzkaller #0 09:55:22 executing program 0: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x2, &(0x7f0000000200)=ANY=[@ANYBLOB="850000000700000095"], &(0x7f0000000180)='syzkaller\x00', 0x2, 0xe5, &(0x7f0000000000)=""/229, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78) [ 883.951556][T32359] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 [ 883.965675][T32359] Call Trace: [ 883.971043][T32359] dump_stack_lvl+0xcd/0x134 [ 883.978450][T32359] should_fail.cold+0x5/0xa [ 883.986713][T32359] should_failslab+0x5/0x10 [ 883.994469][T32359] kmem_cache_alloc_node_trace+0x6e/0x5d0 [ 884.003946][T32359] ? rcu_read_lock_sched_held+0x3a/0x70 [ 884.013213][T32359] __kmalloc_node_track_caller+0x38/0x60 [ 884.021394][T32359] __alloc_skb+0xde/0x340 [ 884.028262][T32359] alloc_uevent_skb+0x7b/0x210 [ 884.035294][T32359] kobject_uevent_env+0xb09/0x1650 09:55:22 executing program 2: r0 = socket$inet(0x2b, 0x801, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040), 0x4) [ 884.043439][T32359] ? __sanitizer_cov_trace_cmp1+0x22/0x80 [ 884.057774][T32359] ? __loop_update_dio+0x2d2/0x690 [ 884.065885][T32359] loop_configure+0x1240/0x1580 09:55:22 executing program 2: r0 = socket$inet(0x2b, 0x801, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040), 0x4) [ 884.075244][T32359] lo_ioctl+0x403/0x1600 [ 884.082992][T32359] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 884.094181][T32359] ? loop_set_status_old+0x250/0x250 [ 884.103017][T32359] ? avc_ss_reset+0x170/0x170 [ 884.110247][T32359] ? kfree+0x1cc/0x2c0 [ 884.115989][T32359] ? tomoyo_path_number_perm+0x441/0x590 [ 884.125818][T32359] ? lockdep_hardirqs_on+0x79/0x100 09:55:22 executing program 0: r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$RNDADDENTROPY(r0, 0x40085203, &(0x7f0000000040)={0x0, 0x100000}) [ 884.134482][T32359] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 884.143652][T32359] ? tomoyo_path_number_perm+0x24e/0x590 [ 884.157693][T32359] ? selinux_file_ioctl+0x10f/0x5d0 [ 884.164764][T32359] ? selinux_inode_getsecctx+0x90/0x90 [ 884.174085][T32359] ? loop_set_status_old+0x250/0x250 [ 884.182539][T32359] blkdev_ioctl+0x2a1/0x6d0 [ 884.188678][T32359] ? blkdev_common_ioctl+0x1830/0x1830 [ 884.196155][T32359] ? __fget_files+0x23d/0x3e0 [ 884.202944][T32359] block_ioctl+0xf9/0x140 [ 884.210699][T32359] ? bd_unlink_disk_holder+0x430/0x430 [ 884.219344][T32359] __x64_sys_ioctl+0x193/0x200 [ 884.228009][T32359] do_syscall_64+0x35/0xb0 [ 884.235000][T32359] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 884.244695][T32359] RIP: 0033:0x4663a7 [ 884.250408][T32359] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 884.280667][T32359] RSP: 002b:00007f275d915f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 884.294659][T32359] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 00000000004663a7 [ 884.307722][T32359] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 884.322071][T32359] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 884.335773][T32359] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 884.348323][T32359] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 [ 884.371203][T32359] MTD: Attempt to mount non-MTD device "/dev/loop1" 09:55:22 executing program 3: io_setup(0x0, 0x0) io_setup(0x0, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = gettid() r2 = creat(&(0x7f0000000280)='./file0\x00', 0x3) prctl$PR_SET_PTRACER(0x59616d61, r1) write$binfmt_script(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="019d13569783507b111526e44844d8db42d9ff16775fb5927b9efb9eadc13485ab37b27ca02b883874555523373bbfa8605843"], 0x191) write(0xffffffffffffffff, 0x0, 0x0) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000240)={'syz_tun\x00', 0x0}) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) close(r2) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) setresuid(0x0, 0xee00, 0x0) 09:55:22 executing program 2: r0 = socket$inet(0x2b, 0x801, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000040), 0x4) 09:55:22 executing program 1 (fault-call:0 fault-nth:40): syz_mount_image$cramfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x2000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="453dcd28002000000300000000000000436f6d7072657373656420524f4d46537d359c1c000000000600000008000000436f6d70726573736564000000000000c0415cf968000053c0040000ed815cf964000053c30d000066696c652e636f6c64000000ed415cf928000053420b000066696c6530000000ed815cf90a0000534214000066696c6531000000ed815cf928230053c215000066696c6532000000ed815cf928230053c215000066696c6533000000ed815cf91a040053420f000066696c6530000000ffa15cf9260000534211000066696c6531000000f4000000789c2baeacca4eccc9492d2aa61d030085492b1f13010000789c2baeacca4eccc9492d2a1e658c324619a30c1803005565c4a20041010000789cd32fc92dd02faeacd2cdcc4d4c4f4d4fcd3330373235b330b434d54fcbcc4935809000fab10c590000005a010000789c2baeacca4eccc9492d2a0600181e045500008301000093010000789cedc1010d000000c2a0f74f6d0e37a00000000000000080770320000001789c63601805a360141002000328000100"/416, 0x1a0}], 0x0, &(0x7f0000010200)) 09:55:23 executing program 0: r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$RNDADDENTROPY(r0, 0x40085203, &(0x7f0000000040)={0x0, 0x100000}) 09:55:23 executing program 2: r0 = syz_io_uring_setup(0x20b6, &(0x7f0000000380), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000fed000/0x10000)=nil, &(0x7f00000000c0), &(0x7f0000000400)) io_uring_register$IORING_REGISTER_FILES(r0, 0x2, &(0x7f0000000280), 0x41fe) [ 884.658959][T32390] FAULT_INJECTION: forcing a failure. [ 884.658959][T32390] name failslab, interval 1, probability 0, space 0, times 0 [ 884.712831][T32390] CPU: 3 PID: 32390 Comm: syz-executor.1 Not tainted 5.14.0-rc2-syzkaller #0 [ 884.726312][T32390] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 [ 884.738721][T32390] Call Trace: [ 884.743346][T32390] dump_stack_lvl+0xcd/0x134 [ 884.750784][T32390] should_fail.cold+0x5/0xa [ 884.758043][T32390] should_failslab+0x5/0x10 [ 884.769198][T32390] kmem_cache_alloc_node+0x68/0x590 [ 884.776762][T32390] alloc_unbound_pwq+0x4a5/0xcd0 09:55:23 executing program 3: mkdir(&(0x7f0000000400)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r0, &(0x7f0000000140)={0x50, 0x0, r1}, 0x50) syz_fuse_handle_req(r0, &(0x7f00000042c0)="9eda438838743bd4e9720bee57093515dc189a5ea685e9556c1c2c3cfc4df50d66d31a48aa312663b68d18c5826b5b55fb738208863dac0f10f423aee7a5d8ddc45ebdfeb7424bae859d7c37ecfc4b63914d5a56d91017dd22bc84f759a15969951aef9d5c88c96560896988fa18cd946cfcc3a0f1c993348377904eac32c980bdf7976ebca2b499cab63c4e841514277fc71d4620e29a92523402485de0e82896484c0ae497a4d686df23ca7b68c3fd5e624d3510d7f94838e54af877ca58a00c5a672bba11f5aa1ed1980dfef47b9973d0bf456ded5e72f1702b3dc5197fce39cba53a038d8dc0ec783ce70577107dc5e8b299e64a0b7f1191f0926bd25762370191710bab2f44e9069f55f8a3f87e4cb488a2fb3348c0bf3b3874291f83e4776b160ea73aafa3919c7c069c73c0052173a63158db8b65541d161f9c964926ad7f06bdd6cb6a32135b04e35701c2e13c49c1f75dc7a25d623378860692d172ec3f1e1f2d9dc77c015c13721efcb101c2390abb847e871132f472a37cc0163b39b1d575a5444e246a08a1afb1a696cabab29498a314429a3b9f44c43ba29f71fac1fbe0d01c3c16d22730932704bcfb0c1b7a432bc51dd3f5dd5afc3b342cbe6a6ff899039e28f9a51881b1d46fdcf31767cb6f5c5c69ab3c80615d77c4d1664fc4ec831b8cea2e752bbb7a9ce79df875b29f1e232751daf32a1a0c4ff8bd0688e2b8e2d668b8a77e20a9eb6ec2e2c23b94e507baeacbcfa31fb6e1ca3343668f43e3aa6d85e7c29bf0bb4dbdabddc92be7f4a6f5d21b19e6da17bfb6cc926e3847532fae29c7b62fb909130ec372d3c16cfe6aaf3ce2af0fe7610fde7aad61bc80d2f96b999c8ccf6d22cf903ca8ae8b879ec4a416f334982e9810c0140a18d4dc81b5edaae23e9f4abaf40ed71512aebbba5bb251545e188db789558a845a2877b14bdaeec3c738b7d730c0860531bf5517d4f0e8f95ed3571f8a35816d5116fcb8d7cbf42b7d5d5e65541508c898bb2e0fe96297d2ab7135662de39df099ebaed5871111f5346278cee5728cec512e6c0a0d65b51e3d627873195b84103341c2bc83b6c8fdd8ba17f5957413f61c69d618c9b9d0b1f08dc81921b6c662ee1da3bfa019b095e9a03c2db4d645ccb7364e895098cbf7d932c72d80663c7a1694d122f7348393079223c11d36c64a5856eae0397ab9a9d948204b74e56525a9d552dd0916de81cbb5af3c59b3d7f8f9154423ce2cb45a5bc808e24bef13212019a19545fe54ba84d01534358380192b8c7b0eda907810375bb66a578a58fec392b47991271c8367b91d710e8a176bc1a4e96f0e137d4c25fbb03eddc392f9f170dd744472b864fbbae7c93d86e682308b21b73c5652065d72cf02e1152b44024a90a3b52eb0bb3cb412e518d37a68aa4c7f46789c54ab30d3a73d0a8712fde612294cda2aa1ccf164930b9b1d17801d4fbb06e849d39bf2b5141330caa0d2618b616f1c67e1ca57080e79ed9092ba7a55e8121cfc825cd26a0199a479a7ab1b7b23d2a4dd82fa6d04ee41ca680435efc934f0451e865e8632ac2f1115f4cdd33b0fccb7a2326127faf20cba37c828613dba5a98f4e1ad25eb6b91078cf73d873df9ef91531476f64b83559ff7ccdc4c070d478b18196ea05fe8d4ea0216ee5273dfabbd04582f40f064c9781afd2cbf30901f28cd09cc934f1b2d50883778274177e3dba8af0a1b931d80ce1a6c4085780ea2195b65ecfd2953f78a5290fe560d0cd6a5e73890a5a82dc410b92a3ef2be05ec5607820fd4ca6b9c3aa258d59022fdcb21665f1ce4e8aad8fd918c43bd3c2afe3dc223ff9f48831d401c8b6996190793d1dd7551f8511b69283992398d8f9b4bd2b3398d3b8c6f3c5d8b802ca5282b70242df2b7be4b38e70c3065f8da888631375afcc05ce578089c4f783776b286b7a60d1b5e189e2742a3240c1036a953d886885422eef01413c38099b64505fd5a73488acb4e611820674c58ae74d6c64a885d4beda9bd7903bcdc71e3711e2a057c0eab2100c321050ab14c6e453c53182577ad3178603cd9afde40a701120e9a36074fd582428c74e02781318e6c65450f8f020bd22475696fe13b8c59260e53a06d16eabd135e887a0a6bbc8ad21be7661df76fec5b13844f68b8eed1a7379713738beac9f23c7a26520e19797a910cde9fb285179526889b908b7eb49bb06f70f6271fba8712c1a4269ebcf4b7d043e924e3d2c4c753fd7e547d95841e335179836f76424e728810d7f32b78256ea30c79d9238a6588426e1f2d4c0b03d5605bd826ed24f0f11326b4cf958632b86e017aa80e142db1580c44f76d9c98196f3f6852ab2bfc6a01a3553a130c2d171957f5a45c3550fbbc990ef8742a98a86b280a57b9f198ff436bc01161ada50e6f23026c3254adf2321bff7e20aa54080bbb57d8d52c6a6df6107706a2e5bc6da68f17b474c0edd39401d765086e885cf7992405f856557915603cbe8894676e996bbadbb649a5e7498b91f9bd2f697dd9ebbe4d386050258b9f4c94781e61c660651c3f1e3ae51f8c035eca365bf15d6db48ea9ce183515f4a208d010f7c23dcacbd6e225490d7e9c133525f5c9018d752b21b4897bf18b64b6a9936f538a0a8958fc934440aeeaad2b68ac844d76f0900a6c95bd0b353d85d4fb62eb88360112237fd8c636a80e3130b21d66ae8ec58a4b76cba0602f96da919f7e84fd37e3ec2379f58e389a39c78d2482e03c379e3c4649ad63a76e3707ecff07d2fcb0c9dfc524cab49e69a09c92e4f88714335cb57d3f6184d07bef9657280fb5c9fd2d8f940f7ac6c5407e3077aa2e4ba8e217e0ee19e302d6d90e3be05a86dade35d2e454e511afb5cf5936f1d11f2fa6be6ceaa817dbdc7a6aabf2fad8ff3efa8382a25099f0c5989d2ad56ae0f4968b2cfcfc67b4f1c161c75900b4848f59a3c0376dfcb7997bf28e9e85d6dd942a360516de38e1c1a038a796f9a77ff2b0c7e5e8f4932391a0e58e76dacc6f9764178a211dfde3e75d367d2911ff398126ffdf83cf2fbdf1ad5232bed9155f7a168638a572094a9e934d4969b358cf6e121d7fd2aeae2f499068b42c152f0e3403a230885d6f92f038ddaa23499f804ffb06abdbabb51f6c38c92fb1a6271a4b13d6d11125b8ec12efa5907dc65062797fb9cca15e2f254e76b182d3fcdb4e96ac4de36d6df7e7bba5c32f422286b1be3b79bffb6fd693761952d195a84ad9ceb07287a0fbefab9e0347b513c5f60233ccd4b52d90ec144a2f896d9dc7f279f8aa93038f3efa286e1c3006933a4d7183d952f8d28b141b28b2af355b5bd8198dfde1ffb8d09202aff0d16ca3fec194662892a49f829813970a4520f1228aa03d211a45bed3b2e05bf1f10b1a152761e7b6c6ddea863a3c02224256092c70ca70dc185c4c385dd98b09e2682661e1e66f71d9c4037048eb70e8a1cbe57de87ec43713abf5fdcf63b9c482f318e3bec37e878dadbae15a02d731e6c8574eb14c059d72f73be5174add786d06b585a28a06d349d8e434a491b34897b3c1ad786ec8280d7f57edd4fbc6aea5485d659b59d393e331cf91e6ed76f340fcf7cf460892fa7318fc42b883f61d888ad982a751accb613c66661fba5f3d6de751a6a9ef8a4700316aaad04e991aab7903f4ef012ec2a8c092234e74ef335daf360ae47bbd2bbc6ad8c1a4f81efe8bbd703cb55ef36b32b4e30cb5a3b165c02ba295d0e1c40ce6ff8f479a74f01275f113ebfa8ade37a59ce70e6ca2a6f48f1be085f61bf772e2c2da523a2cfe63e99c57bdb1ff23139d4fca49eff7547e9880eefd3f7511a677efa23b52098ba89037c48dfcda2e8c1cfb9f892161049e53f8cee55256279512aecab8c441600dae0fd957883273047cf5c66ba209f830aa2ce0cbe41ca08c0cef4aed7f4324009200661a7ce680e5a8df2d051c1d8b2f63d25d8d74d05c75c46c8f3f24d625539e63459650960498a54ec3b16225bbbf4d3930009df265839d72611f5332a904cdebada108236e4414a2909ad01ec44b9d7f75de4385ad7ca5152e890a0919b3639fd1bcbca3b737ebb8d9ae541b1271cf2166ba15830e66f3d3afd3b754a7f81ad4f0999704ae99c114907c5be4a4797f13b80564f234723a34dbe137dabfd7fa23562df679f54a6ab54def6d63deae9844f72fd73efd0413551f5c4b9ee826eb3b7faf92a59ea34a16723b4fea14d1c8815a4e2d39fc48d1dbce526a7c53f5a96d0ef6463a0cee73fd3505f5c764a264b83c4a21f80e8b61c82d24442d13da99d18dc1b2538e7a510f6093d9ef2bc5cc777d4f98411e93919eddfd69d6e20d227cb61c50f358ea227f4de941fb080c1cf6b1f6e25533768fe133dbfc3f9d29c603bed38aa3c5af5b81a706b0067b40b88f992610d04c7cc36b8f649697cd6a93fae51138161891ae75a7147780fc59af5a6e18c54f9d2a4fe7fa92314b399afba9a40d0cc24f70a2593acf8d179215e06b7a9a88224bafcb2cbf60caf5fe4ff38208a70793b5dc33cd572956260e1c86312d3ba9b3a4b2b44376f2e78c616a6c0880ac8dcbaa30b9f761d500fd03a8518dd0509157b184a2d95e0caf3ffc8ac2db6c54d80c71a1e5b9ea3bf51071e2118af204123daceeb04e4f6f31f32a4d3fbb76ee49440cabda2c121c1b99acab5b87cecc37c3f9066af34ab29d6598bbfd91047a2ac7ce3a8f3027ff5e6d743506f161087278896a98ed37122ba208b61cf54d3929555ab06b564cd5e4f46f4755a6cfa2ef2b30d29ea66f2749d4060d411fa9160c91b6f55cf071ac8222c6313df18759e2958cddfe3db4cbeb9cd39abcf5f0beaecae8437813995cb7ed0b87d42ca942ff7245ece204798d01361c5f008e0d82bdf76660515bc78f7f8f409ccf68614b2cb50f5af2615661326fd971bc57eeeade60ea906b8df1cb0dfafd318cd2c396309c329d0469ca192aa8f51d7c4227685440f073983255baf054b97b9d7be1d1470d7eabd5c09b2116b4e86b0567b7e97e088717a4fe3dbdd310a1c39136ea4d2c47492001f9885dba03bf97e7da376171d666441cdc2f999db137603d57df32b4260fa0165e82917bb1631ea314e7a7437e66fc68cef22cda8f456d6e583f6e3237e0bc79987a9103f7cf0918e26881f67ea582e1ff3a49177599d385bf6e42572a2547933aeddb826530e9adf30dd84c3a7fae5c4c26f6c6f3a9f0906decd314e2407825abef959c5416d18a92ff34e6c521a16e8a0a29937c77d4ee99b41d530a732acbe0bf5d274df9d496b47a9a624546bdcf9976cde12ec989cb2a70b33a7c8a3a77652023164695f9db30dfcf587f0cd4f73e385730bcbdd688f6dcb08ba0efbb9f579220afefa4acfea522e864fce9b1782ce9f14824d16e9d33a2609c23ba3c5a1af02549357a0dcc12e37819d778021762cf895abeac1125b744c8b8225a091e7be9ded9993cfa3ca9abb83e25c8f559009977a2ed9374a89619fae5ef6d164bb73d242004dc8428e44689b33ee3bbe88bb4962ab0a32a90e7aea044f08410752cb2d7aeaf3196648a3a99092665b478bb394b48f79b36db0efc7f50d6a5179c945f5298cfaac5e5dea715296f92abce7281d48a0c9c6b785a35ef5f1697c047ddb254fe9a8ab9f498b0c1ae09ffd01a3d8d427fee7e36c51e0e5c2fee2245fb8464626ab5c9857ebce91f7d22bf024d10c2d71021cd69268472de419e6cefd970cc3a8e4d1bbe6496799aa7f100411766e712aff08b731460f14f9d7356db12cf8e1c6121968dc68b1d81c086b325ca4ce6fe1f476707e08fa913144b757c6be17cf93150db29544d207f09a896f33b7335d9339215da751e7af2c6bdd19db6f521af2c8a5998dc607f97026d07111488741134c1c86eba123273d1fd5ee4b471e86f9ae9478a04c7482076ab34a1eca5c64f89e5106eed44bceec019c67c12fb4db4fdac153f4ac3b63ffeb6d30de58ec039e2dd3c181e254cd94d0a2b0b44490384cc5915b54ee1db2b6d059879bf8126c9ca976d0f7862da07ecd350930a081810a7afd72b2ad3f65b96ae9c7f91227a2b5513a559f36b90fe01be9ae5ad3ca65e2c26f358fc26b858a3633fda7ae49a5fb705220a5819b3cca41b1ccc21d7c40f5fa9c422288efa5394e4312675899d704a2aab62b8363f58fd4bc12a8bea6ffc45b4414237bf5f019321206dbba439acb5ef26641f30fdac20f964354bce94e4c9d73e137f9806deefaf6f4acaa0e76ad4fef9f6cb7fc01bbabda9612c05adbe46afcf94819e8a4b4b49ff764784fa432d47fb6d4230900043d1b4521cd6839fe8c5df4d1899fdfb13880e207cac73f0a29020bdd563bd9c2f6bcd1ec523b3e03ebf6164fc65af001830c51396f9df2d346f83a59cfc82201cf1150ea57259d579fc2ed199b3fbe42d5188c84e4354610743e5b23a265246313cc63913f17412fa00d98b379b80b96d936969572e11316bc8926cb23115186f3b2387b82c3898fa41bf16a308da62d5a3eb3609af1943fddde08a4036eb2a41b7292caad9eb082614b02a1fa255bc7abd4d0e3b4ec1801e131e68c7aa9da1a0ff10f9de87dec8fad1ad8bfa99caa49e203a7b9c33e044d4544a537471e7a452468b821959bc488c6b8cbf81e90081a26de273ad1203cc06adb6af242ab19f96c1c66b58c37e2c9309704fba63af99a8d9c5efc651afb631fe9f546b938cc3b8e526c4159e5c9f7afb29fd1d55fabf09367ce2a63a35e7a2062d1c772ed981fd77157a847f687a177cf9886ce41df8cc509302b46bc1e2ba896b1c1656a1bbfdf4cd9ac39cf8510d1c823075f16550fd044aacc8d42a56f03718f7b18475cdc3999faeb25ab3dd8a807ee04d8e5d831d08b4e309dff50330685138797e10c6362636f53f22bfc1f3d5090a5d369282d9de36bb4e2505411ccc6ea395afa1567b15a2fb4be2adeea7126b1a8e80034105e0d98bdd78e796ce1cdc06a4ae666fc0baec5c52614340ed997673e26ec47c88846c000bb7c9077337cd44f5c041fdcc64986e5e1c0f488148f0ee6f842c44c0b72e82109270341bba6e9080b70fcf930d0f10be5a36798e70111fed72727b72282ff164fc08319d74f1f57cde71b57cb397a9e753f87b97729bafba017a24cbfdee5dfe7fc296c112e93bb8fce560ca80a3afd8370baaa79ad783b51352b5440b144a47378c9ae22eda5794328e95bcca220fd07bb56915529b155c61858efe89ad36a79288e74c0e251addcfaf797432175a5562b46eff5e3aebeb74623e18beef85389383c604d8884431b07dc4bea0174aadc337ff41f558a63f16690feae47efa2a5d1318b7397e1e4ba398727d286791b71610e1d78d32800e7e113c12abf0f60b6ca4401ecd23b7aacd990633b2b017daf6bfef1b2361ece74b7dbcbb1a73d4bc1f9d2e5c9fb0b7980d25cc44d1b10c09ef5a6a05c84669294a5cadf0cd88ab449f9f0bcdd8c48590d416c5c1feaa494a2145949c2a3373df7c6014225f2745bbeb20ff294d22c0d96ca111e6926946207cab56a03162a49e68968e398f70690188ee3ca847ef421742d60b9a6ad029e8a3d607950b2bf8ad8ff297cb39acc94905635770436e134435e28205140331b5100d9f64469792fffac87bca0835cbc617446ff86a7b50418c305f32e658b32130e491e38709fd3697017ac8084cdf1ed81a28375aed092ab4e32ca88a933154dd3a9e99351acbada926b67b310c7070ac1a414a28c5abfe1f45476249a12f18ca2d981528d881ed3c5072e46a6eff3cdf37dcbc89c7f79c88a1f8d15d15beb66a0e4440c7b93e379c4e2bac1d5c8e85f1852887e2cfeb178fba1c67dc2adb0c87df8ca4444ca7f455509f492effb5001328b8cc696e2933207a2d78bbce8562ca34a248193c914406b161c8141479d891b0c6110ec1e25cad38299b489f2ec437017cadba67dcb58abd4933c95b35707118e47b8701a7d71e446e4b62e2941d4281faca0cf22914be5aad80f47102b178a6ceb24e82508fe55a92fb6db70d03d1c1ec09cfee31639341756a4630a0eaaecac7bfbddf9d30c42cbd45eb181d5bd341307ad26f496bb042e2b655c03ac3dcc587acbf50f79b5c239be9938b62d3251b199f8413b020605d5d0552cfd9c39c9132719d6d0a326b000e12fcb51bc274df79d11430060d05978cdd50583f1bca82c57dbee605e2d00fcb5414af13a596d35cb5ba62de6a28cbccc857d23547b1c7fd5ac8fbf6758d5b8451fa46d9acc00344dc2e565674b1dd3547eb8f8aa5fff99042f8d1d59e6ad2f53379211e6832fcb68f5777eb2db85b28f724f4e4ce6342cf55713ff7b0cb4f7f47dd12a6566b86709eaefae024373267ce72a89e7f3e42ab48edcccc96b5d0403fe93a927e5ccf470014f220b8257393226cd7b996f20e6a34f81206733a9fdce03b701943c1b560d3eab68c2c225cf7f7f2b56123be2bb173e9e5b37f4d3348f6b987764ad07c2acd44514ff264d7eda31e5e517a179414841ad4553d51c08f435e05f10aa82d74b97a9ba3a133e6c9175fdcd4f3dc9c16d3be1d5bbaf13240177081ac1d56681bfa988a93af09868afd608520c0bfd71d857a6661fdaf6f2e166987eb007449dd26334ae932c5003fefc0f983b9e49cbfcea325f2de16a9ae935caa46f5b3433957fb370971ed957f138f08a60fed5b84995e428e7ae7d5c22021ff016baef0e713a118344c016a99ad469313ba7f2452da0dd82e019f64aa229cf80a69b3e08ac5847f10d247179855546313232f23e055c2f74ecef14e0fdcc29a9bf0976fbb249bd5c7903183d2a53c70960a183630e7d4928daa7091a85ad987d2a4a5b8f6be6612fa72d9fbb33c67bb38eff19f2e784f94e0354cf6d35a5b2c62233c039de3734b38e97ec72bd673fef09fd56fec329818cc68cdf12cb52f7d37a8350c16e94208880bfcd3e895d7aa4489e3dd15db4a9026f0d2a46f1e89c35845dbd976a1992b87c15a0c7580e6424b8792a7bb7b933d7c5433d4133ba4dbbcf7995d6ed3feaa32f876a287feeb9cc6107778c1f83e0119d980b9e994c2a3ae3de24a103efb3cacb746b49d1ad85746b233ab4aaf0e988ec2a786bc93f32040d3bdc3008031634cdfded5ac95b2279e096243228296591e7ba53c4a127772cc4620e6b238ccad250629194533d0a669ff3366c52d64928693e0b0cbb0b8e2c6029089d4dfe2b4b6c5dcd85f1a02770611e65001e48a32a8b0431a3b9d77fa3a95be38a0436a704c05a8e0183f3214c25531a63796f679bf72885aa766468d42b2543542d7e82544efc5c5e81e6a91a0f5d4e68000cff687d63e45c9a11d4ef515050daa592c9a828ac7c0488e7cdb3d6fdaef5e9176ee68d981ea50d386d74df3b40660351736deb03bfceb721878cf9894b0302df15964242ab6b9f77f98ba1c7993735983d2b022600ab74a19e3636e1400d08ba45d3a5c2774cb06a1c358bbfc11d27efaf7ca53c2e7757c8c76da24707d91a4a5244262898d68083ff91c514d9b9b1ebaa0cb0b10254fda1b1e82b9a1a47f117b5b280ddbec1f6732d11117ef1a7a674699df87fe795d1243cb9c4527e364e2b711b6562a87fafc130ce0baf1701686639b05f0c8dc708f008b1e6ab89e8d623bb83f3d54b7bcdbdacd055ac4eccbd36bbe0af0f65a00e3d6dd985ae8851d176976cfb5816d1fc2a63d3546aecaa4e712ca6961d1f181315d553de6b53485faed0dcfcf819a1ba3badffe797377d3d1ddaed8e7a0acc0c3d277762262a139f94de49faca167b11bf04f2104a5ab9a73367a6461f7124c91a2c4229ef98e6ebde9aac283c7d029400d71293f488ba169b62c1e94689cf5b248ed4aea62b88d65bb764cfe27d5231a58486e7381df518f4ed81cb905108c54a5050a94ca0e94da20d3794bc5fab9127dc95b6404b1e27b4e28136fc27806f7be798444c33aca88ffd45b860eba0d5033839f5a092863954604f1952bd61dad23b11643fe14f3ade08116aa2c13eee701ccd13e506bd65a1060bf69579aea8c8143cd38c0891a3065f251eba0c20ab9c69ddf28e3bd6400cc203bac8de1882239ad4e1b97b0ae2f1abb7bac7c0d8ef82b97ebfb1f5577f06a3a1377b09ada4db87d342f20ab0eca4b9c206042471307511429cb57a578211f92d3647189861cad9145f5eb26ab696abe50a2a6c1b469df97da28aba4e79b586c348a430f5ea61c4be1032fa61d18581f05a07fb8707c8996e0fff1c3eda59b992687fa12483b9327e10224b20d42e8b3fc4670bf070ced602283273d6818acd1f6da567c44d3f5e1377065d43d87d889843ae48e7fa8ba1634815695b8c480ca271e6e833799c70da80fd79acc09b989667a2294de5da73f0363df9a33ad4dab8d27cf7bed0a06838672e3d07d52b6396e9b5576021d5e925abd533bf161c944795065fdd44e8462e3070c479f1c118276653488dd9b2f1a673f8cad3612ca1fab4388ec9c8f834a01a499adb7b3a9a977672f6d75b41bbdd7f91ceb7e7a88568d17bb432be9e4e96e115075bce197ef4754d2914c2c59e2d7f4c08f0dbe34d31f229428f211bf1d7e8f5c319ed4a8273cb6255eb318851ac4557b0278fac63107a54d407c42f300b843a12abd3b893b46c7efac2e388ab42b87aebe2543bd4c15f459bc50aad10ffe1c1196fb52c26e54bdaa7fbd52451f207ffb073ef4b3f71eedd7da40c89505019739e3fa733bcdc84ff4919e8fe2358129ef28291be1d6426b8bafe88463b1d3cd7273745381c7f65221898e6ad361e88b24c54ccc7ac9a830145b6dc096e2d71ef71ec4f03524cb870b724e08d223bdec2f6fdde6200217a13b5136004d455d66547f5a1793e0cad85677d49e5c558852107007c8136812cf021afaf6f7e8f59883371be46cda412dd9c6fcf187c31252ceb5758901d39cd5355ab386d9a7fe6ea46ebf277aaf809c3023211ea9aa189de4d422080ebb9fec50ffab6b95ba4ae5018accc497e79149ed6047ce561ccc10e9194cdccd5c9fb75175c8dbc9d0a916ad59288f010defbbb50d263041ab37aac0f93253bef6f898cd0825d99d27224f26181f9713b8979da64756c95e7505f25a2688960d6155c3613dcc31b6c337a6dbfc6b12cfde1db22b93bbd5e48534fb0bda8b212577a14dcf665c834b0bd24e5f624d2455fe048dbe930328d7cb632db3b0e244bb5d43390b420b15157a339487fc78976f867d3a361aafdd3f50a93c01882da7c220089a544381db22e2c86b228dc2be01820468460437588952a549d37498e529e62aa62bad1580546bcb1e9a6ed1870b7838d05d12f6e3a041e78b1bdb80894626f20889ccb3a468aa4fb24b9c87cbb28623ce59c6b3c6286db366d08004551a25fe4d8d194a2bb7c52e1c85a5fbe4cb15b171489da121bea1c469a6bb185d63213084e3a81ee54dc03a94dc5ecdda7bfaad1df68021aaf4627c9d529f13e5c81b5ee4dd228949ca16b9a61d186211d153294470907557e5e14ae665013f285fe4d3766e7b3d8ce5e2a14692072d4d8f79354bcc8db8a2a36c8bcd", 0x2000, &(0x7f00000069c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000066c0)={0x90}, 0x0, 0x0, 0x0, 0x0}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0x0, 0x0}) syz_mount_image$fuse(0x0, &(0x7f0000000100)='./file0/../file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) sendmmsg(r2, &(0x7f0000008600)=[{{0x0, 0x7f}}, {{&(0x7f00000072c0)=@un=@file={0x1, './file0/../file0/file0\x00'}, 0x32, &(0x7f0000007380), 0x0, &(0x7f0000000600)}}], 0x2, 0x0) umount2(&(0x7f0000000080)='./file0\x00', 0x3) [ 884.784744][T32390] apply_wqattrs_prepare+0x624/0x890 [ 884.796256][T32390] apply_workqueue_attrs_locked+0xc1/0x140 [ 884.807756][T32390] alloc_workqueue+0xafb/0xef0 [ 884.817273][T32390] ? _raw_spin_unlock+0x24/0x40 [ 884.825872][T32390] ? workqueue_sysfs_register+0x3e0/0x3e0 [ 884.837252][T32390] ? memcpy+0x39/0x60 [ 884.846538][T32390] ? loop_configure+0x416/0x1580 [ 884.858757][T32390] loop_configure+0x4d8/0x1580 [ 884.871927][T32390] lo_ioctl+0x403/0x1600 [ 884.880021][T32390] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 884.892747][T32390] ? loop_set_status_old+0x250/0x250 [ 884.902507][T32390] ? avc_ss_reset+0x170/0x170 [ 884.909547][T32390] ? kfree+0x1cc/0x2c0 [ 884.915359][T32390] ? tomoyo_path_number_perm+0x441/0x590 [ 884.927374][T32390] ? lockdep_hardirqs_on+0x79/0x100 [ 884.936783][T32390] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 884.949732][T32390] ? tomoyo_path_number_perm+0x24e/0x590 [ 884.960866][T32390] ? selinux_file_ioctl+0x10f/0x5d0 [ 884.968996][T32390] ? selinux_inode_getsecctx+0x90/0x90 [ 884.980829][T32390] ? loop_set_status_old+0x250/0x250 [ 884.991180][T32390] blkdev_ioctl+0x2a1/0x6d0 [ 884.999049][T32390] ? blkdev_common_ioctl+0x1830/0x1830 [ 885.008230][T32390] ? __fget_files+0x23d/0x3e0 [ 885.015275][T32390] block_ioctl+0xf9/0x140 [ 885.024172][T32390] ? bd_unlink_disk_holder+0x430/0x430 [ 885.033482][T32390] __x64_sys_ioctl+0x193/0x200 [ 885.043701][T32390] do_syscall_64+0x35/0xb0 [ 885.053149][T32390] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 885.063600][T32390] RIP: 0033:0x4663a7 [ 885.071641][T32390] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 48 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 885.105634][T32390] RSP: 002b:00007f275d915f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 885.122330][T32390] RAX: ffffffffffffffda RBX: 00000000004afcc0 RCX: 00000000004663a7 [ 885.135448][T32390] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 885.149453][T32390] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffffffffffffff [ 885.162264][T32390] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 885.174626][T32390] R13: 0000000000000004 R14: 0000000020000218 R15: 0000000000000001 09:55:23 executing program 2: r0 = syz_io_uring_setup(0x20b6, &(0x7f0000000380), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000fed000/0x10000)=nil, &(0x7f00000000c0), &(0x7f0000000400)) io_uring_register$IORING_REGISTER_FILES(r0, 0x2, &(0x7f0000000280), 0x41fe) 09:55:23 executing program 3: mkdir(&(0x7f0000000400)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r0, &(0x7f0000000140)={0x50, 0x0, r1}, 0x50) syz_fuse_handle_req(r0, &(0x7f00000042c0)="9eda438838743bd4e9720bee57093515dc189a5ea685e9556c1c2c3cfc4df50d66d31a48aa312663b68d18c5826b5b55fb738208863dac0f10f423aee7a5d8ddc45ebdfeb7424bae859d7c37ecfc4b63914d5a56d91017dd22bc84f759a15969951aef9d5c88c96560896988fa18cd946cfcc3a0f1c993348377904eac32c980bdf7976ebca2b499cab63c4e841514277fc71d4620e29a92523402485de0e82896484c0ae497a4d686df23ca7b68c3fd5e624d3510d7f94838e54af877ca58a00c5a672bba11f5aa1ed1980dfef47b9973d0bf456ded5e72f1702b3dc5197fce39cba53a038d8dc0ec783ce70577107dc5e8b299e64a0b7f1191f0926bd25762370191710bab2f44e9069f55f8a3f87e4cb488a2fb3348c0bf3b3874291f83e4776b160ea73aafa3919c7c069c73c0052173a63158db8b65541d161f9c964926ad7f06bdd6cb6a32135b04e35701c2e13c49c1f75dc7a25d623378860692d172ec3f1e1f2d9dc77c015c13721efcb101c2390abb847e871132f472a37cc0163b39b1d575a5444e246a08a1afb1a696cabab29498a314429a3b9f44c43ba29f71fac1fbe0d01c3c16d22730932704bcfb0c1b7a432bc51dd3f5dd5afc3b342cbe6a6ff899039e28f9a51881b1d46fdcf31767cb6f5c5c69ab3c80615d77c4d1664fc4ec831b8cea2e752bbb7a9ce79df875b29f1e232751daf32a1a0c4ff8bd0688e2b8e2d668b8a77e20a9eb6ec2e2c23b94e507baeacbcfa31fb6e1ca3343668f43e3aa6d85e7c29bf0bb4dbdabddc92be7f4a6f5d21b19e6da17bfb6cc926e3847532fae29c7b62fb909130ec372d3c16cfe6aaf3ce2af0fe7610fde7aad61bc80d2f96b999c8ccf6d22cf903ca8ae8b879ec4a416f334982e9810c0140a18d4dc81b5edaae23e9f4abaf40ed71512aebbba5bb251545e188db789558a845a2877b14bdaeec3c738b7d730c0860531bf5517d4f0e8f95ed3571f8a35816d5116fcb8d7cbf42b7d5d5e65541508c898bb2e0fe96297d2ab7135662de39df099ebaed5871111f5346278cee5728cec512e6c0a0d65b51e3d627873195b84103341c2bc83b6c8fdd8ba17f5957413f61c69d618c9b9d0b1f08dc81921b6c662ee1da3bfa019b095e9a03c2db4d645ccb7364e895098cbf7d932c72d80663c7a1694d122f7348393079223c11d36c64a5856eae0397ab9a9d948204b74e56525a9d552dd0916de81cbb5af3c59b3d7f8f9154423ce2cb45a5bc808e24bef13212019a19545fe54ba84d01534358380192b8c7b0eda907810375bb66a578a58fec392b47991271c8367b91d710e8a176bc1a4e96f0e137d4c25fbb03eddc392f9f170dd744472b864fbbae7c93d86e682308b21b73c5652065d72cf02e1152b44024a90a3b52eb0bb3cb412e518d37a68aa4c7f46789c54ab30d3a73d0a8712fde612294cda2aa1ccf164930b9b1d17801d4fbb06e849d39bf2b5141330caa0d2618b616f1c67e1ca57080e79ed9092ba7a55e8121cfc825cd26a0199a479a7ab1b7b23d2a4dd82fa6d04ee41ca680435efc934f0451e865e8632ac2f1115f4cdd33b0fccb7a2326127faf20cba37c828613dba5a98f4e1ad25eb6b91078cf73d873df9ef91531476f64b83559ff7ccdc4c070d478b18196ea05fe8d4ea0216ee5273dfabbd04582f40f064c9781afd2cbf30901f28cd09cc934f1b2d50883778274177e3dba8af0a1b931d80ce1a6c4085780ea2195b65ecfd2953f78a5290fe560d0cd6a5e73890a5a82dc410b92a3ef2be05ec5607820fd4ca6b9c3aa258d59022fdcb21665f1ce4e8aad8fd918c43bd3c2afe3dc223ff9f48831d401c8b6996190793d1dd7551f8511b69283992398d8f9b4bd2b3398d3b8c6f3c5d8b802ca5282b70242df2b7be4b38e70c3065f8da888631375afcc05ce578089c4f783776b286b7a60d1b5e189e2742a3240c1036a953d886885422eef01413c38099b64505fd5a73488acb4e611820674c58ae74d6c64a885d4beda9bd7903bcdc71e3711e2a057c0eab2100c321050ab14c6e453c53182577ad3178603cd9afde40a701120e9a36074fd582428c74e02781318e6c65450f8f020bd22475696fe13b8c59260e53a06d16eabd135e887a0a6bbc8ad21be7661df76fec5b13844f68b8eed1a7379713738beac9f23c7a26520e19797a910cde9fb285179526889b908b7eb49bb06f70f6271fba8712c1a4269ebcf4b7d043e924e3d2c4c753fd7e547d95841e335179836f76424e728810d7f32b78256ea30c79d9238a6588426e1f2d4c0b03d5605bd826ed24f0f11326b4cf958632b86e017aa80e142db1580c44f76d9c98196f3f6852ab2bfc6a01a3553a130c2d171957f5a45c3550fbbc990ef8742a98a86b280a57b9f198ff436bc01161ada50e6f23026c3254adf2321bff7e20aa54080bbb57d8d52c6a6df6107706a2e5bc6da68f17b474c0edd39401d765086e885cf7992405f856557915603cbe8894676e996bbadbb649a5e7498b91f9bd2f697dd9ebbe4d386050258b9f4c94781e61c660651c3f1e3ae51f8c035eca365bf15d6db48ea9ce183515f4a208d010f7c23dcacbd6e225490d7e9c133525f5c9018d752b21b4897bf18b64b6a9936f538a0a8958fc934440aeeaad2b68ac844d76f0900a6c95bd0b353d85d4fb62eb88360112237fd8c636a80e3130b21d66ae8ec58a4b76cba0602f96da919f7e84fd37e3ec2379f58e389a39c78d2482e03c379e3c4649ad63a76e3707ecff07d2fcb0c9dfc524cab49e69a09c92e4f88714335cb57d3f6184d07bef9657280fb5c9fd2d8f940f7ac6c5407e3077aa2e4ba8e217e0ee19e302d6d90e3be05a86dade35d2e454e511afb5cf5936f1d11f2fa6be6ceaa817dbdc7a6aabf2fad8ff3efa8382a25099f0c5989d2ad56ae0f4968b2cfcfc67b4f1c161c75900b4848f59a3c0376dfcb7997bf28e9e85d6dd942a360516de38e1c1a038a796f9a77ff2b0c7e5e8f4932391a0e58e76dacc6f9764178a211dfde3e75d367d2911ff398126ffdf83cf2fbdf1ad5232bed9155f7a168638a572094a9e934d4969b358cf6e121d7fd2aeae2f499068b42c152f0e3403a230885d6f92f038ddaa23499f804ffb06abdbabb51f6c38c92fb1a6271a4b13d6d11125b8ec12efa5907dc65062797fb9cca15e2f254e76b182d3fcdb4e96ac4de36d6df7e7bba5c32f422286b1be3b79bffb6fd693761952d195a84ad9ceb07287a0fbefab9e0347b513c5f60233ccd4b52d90ec144a2f896d9dc7f279f8aa93038f3efa286e1c3006933a4d7183d952f8d28b141b28b2af355b5bd8198dfde1ffb8d09202aff0d16ca3fec194662892a49f829813970a4520f1228aa03d211a45bed3b2e05bf1f10b1a152761e7b6c6ddea863a3c02224256092c70ca70dc185c4c385dd98b09e2682661e1e66f71d9c4037048eb70e8a1cbe57de87ec43713abf5fdcf63b9c482f318e3bec37e878dadbae15a02d731e6c8574eb14c059d72f73be5174add786d06b585a28a06d349d8e434a491b34897b3c1ad786ec8280d7f57edd4fbc6aea5485d659b59d393e331cf91e6ed76f340fcf7cf460892fa7318fc42b883f61d888ad982a751accb613c66661fba5f3d6de751a6a9ef8a4700316aaad04e991aab7903f4ef012ec2a8c092234e74ef335daf360ae47bbd2bbc6ad8c1a4f81efe8bbd703cb55ef36b32b4e30cb5a3b165c02ba295d0e1c40ce6ff8f479a74f01275f113ebfa8ade37a59ce70e6ca2a6f48f1be085f61bf772e2c2da523a2cfe63e99c57bdb1ff23139d4fca49eff7547e9880eefd3f7511a677efa23b52098ba89037c48dfcda2e8c1cfb9f892161049e53f8cee55256279512aecab8c441600dae0fd957883273047cf5c66ba209f830aa2ce0cbe41ca08c0cef4aed7f4324009200661a7ce680e5a8df2d051c1d8b2f63d25d8d74d05c75c46c8f3f24d625539e63459650960498a54ec3b16225bbbf4d3930009df265839d72611f5332a904cdebada108236e4414a2909ad01ec44b9d7f75de4385ad7ca5152e890a0919b3639fd1bcbca3b737ebb8d9ae541b1271cf2166ba15830e66f3d3afd3b754a7f81ad4f0999704ae99c114907c5be4a4797f13b80564f234723a34dbe137dabfd7fa23562df679f54a6ab54def6d63deae9844f72fd73efd0413551f5c4b9ee826eb3b7faf92a59ea34a16723b4fea14d1c8815a4e2d39fc48d1dbce526a7c53f5a96d0ef6463a0cee73fd3505f5c764a264b83c4a21f80e8b61c82d24442d13da99d18dc1b2538e7a510f6093d9ef2bc5cc777d4f98411e93919eddfd69d6e20d227cb61c50f358ea227f4de941fb080c1cf6b1f6e25533768fe133dbfc3f9d29c603bed38aa3c5af5b81a706b0067b40b88f992610d04c7cc36b8f649697cd6a93fae51138161891ae75a7147780fc59af5a6e18c54f9d2a4fe7fa92314b399afba9a40d0cc24f70a2593acf8d179215e06b7a9a88224bafcb2cbf60caf5fe4ff38208a70793b5dc33cd572956260e1c86312d3ba9b3a4b2b44376f2e78c616a6c0880ac8dcbaa30b9f761d500fd03a8518dd0509157b184a2d95e0caf3ffc8ac2db6c54d80c71a1e5b9ea3bf51071e2118af204123daceeb04e4f6f31f32a4d3fbb76ee49440cabda2c121c1b99acab5b87cecc37c3f9066af34ab29d6598bbfd91047a2ac7ce3a8f3027ff5e6d743506f161087278896a98ed37122ba208b61cf54d3929555ab06b564cd5e4f46f4755a6cfa2ef2b30d29ea66f2749d4060d411fa9160c91b6f55cf071ac8222c6313df18759e2958cddfe3db4cbeb9cd39abcf5f0beaecae8437813995cb7ed0b87d42ca942ff7245ece204798d01361c5f008e0d82bdf76660515bc78f7f8f409ccf68614b2cb50f5af2615661326fd971bc57eeeade60ea906b8df1cb0dfafd318cd2c396309c329d0469ca192aa8f51d7c4227685440f073983255baf054b97b9d7be1d1470d7eabd5c09b2116b4e86b0567b7e97e088717a4fe3dbdd310a1c39136ea4d2c47492001f9885dba03bf97e7da376171d666441cdc2f999db137603d57df32b4260fa0165e82917bb1631ea314e7a7437e66fc68cef22cda8f456d6e583f6e3237e0bc79987a9103f7cf0918e26881f67ea582e1ff3a49177599d385bf6e42572a2547933aeddb826530e9adf30dd84c3a7fae5c4c26f6c6f3a9f0906decd314e2407825abef959c5416d18a92ff34e6c521a16e8a0a29937c77d4ee99b41d530a732acbe0bf5d274df9d496b47a9a624546bdcf9976cde12ec989cb2a70b33a7c8a3a77652023164695f9db30dfcf587f0cd4f73e385730bcbdd688f6dcb08ba0efbb9f579220afefa4acfea522e864fce9b1782ce9f14824d16e9d33a2609c23ba3c5a1af02549357a0dcc12e37819d778021762cf895abeac1125b744c8b8225a091e7be9ded9993cfa3ca9abb83e25c8f559009977a2ed9374a89619fae5ef6d164bb73d242004dc8428e44689b33ee3bbe88bb4962ab0a32a90e7aea044f08410752cb2d7aeaf3196648a3a99092665b478bb394b48f79b36db0efc7f50d6a5179c945f5298cfaac5e5dea715296f92abce7281d48a0c9c6b785a35ef5f1697c047ddb254fe9a8ab9f498b0c1ae09ffd01a3d8d427fee7e36c51e0e5c2fee2245fb8464626ab5c9857ebce91f7d22bf024d10c2d71021cd69268472de419e6cefd970cc3a8e4d1bbe6496799aa7f100411766e712aff08b731460f14f9d7356db12cf8e1c6121968dc68b1d81c086b325ca4ce6fe1f476707e08fa913144b757c6be17cf93150db29544d207f09a896f33b7335d9339215da751e7af2c6bdd19db6f521af2c8a5998dc607f97026d07111488741134c1c86eba123273d1fd5ee4b471e86f9ae9478a04c7482076ab34a1eca5c64f89e5106eed44bceec019c67c12fb4db4fdac153f4ac3b63ffeb6d30de58ec039e2dd3c181e254cd94d0a2b0b44490384cc5915b54ee1db2b6d059879bf8126c9ca976d0f7862da07ecd350930a081810a7afd72b2ad3f65b96ae9c7f91227a2b5513a559f36b90fe01be9ae5ad3ca65e2c26f358fc26b858a3633fda7ae49a5fb705220a5819b3cca41b1ccc21d7c40f5fa9c422288efa5394e4312675899d704a2aab62b8363f58fd4bc12a8bea6ffc45b4414237bf5f019321206dbba439acb5ef26641f30fdac20f964354bce94e4c9d73e137f9806deefaf6f4acaa0e76ad4fef9f6cb7fc01bbabda9612c05adbe46afcf94819e8a4b4b49ff764784fa432d47fb6d4230900043d1b4521cd6839fe8c5df4d1899fdfb13880e207cac73f0a29020bdd563bd9c2f6bcd1ec523b3e03ebf6164fc65af001830c51396f9df2d346f83a59cfc82201cf1150ea57259d579fc2ed199b3fbe42d5188c84e4354610743e5b23a265246313cc63913f17412fa00d98b379b80b96d936969572e11316bc8926cb23115186f3b2387b82c3898fa41bf16a308da62d5a3eb3609af1943fddde08a4036eb2a41b7292caad9eb082614b02a1fa255bc7abd4d0e3b4ec1801e131e68c7aa9da1a0ff10f9de87dec8fad1ad8bfa99caa49e203a7b9c33e044d4544a537471e7a452468b821959bc488c6b8cbf81e90081a26de273ad1203cc06adb6af242ab19f96c1c66b58c37e2c9309704fba63af99a8d9c5efc651afb631fe9f546b938cc3b8e526c4159e5c9f7afb29fd1d55fabf09367ce2a63a35e7a2062d1c772ed981fd77157a847f687a177cf9886ce41df8cc509302b46bc1e2ba896b1c1656a1bbfdf4cd9ac39cf8510d1c823075f16550fd044aacc8d42a56f03718f7b18475cdc3999faeb25ab3dd8a807ee04d8e5d831d08b4e309dff50330685138797e10c6362636f53f22bfc1f3d5090a5d369282d9de36bb4e2505411ccc6ea395afa1567b15a2fb4be2adeea7126b1a8e80034105e0d98bdd78e796ce1cdc06a4ae666fc0baec5c52614340ed997673e26ec47c88846c000bb7c9077337cd44f5c041fdcc64986e5e1c0f488148f0ee6f842c44c0b72e82109270341bba6e9080b70fcf930d0f10be5a36798e70111fed72727b72282ff164fc08319d74f1f57cde71b57cb397a9e753f87b97729bafba017a24cbfdee5dfe7fc296c112e93bb8fce560ca80a3afd8370baaa79ad783b51352b5440b144a47378c9ae22eda5794328e95bcca220fd07bb56915529b155c61858efe89ad36a79288e74c0e251addcfaf797432175a5562b46eff5e3aebeb74623e18beef85389383c604d8884431b07dc4bea0174aadc337ff41f558a63f16690feae47efa2a5d1318b7397e1e4ba398727d286791b71610e1d78d32800e7e113c12abf0f60b6ca4401ecd23b7aacd990633b2b017daf6bfef1b2361ece74b7dbcbb1a73d4bc1f9d2e5c9fb0b7980d25cc44d1b10c09ef5a6a05c84669294a5cadf0cd88ab449f9f0bcdd8c48590d416c5c1feaa494a2145949c2a3373df7c6014225f2745bbeb20ff294d22c0d96ca111e6926946207cab56a03162a49e68968e398f70690188ee3ca847ef421742d60b9a6ad029e8a3d607950b2bf8ad8ff297cb39acc94905635770436e134435e28205140331b5100d9f64469792fffac87bca0835cbc617446ff86a7b50418c305f32e658b32130e491e38709fd3697017ac8084cdf1ed81a28375aed092ab4e32ca88a933154dd3a9e99351acbada926b67b310c7070ac1a414a28c5abfe1f45476249a12f18ca2d981528d881ed3c5072e46a6eff3cdf37dcbc89c7f79c88a1f8d15d15beb66a0e4440c7b93e379c4e2bac1d5c8e85f1852887e2cfeb178fba1c67dc2adb0c87df8ca4444ca7f455509f492effb5001328b8cc696e2933207a2d78bbce8562ca34a248193c914406b161c8141479d891b0c6110ec1e25cad38299b489f2ec437017cadba67dcb58abd4933c95b35707118e47b8701a7d71e446e4b62e2941d4281faca0cf22914be5aad80f47102b178a6ceb24e82508fe55a92fb6db70d03d1c1ec09cfee31639341756a4630a0eaaecac7bfbddf9d30c42cbd45eb181d5bd341307ad26f496bb042e2b655c03ac3dcc587acbf50f79b5c239be9938b62d3251b199f8413b020605d5d0552cfd9c39c9132719d6d0a326b000e12fcb51bc274df79d11430060d05978cdd50583f1bca82c57dbee605e2d00fcb5414af13a596d35cb5ba62de6a28cbccc857d23547b1c7fd5ac8fbf6758d5b8451fa46d9acc00344dc2e565674b1dd3547eb8f8aa5fff99042f8d1d59e6ad2f53379211e6832fcb68f5777eb2db85b28f724f4e4ce6342cf55713ff7b0cb4f7f47dd12a6566b86709eaefae024373267ce72a89e7f3e42ab48edcccc96b5d0403fe93a927e5ccf470014f220b8257393226cd7b996f20e6a34f81206733a9fdce03b701943c1b560d3eab68c2c225cf7f7f2b56123be2bb173e9e5b37f4d3348f6b987764ad07c2acd44514ff264d7eda31e5e517a179414841ad4553d51c08f435e05f10aa82d74b97a9ba3a133e6c9175fdcd4f3dc9c16d3be1d5bbaf13240177081ac1d56681bfa988a93af09868afd608520c0bfd71d857a6661fdaf6f2e166987eb007449dd26334ae932c5003fefc0f983b9e49cbfcea325f2de16a9ae935caa46f5b3433957fb370971ed957f138f08a60fed5b84995e428e7ae7d5c22021ff016baef0e713a118344c016a99ad469313ba7f2452da0dd82e019f64aa229cf80a69b3e08ac5847f10d247179855546313232f23e055c2f74ecef14e0fdcc29a9bf0976fbb249bd5c7903183d2a53c70960a183630e7d4928daa7091a85ad987d2a4a5b8f6be6612fa72d9fbb33c67bb38eff19f2e784f94e0354cf6d35a5b2c62233c039de3734b38e97ec72bd673fef09fd56fec329818cc68cdf12cb52f7d37a8350c16e94208880bfcd3e895d7aa4489e3dd15db4a9026f0d2a46f1e89c35845dbd976a1992b87c15a0c7580e6424b8792a7bb7b933d7c5433d4133ba4dbbcf7995d6ed3feaa32f876a287feeb9cc6107778c1f83e0119d980b9e994c2a3ae3de24a103efb3cacb746b49d1ad85746b233ab4aaf0e988ec2a786bc93f32040d3bdc3008031634cdfded5ac95b2279e096243228296591e7ba53c4a127772cc4620e6b238ccad250629194533d0a669ff3366c52d64928693e0b0cbb0b8e2c6029089d4dfe2b4b6c5dcd85f1a02770611e65001e48a32a8b0431a3b9d77fa3a95be38a0436a704c05a8e0183f3214c25531a63796f679bf72885aa766468d42b2543542d7e82544efc5c5e81e6a91a0f5d4e68000cff687d63e45c9a11d4ef515050daa592c9a828ac7c0488e7cdb3d6fdaef5e9176ee68d981ea50d386d74df3b40660351736deb03bfceb721878cf9894b0302df15964242ab6b9f77f98ba1c7993735983d2b022600ab74a19e3636e1400d08ba45d3a5c2774cb06a1c358bbfc11d27efaf7ca53c2e7757c8c76da24707d91a4a5244262898d68083ff91c514d9b9b1ebaa0cb0b10254fda1b1e82b9a1a47f117b5b280ddbec1f6732d11117ef1a7a674699df87fe795d1243cb9c4527e364e2b711b6562a87fafc130ce0baf1701686639b05f0c8dc708f008b1e6ab89e8d623bb83f3d54b7bcdbdacd055ac4eccbd36bbe0af0f65a00e3d6dd985ae8851d176976cfb5816d1fc2a63d3546aecaa4e712ca6961d1f181315d553de6b53485faed0dcfcf819a1ba3badffe797377d3d1ddaed8e7a0acc0c3d277762262a139f94de49faca167b11bf04f2104a5ab9a73367a6461f7124c91a2c4229ef98e6ebde9aac283c7d029400d71293f488ba169b62c1e94689cf5b248ed4aea62b88d65bb764cfe27d5231a58486e7381df518f4ed81cb905108c54a5050a94ca0e94da20d3794bc5fab9127dc95b6404b1e27b4e28136fc27806f7be798444c33aca88ffd45b860eba0d5033839f5a092863954604f1952bd61dad23b11643fe14f3ade08116aa2c13eee701ccd13e506bd65a1060bf69579aea8c8143cd38c0891a3065f251eba0c20ab9c69ddf28e3bd6400cc203bac8de1882239ad4e1b97b0ae2f1abb7bac7c0d8ef82b97ebfb1f5577f06a3a1377b09ada4db87d342f20ab0eca4b9c206042471307511429cb57a578211f92d3647189861cad9145f5eb26ab696abe50a2a6c1b469df97da28aba4e79b586c348a430f5ea61c4be1032fa61d18581f05a07fb8707c8996e0fff1c3eda59b992687fa12483b9327e10224b20d42e8b3fc4670bf070ced602283273d6818acd1f6da567c44d3f5e1377065d43d87d889843ae48e7fa8ba1634815695b8c480ca271e6e833799c70da80fd79acc09b989667a2294de5da73f0363df9a33ad4dab8d27cf7bed0a06838672e3d07d52b6396e9b5576021d5e925abd533bf161c944795065fdd44e8462e3070c479f1c118276653488dd9b2f1a673f8cad3612ca1fab4388ec9c8f834a01a499adb7b3a9a977672f6d75b41bbdd7f91ceb7e7a88568d17bb432be9e4e96e115075bce197ef4754d2914c2c59e2d7f4c08f0dbe34d31f229428f211bf1d7e8f5c319ed4a8273cb6255eb318851ac4557b0278fac63107a54d407c42f300b843a12abd3b893b46c7efac2e388ab42b87aebe2543bd4c15f459bc50aad10ffe1c1196fb52c26e54bdaa7fbd52451f207ffb073ef4b3f71eedd7da40c89505019739e3fa733bcdc84ff4919e8fe2358129ef28291be1d6426b8bafe88463b1d3cd7273745381c7f65221898e6ad361e88b24c54ccc7ac9a830145b6dc096e2d71ef71ec4f03524cb870b724e08d223bdec2f6fdde6200217a13b5136004d455d66547f5a1793e0cad85677d49e5c558852107007c8136812cf021afaf6f7e8f59883371be46cda412dd9c6fcf187c31252ceb5758901d39cd5355ab386d9a7fe6ea46ebf277aaf809c3023211ea9aa189de4d422080ebb9fec50ffab6b95ba4ae5018accc497e79149ed6047ce561ccc10e9194cdccd5c9fb75175c8dbc9d0a916ad59288f010defbbb50d263041ab37aac0f93253bef6f898cd0825d99d27224f26181f9713b8979da64756c95e7505f25a2688960d6155c3613dcc31b6c337a6dbfc6b12cfde1db22b93bbd5e48534fb0bda8b212577a14dcf665c834b0bd24e5f624d2455fe048dbe930328d7cb632db3b0e244bb5d43390b420b15157a339487fc78976f867d3a361aafdd3f50a93c01882da7c220089a544381db22e2c86b228dc2be01820468460437588952a549d37498e529e62aa62bad1580546bcb1e9a6ed1870b7838d05d12f6e3a041e78b1bdb80894626f20889ccb3a468aa4fb24b9c87cbb28623ce59c6b3c6286db366d08004551a25fe4d8d194a2bb7c52e1c85a5fbe4cb15b171489da121bea1c469a6bb185d63213084e3a81ee54dc03a94dc5ecdda7bfaad1df68021aaf4627c9d529f13e5c81b5ee4dd228949ca16b9a61d186211d153294470907557e5e14ae665013f285fe4d3766e7b3d8ce5e2a14692072d4d8f79354bcc8db8a2a36c8bcd", 0x2000, &(0x7f00000069c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000066c0)={0x90}, 0x0, 0x0, 0x0, 0x0}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0x0, 0x0}) syz_mount_image$fuse(0x0, &(0x7f0000000100)='./file0/../file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) sendmmsg(r2, &(0x7f0000008600)=[{{0x0, 0x7f}}, {{&(0x7f00000072c0)=@un=@file={0x1, './file0/../file0/file0\x00'}, 0x32, &(0x7f0000007380), 0x0, &(0x7f0000000600)}}], 0x2, 0x0) umount2(&(0x7f0000000080)='./file0\x00', 0x3) 09:55:23 executing program 0: r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$RNDADDENTROPY(r0, 0x40085203, &(0x7f0000000040)={0x0, 0x100000}) 09:55:23 executing program 2: r0 = syz_io_uring_setup(0x20b6, &(0x7f0000000380), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000fed000/0x10000)=nil, &(0x7f00000000c0), &(0x7f0000000400)) io_uring_register$IORING_REGISTER_FILES(r0, 0x2, &(0x7f0000000280), 0x41fe) [ 885.475196][ T32] ------------[ cut here ]------------ [ 885.484642][ T32] WARNING: CPU: 3 PID: 32 at kernel/locking/lockdep.c:6305 lockdep_unregister_key+0x19a/0x250 [ 885.502162][ T32] Modules linked in: [ 885.512869][ T32] CPU: 3 PID: 32 Comm: kworker/3:0 Not tainted 5.14.0-rc2-syzkaller #0 [ 885.530630][ T32] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 [ 885.546236][ T32] Workqueue: events pwq_unbound_release_workfn [ 885.555841][ T32] RIP: 0010:lockdep_unregister_key+0x19a/0x250 [ 885.567069][ T32] Code: 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 8f 00 00 00 4d 89 7d 08 48 b8 22 01 00 00 00 00 ad de 48 89 43 08 eb 02 <0f> 0b 4c 89 f7 ba 01 00 00 00 48 89 ee e8 44 fd ff ff 4c 89 f7 e8 [ 885.597879][ T32] RSP: 0018:ffffc900007bfcb0 EFLAGS: 00010046 [ 885.608386][ T32] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 1ffffffff1ad87cd [ 885.621986][ T32] RDX: 1ffffffff1fcad55 RSI: 0000000000000004 RDI: ffffffff8fe56aa8 [ 885.633690][ T32] RBP: ffff88801416e928 R08: 0000000000000001 R09: 0000000000000003 [ 885.647430][ T32] R10: fffff520000f7f8c R11: 0000000000086088 R12: 0000000000000246 [ 885.661130][ T32] R13: dffffc0000000000 R14: ffffffff8fcd1868 R15: ffff888047033870 [ 885.674556][ T32] FS: 0000000000000000(0000) GS:ffff88802cd00000(0000) knlGS:0000000000000000 [ 885.687302][ T32] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 885.696433][ T32] CR2: 00000000014a53ad CR3: 00000000479f1000 CR4: 0000000000150ee0 [ 885.708224][ T32] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 885.721464][ T32] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 885.733049][ T32] Call Trace: [ 885.738901][ T32] pwq_unbound_release_workfn+0x223/0x2d0 [ 885.749120][ T32] process_one_work+0x98d/0x1630 [ 885.756948][ T32] ? pwq_dec_nr_in_flight+0x320/0x320 [ 885.766596][ T32] ? rwlock_bug.part.0+0x90/0x90 [ 885.775524][ T32] ? _raw_spin_lock_irq+0x41/0x50 [ 885.783616][ T32] worker_thread+0x658/0x11f0 [ 885.792537][ T32] ? process_one_work+0x1630/0x1630 [ 885.807718][ T32] kthread+0x3e5/0x4d0 [ 885.814442][ T32] ? set_kthread_struct+0x130/0x130 [ 885.823682][ T32] ret_from_fork+0x1f/0x30 [ 885.831629][ T32] Kernel panic - not syncing: panic_on_warn set ... [ 885.844009][ T32] CPU: 3 PID: 32 Comm: kworker/3:0 Not tainted 5.14.0-rc2-syzkaller #0 [ 885.893799][ T32] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 [ 885.906361][ T32] Workqueue: events pwq_unbound_release_workfn [ 885.914460][ T32] Call Trace: [ 885.918735][ T32] dump_stack_lvl+0xcd/0x134 [ 885.924310][ T32] panic+0x306/0x73d [ 885.930560][ T32] ? __warn_printk+0xf3/0xf3 [ 885.937532][ T32] ? __warn.cold+0x1a/0x44 [ 885.945177][ T32] ? lockdep_unregister_key+0x19a/0x250 [ 885.956196][ T32] __warn.cold+0x35/0x44 [ 885.966196][ T32] ? lockdep_unregister_key+0x19a/0x250 [ 885.974960][ T32] report_bug+0x1bd/0x210 [ 885.981100][ T32] handle_bug+0x3c/0x60 [ 885.987119][ T32] exc_invalid_op+0x14/0x40 [ 885.993520][ T32] asm_exc_invalid_op+0x12/0x20 [ 885.999867][ T32] RIP: 0010:lockdep_unregister_key+0x19a/0x250 [ 886.008161][ T32] Code: 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 8f 00 00 00 4d 89 7d 08 48 b8 22 01 00 00 00 00 ad de 48 89 43 08 eb 02 <0f> 0b 4c 89 f7 ba 01 00 00 00 48 89 ee e8 44 fd ff ff 4c 89 f7 e8 [ 886.043200][ T32] RSP: 0018:ffffc900007bfcb0 EFLAGS: 00010046 [ 886.051326][ T32] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 1ffffffff1ad87cd [ 886.063517][ T32] RDX: 1ffffffff1fcad55 RSI: 0000000000000004 RDI: ffffffff8fe56aa8 [ 886.074054][ T32] RBP: ffff88801416e928 R08: 0000000000000001 R09: 0000000000000003 [ 886.085444][ T32] R10: fffff520000f7f8c R11: 0000000000086088 R12: 0000000000000246 [ 886.097249][ T32] R13: dffffc0000000000 R14: ffffffff8fcd1868 R15: ffff888047033870 [ 886.108837][ T32] pwq_unbound_release_workfn+0x223/0x2d0 [ 886.117535][ T32] process_one_work+0x98d/0x1630 [ 886.125304][ T32] ? pwq_dec_nr_in_flight+0x320/0x320 [ 886.132716][ T32] ? rwlock_bug.part.0+0x90/0x90 [ 886.138949][ T32] ? _raw_spin_lock_irq+0x41/0x50 [ 886.145437][ T32] worker_thread+0x658/0x11f0 [ 886.151780][ T32] ? process_one_work+0x1630/0x1630 [ 886.160664][ T32] kthread+0x3e5/0x4d0 [ 886.166500][ T32] ? set_kthread_struct+0x130/0x130 [ 886.174492][ T32] ret_from_fork+0x1f/0x30 [ 887.422179][ T32] Shutting down cpus with NMI [ 887.431807][ T32] Kernel Offset: disabled [ 887.437963][ T32] Rebooting in 86400 seconds.. VM DIAGNOSIS: 09:55:25 Registers: info registers vcpu 0 RAX=000000000014b35f RBX=ffffffff8b6bc640 RCX=ffffffff8929e68f RDX=0000000000000000 RSI=0000000000000001 RDI=0000000000000000 RBP=0000000000000000 RSP=ffffffff8b607e40 R8 =0000000000000001 R9 =ffff88802ca52b4b R10=ffffed100594a569 R11=0000000000000000 R12=fffffbfff16d78c8 R13=0000000000000000 R14=ffffffff8d6c0b50 R15=0000000000000000 RIP=ffffffff892c874b RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802ca00000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000001b2be30000 CR3=0000000061b69000 CR4=00150ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=ffffffffffffffffffffffffffffffff XMM01=ffffffffffffffffffffffffffffffff XMM02=ffffffffffffffffffffffffffffffff XMM03=ffffffffffffffffffffffffffffffff XMM04=ffffffffffffffffffffffffffffffff XMM05=ffffffffffffffffffffffffffffffff XMM06=ffffffffffffffffffffffffffffffff XMM07=000000000000000000e800a800000000 XMM08=2570756c6c25706f6f6c2f7665642f00 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000003 RBX=0000000000000000 RCX=dffffc0000000000 RDX=0000000000000000 RSI=0000000000000003 RDI=ffffffff901dfe80 RBP=ffffffff901dfe80 RSP=ffffc900011273d0 R8 =0000000000000001 R9 =0000000000000000 R10=fffffbfff203bfd0 R11=0000000000000001 R12=0000000000000000 R13=fffffbfff203bfd0 R14=0000000000000001 R15=ffff88802cb52980 RIP=ffffffff8133060b RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00000000 FS =0000 00007fd042d68700 ffffffff 00000000 GS =0000 ffff88802cb00000 ffffffff 00000000 LDT=0000 0000000000000000 00000000 00000000 TR =0040 fffffe000003e000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000003c000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007fd042d67fe8 CR3=000000004a6fe000 CR4=00150ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000005487a800000000005487a0 XMM02=ffffffff817adb1fffffffff817adb00 XMM03=ffffffff8135577cffffffff813556d8 XMM04=ffffffffffffffffffffffffffffffff XMM05=ffffffffffffffffffffffffffffffff XMM06=ffffffffffffffffffffffffffffffff XMM07=00000000000000000000000000000000 XMM08=657a6973207865687274732064616200 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 2 RAX=0000000000000068 RBX=0000000000000010 RCX=ffffffff904fcff4 RDX=ffffffff904fce60 RSI=000000000000004d RDI=0000000000000000 RBP=0000000000000065 RSP=ffffc90000bb7d10 R8 =0000000000000000 R9 =0000000000180000 R10=00000000820ffdb7 R11=0000000000000000 R12=0000000000000034 R13=0000000000000007 R14=dffffc0000000000 R15=000000000000007f RIP=ffffffff8435ab74 RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f376576d700 ffffffff 00c00000 GS =0000 ffff88802cc00000 ffffffff 00c00000 LDT=0000 0000000000000000 00000000 00000000 TR =0040 fffffe0000079000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000077000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000002004c000 CR3=000000006672b000 CR4=00150ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=ffffffffffffffffffffffffffffffff XMM01=52544e45444441444e52246c74636f69 XMM02=0000000000000000000000ff00000000 XMM03=ffffffffffffffffffffffffffffffff XMM04=ffffffffffffffffffffffffffffffff XMM05=ffffffffffffffffffffffffffffffff XMM06=ffffffffffffffffffffffffffffffff XMM07=00000000000000000000000000000000 XMM08=2f666c65732f636f72702f0030303031 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 3 RAX=0000000000000031 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff8432bd71 RDI=ffffffff904f4ea0 RBP=ffffffff904f4e60 RSP=ffffc900007bf6c0 R8 =0000000000000000 R9 =0000000000000000 R10=ffffffff8432bd62 R11=000000000000001f R12=0000000000000000 R13=0000000000000031 R14=ffffffff904f4e60 R15=dffffc0000000000 RIP=ffffffff8432bd9a RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802cd00000 ffffffff 00c00000 LDT=0000 0000000000000000 00000000 00000000 TR =0040 fffffe00000b4000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000b2000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000014a53ad CR3=00000000479f1000 CR4=00150ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000 XMM02=652e29646e616d6d6f632a282e637069 XMM03=00000000000000000000000000000000 XMM04=444441444e52246c74636f690a293078 XMM05=30347830202c30722859504f52544e45 XMM06=3030663778302826202c333032353830 XMM07=202c3078307b3d293034303030303030 XMM08=6666666666667830286d6f646e617224 XMM09=78302826202c63396666666666666666 XMM10=30202c29303030303030303030306637 XMM11=52246c74636f690a29307830202c3078 XMM12=2c30722859504f52544e45444441444e XMM13=302826202c3330323538303034783020 XMM14=7b3d2930343030303030303030663778 XMM15=0a297d3030303030317830202c307830