[?25l[?1c7[ ok 8[?25h[?0c. [ 57.138048] audit: type=1800 audit(1542049656.185:25): pid=6404 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 57.157690] audit: type=1800 audit(1542049656.185:26): pid=6404 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 57.177299] audit: type=1800 audit(1542049656.205:27): pid=6404 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.113' (ECDSA) to the list of known hosts. 2018/11/12 19:07:52 fuzzer started 2018/11/12 19:07:57 dialing manager at 10.128.0.26:34581 2018/11/12 19:07:57 syscalls: 1 2018/11/12 19:07:57 code coverage: enabled 2018/11/12 19:07:57 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled 2018/11/12 19:07:57 setuid sandbox: enabled 2018/11/12 19:07:57 namespace sandbox: enabled 2018/11/12 19:07:57 Android sandbox: /sys/fs/selinux/policy does not exist 2018/11/12 19:07:57 fault injection: enabled 2018/11/12 19:07:57 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2018/11/12 19:07:57 net packed injection: enabled 2018/11/12 19:07:57 net device setup: enabled 19:10:12 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000200)="2f6578650000c10000000000e9ff0700000000000054fa07424adee916d2da75afe70b35a0fd6a1f0200f5ab26d7a071fb35331ce39c5a6568641006d7c0206a74e33326530000000000000000000000") preadv(r0, &(0x7f0000001540)=[{&(0x7f0000000480)=""/12, 0xc}], 0x1, 0x0) syzkaller login: [ 214.499083] IPVS: ftp: loaded support on port[0] = 21 [ 216.619053] bridge0: port 1(bridge_slave_0) entered blocking state [ 216.625609] bridge0: port 1(bridge_slave_0) entered disabled state [ 216.634176] device bridge_slave_0 entered promiscuous mode [ 216.762053] bridge0: port 2(bridge_slave_1) entered blocking state [ 216.769160] bridge0: port 2(bridge_slave_1) entered disabled state [ 216.778364] device bridge_slave_1 entered promiscuous mode [ 216.904075] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 217.029308] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 217.412676] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 217.543939] bond0: Enslaving bond_slave_1 as an active interface with an up link 19:10:16 executing program 1: clock_gettime(0x5d7496a2da100c2b, &(0x7f00000002c0)) [ 218.433037] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 218.441000] team0: Port device team_slave_0 added [ 218.565790] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 218.573807] team0: Port device team_slave_1 added [ 218.627948] IPVS: ftp: loaded support on port[0] = 21 [ 218.802896] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 219.044495] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 219.051587] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 219.060453] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 219.244386] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 219.252005] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 219.261159] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 219.436319] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 219.444026] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 219.453139] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 221.478021] ip (6694) used greatest stack depth: 53696 bytes left [ 221.516681] bridge0: port 2(bridge_slave_1) entered blocking state [ 221.523214] bridge0: port 2(bridge_slave_1) entered forwarding state [ 221.530163] bridge0: port 1(bridge_slave_0) entered blocking state [ 221.536745] bridge0: port 1(bridge_slave_0) entered forwarding state [ 221.545578] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 221.922640] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 221.940850] bridge0: port 1(bridge_slave_0) entered blocking state [ 221.947564] bridge0: port 1(bridge_slave_0) entered disabled state [ 221.956886] device bridge_slave_0 entered promiscuous mode [ 222.186920] bridge0: port 2(bridge_slave_1) entered blocking state [ 222.193464] bridge0: port 2(bridge_slave_1) entered disabled state [ 222.201843] device bridge_slave_1 entered promiscuous mode [ 222.387833] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 222.633042] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 223.394819] bond0: Enslaving bond_slave_0 as an active interface with an up link 19:10:22 executing program 2: mkdir(&(0x7f0000000300)='./file0\x00', 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") mount(&(0x7f0000000340)=ANY=[], &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, &(0x7f000000a000)) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0) fchdir(r1) r2 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$binfmt_aout(r2, &(0x7f0000000400)=ANY=[@ANYBLOB="0000000000000000000008000000000000000000001c3adde686"], 0x1a) sendfile(r2, r2, &(0x7f0000000140), 0x7fff) [ 223.637725] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 223.923666] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 223.939021] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 224.208272] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 224.215605] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 224.473892] IPVS: ftp: loaded support on port[0] = 21 [ 224.852952] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 224.860820] team0: Port device team_slave_0 added [ 225.022541] ip (6761) used greatest stack depth: 53664 bytes left [ 225.069164] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 225.077258] team0: Port device team_slave_1 added [ 225.322502] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 225.329587] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 225.338371] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 225.597413] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 225.604737] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 225.613466] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 225.875837] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 225.883535] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 225.892762] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 226.117088] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 226.124955] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 226.133856] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 228.381443] ip (6842) used greatest stack depth: 53632 bytes left [ 228.586348] bridge0: port 1(bridge_slave_0) entered blocking state [ 228.592913] bridge0: port 1(bridge_slave_0) entered disabled state [ 228.601153] device bridge_slave_0 entered promiscuous mode [ 228.858658] bridge0: port 2(bridge_slave_1) entered blocking state [ 228.865327] bridge0: port 2(bridge_slave_1) entered disabled state [ 228.873839] device bridge_slave_1 entered promiscuous mode [ 229.145352] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 229.332931] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 229.355581] bridge0: port 2(bridge_slave_1) entered blocking state [ 229.362039] bridge0: port 2(bridge_slave_1) entered forwarding state [ 229.369096] bridge0: port 1(bridge_slave_0) entered blocking state [ 229.375633] bridge0: port 1(bridge_slave_0) entered forwarding state [ 229.384061] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 229.544027] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 230.130949] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 230.452987] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 230.716019] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 230.723396] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 230.938653] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 230.946007] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 231.616272] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 231.624862] team0: Port device team_slave_0 added 19:10:30 executing program 3: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f0000000040)="0a5c2d02402b6285717070") getsockopt$inet6_dccp_buf(0xffffffffffffffff, 0x21, 0x0, &(0x7f00000001c0)=""/218, &(0x7f0000000080)=0xda) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xb, 0x7f, 0x7, 0x5, 0x1}, 0x2c) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000640)={r1, &(0x7f0000000080), &(0x7f0000000600)}, 0x20) bind$vsock_dgram(0xffffffffffffffff, &(0x7f00000002c0)={0x28, 0x0, 0x0, @host}, 0x10) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000140)={r1, &(0x7f0000000080)}, 0x10) [ 231.746519] 8021q: adding VLAN 0 to HW filter on device bond0 [ 231.861089] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 231.869139] team0: Port device team_slave_1 added [ 232.184698] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 232.191798] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 232.200429] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 232.535029] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 232.562451] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 232.571103] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 232.830273] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 232.838009] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 232.847030] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 232.870264] IPVS: ftp: loaded support on port[0] = 21 [ 232.913063] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 233.191835] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 233.199672] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 233.208610] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 234.109642] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 234.116170] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 234.124155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 235.234162] 8021q: adding VLAN 0 to HW filter on device team0 [ 236.734304] bridge0: port 2(bridge_slave_1) entered blocking state [ 236.740785] bridge0: port 2(bridge_slave_1) entered forwarding state [ 236.747868] bridge0: port 1(bridge_slave_0) entered blocking state [ 236.754415] bridge0: port 1(bridge_slave_0) entered forwarding state [ 236.762988] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 237.624018] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 238.142458] bridge0: port 1(bridge_slave_0) entered blocking state [ 238.148962] bridge0: port 1(bridge_slave_0) entered disabled state [ 238.157575] device bridge_slave_0 entered promiscuous mode [ 238.407805] bridge0: port 2(bridge_slave_1) entered blocking state [ 238.414504] bridge0: port 2(bridge_slave_1) entered disabled state [ 238.422995] device bridge_slave_1 entered promiscuous mode [ 238.650528] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 238.972552] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 239.588094] not chained 10000 origins [ 239.591966] CPU: 1 PID: 7128 Comm: ip Not tainted 4.19.0+ #83 [ 239.597851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 239.607206] Call Trace: [ 239.609812] dump_stack+0x32d/0x480 [ 239.613454] ? save_stack_trace+0xc6/0x110 [ 239.617715] kmsan_internal_chain_origin+0x222/0x240 [ 239.622839] ? kmsan_internal_chain_origin+0x136/0x240 [ 239.628126] ? __msan_chain_origin+0x6d/0xd0 [ 239.632544] ? __save_stack_trace+0x8be/0xc60 [ 239.637047] ? save_stack_trace+0xc6/0x110 [ 239.641295] ? kmsan_internal_chain_origin+0x136/0x240 [ 239.646579] ? kmsan_memcpy_origins+0x13d/0x1b0 [ 239.651257] ? __msan_memcpy+0x6f/0x80 [ 239.655155] ? nla_put+0x20a/0x2d0 [ 239.658705] ? br_port_fill_attrs+0x366/0x1ea0 [ 239.663326] ? br_port_fill_slave_info+0xff/0x120 [ 239.668174] ? rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 239.672676] ? rtnl_dump_ifinfo+0xbe5/0x19b0 [ 239.677093] ? netlink_dump+0xb09/0x1750 [ 239.681161] ? netlink_recvmsg+0xec2/0x19d0 [ 239.685500] ? sock_recvmsg+0x1d1/0x230 [ 239.689488] ? ___sys_recvmsg+0x444/0xae0 [ 239.693648] ? __se_sys_recvmsg+0x2fa/0x450 [ 239.697983] ? __x64_sys_recvmsg+0x4a/0x70 [ 239.702252] ? do_syscall_64+0xcf/0x110 [ 239.706244] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 239.711626] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 239.717030] ? __module_address+0x6a/0x610 [ 239.721292] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 239.726670] ? is_bpf_text_address+0x49e/0x4d0 [ 239.731266] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 239.736735] ? in_task_stack+0x12c/0x210 [ 239.740815] __msan_chain_origin+0x6d/0xd0 [ 239.745061] ? br_port_fill_slave_info+0xff/0x120 [ 239.749914] __save_stack_trace+0x8be/0xc60 [ 239.754264] ? br_port_fill_slave_info+0xff/0x120 [ 239.759136] save_stack_trace+0xc6/0x110 [ 239.763229] kmsan_internal_chain_origin+0x136/0x240 [ 239.768353] ? kmsan_internal_chain_origin+0x136/0x240 [ 239.773638] ? kmsan_memcpy_origins+0x13d/0x1b0 [ 239.778318] ? __msan_memcpy+0x6f/0x80 [ 239.782217] ? nla_put+0x20a/0x2d0 [ 239.785767] ? br_port_fill_attrs+0x42b/0x1ea0 [ 239.790364] ? br_port_fill_slave_info+0xff/0x120 [ 239.795232] ? rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 239.799819] ? rtnl_dump_ifinfo+0xbe5/0x19b0 [ 239.804238] ? netlink_dump+0xb09/0x1750 [ 239.808312] ? netlink_recvmsg+0xec2/0x19d0 [ 239.812642] ? sock_recvmsg+0x1d1/0x230 [ 239.816628] ? ___sys_recvmsg+0x444/0xae0 [ 239.820779] ? __se_sys_recvmsg+0x2fa/0x450 [ 239.825108] ? __x64_sys_recvmsg+0x4a/0x70 [ 239.829352] ? do_syscall_64+0xcf/0x110 [ 239.833335] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 239.838731] ? __msan_poison_alloca+0x1e0/0x2b0 [ 239.843433] ? kmsan_set_origin+0x83/0x130 [ 239.847686] ? kmsan_internal_unpoison_shadow+0x83/0xe0 [ 239.853067] kmsan_memcpy_origins+0x13d/0x1b0 [ 239.857583] __msan_memcpy+0x6f/0x80 [ 239.861311] nla_put+0x20a/0x2d0 [ 239.864698] br_port_fill_attrs+0x42b/0x1ea0 [ 239.869125] br_port_fill_slave_info+0xff/0x120 [ 239.873806] ? br_port_get_slave_size+0x30/0x30 [ 239.878493] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 239.882831] ? vcs_fasync+0x19a/0x1e0 [ 239.886663] rtnl_dump_ifinfo+0xbe5/0x19b0 [ 239.890983] ? kmsan_internal_unpoison_shadow+0x83/0xe0 [ 239.896367] ? rtnl_getlink+0xde0/0xde0 [ 239.900352] netlink_dump+0xb09/0x1750 [ 239.904267] netlink_recvmsg+0xec2/0x19d0 [ 239.908448] sock_recvmsg+0x1d1/0x230 [ 239.912265] ? netlink_sendmsg+0x1440/0x1440 [ 239.916691] ___sys_recvmsg+0x444/0xae0 [ 239.920692] ? __msan_poison_alloca+0x1e0/0x2b0 [ 239.925386] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 239.930753] ? __fdget+0x23c/0x440 [ 239.934316] __se_sys_recvmsg+0x2fa/0x450 [ 239.938501] __x64_sys_recvmsg+0x4a/0x70 [ 239.942578] do_syscall_64+0xcf/0x110 [ 239.946392] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 239.952031] RIP: 0033:0x7f0f57ac6210 [ 239.955754] Code: 31 d2 48 29 c2 64 89 11 48 83 c8 ff eb ea 90 90 90 90 90 90 90 90 90 90 90 90 83 3d e5 d3 2a 00 00 75 10 b8 2f 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 6e bb 00 00 48 89 04 24 [ 239.974663] RSP: 002b:00007ffece4579f8 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 239.982383] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f0f57ac6210 [ 239.989661] RDX: 0000000000000000 RSI: 00007ffece457a40 RDI: 0000000000000003 [ 239.996935] RBP: 0000000000001fe4 R08: 00007f0f57d6fec8 R09: 0000000000000000 [ 240.004214] R10: 0000000000000008 R11: 0000000000000246 R12: 00000000006395c0 [ 240.011499] R13: 00007ffece45bad0 R14: 0000000000001fe4 R15: 00007ffece459a64 [ 240.018788] Uninit was stored to memory at: [ 240.023131] kmsan_internal_chain_origin+0x136/0x240 [ 240.028243] __msan_chain_origin+0x6d/0xd0 [ 240.032494] __save_stack_trace+0x8be/0xc60 [ 240.036821] save_stack_trace+0xc6/0x110 [ 240.040977] kmsan_internal_chain_origin+0x136/0x240 [ 240.046087] kmsan_memcpy_origins+0x13d/0x1b0 [ 240.050600] __msan_memcpy+0x6f/0x80 [ 240.054357] nla_put+0x20a/0x2d0 [ 240.057729] br_port_fill_attrs+0x366/0x1ea0 [ 240.062146] br_port_fill_slave_info+0xff/0x120 [ 240.066825] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 240.071151] rtnl_dump_ifinfo+0xbe5/0x19b0 [ 240.075395] netlink_dump+0xb09/0x1750 [ 240.079293] netlink_recvmsg+0xec2/0x19d0 [ 240.083449] sock_recvmsg+0x1d1/0x230 [ 240.087261] ___sys_recvmsg+0x444/0xae0 [ 240.091246] __se_sys_recvmsg+0x2fa/0x450 [ 240.095444] __x64_sys_recvmsg+0x4a/0x70 [ 240.099539] do_syscall_64+0xcf/0x110 [ 240.103389] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 240.108582] [ 240.110225] Uninit was stored to memory at: [ 240.114587] kmsan_internal_chain_origin+0x136/0x240 [ 240.119757] __msan_chain_origin+0x6d/0xd0 [ 240.124027] __save_stack_trace+0x8be/0xc60 [ 240.128356] save_stack_trace+0xc6/0x110 [ 240.132428] kmsan_internal_chain_origin+0x136/0x240 [ 240.137541] kmsan_memcpy_origins+0x13d/0x1b0 [ 240.142085] __msan_memcpy+0x6f/0x80 [ 240.145807] nla_put+0x20a/0x2d0 [ 240.149186] br_port_fill_attrs+0x366/0x1ea0 [ 240.153606] br_port_fill_slave_info+0xff/0x120 [ 240.158290] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 240.162628] rtnl_dump_ifinfo+0xbe5/0x19b0 [ 240.166866] netlink_dump+0xb09/0x1750 [ 240.170768] netlink_recvmsg+0xec2/0x19d0 [ 240.174927] sock_recvmsg+0x1d1/0x230 [ 240.178733] ___sys_recvmsg+0x444/0xae0 [ 240.182721] __se_sys_recvmsg+0x2fa/0x450 19:10:39 executing program 4: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) fdatasync(r0) [ 240.186870] __x64_sys_recvmsg+0x4a/0x70 [ 240.190945] do_syscall_64+0xcf/0x110 [ 240.194758] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 240.199948] [ 240.201580] Uninit was stored to memory at: [ 240.205915] kmsan_internal_chain_origin+0x136/0x240 [ 240.211042] __msan_chain_origin+0x6d/0xd0 [ 240.215289] __save_stack_trace+0x8be/0xc60 [ 240.219625] save_stack_trace+0xc6/0x110 [ 240.223700] kmsan_internal_chain_origin+0x136/0x240 [ 240.228810] kmsan_memcpy_origins+0x13d/0x1b0 [ 240.233323] __msan_memcpy+0x6f/0x80 [ 240.237049] nla_put+0x20a/0x2d0 [ 240.240422] br_port_fill_attrs+0x366/0x1ea0 [ 240.244840] br_port_fill_slave_info+0xff/0x120 [ 240.249522] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 240.253854] rtnl_dump_ifinfo+0xbe5/0x19b0 [ 240.258099] netlink_dump+0xb09/0x1750 [ 240.261995] netlink_recvmsg+0xec2/0x19d0 [ 240.266151] sock_recvmsg+0x1d1/0x230 [ 240.269974] ___sys_recvmsg+0x444/0xae0 [ 240.273950] __se_sys_recvmsg+0x2fa/0x450 [ 240.278100] __x64_sys_recvmsg+0x4a/0x70 [ 240.282167] do_syscall_64+0xcf/0x110 [ 240.285976] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 240.291160] [ 240.292785] Uninit was stored to memory at: [ 240.297117] kmsan_internal_chain_origin+0x136/0x240 [ 240.302225] __msan_chain_origin+0x6d/0xd0 [ 240.306470] __save_stack_trace+0x8be/0xc60 [ 240.310823] save_stack_trace+0xc6/0x110 [ 240.314895] kmsan_internal_chain_origin+0x136/0x240 [ 240.320001] kmsan_memcpy_origins+0x13d/0x1b0 [ 240.324517] __msan_memcpy+0x6f/0x80 [ 240.328237] nla_put+0x20a/0x2d0 [ 240.331614] br_port_fill_attrs+0x366/0x1ea0 [ 240.336037] br_port_fill_slave_info+0xff/0x120 [ 240.340715] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 240.345041] rtnl_dump_ifinfo+0xbe5/0x19b0 [ 240.349281] netlink_dump+0xb09/0x1750 [ 240.353185] netlink_recvmsg+0xec2/0x19d0 [ 240.357342] sock_recvmsg+0x1d1/0x230 [ 240.361148] ___sys_recvmsg+0x444/0xae0 [ 240.365128] __se_sys_recvmsg+0x2fa/0x450 [ 240.369289] __x64_sys_recvmsg+0x4a/0x70 [ 240.373361] do_syscall_64+0xcf/0x110 [ 240.377169] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 240.382352] [ 240.383979] Uninit was stored to memory at: [ 240.388326] kmsan_internal_chain_origin+0x136/0x240 [ 240.393434] __msan_chain_origin+0x6d/0xd0 [ 240.397684] __save_stack_trace+0x8be/0xc60 [ 240.402010] save_stack_trace+0xc6/0x110 [ 240.406079] kmsan_internal_chain_origin+0x136/0x240 [ 240.411195] kmsan_memcpy_origins+0x13d/0x1b0 [ 240.415697] __msan_memcpy+0x6f/0x80 [ 240.419421] nla_put+0x20a/0x2d0 [ 240.422795] br_port_fill_attrs+0x366/0x1ea0 [ 240.427213] br_port_fill_slave_info+0xff/0x120 [ 240.431889] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 240.436218] rtnl_dump_ifinfo+0xbe5/0x19b0 [ 240.440463] netlink_dump+0xb09/0x1750 [ 240.444362] netlink_recvmsg+0xec2/0x19d0 [ 240.448523] sock_recvmsg+0x1d1/0x230 [ 240.452331] ___sys_recvmsg+0x444/0xae0 [ 240.456313] __se_sys_recvmsg+0x2fa/0x450 [ 240.460468] __x64_sys_recvmsg+0x4a/0x70 [ 240.464551] do_syscall_64+0xcf/0x110 [ 240.468359] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 240.473547] [ 240.475175] Uninit was stored to memory at: [ 240.479513] kmsan_internal_chain_origin+0x136/0x240 [ 240.484637] __msan_chain_origin+0x6d/0xd0 [ 240.488877] __save_stack_trace+0x8be/0xc60 [ 240.493204] save_stack_trace+0xc6/0x110 [ 240.497288] kmsan_internal_chain_origin+0x136/0x240 [ 240.502400] kmsan_memcpy_origins+0x13d/0x1b0 [ 240.506901] __msan_memcpy+0x6f/0x80 [ 240.510626] nla_put+0x20a/0x2d0 [ 240.514004] br_port_fill_attrs+0x366/0x1ea0 [ 240.518427] br_port_fill_slave_info+0xff/0x120 [ 240.523101] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 240.527434] rtnl_dump_ifinfo+0xbe5/0x19b0 [ 240.531671] netlink_dump+0xb09/0x1750 [ 240.535568] netlink_recvmsg+0xec2/0x19d0 [ 240.539725] sock_recvmsg+0x1d1/0x230 [ 240.543529] ___sys_recvmsg+0x444/0xae0 [ 240.547515] __se_sys_recvmsg+0x2fa/0x450 [ 240.551669] __x64_sys_recvmsg+0x4a/0x70 [ 240.555739] do_syscall_64+0xcf/0x110 [ 240.559549] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 240.564734] [ 240.566359] Uninit was stored to memory at: [ 240.570712] kmsan_internal_chain_origin+0x136/0x240 [ 240.575823] __msan_chain_origin+0x6d/0xd0 [ 240.580063] __save_stack_trace+0x8be/0xc60 [ 240.584393] save_stack_trace+0xc6/0x110 [ 240.588461] kmsan_internal_chain_origin+0x136/0x240 [ 240.593579] kmsan_memcpy_origins+0x13d/0x1b0 [ 240.598081] __msan_memcpy+0x6f/0x80 [ 240.601798] nla_put+0x20a/0x2d0 [ 240.605175] br_port_fill_attrs+0x366/0x1ea0 [ 240.609594] br_port_fill_slave_info+0xff/0x120 [ 240.614276] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 240.618614] rtnl_dump_ifinfo+0xbe5/0x19b0 [ 240.622857] netlink_dump+0xb09/0x1750 [ 240.626755] netlink_recvmsg+0xec2/0x19d0 [ 240.630912] sock_recvmsg+0x1d1/0x230 [ 240.634720] ___sys_recvmsg+0x444/0xae0 [ 240.638701] __se_sys_recvmsg+0x2fa/0x450 [ 240.642857] __x64_sys_recvmsg+0x4a/0x70 [ 240.646925] do_syscall_64+0xcf/0x110 [ 240.650732] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 240.655915] [ 240.657543] Local variable description: ----c.i.i@should_fail [ 240.663426] Variable was created at: [ 240.667233] should_fail+0x162/0x13c0 [ 240.671048] __alloc_pages_nodemask+0x6fd/0x6640 [ 241.848030] IPVS: ftp: loaded support on port[0] = 21 [ 242.990000] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 243.326494] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 243.666510] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 243.673674] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready 19:10:42 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, &(0x7f00000000c0)="c744240006000000c744240200000080c7442406000000000f01142466b8c2008ec80f070f0f369a0f2002674669f9c12c000026660f38157e0f660f0dbead00000066baf80cb8bcecb281ef66bafc0cb80b000000ef0f20d835080000000f22d8", 0x61}], 0x1, 0x0, &(0x7f0000000180), 0x0) ioctl$KVM_NMI(r2, 0xae9a) fsetxattr$security_evm(0xffffffffffffffff, &(0x7f0000000040)='security.evm\x00', &(0x7f0000000080)=ANY=[@ANYBLOB="d4"], 0x1, 0x0) ioctl$sock_inet_SIOCGIFDSTADDR(0xffffffffffffffff, 0x8917, &(0x7f0000000000)={'teql0\x00', {0x2, 0x0, @dev}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f00000023c0)={&(0x7f0000000140), 0xc, &(0x7f0000002040)=[{&(0x7f0000001000)=ANY=[@ANYBLOB="4c0a00001100000000000000000000003c0a0000237b16c90236d4cd6a7df56d2797fab687064802955f421ca4c9d5062dfbdadec806813d52261fe9f2116a032ac853361a4504725094101336eb12de9ae251eeed32"], 0x1}], 0x1, &(0x7f0000002300)}, 0x0) [ 243.910109] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html for details. [ 244.016264] 8021q: adding VLAN 0 to HW filter on device bond0 [ 244.136018] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 244.143274] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready 19:10:43 executing program 0: r0 = socket(0x10, 0x802, 0x0) sendmsg$nl_route(r0, &(0x7f00000009c0)={&(0x7f0000000280), 0xc, &(0x7f0000000040)={&(0x7f0000000900)=@bridge_delneigh={0x30, 0x1d, 0x29, 0x0, 0x0, {0xa}, [@NDA_DST_IPV6={0x14, 0x1, @loopback}]}, 0x30}}, 0x44040) 19:10:43 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = syz_open_dev$audion(&(0x7f0000000040)='/dev/audio#\x00', 0x4, 0x10000) ioctl$UI_GET_VERSION(r1, 0x8004552d, &(0x7f0000000080)) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r2 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfffffffffffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)) munmap(&(0x7f00001be000/0x1000)=nil, 0x1000) syz_open_dev$media(&(0x7f00000000c0)='/dev/media#\x00', 0x8, 0x18280) mmap(&(0x7f00001bd000/0x2000)=nil, 0x2000, 0x0, 0x11, r2, 0x0) 19:10:44 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000340)='/dev/dsp\x00', 0x2000, 0x0) getsockopt$inet_sctp_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000480)={0x0, 0x3cd, 0x4, [0x81, 0xb85, 0x100000000, 0x6]}, &(0x7f00000004c0)=0x10) setsockopt$inet_sctp_SCTP_ADD_STREAMS(r1, 0x84, 0x79, &(0x7f0000000500)={r2, 0xd2, 0x4f9c}, 0x8) recvmsg(r0, &(0x7f0000000300)={&(0x7f0000000000)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x80, &(0x7f0000000280)=[{&(0x7f00000001c0)=""/177, 0xb1}, {&(0x7f0000000080)=""/98, 0x62}], 0x2, &(0x7f00000003c0)=""/164, 0xa4, 0x80000000}, 0x20) bind$alg(r0, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'wp384-generic\x00'}, 0x58) r3 = accept4(r0, 0x0, &(0x7f0000000180), 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000380)='net/ipv6_route\x00') sendfile(r3, r4, &(0x7f00000002c0), 0x8) [ 245.370711] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 245.378802] team0: Port device team_slave_0 added [ 245.559817] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready 19:10:44 executing program 0: r0 = socket$inet(0x10, 0x3, 0x4) socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f000000d000)=[{&(0x7f0000008000)="4c0000001200ff09fffefd956fa283b724a6f0d200004e22000000683540150024001d001fc41180b598bc593ab68211487d8b8820a49868c62b2ca654a6613b6aabf35d0f1cbc882b079881", 0x4c}], 0x1}, 0x0) r2 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x3ff, 0x0) write$P9_RVERSION(r2, &(0x7f0000000040)={0x15, 0x65, 0xffff, 0x6, 0x8, '9P2000.L'}, 0x15) [ 245.741200] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 245.749361] team0: Port device team_slave_1 added [ 246.155699] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 246.162879] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 246.171464] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready 19:10:45 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB='d']) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000440)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000400), 0x100000000000000c) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 246.507904] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 246.515088] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 246.523785] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready 19:10:45 executing program 0: sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000), 0xc, &(0x7f0000000140)={&(0x7f00000005c0)=ANY=[]}}, 0x0) setsockopt(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000), 0x41) syz_emit_ethernet(0x66, &(0x7f00000001c0)={@remote, @dev={[], 0x17}, [{[{0x9100, 0x100000001, 0x9, 0x1}], {0x8100, 0x7, 0x8, 0x2}}], {@ipv4={0x800, {{0x10, 0x4, 0x538, 0xffff, 0x50, 0x68, 0x2, 0x4, 0x0, 0x0, @local, @dev={0xac, 0x14, 0x14, 0xd}, {[@timestamp={0x44, 0x2c, 0x1, 0x3, 0x400, [{[@dev={0xac, 0x14, 0x14, 0x12}], 0x7}, {[], 0x9}, {[@broadcast], 0x10001}, {[], 0x1}, {[@multicast2], 0x6}, {[], 0x1}, {[], 0x7b1}]}]}}, @dccp={{0x4e24, 0x4e21, 0x4, 0x1, 0x1ff, 0x0, 0x0, 0x8, 0x8, "a9abe2", 0x7, "6aaa4c"}}}}}}, 0x0) dup(0xffffffffffffffff) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="7f454c4600000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000003800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003f74f8ddec66dfc43120fc895b2b631526561f75b0"], 0x78) [ 246.961714] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 246.969429] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 246.978349] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 247.174237] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 247.180660] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 247.188534] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready 19:10:46 executing program 0: unshare(0x20040600) r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vhost-vsock\x00', 0x2, 0x0) fcntl$getown(r0, 0x9) r1 = dup3(r0, r0, 0x80000) ioctl$VT_RELDISP(r1, 0x5605) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x0, 0x40031, 0xffffffffffffffff, 0x0) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f00000006c0)) r2 = creat(&(0x7f0000000040)='./file0\x00', 0x44) openat$cgroup_subtree(r2, &(0x7f0000000080)='cgroup.subtree_control\x00', 0x2, 0x0) r3 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x402, 0x0) ioctl$VT_RELDISP(r3, 0x5605) [ 247.398521] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 247.406294] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 247.415167] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 248.193000] bridge0: port 1(bridge_slave_0) entered blocking state [ 248.199498] bridge0: port 1(bridge_slave_0) entered disabled state [ 248.208110] device bridge_slave_0 entered promiscuous mode [ 248.521346] bridge0: port 2(bridge_slave_1) entered blocking state [ 248.528115] bridge0: port 2(bridge_slave_1) entered disabled state [ 248.536612] device bridge_slave_1 entered promiscuous mode [ 248.618771] 8021q: adding VLAN 0 to HW filter on device team0 [ 248.858924] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 249.150223] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 250.112180] ip (7379) used greatest stack depth: 53504 bytes left [ 250.151028] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 250.433548] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 250.680508] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 250.688671] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 251.036025] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 251.043256] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 251.151506] bridge0: port 2(bridge_slave_1) entered blocking state [ 251.158091] bridge0: port 2(bridge_slave_1) entered forwarding state [ 251.165137] bridge0: port 1(bridge_slave_0) entered blocking state [ 251.171598] bridge0: port 1(bridge_slave_0) entered forwarding state [ 251.179856] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 251.653293] 8021q: adding VLAN 0 to HW filter on device bond0 [ 251.772684] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 251.900915] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 251.909071] team0: Port device team_slave_0 added [ 252.139036] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 252.147194] team0: Port device team_slave_1 added [ 252.382945] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 252.390042] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 252.398759] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 252.648711] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 252.656026] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 252.665020] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 252.720364] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 252.863640] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 252.871213] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 252.880217] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 253.141079] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 253.149081] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 253.157987] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 253.652025] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 253.658642] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 253.666506] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 254.712059] 8021q: adding VLAN 0 to HW filter on device team0 19:10:54 executing program 1: r0 = socket$can_raw(0x1d, 0x3, 0x1) arch_prctl(0x0, &(0x7f0000000180)="e1dfc0c9eda0b5801dfa438ad780c547f1386236634511a40ebc29fa138eb0ee21baba18f2893c49c17706d35ac9") bind$can_raw(r0, &(0x7f0000000140), 0x10) setsockopt(r0, 0x65, 0x1, &(0x7f0000000080), 0x1d0) ioctl$sock_inet_SIOCGIFADDR(r0, 0x8915, &(0x7f0000000000)={'gre0\x00', {0x2, 0x0, @local}}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) close(r0) [ 255.506823] hrtimer: interrupt took 90969 ns [ 256.281963] bridge0: port 2(bridge_slave_1) entered blocking state [ 256.288541] bridge0: port 2(bridge_slave_1) entered forwarding state [ 256.295618] bridge0: port 1(bridge_slave_0) entered blocking state [ 256.302090] bridge0: port 1(bridge_slave_0) entered forwarding state [ 256.310531] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 256.317211] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 259.686185] not chained 20000 origins [ 259.690061] CPU: 0 PID: 7689 Comm: ip Not tainted 4.19.0+ #83 [ 259.695949] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 259.705311] Call Trace: [ 259.707916] dump_stack+0x32d/0x480 [ 259.711560] ? save_stack_trace+0xc6/0x110 [ 259.715815] kmsan_internal_chain_origin+0x222/0x240 [ 259.720941] ? kmsan_internal_chain_origin+0x136/0x240 [ 259.726227] ? __msan_chain_origin+0x6d/0xd0 [ 259.730645] ? __save_stack_trace+0x8be/0xc60 [ 259.735147] ? save_stack_trace+0xc6/0x110 [ 259.739392] ? kmsan_internal_chain_origin+0x136/0x240 [ 259.744679] ? kmsan_memcpy_origins+0x13d/0x1b0 [ 259.749357] ? __msan_memcpy+0x6f/0x80 [ 259.753254] ? nla_put+0x20a/0x2d0 [ 259.756807] ? br_port_fill_attrs+0x366/0x1ea0 [ 259.761399] ? br_port_fill_slave_info+0xff/0x120 [ 259.766251] ? rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 259.770752] ? rtnl_dump_ifinfo+0xbe5/0x19b0 [ 259.775169] ? netlink_dump+0xb09/0x1750 [ 259.779236] ? netlink_recvmsg+0xec2/0x19d0 19:10:58 executing program 2: r0 = socket$can_raw(0x1d, 0x3, 0x1) arch_prctl(0x0, &(0x7f0000000180)="e1dfc0c9eda0b5801dfa438ad780c547f1386236634511a40ebc29fa138eb0ee21baba18f2893c49c17706d35ac957") bind$can_raw(r0, &(0x7f0000000140), 0x10) setsockopt(r0, 0x65, 0x1, &(0x7f0000000080), 0x1d0) ioctl$sock_inet_SIOCGIFADDR(r0, 0x8915, &(0x7f0000000000)={'gre0\x00', {0x2, 0x4e23, @local}}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) close(r0) [ 259.783722] ? sock_recvmsg+0x1d1/0x230 [ 259.787702] ? ___sys_recvmsg+0x444/0xae0 [ 259.791850] ? __se_sys_recvmsg+0x2fa/0x450 [ 259.796175] ? __x64_sys_recvmsg+0x4a/0x70 [ 259.800426] ? do_syscall_64+0xcf/0x110 [ 259.804408] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 259.809800] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 259.815175] ? __module_address+0x6a/0x610 [ 259.819436] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 259.824816] ? is_bpf_text_address+0x49e/0x4d0 [ 259.829419] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 259.834880] ? in_task_stack+0x12c/0x210 [ 259.838964] __msan_chain_origin+0x6d/0xd0 [ 259.843214] ? netlink_dump+0xb09/0x1750 [ 259.847293] __save_stack_trace+0x8be/0xc60 [ 259.851639] ? netlink_dump+0xb09/0x1750 [ 259.855706] save_stack_trace+0xc6/0x110 [ 259.859771] kmsan_internal_chain_origin+0x136/0x240 [ 259.864880] ? kmsan_internal_chain_origin+0x136/0x240 [ 259.870147] ? kmsan_memcpy_origins+0x13d/0x1b0 [ 259.874824] ? __msan_memcpy+0x6f/0x80 [ 259.878698] ? nla_put+0x20a/0x2d0 [ 259.882229] ? br_port_fill_attrs+0x42b/0x1ea0 [ 259.886808] ? br_port_fill_slave_info+0xff/0x120 [ 259.891641] ? rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 259.896129] ? rtnl_dump_ifinfo+0xbe5/0x19b0 [ 259.900523] ? netlink_dump+0xb09/0x1750 [ 259.904570] ? netlink_recvmsg+0xec2/0x19d0 [ 259.908883] ? sock_recvmsg+0x1d1/0x230 [ 259.912850] ? ___sys_recvmsg+0x444/0xae0 [ 259.916982] ? __se_sys_recvmsg+0x2fa/0x450 [ 259.921304] ? __x64_sys_recvmsg+0x4a/0x70 [ 259.925524] ? do_syscall_64+0xcf/0x110 [ 259.929505] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 259.934857] ? __msan_poison_alloca+0x1e0/0x2b0 [ 259.939554] ? kmsan_set_origin+0x83/0x130 [ 259.943795] ? kmsan_internal_unpoison_shadow+0x83/0xe0 [ 259.949254] kmsan_memcpy_origins+0x13d/0x1b0 [ 259.953741] __msan_memcpy+0x6f/0x80 [ 259.957618] nla_put+0x20a/0x2d0 [ 259.960975] br_port_fill_attrs+0x42b/0x1ea0 [ 259.965391] br_port_fill_slave_info+0xff/0x120 [ 259.970047] ? br_port_get_slave_size+0x30/0x30 [ 259.974708] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 259.979019] ? vcs_fasync+0x19a/0x1e0 [ 259.982820] rtnl_dump_ifinfo+0xbe5/0x19b0 [ 259.987081] ? kmsan_internal_unpoison_shadow+0x83/0xe0 [ 259.992449] ? rtnl_getlink+0xde0/0xde0 [ 259.996428] netlink_dump+0xb09/0x1750 [ 260.000310] netlink_recvmsg+0xec2/0x19d0 [ 260.004509] sock_recvmsg+0x1d1/0x230 [ 260.008300] ? netlink_sendmsg+0x1440/0x1440 [ 260.012888] ___sys_recvmsg+0x444/0xae0 [ 260.016862] ? __msan_poison_alloca+0x1e0/0x2b0 [ 260.021525] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 260.026914] ? __fdget+0x23c/0x440 [ 260.030445] __se_sys_recvmsg+0x2fa/0x450 [ 260.034588] __x64_sys_recvmsg+0x4a/0x70 [ 260.038635] do_syscall_64+0xcf/0x110 [ 260.042436] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 260.047612] RIP: 0033:0x7f16d0dd7210 [ 260.051314] Code: 31 d2 48 29 c2 64 89 11 48 83 c8 ff eb ea 90 90 90 90 90 90 90 90 90 90 90 90 83 3d e5 d3 2a 00 00 75 10 b8 2f 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 6e bb 00 00 48 89 04 24 [ 260.070203] RSP: 002b:00007fff22fd5378 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 260.077903] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f16d0dd7210 [ 260.085160] RDX: 0000000000000000 RSI: 00007fff22fd53c0 RDI: 0000000000000003 [ 260.092426] RBP: 0000000000001c24 R08: 00007f16d1080ec8 R09: 00007f16d0e1dc00 [ 260.099713] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006395c0 [ 260.106983] R13: 00007fff22fd9450 R14: 0000000000001c24 R15: 00007fff22fd7024 [ 260.114267] Uninit was stored to memory at: [ 260.118585] kmsan_internal_chain_origin+0x136/0x240 [ 260.123675] __msan_chain_origin+0x6d/0xd0 [ 260.127915] __save_stack_trace+0x8be/0xc60 [ 260.132223] save_stack_trace+0xc6/0x110 [ 260.136278] kmsan_internal_chain_origin+0x136/0x240 [ 260.141369] kmsan_memcpy_origins+0x13d/0x1b0 [ 260.145850] __msan_memcpy+0x6f/0x80 [ 260.149548] nla_put+0x20a/0x2d0 [ 260.153016] br_port_fill_attrs+0x366/0x1ea0 [ 260.157408] br_port_fill_slave_info+0xff/0x120 [ 260.162060] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 260.166368] rtnl_dump_ifinfo+0xbe5/0x19b0 [ 260.170604] netlink_dump+0xb09/0x1750 [ 260.174484] netlink_recvmsg+0xec2/0x19d0 [ 260.178618] sock_recvmsg+0x1d1/0x230 [ 260.182407] ___sys_recvmsg+0x444/0xae0 [ 260.186363] __se_sys_recvmsg+0x2fa/0x450 [ 260.190500] __x64_sys_recvmsg+0x4a/0x70 [ 260.194560] do_syscall_64+0xcf/0x110 [ 260.198346] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 260.203515] [ 260.205123] Uninit was stored to memory at: [ 260.209464] kmsan_internal_chain_origin+0x136/0x240 [ 260.214580] __msan_chain_origin+0x6d/0xd0 [ 260.218806] __save_stack_trace+0x8be/0xc60 [ 260.223111] save_stack_trace+0xc6/0x110 [ 260.227157] kmsan_internal_chain_origin+0x136/0x240 [ 260.232259] kmsan_memcpy_origins+0x13d/0x1b0 [ 260.236753] __msan_memcpy+0x6f/0x80 [ 260.240450] nla_put+0x20a/0x2d0 [ 260.243808] br_port_fill_attrs+0x366/0x1ea0 [ 260.248202] br_port_fill_slave_info+0xff/0x120 [ 260.252859] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 260.257182] rtnl_dump_ifinfo+0xbe5/0x19b0 [ 260.261406] netlink_dump+0xb09/0x1750 [ 260.265285] netlink_recvmsg+0xec2/0x19d0 [ 260.269426] sock_recvmsg+0x1d1/0x230 [ 260.273211] ___sys_recvmsg+0x444/0xae0 [ 260.277169] __se_sys_recvmsg+0x2fa/0x450 [ 260.281303] __x64_sys_recvmsg+0x4a/0x70 [ 260.285354] do_syscall_64+0xcf/0x110 [ 260.289139] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 260.294308] [ 260.295918] Uninit was stored to memory at: [ 260.300224] kmsan_internal_chain_origin+0x136/0x240 [ 260.305314] __msan_chain_origin+0x6d/0xd0 [ 260.309533] __save_stack_trace+0x8be/0xc60 [ 260.313852] save_stack_trace+0xc6/0x110 [ 260.317898] kmsan_internal_chain_origin+0x136/0x240 [ 260.322988] kmsan_memcpy_origins+0x13d/0x1b0 [ 260.327468] __msan_memcpy+0x6f/0x80 [ 260.331171] nla_put+0x20a/0x2d0 [ 260.334527] br_port_fill_attrs+0x366/0x1ea0 [ 260.338919] br_port_fill_slave_info+0xff/0x120 [ 260.343576] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 260.347883] rtnl_dump_ifinfo+0xbe5/0x19b0 [ 260.352137] netlink_dump+0xb09/0x1750 [ 260.356014] netlink_recvmsg+0xec2/0x19d0 [ 260.360164] sock_recvmsg+0x1d1/0x230 [ 260.363951] ___sys_recvmsg+0x444/0xae0 [ 260.367906] __se_sys_recvmsg+0x2fa/0x450 [ 260.372035] __x64_sys_recvmsg+0x4a/0x70 [ 260.376080] do_syscall_64+0xcf/0x110 [ 260.379864] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 260.385034] [ 260.386648] Uninit was stored to memory at: [ 260.390958] kmsan_internal_chain_origin+0x136/0x240 [ 260.396060] __msan_chain_origin+0x6d/0xd0 [ 260.400279] __save_stack_trace+0x8be/0xc60 [ 260.404691] save_stack_trace+0xc6/0x110 [ 260.408738] kmsan_internal_chain_origin+0x136/0x240 [ 260.413827] kmsan_memcpy_origins+0x13d/0x1b0 [ 260.418310] __msan_memcpy+0x6f/0x80 [ 260.422009] nla_put+0x20a/0x2d0 [ 260.425364] br_port_fill_attrs+0x366/0x1ea0 [ 260.429757] br_port_fill_slave_info+0xff/0x120 [ 260.434411] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 260.438718] rtnl_dump_ifinfo+0xbe5/0x19b0 [ 260.442939] netlink_dump+0xb09/0x1750 [ 260.446811] netlink_recvmsg+0xec2/0x19d0 [ 260.450946] sock_recvmsg+0x1d1/0x230 [ 260.454745] ___sys_recvmsg+0x444/0xae0 [ 260.458703] __se_sys_recvmsg+0x2fa/0x450 [ 260.462836] __x64_sys_recvmsg+0x4a/0x70 [ 260.466883] do_syscall_64+0xcf/0x110 [ 260.470671] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 260.475845] [ 260.477453] Uninit was stored to memory at: [ 260.481766] kmsan_internal_chain_origin+0x136/0x240 [ 260.486862] __msan_chain_origin+0x6d/0xd0 [ 260.491086] __save_stack_trace+0x8be/0xc60 [ 260.495392] save_stack_trace+0xc6/0x110 [ 260.499437] kmsan_internal_chain_origin+0x136/0x240 [ 260.504525] kmsan_memcpy_origins+0x13d/0x1b0 [ 260.509003] __msan_memcpy+0x6f/0x80 [ 260.512702] nla_put+0x20a/0x2d0 [ 260.516054] br_port_fill_attrs+0x366/0x1ea0 [ 260.520447] br_port_fill_slave_info+0xff/0x120 [ 260.525103] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 260.529429] rtnl_dump_ifinfo+0xbe5/0x19b0 [ 260.533655] netlink_dump+0xb09/0x1750 [ 260.537535] netlink_recvmsg+0xec2/0x19d0 [ 260.541692] sock_recvmsg+0x1d1/0x230 [ 260.545484] ___sys_recvmsg+0x444/0xae0 [ 260.549446] __se_sys_recvmsg+0x2fa/0x450 [ 260.553583] __x64_sys_recvmsg+0x4a/0x70 [ 260.557631] do_syscall_64+0xcf/0x110 [ 260.561414] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 260.566584] [ 260.568198] Uninit was stored to memory at: [ 260.572507] kmsan_internal_chain_origin+0x136/0x240 [ 260.577594] __msan_chain_origin+0x6d/0xd0 [ 260.581816] __save_stack_trace+0x8be/0xc60 [ 260.586140] save_stack_trace+0xc6/0x110 [ 260.590190] kmsan_internal_chain_origin+0x136/0x240 [ 260.595281] kmsan_memcpy_origins+0x13d/0x1b0 [ 260.599761] __msan_memcpy+0x6f/0x80 [ 260.603462] nla_put+0x20a/0x2d0 [ 260.606822] br_port_fill_attrs+0x366/0x1ea0 [ 260.611217] br_port_fill_slave_info+0xff/0x120 [ 260.615875] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 260.620179] rtnl_dump_ifinfo+0xbe5/0x19b0 [ 260.624401] netlink_dump+0xb09/0x1750 [ 260.628273] netlink_recvmsg+0xec2/0x19d0 [ 260.632419] sock_recvmsg+0x1d1/0x230 [ 260.636220] ___sys_recvmsg+0x444/0xae0 [ 260.640177] __se_sys_recvmsg+0x2fa/0x450 [ 260.644332] __x64_sys_recvmsg+0x4a/0x70 [ 260.648384] do_syscall_64+0xcf/0x110 [ 260.652174] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 260.657341] [ 260.658949] Uninit was stored to memory at: [ 260.663258] kmsan_internal_chain_origin+0x136/0x240 [ 260.668343] __msan_chain_origin+0x6d/0xd0 [ 260.672595] __save_stack_trace+0x8be/0xc60 [ 260.676905] save_stack_trace+0xc6/0x110 [ 260.680952] kmsan_internal_chain_origin+0x136/0x240 [ 260.686042] kmsan_memcpy_origins+0x13d/0x1b0 [ 260.690520] __msan_memcpy+0x6f/0x80 [ 260.694320] nla_put+0x20a/0x2d0 [ 260.697670] br_port_fill_attrs+0x366/0x1ea0 [ 260.702062] br_port_fill_slave_info+0xff/0x120 [ 260.706717] rtnl_fill_ifinfo+0x5b6e/0x6d80 [ 260.711025] rtnl_dump_ifinfo+0xbe5/0x19b0 [ 260.715254] netlink_dump+0xb09/0x1750 [ 260.719124] netlink_recvmsg+0xec2/0x19d0 [ 260.723260] sock_recvmsg+0x1d1/0x230 [ 260.727046] ___sys_recvmsg+0x444/0xae0 [ 260.731002] __se_sys_recvmsg+0x2fa/0x450 [ 260.735137] __x64_sys_recvmsg+0x4a/0x70 [ 260.739191] do_syscall_64+0xcf/0x110 [ 260.742987] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 260.748156] [ 260.749768] Local variable description: ----c.i.i@should_fail [ 260.755639] Variable was created at: [ 260.759342] should_fail+0x162/0x13c0 [ 260.763134] __alloc_pages_nodemask+0x6fd/0x6640 [ 261.372121] 8021q: adding VLAN 0 to HW filter on device bond0 [ 261.864740] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 262.349711] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 262.356224] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 262.364144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 262.867327] 8021q: adding VLAN 0 to HW filter on device team0 [ 264.080511] 8021q: adding VLAN 0 to HW filter on device bond0 [ 264.567013] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 265.052453] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 265.058886] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 265.067248] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 265.560739] 8021q: adding VLAN 0 to HW filter on device team0 19:11:05 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x6, 0x4882) write$P9_RAUTH(r0, &(0x7f0000000040)={0x14, 0x67, 0x1, {0x4, 0x0, 0x5}}, 0x14) getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r0, 0x84, 0x1a, &(0x7f0000000080)={0x0, 0x1000, "f2aa428c98a8a0af1678fa7e0f233320e9206166a1092a5f833413e7c83100e4c7f9a78caee97d8115f75d6d18e48382ef678575020d9ef98a578d06cfdf44c33d5204430f95b75f1d042629cb7799a3b4a3aeb91b16b0e09ba46ae0239f0150c1d20a6196251044906e6fee980d38b438c0a9d8e7cba4f7ce1b2c0a774bd274efa3ba9c0a26ecfa40c085643fda99c89a13d09e54d3413c95d83e6d182e71f67fc64602161940ad42be482af0f9703b7668d44560b20a64fa71d7670c27d7f2c7aa6bbb9beea3a850dfdf0e52fc5c1226ec44b8f04e82a63540215e8b2e374d09c4b31827f5d1ffc5515448676a8844c264882c673bb2a52861b58bc05670b7370575b6f0569125b0265dfa5816b404df6e5e1ddca0f8341f6db892cb181ebf46481df5d1d995d6ea029c3a26923cd040fa5d5f58d5f5da5cb12815035227d8a7566981b24f4a26f17b241a6ccb65eee3907ce69008544b83a1a0b98b076275384e10d8d2ed22412309b0db7111b5be17898ad4f58768d1dec888126c0ddedd156f028cfbc24bb0b02e2e8d6416eb233aa5284bc4b65b1fa9b15cf30e0797f89130656617b669abb7186a8cd268ab3d79528d68948da9c029dbeebb8bf66e588adb1cb223ee85298fe5ebc09b8535f5a85089ab3c40bc5567b1fb4a3e5e5858e5ade9ff0027b6bb488897e72bf8e97c2c89dfb7f46f2caa89caa4a06217730aa8d5b6b357bfa07722d81e847549884c690401152e933850f518477dcdc4da1a9ad0f1dae92c616aeebe1ffee4b2da43b15e5afe8040ccafbdab32f9680ce8595b5b8b0a626c7e8dcd08a6e2f3bdc470e51d8098af45749afac105f14c70f55898251c148f31b86bc47e20b0ddbe274c969ab5b1e2fd4da67637f0780c72f57db7bf1639bd72097ec93c36a0f6ef8fcd459ae504999abbd6083d35fd6da8d928753fe837e07b157924cfdb276ba7ab4b9b40e9807dc896044f22f88e2bd4b86c0f83b3248da5d13a2e99ca87c9c4aba71933b4037ec8e65345bcef630b6df9249863ec94d1293bfc15ed153a24d727f36bb64b3dd341644b9486f5af159def6842728bf5d1341d6e68d1f5959ad353e9737c1b176562239be8f93f2aab4c3c50f6d4c09c03d13b8830d426997929d70006df88e1296cd397aa101dab2d1cffe307657781f4513f920112f39a63f151aabde487f2461511a6ef839366386475fb755ad471ef416b25c157bc5e080074d5c7f743f9b58766d7d97d11ecc8fb7e6d95b38f878b78d337a81372170a49423578151e6e0eb34c652ff1513af21ec83723ae1c9753e4c0ad512c58a2c9d296bdb8f126794035c7991ac488662ece1de39aab18bb6e9f0aba0e00fd6aa0e192d0f69a57a8acf677af02b7ab3695a7a2c1171bbfb0c6c9789682734a5379f79034cac0afb04a2d49e4ae72e12442bccfb823d11c63f33ced1c63ff12c818c0da68bad0db20827af5474a578d818b082bddc58f2f3e06ea8bb380d4b9dbafe041e5a08080fdddc026a33a2b1e65f7d282bdadefde8909df271b1f42f748a316982c6ce61c6bf020fbc95da5b256b1d6fbf9807497dfb1e68c337f0d0709b0c1b1deff767002052792603e08d48923e21a0fa5b8d22c2517f15495f87cf59ea23f2fccefb20fc8582791e2db0cda23f3a39d91031f81da8c41196dd6d344f7b78ead54a447ccddc87fba6e571ea412bf2b2fe3d505b5aaf8a18b173b746525561ab37d4f5dfbb9bb4680f2ff780add965e498f0cd3151bb57440eb3857a2262575e75cfc1f594a829f81d4b771b7fc531f0673b2f88f2c60a66eb3899a4ccbed076bf80c52992b8a413d3e5c8d3e9cd12deaeb6ef468c554b424e114de574637b045117992ad06ec3ed0706f37c548a905d9498d14512618bd3c915066433c1ec5ed73f82cb1ca6e2bbba115f10ce6937edb9ef8dceda00e8f639b523a4c2904c06e769b8cfd41d582752dbf38b255ed12a8b3bf1274d341b0c23465a24eb3fae321ef2e9afb99f9ae9c64b3a3a9129e8546944370a66108ea28a3d6756fcb759e618219f66596ec33309c013d0ca96db304082815360d48ed40112bb526a58795f22626cebb3c10d07a0928273c61a3c4b0670dd7e9738cf3ee93641683541fccd75eae7be1c8671ba4313d734ac0ee5c99967893723d0a2ff1ad2c5a3b8a9310d7f7992c38c5f4f9c1333befc91be8d1a11711c8c13936444f3d3cc72d1f2ea123844317a15f3c04b7db8d4b73fee8f8c760d12a59777f83c044bac3b0bcd9ddcf9af83e5f7e70fc6bae7274a8ff0bd7e9bf905c20edb88a8ebab4dd09cdc0fb39ab7a185f689555d9ba29d4c65555e286fda5da92e8cc890249e79ae89397d2b22833bdf034f9e4eaee53ca992035b79010cdb7a3dbc014cdde5bfc47bfaacaf12db1ae61c75cd147ce562c2746c76e1ed519f8a84c2320b23ea40aedcd5a4bb27b782b1b5da0a82c49e6b4d909c0973baaf953f4d22e656672851ec6dea0d3909f191d9f419b1dd6caa03f3a77f7bc5dda7e2f556d0981887a04826a014f9cb13ddd44703bbcc59e48ccd16cfbb5c2f4adfd4ed731668010fca8a1141f359c4ff1740c817c7fb6374fb547a4c47e78313058593257d37cf0f0322f729873d055c37f2a74db16005878b672bf03dbe0508292886bbf25dfaff448bf3f960677cff6112a88aa2ef5c9eb48f279dbfaaae7a8a0e2deb41db937ed99801afe059af4ff9053e17f269dfa7281ace39198711b403d85e308f136753a549606b8e6232b893d7f8211067cb6e3d068e2da3e8669ea0a9f4f7056c06d9a09a3562c0735e4ba6217397ece984d71775660dadf02ff728eecfe5c0d62dd91ec3467d3ece1866944f4eded80cac919162e306464e668d310c07ea72cc3c1ac3f100baf15593f76d1e4c642a13a1e8ab7112bd7b453a4d9531352b929fdd7c9fef277f490a7e91b7bb88ae801e0893924e502b8e3e5035cc85e800e706e4a9b66399cc39055d7e0ab3a21997277ae2d637df061f40c66cd56f2687f0b07ae85d2f1fc5314b3d7eaaecb4d5fb8e712ebe411da2867a88ee1bed263beef7e3206b27612a87c1e2f2bbf42411bb8d594c4390c7e03f7ccfac629eaca6102e7e2b4353169bd6f680c147f9c0454045ce4e8affd961290cfe2bbe55d6d3a9c95366bc0da36a2d67832e3036a08e4c5307b966fcff9ab0f8d338a95f4ff0607d1e2340b5feaf8ad922b322f7e21f840f850305b86559d8b7cf25421e8d0ad024ea925155deedb2e551419827187db79749217d96756d21e342f586e7931e9625378c295a5df862367cf1d056e71f3615547bd7dd7fb378ccc52e26f6f8ab94d67530f58eac4a28b73851c7a68a01b2c4638eadba1b09380ed30560f00a82b1bfbf2b3b0ce7e3ffda54a4312c72d2444a9507b563fedb2150960d53886fcb3dfc9e4bb8cf83010c5b69903ee404fe37426cee84e573a9120ae4e8784f1991598a8c5c7f4aba5f2d44c8f7af09ec5e1625b5f9826f535459dc0ea9e9cea5c2934b4512da7ef939c8a5fc5f4e56e089c3066807f5d3ab5314cbe20d2c6e11e259efd1d14168acefe45038dc4dd777326a3024363e1eff18269c9d369b71386122eb632a5c7623e3bc0b6062fd3a4fad62ab832798ef7382d6198401fb9d1e1de9be60e9bbb2f935e0802ef9170a7f70082afc4ef19f580bf8822da5d0a03ca7e563fe633f2e5abe819123596d75c5c0b841780693e884f2889f34795ddf90fccdfeef378fbe651c6edbf63013ad64249653a85a9c4dba63393a27f9d57658057221c734e6dcd347e5aff24dc8dc36efe93690308a08fb114f5c81361616e4fbf51bfc23521ea1acae6f78ef9c2a68b0b8d46d62944e40c9aff3a1ae66d581dd1e810e0328a23484af975aa996ae9491410469f353e8117fb45184183c6492cf81b626c33f570e3314f7ceadf1508fcd6fa33c15721958dc5cb40c9b7aea7d8760d85b679954aac61eb75dd5206bc688b6f139fe2a25d75ce0aa272eb8d41df966b6123f254c4990fa5937b4389c1b6a70e167c7d6bb4dba2eb3b8c84856fadffd164e4d04f03ed2d51b4550adb2bfc0b76a77042b9488236640b67577ea7095f592d3d96c72c637e7d9e0dca0664d489407106ccdf52b96ffa1c18d27b6cc0a59cdefd1a4ea361ca9b62c0840bc858e2ac69d9f1266905c04aace2934b187cbc65e7785bf364323d887be58ec9028a7b0689aa9ed6d27e9bb7174d9efa6ad2a7077ff986f7c3240a3f497e2dae9b7d627b398b377177d65e535a4ae21f669c29def5022c2e6f91dcb2de1c2fc4162ca11fe94aba8a2f0103e09e046fd1ae1d957fc0fbb602c68761115bbbba5574883ad16d1ddd6ecb8f4921d514793c62e59c3fc14046d136faff2ed097585995dd0ffcebe0812d09f6e6cdc6664224a7e654a42c2a920739b321a679006afbf995510114c8c5bf408657f6241d0d1e623e2ac1a94c37a5f88343ed6a3a3bfb787e33178ba7cc8d0059c516bdbdc69be8436f6f4f0dc1fc72b0c172eaad887a726c425461ce1610cf62eaec76bfca88d547af22939cccd6d1511ed38043baefa82301d4e650b6e3428cbb30cf10c287d9ce696af901a58427996b5b1b1988743db338e18c28be629ef7b8acbfe7d6922ff29f7eee87f905a5f5305d7836d8a68e653092e1fea2bbe08387a5c6407d9e14d67d60e11e6ca4a5f9e8fb6e97c6155cb9aadb55e9409b0f60879c2b4228137345714bb19fa801b71589bfcc6e7f628676f6e3def77ec8e8323f1770545ea1868ef872691ed5f1103b4663b8a57b4a217ee18766834b2795fe7e627030ae11d46fa3d7b88d5d0f6ca171cdd37723c987edad3d618bef951ac78ee66056c87cdb0fe9953b7efb91270fff589201468751905186eccd7975d8159cfdfe6e33f828723da738311d1afefcb49e42819bf584e0bd5692d556145908b6293ad7c162f9077d2f127c18e247c10a593e9917275c630fdb70c6e1f73d97948773ee94f435e25016dea77762c468931a6c44f29eeb129e0858dfad630a6640dd400b82f1224bca170a3cf106ee1d0b028a540a7f288fdc070a80f53f2240b1ff490d9230e703c12ad5dce104bf19a0d01b58f1c491d6c0aad7e8101fd81569e309ae8ee6ffaf55ebe50b26ee5ac5e51d339f1874cd27ade1bc24a904f2141be46727772968b6fda2821d8612aff710da1d2a86229a0e4010f495fc289fb6c247e24db386af242c6f7da75d268f19f65e7db8b05e59ea0cd575bdac05870eddc5bed425ee6ea6357eb17fd5b329f9bb15fd696a2c8e7973526ffef15da156f3d9bc509ffd34aea267a2ca7b4e989cf6216476d33ae02d1f09d6de0a183c0cd7c8170435ff6accd25fe931c353a7ff097e34fc6807607736b1e4f4b846c5ae5509da37ccc8e59a3432a525b67fb52939c020fafb2b15231fb168c1203493a94edb134ddce34e91fad509b0041dd88e9bcd18d181cfe420e44d52943e7ffb78c660b7f1eb20b63054ae32d1eeb6150873e119e2551d4b304236ea88c70671e16bab5db13d2c4a4b878f0029c84efeda108a7c2d3cd3e31392538bc3b8967336933c1c463ef9680c5af2af9d97b33e28758eb661af3afca5070b66fc6f4658ce3166b2db5937ec515c75f44aafbd40cd71956b3a1f476d502d9b02fda76ab1a75c2b45ab7b3e9b31502bdfcc0d5efe1324c650e01927ebe2ec03f3925f9515268256782cf2ae4ac9c25b88d26f31273b6569c95e8c8790bc52bf2c62a79b6943fc08ed67"}, &(0x7f00000010c0)=0x1008) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f0000001100)={r1, @in6={{0xa, 0x4e23, 0x2, @mcast1, 0x8}}, 0x2, 0x800, 0x6, 0x5}, &(0x7f00000011c0)=0x98) getsockopt$inet_mreq(r0, 0x0, 0x20, &(0x7f0000001200)={@dev}, &(0x7f0000001240)=0x8) ioctl$KVM_SET_DEVICE_ATTR(r0, 0x4018aee1, &(0x7f00000012c0)={0x0, 0x5, 0x4, &(0x7f0000001280)=0xfffffffffffffff7}) ioctl$KVM_ENABLE_CAP(r0, 0x4068aea3, &(0x7f0000001300)={0x74, 0x0, [0x1ff, 0x10000, 0xa9f9, 0x6]}) r3 = syz_open_dev$vcsa(&(0x7f0000001380)='/dev/vcsa#\x00', 0x0, 0x2) getsockopt$inet6_mreq(r0, 0x29, 0x15, &(0x7f0000001e80)={@dev, 0x0}, &(0x7f0000001ec0)=0x14) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000001f00)={@mcast2, @ipv4={[], [], @multicast2}, @mcast2, 0x1e52000, 0x4, 0x2, 0x100, 0x7fffffff, 0x80, r4}) ioctl$BLKPG(r0, 0x1269, &(0x7f0000002040)={0x100, 0x5, 0x83, &(0x7f0000001f80)="4ad2ac7d8db7ea6b1d3c23529c290f3799e075cd651a91aa2adf041abd569b5f3e4f42beeb4a0c24b4272ee8e61bb8ae11bbb13d986e6a707375726787dfd2445fea22561507ade9c6e89b87c7b00e9410225e7259f743dc4b80f7b6fc5c42141442792a7df32b19dd4244bcf290fb6fedc2f07774bfa0802ec1ff24d7e903c977d278"}) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r3, 0x84, 0x6c, &(0x7f0000002080)={r2, 0xdd, "935cab76e94a1743f79a73e628344362eb4e7ce2e62e06f9b5479a90be7e73711f828df6fe9ec094c53621a7cef1e2598f33d68a501068c33e636e5222b8671b9611bde07137db6960779df5cc9282c8f319c4b09a6c5e5d36ba4b5b613c00e56cc878f1509ea6ec952fb55c18d05a7b335ec331fda3ea01525f43ec50fe25f1185ff82fd406e4dc1a6706e5ae25fc7f69c11cda372f791e32ba9b57d9eab943faa7933fc6d8b201b62dc54d58c91dc7655535ffd524e497c11c18632e8fdb0c54e65775caadea09def97beeb9f431b2fc06c062ffce22b71492df6520"}, &(0x7f0000002180)=0xe5) setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r3, 0x84, 0xa, &(0x7f00000021c0)={0xfffffffffffffffa, 0x1ff, 0x200, 0x8001, 0xfffffffffffffffc, 0x40, 0x3, 0x3c3, r1}, 0x20) r5 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000002200)='/dev/video1\x00', 0x2, 0x0) r6 = socket$inet6_udp(0xa, 0x2, 0x0) shutdown(r6, 0xf236e0573b7771da) ioctl$VIDIOC_STREAMON(r3, 0x40045612, &(0x7f0000002240)=0x8) clock_gettime(0x0, &(0x7f00000022c0)={0x0, 0x0}) futimesat(r5, &(0x7f0000002280)='./file0\x00', &(0x7f0000002300)={{r7, r8/1000+30000}}) getsockopt$packet_buf(r0, 0x107, 0x17, &(0x7f0000002340)=""/190, &(0x7f0000002400)=0xbe) pause() ioctl$VIDIOC_S_SELECTION(r0, 0xc040565f, &(0x7f0000002440)={0xb, 0x100, 0x2, {0x9, 0xef, 0x7, 0x20}}) ioctl$BLKPG(r0, 0x1269, &(0x7f00000024c0)={0x7, 0x800, 0x1d, &(0x7f0000002480)="c75bd576a8c61dfe751ec6195f80d65a18eccf1390ccec3937304685c1"}) r9 = socket$inet6(0xa, 0x7, 0x7) ioctl$sock_inet6_tcp_SIOCATMARK(r9, 0x8905, &(0x7f0000002500)) openat$pfkey(0xffffffffffffff9c, &(0x7f0000002540)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$sock_bt_bnep_BNEPGETSUPPFEAT(r0, 0x800442d4, &(0x7f0000002580)=0x2) setitimer(0x0, &(0x7f00000025c0)={{}, {0x0, 0x7530}}, &(0x7f0000002600)) ioctl$sock_inet6_udp_SIOCOUTQ(r0, 0x5411, &(0x7f0000002640)) getsockopt$inet_sctp6_SCTP_PR_STREAM_STATUS(r3, 0x84, 0x74, &(0x7f0000002680)=""/158, &(0x7f0000002740)=0x9e) [ 266.482569] IPVS: ftp: loaded support on port[0] = 21 [ 268.604610] bridge0: port 1(bridge_slave_0) entered blocking state [ 268.611094] bridge0: port 1(bridge_slave_0) entered disabled state [ 268.619749] device bridge_slave_0 entered promiscuous mode [ 268.706985] bridge0: port 2(bridge_slave_1) entered blocking state [ 268.713656] bridge0: port 2(bridge_slave_1) entered disabled state [ 268.722177] device bridge_slave_1 entered promiscuous mode 19:11:07 executing program 4: r0 = memfd_create(&(0x7f0000000480)='\x00\x00\x00\x00\x00\x00\x00\x00', 0x3) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) mmap$binder(&(0x7f0000e0c000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) io_setup(0x7, &(0x7f0000000640)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f00000f0000/0x4000)=nil, 0x4000, 0x0, 0x31, 0xffffffffffffffff, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000000540)={'broute\x00', 0x0, 0x3, 0x2e, [], 0x6, &(0x7f00000003c0)=[{}, {}, {}, {}, {}, {}], &(0x7f00000000c0)=""/46}, &(0x7f0000000440)=0x78) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x13, r0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$DRM_IOCTL_FREE_BUFS(r0, 0x4010641a, &(0x7f0000000600)={0x2, &(0x7f00000005c0)=[0x0, 0x101]}) ioctl$TUNGETFILTER(r0, 0x801054db, &(0x7f0000000680)=""/217) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) fstat(0xffffffffffffffff, &(0x7f0000000280)) setsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x0, &(0x7f0000000780)=ANY=[], 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000140)="660f3828bf0080dce12664670f013e66b9f609000066b8d41a4d4366ba000000000f300f019800007fbe0f013b66b9c70b000066b80060000066ba000000000f30b200f086b8ee00", 0x48}], 0x1, 0x0, &(0x7f00000003c0), 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') sendmsg$IPVS_CMD_GET_INFO(r0, &(0x7f0000000240)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000340)={0x60, 0x0, 0x0, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_SERVICE={0x18, 0x1, [@IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@dev}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x5}, @IPVS_CMD_ATTR_SERVICE={0xc, 0x1, [@IPVS_SVC_ATTR_PORT={0x8}]}, @IPVS_CMD_ATTR_DEST={0x20, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6=@ipv4={[], [], @local}}]}]}, 0x60}}, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0) ioctl$FITRIM(0xffffffffffffffff, 0xc0185879, &(0x7f0000000500)) 19:11:07 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af300200f5abfb9845f9e19859c9693206f2c60b0000000719e1d66e970123d893d974e5b9c3285677b2139823e5500c92ab5b94da3a7de19f063bb765b02bd5b660fb7fa898c6f5c6369c3f363068d10af833f6475bbe8b7967255b177607ba100f6c4654718232dbda64aa1f69cf9ab5b3ea3ed63452b7ebd37c9dae664e322e08ad8f6029fe8fd0b34c7117480471aeca0a3fc9eceb28509ca8a83e4f8b85131808bc5cfb4cc24e1901769c084c082712b470666b6dddf74ced693973ba1ded8b") ioctl$FS_IOC_SETVERSION(r0, 0x40046602, &(0x7f0000000080)) 19:11:07 executing program 2: r0 = perf_event_open(&(0x7f000001d000)={0x800000000001, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_bt_hidp_HIDPCONNADD(0xffffffffffffffff, 0x400448c8, &(0x7f0000000400)=ANY=[]) openat$ipvs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0) ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x0) getsockopt$inet_sctp_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f00000002c0)={0x0, 0x100000001}, &(0x7f0000000300)=0x14) r1 = syz_open_procfs(0x0, &(0x7f0000000080)="2f6578650000000000000f1ce3000000000000000000000000") mmap$perf(&(0x7f0000105000/0x4000)=nil, 0x4000, 0x0, 0x11, r1, 0x0) ioctl$EVIOCGUNIQ(r1, 0x80404508, &(0x7f00000004c0)=""/4096) ustat(0x0, &(0x7f0000000080)) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000100), 0xffffffffffffffff) fcntl$getown(0xffffffffffffffff, 0x9) pread64(r1, &(0x7f0000003c00)=""/4096, 0xffffff72, 0x0) 19:11:07 executing program 1: r0 = socket$can_raw(0x1d, 0x3, 0x1) arch_prctl(0x0, &(0x7f0000000180)="e1dfc0c9eda0b5801dfa438ad780c547f1386236634511a40ebc29fa138eb0ee21baba18f2893c49c17706d35ac9") bind$can_raw(r0, &(0x7f0000000140), 0x10) setsockopt(r0, 0x65, 0x1, &(0x7f0000000080), 0x1d0) ioctl$sock_inet_SIOCGIFADDR(r0, 0x8915, &(0x7f0000000000)={'gre0\x00', {0x2, 0x0, @local}}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) close(r0) 19:11:07 executing program 0: sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000040)=@in6={0xa, 0x0, 0x0, @dev}, 0x80, &(0x7f0000000640), 0x0, &(0x7f0000000740)}, 0x3) r0 = socket$kcm(0xa, 0x522000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x0, 0xffffff7f00000000, 0x7e4c, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0) [ 268.885992] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready 19:11:08 executing program 3: r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f00000001c0)=[@in={0x2, 0x0, @loopback}], 0x10) connect$inet(r0, &(0x7f0000f6fff0)={0x2, 0x4e23, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) listen(r0, 0x20100000000009) r1 = accept(r0, &(0x7f0000001280)=ANY=[], &(0x7f0000000000)) listen(r0, 0x0) sendto$inet(r0, &(0x7f0000000200)="cf", 0x1, 0x0, &(0x7f0000a04000)={0x2, 0x4e23, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) close(r1) [ 269.633256] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready 19:11:08 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(0xffffffffffffff9c, 0x84, 0x22, &(0x7f0000000140)={0x0, 0x8, 0x35, 0x9}, &(0x7f0000000340)=0x10) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f00000004c0)={0x0, @in={{0x2, 0x4e20, @broadcast}}}, &(0x7f0000000380)=0x98) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa100b000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3c}], 0x1, 0x0, &(0x7f0000000600), 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000400)='/dev/hwrng\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x40000000000009) connect$pptp(0xffffffffffffffff, &(0x7f00000003c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x12}}}, 0x1e) perf_event_open(&(0x7f00000002c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r2, 0xae80, 0x7a00000000000000) 19:11:09 executing program 1: r0 = socket$can_raw(0x1d, 0x3, 0x1) arch_prctl(0x0, &(0x7f0000000180)="e1dfc0c9eda0b5801dfa438ad780c547f1386236634511a40ebc29fa138eb0ee21baba18f2893c49c17706d35ac9") bind$can_raw(r0, &(0x7f0000000140), 0x10) setsockopt(r0, 0x65, 0x1, &(0x7f0000000080), 0x1d0) ioctl$sock_inet_SIOCGIFADDR(r0, 0x8915, &(0x7f0000000000)={'gre0\x00', {0x2, 0x0, @local}}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) close(r0) 19:11:10 executing program 3: r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f00000001c0)=[@in={0x2, 0x0, @loopback}], 0x10) connect$inet(r0, &(0x7f0000f6fff0)={0x2, 0x4e23, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) listen(r0, 0x20100000000009) r1 = accept(r0, &(0x7f0000001280)=ANY=[], &(0x7f0000000000)) listen(r0, 0x0) sendto$inet(r0, &(0x7f0000000200)="cf", 0x1, 0x0, &(0x7f0000a04000)={0x2, 0x4e23, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) close(r1) 19:11:10 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(0xffffffffffffff9c, 0x84, 0x22, &(0x7f0000000140)={0x0, 0x8, 0x35, 0x9}, &(0x7f0000000340)=0x10) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f00000004c0)={0x0, @in={{0x2, 0x4e20, @broadcast}}}, &(0x7f0000000380)=0x98) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa100b000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3c}], 0x1, 0x0, &(0x7f0000000600), 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000400)='/dev/hwrng\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x40000000000009) connect$pptp(0xffffffffffffffff, &(0x7f00000003c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x12}}}, 0x1e) perf_event_open(&(0x7f00000002c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r2, 0xae80, 0x7a00000000000000) 19:11:10 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r1, 0x54a2) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) ioctl$EXT4_IOC_GROUP_EXTEND(r1, 0x40086607, &(0x7f0000000040)=0x1fffffff0007fffc) [ 272.449082] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 272.546126] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 272.621258] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 272.628343] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 272.704685] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 272.711679] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 272.940905] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 272.948784] team0: Port device team_slave_0 added [ 273.023584] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 273.031241] team0: Port device team_slave_1 added [ 273.107206] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 273.182763] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 273.189907] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 273.198538] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 273.274322] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 273.281692] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 273.290543] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 273.369471] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 273.376851] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 273.385778] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 273.670136] ip (8050) used greatest stack depth: 53216 bytes left [ 274.217106] bridge0: port 2(bridge_slave_1) entered blocking state [ 274.223594] bridge0: port 2(bridge_slave_1) entered forwarding state [ 274.230330] bridge0: port 1(bridge_slave_0) entered blocking state [ 274.236886] bridge0: port 1(bridge_slave_0) entered forwarding state [ 274.244667] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 274.251140] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 277.323695] 8021q: adding VLAN 0 to HW filter on device bond0 [ 277.613773] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 277.897607] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 277.904191] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 277.911791] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 278.198433] 8021q: adding VLAN 0 to HW filter on device team0 19:11:19 executing program 5: r0 = socket$inet6(0xa, 0x2000000802, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000f68000)={@loopback, 0x800, 0x0, 0x103, 0x1}, 0x20) 19:11:19 executing program 1: r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000440)='/dev/audio\x00', 0x800, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) r1 = memfd_create(&(0x7f0000000080)="00000600000000000000", 0x0) inotify_add_watch(r1, &(0x7f0000000380)='./file0\x00', 0x80000020) ioctl$KVM_GET_VCPU_EVENTS(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000000)) getsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(0xffffffffffffffff, 0x84, 0x12, &(0x7f0000000140), &(0x7f00000001c0)=0x4) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x401c5820, &(0x7f0000000200)={0x0, 0x0, 0x0, 0xe2}) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) socket(0x0, 0x0, 0x0) r2 = socket$inet6(0xa, 0x80002, 0x88) bind$inet6(r2, &(0x7f0000000000)={0xa, 0x10000000004e20}, 0x1c) connect$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev}, 0x1c) syz_emit_ethernet(0x83, &(0x7f0000000340)={@local, @local, [], {@ipv6={0x86dd, {0x0, 0x6, "1bfc97", 0x4d, 0x88, 0x0, @dev, @mcast2, {[], @udp={0x0, 0x0, 0x4d, 0x0, [], "e29607149378d33e1db1c73936c77aa3f7fac33b042bd368236862531934ecb1c373d6ea51369e92fb96cc7c6fe4e24d1fcafff87429e50b32881721afab69cc3712c37ed0"}}}}}}, &(0x7f0000000100)) ioctl$sock_SIOCBRADDBR(r1, 0x89a0, &(0x7f0000000480)='veth1_to_bond\x00') getsockopt$inet_sctp6_SCTP_PR_STREAM_STATUS(r0, 0x84, 0x74, &(0x7f00000004c0)=""/230, &(0x7f0000000240)=0xe6) 19:11:19 executing program 2: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") r1 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r1, &(0x7f000047b000)={0xa, 0x4e20}, 0x1c) listen(r1, 0xfffd) r2 = socket$inet6(0xa, 0x6, 0x0) connect$inet6(r2, &(0x7f0000419000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendto$inet6(r2, &(0x7f0000000040), 0xffb0, 0x0, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast2}, 0x1c) 19:11:19 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(0xffffffffffffff9c, 0x84, 0x22, &(0x7f0000000140)={0x0, 0x8, 0x35, 0x9}, &(0x7f0000000340)=0x10) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f00000004c0)={0x0, @in={{0x2, 0x4e20, @broadcast}}}, &(0x7f0000000380)=0x98) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa100b000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3c}], 0x1, 0x0, &(0x7f0000000600), 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000400)='/dev/hwrng\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x40000000000009) connect$pptp(0xffffffffffffffff, &(0x7f00000003c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x12}}}, 0x1e) perf_event_open(&(0x7f00000002c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r2, 0xae80, 0x7a00000000000000) 19:11:19 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) clone(0x2000002106001ffb, 0x0, 0xfffffffffffffffe, &(0x7f0000000480), 0xffffffffffffffff) mount(&(0x7f0000000240)=@loop={'/dev/loop'}, &(0x7f0000000140)='./file0\x00', &(0x7f00000003c0)='ceph\x00', 0x0, &(0x7f00000004c0)="1f4183aa04e4e2d70a05a432e2254098fc2be23e66ef2a0404b2765df2530a4e369a789bbb6bdfb79d24312146a099ed54ec00ee5c18780b41f571d6f5e8fb2026aba61c622abb98f554373ce67b34e98f5642aeb21e496db347903a256b88fbeca5d47f331977aec836eba82a7750b486a1d87d0091bec46bce4b59b8335d5ee80364da5f93b172c5c9a62f3dff635099c87854900ee7bfd784548171d8c688444a0b599d0aeca0146937bf850162e54b3607ac5eba0f88702518a2616dbdbf2b23dfc6406a75baa574ddfba871fa8e7b148633fd53e1be8d9ac055a30000") 19:11:19 executing program 4: ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$pptp(0x18, 0x1, 0x2) bind$pptp(r0, &(0x7f0000000280)={0x18, 0x2, {0x0, @loopback}}, 0x1e) connect$pptp(r0, &(0x7f0000000040), 0x1e) [ 280.256966] ceph: device name is missing path (no : separator in /dev/loop) 19:11:19 executing program 3: r0 = socket$can_raw(0x1d, 0x3, 0x1) arch_prctl(0x0, &(0x7f0000000180)) bind$can_raw(r0, &(0x7f0000000140), 0x10) setsockopt(r0, 0x65, 0x1, &(0x7f0000000080), 0x1d0) ioctl$sock_inet_SIOCGIFADDR(r0, 0x8915, &(0x7f0000000000)={'gre0\x00', {0x2, 0x4e23, @local}}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) close(r0) [ 280.299554] dccp_xmit_packet: Payload too large (65456) for featneg. 19:11:19 executing program 2: r0 = memfd_create(&(0x7f00000000c0)='#em1#+\x00', 0x0) write(r0, &(0x7f0000000180)="c93e6ea921d76f854aa2398bc97b16b7f612644f1e27017a", 0x18) mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, r0, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080), 0x0, 0x0, &(0x7f0000000100)}) getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r0, 0x84, 0x1b, &(0x7f0000000040)={0x0}, &(0x7f0000000100)=0x8) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000140)={r2}, &(0x7f00000001c0)=0x8) 19:11:19 executing program 5: mkdir(&(0x7f0000000440)='./file0\x00', 0x0) mount(&(0x7f0000000140)=ANY=[], &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, &(0x7f0000000100)) umount2(&(0x7f0000000200)='./file0\x00', 0x4) 19:11:19 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(0xffffffffffffff9c, 0x84, 0x22, &(0x7f0000000140)={0x0, 0x8, 0x35, 0x9}, &(0x7f0000000340)=0x10) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f00000004c0)={0x0, @in={{0x2, 0x4e20, @broadcast}}}, &(0x7f0000000380)=0x98) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa100b000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3c}], 0x1, 0x0, &(0x7f0000000600), 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000400)='/dev/hwrng\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x40000000000009) connect$pptp(0xffffffffffffffff, &(0x7f00000003c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x12}}}, 0x1e) perf_event_open(&(0x7f00000002c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r2, 0xae80, 0x7a00000000000000) [ 280.731748] binder: 8259:8263 ioctl c0306201 20000000 returned -14 19:11:19 executing program 4: r0 = socket$can_raw(0x1d, 0x3, 0x1) bind$can_raw(r0, &(0x7f0000000140), 0x10) setsockopt(r0, 0x65, 0x1, &(0x7f0000000080), 0x1d0) ioctl$sock_inet_SIOCGIFADDR(r0, 0x8915, &(0x7f0000000000)={'gre0\x00', {0x2, 0x4e23, @local}}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) close(r0) 19:11:19 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af300200f5abfb9845f9e19859c9693206f2c60b0000000719e1d66e970123d893d974e5b9c3285677b2139823e5500c92ab5b94da3a7de19f063bb765b02bd5b660fb7fa898c6f5c6369c3f363068d10af833f6475bbe8b7967255b177607ba100f6c4654718232dbda64aa1f69cf9ab5b3ea3ed63452b7ebd37c9dae664e322e08ad8f6029fe8fd0b34c7117480471aeca0a3fc9eceb28509ca8a83e4f8b85131808bc5cfb4cc24e1901769c084c082712b470666b6dddf74ced693973ba1ded8b") ioctl$FS_IOC_SETVERSION(r0, 0x40047602, &(0x7f0000000080)) 19:11:20 executing program 1: sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x40000000000009) r0 = gettid() perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10}, r0, 0x0, 0xffffffffffffffff, 0x0) close(0xffffffffffffffff) ioctl$sock_inet6_udp_SIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000100)) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000006c0)='/dev/net/tun\x00', 0x2, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000080)={"0000000000000000000000000200", 0x5002}) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000100)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0xfffffffffffffffe}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r4 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) epoll_ctl$EPOLL_CTL_DEL(r4, 0x2, r1) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000001c0)={'dummy0\x00', 0x800}) ftruncate(r4, 0x2007fff) write$P9_RXATTRCREATE(r4, &(0x7f0000000140)={0x383}, 0x7) lsetxattr$security_capability(&(0x7f00000000c0)='./bus\x00', &(0x7f0000000500)='security.capability\x00', &(0x7f0000000540)=@v2={0x2000000, [{0x4, 0xe41}, {0x1f, 0x5}]}, 0x14, 0x1) getsockopt$IP_VS_SO_GET_INFO(r3, 0x0, 0x481, &(0x7f00000005c0), &(0x7f0000000600)=0xc) ioctl$KVM_SET_SREGS(r4, 0x4138ae84, &(0x7f00000003c0)={{0x6000, 0xd000, 0x3, 0x100000000, 0x7, 0x9, 0x401, 0x10001, 0x401, 0x4, 0x6, 0x400}, {0x1, 0x0, 0xa, 0xfffffffffffffb2c, 0x3ff, 0x601, 0xe60a, 0x101, 0x3, 0x5, 0xfff00000000000, 0x6}, {0x100003, 0x1, 0xb, 0xfffffffffffffd6b, 0x10001, 0xfffffffffffffff8, 0x3, 0x4, 0xfffffffffffff800, 0x800, 0xa0, 0x1e}, {0xf000, 0x0, 0xf, 0x0, 0x5, 0x0, 0x6, 0x8, 0x6, 0x0, 0x8001, 0x800}, {0x4001, 0x4004, 0xd, 0x801, 0x2, 0x10001, 0xa0af, 0x1, 0x100000001, 0x10000, 0x8000, 0x2}, {0x105000, 0x11f000, 0xf, 0xf9, 0x34, 0x1, 0x7e80000, 0x3, 0x3, 0x1, 0x1, 0x800}, {0x13000, 0x3000, 0x8, 0x4, 0x80000000, 0x0, 0x4, 0x0, 0x200, 0x9, 0x800}, {0x0, 0xc01e4572c7ada64f, 0xf, 0x69a2, 0xb490, 0x9, 0x5, 0x3, 0x7, 0x0, 0x81, 0x80000000}, {0x1007, 0x10000}, {0xd004, 0x6000}, 0x20000008, 0x0, 0x10f000, 0x100000, 0xb, 0x101, 0x10002, [0x2, 0x4a5, 0x5, 0x4]}) capset(&(0x7f0000000380)={0x399f1736, r0}, &(0x7f0000000580)={0x2, 0xf49, 0x7fffffff, 0x40, 0x80, 0x4}) write$P9_RSETATTR(r4, &(0x7f0000000040)={0x7}, 0x7) sendfile(r1, r4, &(0x7f0000d83ff8), 0x800000000024) socketpair(0x0, 0x80000, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$UI_ABS_SETUP(0xffffffffffffffff, 0x401c5504, &(0x7f0000000280)={0x5, {0x0, 0xfffd, 0x2, 0xffffffff, 0x8, 0x6}}) creat(&(0x7f0000000200)='./bus\x00', 0x0) 19:11:20 executing program 5: 19:11:20 executing program 2: 19:11:20 executing program 3: r0 = socket$can_raw(0x1d, 0x3, 0x1) arch_prctl(0x0, &(0x7f0000000180)) bind$can_raw(r0, &(0x7f0000000140), 0x10) setsockopt(r0, 0x65, 0x1, &(0x7f0000000080), 0x1d0) ioctl$sock_inet_SIOCGIFADDR(r0, 0x8915, &(0x7f0000000000)={'gre0\x00', {0x2, 0x4e23, @local}}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) close(r0) 19:11:20 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(0xffffffffffffff9c, 0x84, 0x22, &(0x7f0000000140)={0x0, 0x8, 0x35, 0x9}, &(0x7f0000000340)=0x10) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f00000004c0)={0x0, @in={{0x2, 0x4e20, @broadcast}}}, &(0x7f0000000380)=0x98) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa100b000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3c}], 0x1, 0x0, &(0x7f0000000600), 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000400)='/dev/hwrng\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x40000000000009) connect$pptp(0xffffffffffffffff, &(0x7f00000003c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x12}}}, 0x1e) perf_event_open(&(0x7f00000002c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x7a00000000000000) 19:11:20 executing program 4: r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$BINDER_THREAD_EXIT(r0, 0xc0046209, 0x706000) [ 281.379464] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 281.387206] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready 19:11:20 executing program 2: r0 = syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0xb8d3, 0x1) ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0xa3, 0x1000006, 0x0, 0x0, 0x70f000}) 19:11:20 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000100)={&(0x7f0000000040), 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="0000000000000000140012000c0001006772657461700000040002000a0001000280c20000000000"], 0x1}}, 0x0) [ 281.737657] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready 19:11:20 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="3e0f2823b8001000000f23c80f21f835040020000f23f80f080f5e6b3bc4c17e5bef696cefb2520000000f001f0fae01b8f22100000f23d80f21f835800000800f23f8b805000000b930c8ffff0f01d9", 0x50}], 0x1, 0x0, &(0x7f0000000100), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000280)={0x10000000007b, 0x0, [0x11, 0x1]}) 19:11:20 executing program 2: 19:11:21 executing program 4: 19:11:21 executing program 5: 19:11:21 executing program 1: sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x40000000000009) r0 = gettid() perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10}, r0, 0x0, 0xffffffffffffffff, 0x0) close(0xffffffffffffffff) ioctl$sock_inet6_udp_SIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000100)) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000006c0)='/dev/net/tun\x00', 0x2, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000080)={"0000000000000000000000000200", 0x5002}) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000100)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0xfffffffffffffffe}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r4 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) epoll_ctl$EPOLL_CTL_DEL(r4, 0x2, r1) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000001c0)={'dummy0\x00', 0x800}) ftruncate(r4, 0x2007fff) write$P9_RXATTRCREATE(r4, &(0x7f0000000140)={0x383}, 0x7) lsetxattr$security_capability(&(0x7f00000000c0)='./bus\x00', &(0x7f0000000500)='security.capability\x00', &(0x7f0000000540)=@v2={0x2000000, [{0x4, 0xe41}, {0x1f, 0x5}]}, 0x14, 0x1) getsockopt$IP_VS_SO_GET_INFO(r3, 0x0, 0x481, &(0x7f00000005c0), &(0x7f0000000600)=0xc) ioctl$KVM_SET_SREGS(r4, 0x4138ae84, &(0x7f00000003c0)={{0x6000, 0xd000, 0x3, 0x100000000, 0x7, 0x9, 0x401, 0x10001, 0x401, 0x4, 0x6, 0x400}, {0x1, 0x0, 0xa, 0xfffffffffffffb2c, 0x3ff, 0x601, 0xe60a, 0x101, 0x3, 0x5, 0xfff00000000000, 0x6}, {0x100003, 0x1, 0xb, 0xfffffffffffffd6b, 0x10001, 0xfffffffffffffff8, 0x3, 0x4, 0xfffffffffffff800, 0x800, 0xa0, 0x1e}, {0xf000, 0x0, 0xf, 0x0, 0x5, 0x0, 0x6, 0x8, 0x6, 0x0, 0x8001, 0x800}, {0x4001, 0x4004, 0xd, 0x801, 0x2, 0x10001, 0xa0af, 0x1, 0x100000001, 0x10000, 0x8000, 0x2}, {0x105000, 0x11f000, 0xf, 0xf9, 0x34, 0x1, 0x7e80000, 0x3, 0x3, 0x1, 0x1, 0x800}, {0x13000, 0x3000, 0x8, 0x4, 0x80000000, 0x0, 0x4, 0x0, 0x200, 0x9, 0x800}, {0x0, 0xc01e4572c7ada64f, 0xf, 0x69a2, 0xb490, 0x9, 0x5, 0x3, 0x7, 0x0, 0x81, 0x80000000}, {0x1007, 0x10000}, {0xd004, 0x6000}, 0x20000008, 0x0, 0x10f000, 0x100000, 0xb, 0x101, 0x10002, [0x2, 0x4a5, 0x5, 0x4]}) capset(&(0x7f0000000380)={0x399f1736, r0}, &(0x7f0000000580)={0x2, 0xf49, 0x7fffffff, 0x40, 0x80, 0x4}) write$P9_RSETATTR(r4, &(0x7f0000000040)={0x7}, 0x7) sendfile(r1, r4, &(0x7f0000d83ff8), 0x800000000024) socketpair(0x0, 0x80000, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$UI_ABS_SETUP(0xffffffffffffffff, 0x401c5504, &(0x7f0000000280)={0x5, {0x0, 0xfffd, 0x2, 0xffffffff, 0x8, 0x6}}) creat(&(0x7f0000000200)='./bus\x00', 0x0) 19:11:21 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(0xffffffffffffff9c, 0x84, 0x22, &(0x7f0000000140)={0x0, 0x8, 0x35, 0x9}, &(0x7f0000000340)=0x10) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f00000004c0)={0x0, @in={{0x2, 0x4e20, @broadcast}}}, &(0x7f0000000380)=0x98) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa100b000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3c}], 0x1, 0x0, &(0x7f0000000600), 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000400)='/dev/hwrng\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x40000000000009) connect$pptp(0xffffffffffffffff, &(0x7f00000003c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x12}}}, 0x1e) perf_event_open(&(0x7f00000002c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x7a00000000000000) 19:11:21 executing program 2: 19:11:21 executing program 4: sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x40000000000009) r0 = gettid() perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10}, r0, 0x0, 0xffffffffffffffff, 0x0) close(0xffffffffffffffff) ioctl$sock_inet6_udp_SIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000100)) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000006c0)='/dev/net/tun\x00', 0x2, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000080)={"0000000000000000000000000200", 0x5002}) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000100)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0xfffffffffffffffe}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r4 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) epoll_ctl$EPOLL_CTL_DEL(r4, 0x2, r1) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000001c0)={'dummy0\x00', 0x800}) ftruncate(r4, 0x2007fff) write$P9_RXATTRCREATE(r4, &(0x7f0000000140)={0x383}, 0x7) lsetxattr$security_capability(&(0x7f00000000c0)='./bus\x00', &(0x7f0000000500)='security.capability\x00', &(0x7f0000000540)=@v2={0x2000000, [{0x4, 0xe41}, {0x1f, 0x5}]}, 0x14, 0x1) getsockopt$IP_VS_SO_GET_INFO(r3, 0x0, 0x481, &(0x7f00000005c0), &(0x7f0000000600)=0xc) ioctl$KVM_SET_SREGS(r4, 0x4138ae84, &(0x7f00000003c0)={{0x6000, 0xd000, 0x3, 0x100000000, 0x7, 0x9, 0x401, 0x10001, 0x401, 0x4, 0x6, 0x400}, {0x1, 0x0, 0xa, 0xfffffffffffffb2c, 0x3ff, 0x601, 0xe60a, 0x101, 0x3, 0x5, 0xfff00000000000, 0x6}, {0x100003, 0x1, 0xb, 0xfffffffffffffd6b, 0x10001, 0xfffffffffffffff8, 0x3, 0x4, 0xfffffffffffff800, 0x800, 0xa0, 0x1e}, {0xf000, 0x0, 0xf, 0x0, 0x5, 0x0, 0x6, 0x8, 0x6, 0x0, 0x8001, 0x800}, {0x4001, 0x4004, 0xd, 0x801, 0x2, 0x10001, 0xa0af, 0x1, 0x100000001, 0x10000, 0x8000, 0x2}, {0x105000, 0x11f000, 0xf, 0xf9, 0x34, 0x1, 0x7e80000, 0x3, 0x3, 0x1, 0x1, 0x800}, {0x13000, 0x3000, 0x8, 0x4, 0x80000000, 0x0, 0x4, 0x0, 0x200, 0x9, 0x800}, {0x0, 0xc01e4572c7ada64f, 0xf, 0x69a2, 0xb490, 0x9, 0x5, 0x3, 0x7, 0x0, 0x81, 0x80000000}, {0x1007, 0x10000}, {0xd004, 0x6000}, 0x20000008, 0x0, 0x10f000, 0x100000, 0xb, 0x101, 0x10002, [0x2, 0x4a5, 0x5, 0x4]}) capset(&(0x7f0000000380)={0x399f1736, r0}, &(0x7f0000000580)={0x2, 0xf49, 0x7fffffff, 0x40, 0x80, 0x4}) write$P9_RSETATTR(r4, &(0x7f0000000040)={0x7}, 0x7) sendfile(r1, r4, &(0x7f0000d83ff8), 0x800000000024) socketpair(0x0, 0x80000, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$UI_ABS_SETUP(0xffffffffffffffff, 0x401c5504, &(0x7f0000000280)={0x5, {0x0, 0xfffd, 0x2, 0xffffffff, 0x8, 0x6}}) creat(&(0x7f0000000200)='./bus\x00', 0x0) 19:11:21 executing program 3: sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x40000000000009) r0 = gettid() perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10}, r0, 0x0, 0xffffffffffffffff, 0x0) close(0xffffffffffffffff) ioctl$sock_inet6_udp_SIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000100)) r1 = socket$inet6(0xa, 0x400000000001, 0x0) close(r1) r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000006c0)='/dev/net/tun\x00', 0x2, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000080)={"0000000000000000000000000200", 0x5002}) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000100)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0xfffffffffffffffe}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r4 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) epoll_ctl$EPOLL_CTL_DEL(r4, 0x2, r1) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000001c0)={'dummy0\x00', 0x800}) ftruncate(r4, 0x2007fff) write$P9_RXATTRCREATE(r4, &(0x7f0000000140)={0x383}, 0x7) lsetxattr$security_capability(&(0x7f00000000c0)='./bus\x00', &(0x7f0000000500)='security.capability\x00', &(0x7f0000000540)=@v2={0x2000000, [{0x4, 0xe41}, {0x1f, 0x5}]}, 0x14, 0x1) getsockopt$IP_VS_SO_GET_INFO(r3, 0x0, 0x481, &(0x7f00000005c0), &(0x7f0000000600)=0xc) ioctl$KVM_SET_SREGS(r4, 0x4138ae84, &(0x7f00000003c0)={{0x6000, 0xd000, 0x3, 0x100000000, 0x7, 0x9, 0x401, 0x10001, 0x401, 0x4, 0x6, 0x400}, {0x1, 0x0, 0xa, 0xfffffffffffffb2c, 0x3ff, 0x601, 0xe60a, 0x101, 0x3, 0x5, 0xfff00000000000, 0x6}, {0x100003, 0x1, 0xb, 0xfffffffffffffd6b, 0x10001, 0xfffffffffffffff8, 0x3, 0x4, 0xfffffffffffff800, 0x800, 0xa0, 0x1e}, {0xf000, 0x0, 0xf, 0x0, 0x5, 0x0, 0x6, 0x8, 0x6, 0x0, 0x8001, 0x800}, {0x4001, 0x4004, 0xd, 0x801, 0x2, 0x10001, 0xa0af, 0x1, 0x100000001, 0x10000, 0x8000, 0x2}, {0x105000, 0x11f000, 0xf, 0xf9, 0x34, 0x1, 0x7e80000, 0x3, 0x3, 0x1, 0x1, 0x800}, {0x13000, 0x3000, 0x8, 0x4, 0x80000000, 0x0, 0x4, 0x0, 0x200, 0x9, 0x800}, {0x0, 0xc01e4572c7ada64f, 0xf, 0x69a2, 0xb490, 0x9, 0x5, 0x3, 0x7, 0x0, 0x81, 0x80000000}, {0x1007, 0x10000}, {0xd004, 0x6000}, 0x20000008, 0x0, 0x10f000, 0x100000, 0xb, 0x101, 0x10002, [0x2, 0x4a5, 0x5, 0x4]}) capset(&(0x7f0000000380)={0x399f1736, r0}, &(0x7f0000000580)={0x2, 0xf49, 0x7fffffff, 0x40, 0x80, 0x4}) write$P9_RSETATTR(r4, &(0x7f0000000040)={0x7}, 0x7) sendfile(r1, r4, &(0x7f0000d83ff8), 0x800000000024) socketpair(0x0, 0x80000, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$UI_ABS_SETUP(0xffffffffffffffff, 0x401c5504, &(0x7f0000000280)={0x5, {0x0, 0xfffd, 0x2, 0xffffffff, 0x8, 0x6}}) creat(&(0x7f0000000200)='./bus\x00', 0x0) 19:11:21 executing program 5: [ 282.582230] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready 19:11:21 executing program 2: [ 282.697805] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 282.704728] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 282.830290] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 282.837169] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready 19:11:21 executing program 2: 19:11:21 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(0xffffffffffffff9c, 0x84, 0x22, &(0x7f0000000140)={0x0, 0x8, 0x35, 0x9}, &(0x7f0000000340)=0x10) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f00000004c0)={0x0, @in={{0x2, 0x4e20, @broadcast}}}, &(0x7f0000000380)=0x98) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa100b000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3c}], 0x1, 0x0, &(0x7f0000000600), 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000400)='/dev/hwrng\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x40000000000009) connect$pptp(0xffffffffffffffff, &(0x7f00000003c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x12}}}, 0x1e) ioctl$KVM_RUN(r2, 0xae80, 0x7a00000000000000) 19:11:22 executing program 5: 19:11:22 executing program 1: 19:11:22 executing program 2: 19:11:22 executing program 5: 19:11:22 executing program 4: 19:11:22 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(0xffffffffffffff9c, 0x84, 0x22, &(0x7f0000000140)={0x0, 0x8, 0x35, 0x9}, &(0x7f0000000340)=0x10) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f00000004c0)={0x0, @in={{0x2, 0x4e20, @broadcast}}}, &(0x7f0000000380)=0x98) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa100b000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3c}], 0x1, 0x0, &(0x7f0000000600), 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000400)='/dev/hwrng\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x40000000000009) ioctl$KVM_RUN(r2, 0xae80, 0x7a00000000000000) 19:11:22 executing program 2: 19:11:22 executing program 3: 19:11:22 executing program 1: 19:11:23 executing program 2: 19:11:23 executing program 4: 19:11:23 executing program 5: 19:11:23 executing program 3: 19:11:23 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(0xffffffffffffff9c, 0x84, 0x22, &(0x7f0000000140)={0x0, 0x8, 0x35, 0x9}, &(0x7f0000000340)=0x10) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f00000004c0)={0x0, @in={{0x2, 0x4e20, @broadcast}}}, &(0x7f0000000380)=0x98) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa100b000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3c}], 0x1, 0x0, &(0x7f0000000600), 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000400)='/dev/hwrng\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x40000000000009) ioctl$KVM_RUN(r2, 0xae80, 0x7a00000000000000) 19:11:23 executing program 1: 19:11:23 executing program 5: 19:11:23 executing program 3: 19:11:23 executing program 4: 19:11:23 executing program 2: 19:11:23 executing program 1: 19:11:23 executing program 5: 19:11:23 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(0xffffffffffffff9c, 0x84, 0x22, &(0x7f0000000140)={0x0, 0x8, 0x35, 0x9}, &(0x7f0000000340)=0x10) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f00000004c0)={0x0, @in={{0x2, 0x4e20, @broadcast}}}, &(0x7f0000000380)=0x98) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa100b000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3c}], 0x1, 0x0, &(0x7f0000000600), 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000400)='/dev/hwrng\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x7a00000000000000) 19:11:24 executing program 3: 19:11:24 executing program 4: 19:11:24 executing program 1: 19:11:24 executing program 2: 19:11:24 executing program 5: r0 = openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0) sched_setaffinity(0x0, 0x7, &(0x7f00000000c0)=0x9) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0) msgget$private(0x0, 0x2) ioctl$EVIOCGID(r0, 0x80084502, &(0x7f0000000340)=""/210) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) r1 = gettid() clone(0x2e828903, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000140), &(0x7f0000000040)) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x8000000000000014) wait4(r1, &(0x7f0000000040), 0x0, &(0x7f0000000280)) ioctl$VT_GETMODE(r0, 0x5601, &(0x7f0000000100)) ioctl$KDADDIO(r0, 0x4b34, 0x5) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$TUNGETFILTER(0xffffffffffffffff, 0x801054db, &(0x7f0000000140)=""/169) syslog(0x0, &(0x7f0000000640)=""/89, 0x59) r2 = msgget$private(0x0, 0x0) msgrcv(r2, &(0x7f0000000300)=ANY=[], 0x0, 0x0, 0x0) getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000200)={@ipv4, 0x100000000, 0x0, 0x3, 0x0, 0x2, 0xe3, 0x7}, &(0x7f0000000240)=0x20) 19:11:24 executing program 3: r0 = syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x201, 0x8000000000079) ioctl$KVM_SET_CPUID(r0, 0x4008550d, &(0x7f0000000080)=ANY=[]) 19:11:24 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) 19:11:24 executing program 2: keyctl$update(0x2, 0x0, &(0x7f0000001340)="40c9e27a5202", 0x6) listen(0xffffffffffffffff, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(0xffffffffffffffff, &(0x7f0000000100), 0x0, 0x20000004, &(0x7f000031e000), 0x1c) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/tcp6\x00') socketpair$inet6(0xa, 0x0, 0x0, &(0x7f0000000080)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = accept4$inet6(r0, &(0x7f0000000400)={0xa, 0x0, 0x0, @local}, &(0x7f0000000440)=0x1c, 0x0) r3 = socket$inet6(0xa, 0x0, 0x0) r4 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) syz_genetlink_get_family_id$team(&(0x7f0000000200)='team\x00') mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x1012, r4, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000140), 0x0, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_ACCEPT(r1, &(0x7f0000000280)={0x8, 0x120, 0xfa00, {0x1, {0x9, 0x400, "d144014072b9575d2525fd2508bedf11859b407cca0cc19d0ba4ca2c04d9ded3f4dc2836e218d230d1c042466f9a22cbb9e60b48dc052c433f9e3d04e3b65df895282372b3ab124ed031283087620f14a7f132be953709d2c5363a9caf53d5e4fc6edbd9ed4dff7df3fd5b702c067088971eb6e3b5fcd56042725e718a7951364bd7a072b7e7423662428e642a11399eca8a773c3851e543d68225db74e900e02f88fd46d03dcca70d7f9fb1f332b616c90c5769cadd32af893acb86d18c15b9a7ed5f4af056b5bd12b55f3a21f90849bb1a1e8e629416f387fbc3d6471c9c2b27001bfebe08bb0515bc2a6c75b20bbe61324814336d117b99f8ed41d2709d15", 0x5c, 0x7ff, 0x8, 0x0, 0x9, 0x0, 0x100000001, 0x1}}}, 0x128) fadvise64(r4, 0x0, 0x8efe, 0x0) r5 = perf_event_open(&(0x7f0000000180)={0x6, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fcntl$F_SET_FILE_RW_HINT(r3, 0x40e, &(0x7f0000000480)=0x3) ioctl$VIDIOC_SUBDEV_S_CROP(r4, 0xc038563c, &(0x7f00000004c0)={0x1, 0x7fffffff, {0x4, 0x6, 0x8000000002}}) mlockall(0x3) close(r5) ioctl$RTC_ALM_READ(0xffffffffffffffff, 0x80247008, &(0x7f0000000040)) r6 = openat$null(0xffffffffffffff9c, &(0x7f0000000100)='/dev/null\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r2, 0x84, 0x6d, &(0x7f0000000500)={0x0, 0x45, "f7071b630531a7a8b6e3ddf9fded590dd1ff0fabebda6a9ba78baac37bb767fcef34ecd9060f3cdf47f1b419bef10dbe82a2132e6aea229a9b3b4312e99ab4faf1c67665eb"}, &(0x7f0000000580)=0x4d) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r6, 0x84, 0x75, &(0x7f00000005c0)={r7, 0x9}, 0x8) 19:11:24 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(0xffffffffffffff9c, 0x84, 0x22, &(0x7f0000000140)={0x0, 0x8, 0x35, 0x9}, &(0x7f0000000340)=0x10) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f00000004c0)={0x0, @in={{0x2, 0x4e20, @broadcast}}}, &(0x7f0000000380)=0x98) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa100b000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3c}], 0x1, 0x0, &(0x7f0000000600), 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000400)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x7a00000000000000) 19:11:24 executing program 1: 19:11:24 executing program 5: 19:11:24 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(0xffffffffffffff9c, 0x84, 0x22, &(0x7f0000000140)={0x0, 0x8, 0x35, 0x9}, &(0x7f0000000340)=0x10) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f00000004c0)={0x0, @in={{0x2, 0x4e20, @broadcast}}}, &(0x7f0000000380)=0x98) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa100b000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3c}], 0x1, 0x0, &(0x7f0000000600), 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000400)='/dev/hwrng\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x40000000000009) connect$pptp(0xffffffffffffffff, &(0x7f00000003c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x12}}}, 0x1e) perf_event_open(&(0x7f00000002c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r2, 0xae80, 0x1000000000000000) 19:11:25 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(0xffffffffffffff9c, 0x84, 0x22, &(0x7f0000000140)={0x0, 0x8, 0x35, 0x9}, &(0x7f0000000340)=0x10) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f00000004c0)={0x0, @in={{0x2, 0x4e20, @broadcast}}}, &(0x7f0000000380)=0x98) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa100b000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3c}], 0x1, 0x0, &(0x7f0000000600), 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000400)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x7a00000000000000) 19:11:25 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) 19:11:25 executing program 1: r0 = gettid() unshare(0x28020400) exit(0x0) syz_open_procfs$namespace(r0, &(0x7f0000000180)="00080000000000004ae8f966a45da207d1bcbb828323ec9ed6af25bd23b887a97ed4af02a20c7fa59208a05bafc4c8119af187fa844c") 19:11:25 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) r1 = syz_open_dev$usb(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x40000fffffb, 0x0) ioctl$sock_inet_SIOCSIFBRDADDR(0xffffffffffffffff, 0x891a, &(0x7f0000000140)={'ip6gre0\x00', {0x2, 0x4e22, @multicast2}}) setsockopt$l2tp_PPPOL2TP_SO_DEBUG(0xffffffffffffffff, 0x111, 0x1, 0x2, 0xfe22) mount(&(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f00000002c0)='./file0\x00', &(0x7f00000000c0)='ubifs\x00', 0x0, &(0x7f0000000140)='adfs\x00') openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r2 = syz_genetlink_get_family_id$team(&(0x7f00000003c0)='team\x00') ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000680)={'vlan0\x00'}) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f00000006c0)={'team0\x00'}) getsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000700), &(0x7f0000000740)=0x14) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000780)={{{@in=@local, @in6=@dev}}, {{@in=@multicast1}, 0x0, @in=@broadcast}}, &(0x7f0000000880)=0xe8) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000008c0)={'dummy0\x00'}) getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f0000000900)={{{@in=@remote, @in6}}, {{@in6=@mcast2}, 0x0, @in=@rand_addr}}, &(0x7f0000000a00)=0xe8) getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000a40)={{{@in6=@dev, @in=@rand_addr}}, {{@in=@multicast1}, 0x0, @in6=@remote}}, &(0x7f0000000b40)=0xe8) getsockopt$inet6_mreq(r1, 0x29, 0x1c, &(0x7f0000000b80)={@local}, &(0x7f0000000bc0)=0x14) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000c00)={{{@in6=@loopback, @in6=@mcast2}}, {{@in=@multicast1}, 0x0, @in=@rand_addr}}, &(0x7f0000000d00)=0xe8) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000001240)={'vcan0\x00'}) getsockname$packet(r1, &(0x7f0000001280)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000012c0)=0x14) getsockname$packet(r0, &(0x7f00000047c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000004800)=0x14) getpeername(r0, &(0x7f0000004840)=@hci, &(0x7f00000048c0)=0x80) recvmmsg(r0, &(0x7f000000bc00)=[{{&(0x7f00000049c0)=@can, 0x80, &(0x7f0000005b00)=[{&(0x7f0000004a40)=""/4096, 0x1000}, {&(0x7f0000005a40)=""/176, 0xb0}], 0x2, 0x0, 0x0, 0x4}, 0x5}, {{&(0x7f0000005b40)=@l2, 0x80, &(0x7f0000006080)=[{&(0x7f0000005bc0)=""/57, 0x39}, {&(0x7f0000005c00)=""/118, 0x76}, {&(0x7f0000005c80)=""/2, 0x2}, {&(0x7f0000005cc0)=""/182, 0xb6}, {&(0x7f0000005d80)=""/243, 0xf3}, {&(0x7f0000005e80)=""/250, 0xfa}, {&(0x7f0000005f80)=""/187, 0xbb}, {&(0x7f0000006040)=""/34, 0x22}], 0x8, 0x0, 0x0, 0x1}, 0x1000}, {{&(0x7f00000060c0)=@rc, 0x80, &(0x7f00000062c0)=[{&(0x7f0000006140)=""/146, 0x92}, {&(0x7f0000006200)=""/151, 0x97}], 0x2, &(0x7f0000006300)=""/174, 0xae, 0x800}, 0x8}, {{&(0x7f00000063c0)=@generic, 0x80, &(0x7f0000006480)=[{&(0x7f0000006440)=""/33, 0x21}], 0x1, &(0x7f00000064c0)=""/248, 0xf8, 0x6}, 0x7}, {{&(0x7f00000065c0)=@ax25, 0x80, &(0x7f00000068c0)=[{&(0x7f0000006640)=""/194, 0xc2}, {&(0x7f0000006740)=""/110, 0x6e}, {&(0x7f00000067c0)=""/133, 0x85}, {&(0x7f0000006880)=""/44, 0x2c}], 0x4, 0x0, 0x0, 0x241d6246}}, {{&(0x7f0000006900)=@generic, 0x80, &(0x7f0000008d40)=[{&(0x7f0000006980)=""/43, 0x2b}, {&(0x7f00000069c0)=""/4096, 0x1000}, {&(0x7f00000079c0)}, {&(0x7f0000007a00)=""/112, 0x70}, {&(0x7f0000007a80)=""/111, 0x6f}, {&(0x7f0000007b00)=""/142, 0x8e}, {&(0x7f0000007bc0)=""/22, 0x16}, {&(0x7f0000007c00)=""/4096, 0x1000}, {&(0x7f0000008c00)=""/230, 0xe6}, {&(0x7f0000008d00)=""/3, 0x3}], 0xa, &(0x7f0000008dc0)=""/4096, 0x1000, 0x2}, 0x5a}, {{&(0x7f0000009dc0)=@in6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000009fc0)=[{&(0x7f0000009e40)=""/195, 0xc3}, {&(0x7f0000009f40)=""/116, 0x74}], 0x2, 0x0, 0x0, 0x4}, 0xfffffffffffffff8}, {{&(0x7f000000a000)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @remote}}}, 0x80, &(0x7f000000a280)=[{&(0x7f000000a080)=""/201, 0xc9}, {&(0x7f000000a180)=""/201, 0xc9}], 0x2, &(0x7f000000a2c0)=""/118, 0x76, 0x1}, 0x7}, {{&(0x7f000000a340)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @broadcast}}}, 0x80, &(0x7f000000bb80)=[{&(0x7f000000a3c0)=""/221, 0xdd}, {&(0x7f000000a4c0)=""/180, 0xb4}, {&(0x7f000000a580)=""/191, 0xbf}, {&(0x7f000000a640)=""/212, 0xd4}, {&(0x7f000000a740)=""/229, 0xe5}, {&(0x7f000000a840)=""/149, 0x95}, {&(0x7f000000a900)=""/196, 0xc4}, {&(0x7f000000aa00)=""/139, 0x8b}, {&(0x7f000000aac0)=""/4096, 0x1000}, {&(0x7f000000bac0)=""/181, 0xb5}], 0xa, 0x0, 0x0, 0x4}, 0x8}], 0x9, 0x2000, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f000000bd40)={'veth0_to_bridge\x00'}) getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f000000bec0)={{{@in=@remote, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@dev}, 0x0, @in=@multicast1}}, &(0x7f000000bfc0)=0xe8) accept4$packet(r0, &(0x7f000000c000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f000000c040)=0x14, 0x80000) getsockopt$inet_mreqn(r1, 0x0, 0x20, &(0x7f000000c080)={@dev, @multicast1, 0x0}, &(0x7f000000c0c0)=0xc) getpeername$packet(r1, &(0x7f000000c100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f000000c140)=0x14) getsockopt$inet6_mreq(r0, 0x29, 0x1c, &(0x7f000000c2c0)={@local, 0x0}, &(0x7f000000c300)=0x14) accept4(r0, &(0x7f000000c340)=@can={0x1d, 0x0}, &(0x7f000000c3c0)=0x80, 0x80800) sendmsg$TEAM_CMD_OPTIONS_GET(r0, &(0x7f000000cc40)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f000000cc00)={&(0x7f000000c400)={0x194, r2, 0x100, 0x70bd29, 0x25dfdbfb, {}, [{{0x8, 0x1, r3}, {0x40, 0x2, [{0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r4}}}]}}, {{0x8, 0x1, r5}, {0x130, 0x2, [{0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8}, {0x8, 0x4, 0xffffffff7fffffff}}, {0x8, 0x6, r6}}}, {0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8}, {0x8, 0x4, 0x4}}}, {0x3c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x8}, {0xc, 0x4, 'hash\x00'}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8}, {0x8, 0x4, r7}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8}, {0x8, 0x4, r8}}, {0x8}}}]}}]}, 0x194}, 0x1, 0x0, 0x0, 0x4000801}, 0x800) eventfd(0x0) syz_genetlink_get_family_id$team(&(0x7f0000000240)='team\x00') ioctl$DRM_IOCTL_DROP_MASTER(r0, 0x641f) ioctl$KVM_HYPERV_EVENTFD(r1, 0x4018aebd, &(0x7f0000000300)={0x3}) clone(0x20002100, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff) r9 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4) pipe2(&(0x7f0000000180)={0xffffffffffffffff}, 0x80000) connect$rds(r10, &(0x7f00000001c0)={0x2, 0x4e20, @broadcast}, 0x10) write$smack_current(r9, &(0x7f00000000c0)='ip6gre0\x00', 0x8) recvfrom(0xffffffffffffffff, &(0x7f0000000440)=""/199, 0xc7, 0x2, &(0x7f0000000540)=@nfc_llcp={0x27, 0x1000, 0x2, 0x0, 0x38c0b707, 0x6, "792d29e34aa2f4d074f280ae7ad334d5a6ae377de3655e9e71c9a0d56eba957481980eb23af9b67b73f6b6f56129a364a514bc3cc4b0cbe264a99a7193f30e", 0x3e}, 0x80) socketpair(0x0, 0x80003, 0x2, &(0x7f0000000340)) mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(r0, 0xc00c9207, &(0x7f0000000100)) lsetxattr$trusted_overlay_redirect(&(0x7f0000000200)='./file0\x00', &(0x7f0000000380)='trusted.overlay.redirect\x00', &(0x7f0000000400)='./file0\x00', 0x8, 0x0) 19:11:25 executing program 3: r0 = socket$inet6(0xa, 0x100000002, 0x0) connect$inet6(r0, &(0x7f00000001c0)={0xa, 0x0, 0x0, @remote, 0x13}, 0x1c) sendto$inet6(r0, &(0x7f0000000180), 0x0, 0x402806e, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @ipv4={[], [], @multicast2}}, 0x1c) sendto$inet6(r0, &(0x7f00000000c0), 0x0, 0x0, 0x0, 0x0) 19:11:25 executing program 5: syz_open_dev$amidi(&(0x7f0000000480)='/dev/amidi#\x00', 0x0, 0x0) syz_genetlink_get_family_id$team(&(0x7f0000000500)='team\x00') getsockname$packet(0xffffffffffffff9c, &(0x7f0000005740)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000005780)=0x14) accept$packet(0xffffffffffffffff, &(0x7f00000007c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000600)=0x102b5) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffff9c, 0x0, 0x10, &(0x7f0000005cc0)={{{@in6=@ipv4={[], [], @multicast1}}}, {{@in6}, 0x0, @in6=@mcast2}}, &(0x7f0000005dc0)=0xe8) getsockopt$inet_pktinfo(0xffffffffffffff9c, 0x0, 0x8, &(0x7f0000005e00)={0x0, @multicast2, @broadcast}, &(0x7f0000005e40)=0xc) memfd_create(&(0x7f0000c19ff0)='trustedvboxnet0\x00', 0x0) dup2(0xffffffffffffffff, 0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(0xffffffffffffffff, 0x404c534a, &(0x7f0000000100)) 19:11:25 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(0xffffffffffffff9c, 0x84, 0x22, &(0x7f0000000140)={0x0, 0x8, 0x35, 0x9}, &(0x7f0000000340)=0x10) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f00000004c0)={0x0, @in={{0x2, 0x4e20, @broadcast}}}, &(0x7f0000000380)=0x98) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa100b000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3c}], 0x1, 0x0, &(0x7f0000000600), 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000400)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x7a00000000000000) 19:11:25 executing program 2: keyctl$update(0x2, 0x0, &(0x7f0000001340)="40c9e27a5202", 0x6) listen(0xffffffffffffffff, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(0xffffffffffffffff, &(0x7f0000000100), 0x0, 0x20000004, &(0x7f000031e000), 0x1c) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/tcp6\x00') socketpair$inet6(0xa, 0x0, 0x0, &(0x7f0000000080)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = accept4$inet6(r0, &(0x7f0000000400)={0xa, 0x0, 0x0, @local}, &(0x7f0000000440)=0x1c, 0x0) r3 = socket$inet6(0xa, 0x0, 0x0) r4 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) syz_genetlink_get_family_id$team(&(0x7f0000000200)='team\x00') mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x1012, r4, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000140), 0x0, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_ACCEPT(r1, &(0x7f0000000280)={0x8, 0x120, 0xfa00, {0x1, {0x9, 0x400, "d144014072b9575d2525fd2508bedf11859b407cca0cc19d0ba4ca2c04d9ded3f4dc2836e218d230d1c042466f9a22cbb9e60b48dc052c433f9e3d04e3b65df895282372b3ab124ed031283087620f14a7f132be953709d2c5363a9caf53d5e4fc6edbd9ed4dff7df3fd5b702c067088971eb6e3b5fcd56042725e718a7951364bd7a072b7e7423662428e642a11399eca8a773c3851e543d68225db74e900e02f88fd46d03dcca70d7f9fb1f332b616c90c5769cadd32af893acb86d18c15b9a7ed5f4af056b5bd12b55f3a21f90849bb1a1e8e629416f387fbc3d6471c9c2b27001bfebe08bb0515bc2a6c75b20bbe61324814336d117b99f8ed41d2709d15", 0x5c, 0x7ff, 0x8, 0x0, 0x9, 0x0, 0x100000001, 0x1}}}, 0x128) fadvise64(r4, 0x0, 0x8efe, 0x0) r5 = perf_event_open(&(0x7f0000000180)={0x6, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fcntl$F_SET_FILE_RW_HINT(r3, 0x40e, &(0x7f0000000480)=0x3) ioctl$VIDIOC_SUBDEV_S_CROP(r4, 0xc038563c, &(0x7f00000004c0)={0x1, 0x7fffffff, {0x4, 0x6, 0x8000000002}}) mlockall(0x3) close(r5) ioctl$RTC_ALM_READ(0xffffffffffffffff, 0x80247008, &(0x7f0000000040)) r6 = openat$null(0xffffffffffffff9c, &(0x7f0000000100)='/dev/null\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r2, 0x84, 0x6d, &(0x7f0000000500)={0x0, 0x45, "f7071b630531a7a8b6e3ddf9fded590dd1ff0fabebda6a9ba78baac37bb767fcef34ecd9060f3cdf47f1b419bef10dbe82a2132e6aea229a9b3b4312e99ab4faf1c67665eb"}, &(0x7f0000000580)=0x4d) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r6, 0x84, 0x75, &(0x7f00000005c0)={r7, 0x9}, 0x8) 19:11:25 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) [ 286.673529] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. 19:11:26 executing program 5: socketpair$unix(0x1, 0x8000000000000003, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f0000000280)={0x77, 0x0, [0x4b564d04, 0x0, 0x140], [0xc1]}) 19:11:26 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) 19:11:26 executing program 3: mlock(&(0x7f0000ffb000/0x3000)=nil, 0x3000) setrlimit(0x2, &(0x7f0000e63ff0)={0x2000000, 0x20080000000}) mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x2, 0x8004032, 0xffffffffffffffff, 0x0) 19:11:26 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(0xffffffffffffff9c, 0x84, 0x22, &(0x7f0000000140)={0x0, 0x8, 0x35, 0x9}, &(0x7f0000000340)=0x10) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f00000004c0)={0x0, @in={{0x2, 0x4e20, @broadcast}}}, &(0x7f0000000380)=0x98) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa100b000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3c}], 0x1, 0x0, &(0x7f0000000600), 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x7a00000000000000) [ 287.250072] kvm [8485]: vcpu0, guest rIP: 0xfff0 disabled perfctr wrmsr: 0xc1 data 0x0 [ 287.329683] mmap: syz-executor3 (8497): VmData 35131392 exceed data ulimit 33554432. Update limits or use boot option ignore_rlimit_data. 19:11:26 executing program 1: mlock(&(0x7f0000ffb000/0x3000)=nil, 0x3000) openat$dsp(0xffffffffffffff9c, &(0x7f0000002580)='/dev/dsp\x00', 0x0, 0x0) setrlimit(0x2, &(0x7f0000e63ff0)={0x2000000, 0x20080000000}) mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x2, 0x8004032, 0xffffffffffffffff, 0x0) 19:11:26 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x25d1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) r0 = memfd_create(&(0x7f0000000080)="00000600000000000000", 0x0) inotify_add_watch(r0, &(0x7f0000000380)='./file0\x00', 0x80000020) getsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(0xffffffffffffffff, 0x84, 0x12, &(0x7f0000000140), &(0x7f00000001c0)=0x4) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x401c5820, &(0x7f0000000200)={0x1, 0x0, 0x8000, 0xe2}) ioctl$sock_inet_SIOCRTMSG(0xffffffffffffffff, 0x890d, &(0x7f00000002c0)={0x6, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}, {0x2, 0x4e24, @dev}, 0x120, 0x4, 0xfffffffffffffff8}) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) socket(0x0, 0x80005, 0x0) r1 = socket$inet6(0xa, 0x80002, 0x88) bind$inet6(r1, &(0x7f0000000000)={0xa, 0x10000000004e20}, 0x1c) connect$inet6(r1, &(0x7f0000000040)={0xa, 0x4e24, 0x0, @dev, 0x2}, 0x1c) syz_emit_ethernet(0x83, &(0x7f0000000340)={@local, @local, [], {@ipv6={0x86dd, {0x0, 0x6, "1bfc97", 0x4d, 0x88, 0x0, @dev, @mcast2, {[], @udp={0x0, 0x4e20, 0x4d, 0x0, [], "e29607149378d33e1db1c73936c77aa3f7fac33b042bd368236862531934ecb1c373d6ea51369e92fb96cc7c6fe4e24d1fcafff87429e50b32881721afab69cc3712c37ed0"}}}}}}, &(0x7f0000000100)) getsockopt$inet_sctp6_SCTP_PR_STREAM_STATUS(0xffffffffffffffff, 0x84, 0x74, &(0x7f00000004c0)=""/230, &(0x7f0000000240)=0xe6) getsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(0xffffffffffffffff, 0x84, 0x12, &(0x7f0000000280), &(0x7f0000000400)=0x4) 19:11:26 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x800000000001, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_bt_hidp_HIDPCONNADD(0xffffffffffffffff, 0x400448c8, &(0x7f0000000400)=ANY=[]) openat$ipvs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0) ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x0) getsockopt$inet_sctp_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f00000002c0)={0x0, 0x100000001}, &(0x7f0000000300)=0x14) r2 = syz_open_procfs(0x0, &(0x7f0000000080)="2f6578650000000000000f1ce3000000000000000000000000") mmap$perf(&(0x7f0000105000/0x4000)=nil, 0x4000, 0x0, 0x11, r2, 0x0) ustat(0x0, &(0x7f0000000080)) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000100), 0xffffffffffffffff) fcntl$getown(r0, 0x9) pread64(r2, &(0x7f0000003c00)=""/4096, 0xffffff72, 0x0) 19:11:26 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) 19:11:26 executing program 5: socketpair$unix(0x1, 0x8000000000000003, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f0000000280)={0x77, 0x0, [0x4b564d04, 0x0, 0x140], [0xc1]}) 19:11:27 executing program 1: socket$inet_icmp_raw(0x2, 0x3, 0x1) syz_emit_ethernet(0x3e, &(0x7f0000000140)={@local, @random="79e06331618b", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @remote, @dev}, @icmp=@parameter_prob={0x3, 0x4, 0x0, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @local, @dev}}}}}}, &(0x7f0000000040)) 19:11:27 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(0xffffffffffffff9c, 0x84, 0x22, &(0x7f0000000140)={0x0, 0x8, 0x35, 0x9}, &(0x7f0000000340)=0x10) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f00000004c0)={0x0, @in={{0x2, 0x4e20, @broadcast}}}, &(0x7f0000000380)=0x98) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa100b000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3c}], 0x1, 0x0, &(0x7f0000000600), 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x7a00000000000000) 19:11:27 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) 19:11:27 executing program 1: r0 = gettid() unshare(0x28020400) exit(0x0) syz_open_procfs$namespace(r0, &(0x7f0000000000)='ns/pid_for_children\x00') 19:11:27 executing program 5: socketpair$unix(0x1, 0x8000000000000003, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f0000000280)={0x77, 0x0, [0x4b564d04, 0x0, 0x140], [0xc1]}) 19:11:28 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(0xffffffffffffff9c, 0x84, 0x22, &(0x7f0000000140)={0x0, 0x8, 0x35, 0x9}, &(0x7f0000000340)=0x10) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f00000004c0)={0x0, @in={{0x2, 0x4e20, @broadcast}}}, &(0x7f0000000380)=0x98) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa100b000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3c}], 0x1, 0x0, &(0x7f0000000600), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x7a00000000000000) 19:11:28 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) 19:11:28 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x25d1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) r0 = memfd_create(&(0x7f0000000080)="00000600000000000000", 0x0) inotify_add_watch(r0, &(0x7f0000000380)='./file0\x00', 0x80000020) getsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(0xffffffffffffffff, 0x84, 0x12, &(0x7f0000000140), &(0x7f00000001c0)=0x4) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x401c5820, &(0x7f0000000200)={0x1, 0x0, 0x8000, 0xe2}) ioctl$sock_inet_SIOCRTMSG(0xffffffffffffffff, 0x890d, &(0x7f00000002c0)={0x6, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}, {0x2, 0x4e24, @dev}, 0x120, 0x4, 0xfffffffffffffff8}) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) socket(0x0, 0x80005, 0x0) r1 = socket$inet6(0xa, 0x80002, 0x88) bind$inet6(r1, &(0x7f0000000000)={0xa, 0x10000000004e20}, 0x1c) connect$inet6(r1, &(0x7f0000000040)={0xa, 0x4e24, 0x0, @dev, 0x2}, 0x1c) syz_emit_ethernet(0x83, &(0x7f0000000340)={@local, @local, [], {@ipv6={0x86dd, {0x0, 0x6, "1bfc97", 0x4d, 0x88, 0x0, @dev, @mcast2, {[], @udp={0x0, 0x4e20, 0x4d, 0x0, [], "e29607149378d33e1db1c73936c77aa3f7fac33b042bd368236862531934ecb1c373d6ea51369e92fb96cc7c6fe4e24d1fcafff87429e50b32881721afab69cc3712c37ed0"}}}}}}, &(0x7f0000000100)) getsockopt$inet_sctp6_SCTP_PR_STREAM_STATUS(0xffffffffffffffff, 0x84, 0x74, &(0x7f00000004c0)=""/230, &(0x7f0000000240)=0xe6) getsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(0xffffffffffffffff, 0x84, 0x12, &(0x7f0000000280), &(0x7f0000000400)=0x4) 19:11:29 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) 19:11:30 executing program 3: socketpair$unix(0x1, 0x8000000000000003, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f0000000280)={0x77, 0x0, [0x40000100, 0x0, 0x140], [0xc1]}) 19:11:30 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(0xffffffffffffff9c, 0x84, 0x22, &(0x7f0000000140)={0x0, 0x8, 0x35, 0x9}, &(0x7f0000000340)=0x10) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f00000004c0)={0x0, @in={{0x2, 0x4e20, @broadcast}}}, &(0x7f0000000380)=0x98) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x7a00000000000000) 19:11:30 executing program 5: socketpair$unix(0x1, 0x8000000000000003, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f0000000280)={0x77, 0x0, [0x4b564d04, 0x0, 0x140], [0xc1]}) 19:11:30 executing program 1: r0 = gettid() unshare(0x28020400) exit(0x0) syz_open_procfs$namespace(r0, &(0x7f0000000000)='ns/pid_for_children\x00') 19:11:30 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) 19:11:30 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x25d1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) r0 = memfd_create(&(0x7f0000000080)="00000600000000000000", 0x0) inotify_add_watch(r0, &(0x7f0000000380)='./file0\x00', 0x80000020) getsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(0xffffffffffffffff, 0x84, 0x12, &(0x7f0000000140), &(0x7f00000001c0)=0x4) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x401c5820, &(0x7f0000000200)={0x1, 0x0, 0x8000, 0xe2}) ioctl$sock_inet_SIOCRTMSG(0xffffffffffffffff, 0x890d, &(0x7f00000002c0)={0x6, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}, {0x2, 0x4e24, @dev}, 0x120, 0x4, 0xfffffffffffffff8}) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) socket(0x0, 0x80005, 0x0) r1 = socket$inet6(0xa, 0x80002, 0x88) bind$inet6(r1, &(0x7f0000000000)={0xa, 0x10000000004e20}, 0x1c) connect$inet6(r1, &(0x7f0000000040)={0xa, 0x4e24, 0x0, @dev, 0x2}, 0x1c) syz_emit_ethernet(0x83, &(0x7f0000000340)={@local, @local, [], {@ipv6={0x86dd, {0x0, 0x6, "1bfc97", 0x4d, 0x88, 0x0, @dev, @mcast2, {[], @udp={0x0, 0x4e20, 0x4d, 0x0, [], "e29607149378d33e1db1c73936c77aa3f7fac33b042bd368236862531934ecb1c373d6ea51369e92fb96cc7c6fe4e24d1fcafff87429e50b32881721afab69cc3712c37ed0"}}}}}}, &(0x7f0000000100)) getsockopt$inet_sctp6_SCTP_PR_STREAM_STATUS(0xffffffffffffffff, 0x84, 0x74, &(0x7f00000004c0)=""/230, &(0x7f0000000240)=0xe6) getsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(0xffffffffffffffff, 0x84, 0x12, &(0x7f0000000280), &(0x7f0000000400)=0x4) 19:11:30 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) [ 291.438894] kvm [8595]: vcpu0, guest rIP: 0xfff0 disabled perfctr wrmsr: 0xc1 data 0x0 19:11:30 executing program 2: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x25d1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) r0 = memfd_create(&(0x7f0000000080)="00000600000000000000", 0x0) inotify_add_watch(r0, &(0x7f0000000380)='./file0\x00', 0x80000020) getsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(0xffffffffffffffff, 0x84, 0x12, &(0x7f0000000140), &(0x7f00000001c0)=0x4) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x401c5820, &(0x7f0000000200)={0x1, 0x0, 0x8000, 0xe2}) ioctl$sock_inet_SIOCRTMSG(0xffffffffffffffff, 0x890d, &(0x7f00000002c0)={0x6, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}, {0x2, 0x4e24, @dev}, 0x120, 0x4, 0xfffffffffffffff8}) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) socket(0x0, 0x80005, 0x0) r1 = socket$inet6(0xa, 0x80002, 0x88) bind$inet6(r1, &(0x7f0000000000)={0xa, 0x10000000004e20}, 0x1c) connect$inet6(r1, &(0x7f0000000040)={0xa, 0x4e24, 0x0, @dev, 0x2}, 0x1c) syz_emit_ethernet(0x83, &(0x7f0000000340)={@local, @local, [], {@ipv6={0x86dd, {0x0, 0x6, "1bfc97", 0x4d, 0x88, 0x0, @dev, @mcast2, {[], @udp={0x0, 0x4e20, 0x4d, 0x0, [], "e29607149378d33e1db1c73936c77aa3f7fac33b042bd368236862531934ecb1c373d6ea51369e92fb96cc7c6fe4e24d1fcafff87429e50b32881721afab69cc3712c37ed0"}}}}}}, &(0x7f0000000100)) getsockopt$inet_sctp6_SCTP_PR_STREAM_STATUS(0xffffffffffffffff, 0x84, 0x74, &(0x7f00000004c0)=""/230, &(0x7f0000000240)=0xe6) getsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(0xffffffffffffffff, 0x84, 0x12, &(0x7f0000000280), &(0x7f0000000400)=0x4) 19:11:30 executing program 5: r0 = socket$inet6(0xa, 0x22000000002, 0x0) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={[], [], @remote}}, 0x1c) [ 291.744853] not chained 30000 origins [ 291.748737] CPU: 1 PID: 8608 Comm: syz-executor4 Not tainted 4.19.0+ #83 [ 291.755590] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 291.765047] Call Trace: [ 291.767652] dump_stack+0x32d/0x480 [ 291.771317] kmsan_internal_chain_origin+0x222/0x240 [ 291.776464] ? save_stack_trace+0xc6/0x110 [ 291.780733] ? __irqentry_text_end+0x1fa056/0x1fa056 [ 291.785858] ? kmsan_internal_chain_origin+0x90/0x240 [ 291.791074] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 291.796450] ? is_bpf_text_address+0x49e/0x4d0 [ 291.801067] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 291.806535] ? in_task_stack+0x12c/0x210 [ 291.810623] __msan_chain_origin+0x6d/0xd0 [ 291.814888] __save_stack_trace+0x833/0xc60 [ 291.819244] ? save_stack_trace+0xc6/0x110 [ 291.823612] save_stack_trace+0xc6/0x110 [ 291.827692] kmsan_internal_chain_origin+0x136/0x240 [ 291.832822] ? kmsan_internal_chain_origin+0x136/0x240 [ 291.838118] ? kmsan_memcpy_origins+0x13d/0x1b0 [ 291.842799] ? __msan_memcpy+0x6f/0x80 [ 291.846703] ? skb_copy_bits+0x1d2/0xc90 [ 291.850780] ? skb_copy+0x56c/0xbc0 [ 291.854421] ? tcp_send_synack+0x7a3/0x18f0 [ 291.858767] ? tcp_rcv_state_process+0x29b5/0x6e50 [ 291.863715] ? tcp_v6_do_rcv+0x113f/0x21a0 [ 291.867969] ? __release_sock+0x32d/0x760 [ 291.872128] ? release_sock+0x99/0x2a0 [ 291.876035] ? __inet_stream_connect+0xdff/0x15d0 [ 291.880996] ? tcp_sendmsg_locked+0x6655/0x6c30 [ 291.885687] ? tcp_sendmsg+0xb2/0x100 [ 291.889520] ? inet_sendmsg+0x4e9/0x800 19:11:30 executing program 5: r0 = memfd_create(&(0x7f0000000480)='\x00\x00\x00\x00\x00\x00\x00\x00', 0x3) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) mmap$binder(&(0x7f0000e0c000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) io_setup(0x7, &(0x7f0000000640)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f00000f0000/0x4000)=nil, 0x4000, 0x0, 0x31, 0xffffffffffffffff, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) getsockopt$EBT_SO_GET_ENTRIES(0xffffffffffffffff, 0x0, 0x81, &(0x7f0000000540)={'broute\x00', 0x0, 0x3, 0x2e, [], 0x4, &(0x7f00000003c0)=[{}, {}, {}, {}], &(0x7f00000000c0)=""/46}, &(0x7f0000000440)=0x78) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x13, r0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$DRM_IOCTL_FREE_BUFS(r0, 0x4010641a, &(0x7f0000000600)={0x1, &(0x7f00000005c0)=[0x101]}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) fstat(0xffffffffffffffff, &(0x7f0000000280)) setsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x0, &(0x7f0000000780)=ANY=[], 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000140)="660f3828bf0080dce12664670f013e66b9f609000066b8d41a4d4366ba000000000f300f019800007fbe0f013b66b9c70b000066b80060000066ba000000000f30b200f086b8ee00", 0x48}], 0x1, 0x0, &(0x7f00000003c0), 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') sendmsg$IPVS_CMD_GET_INFO(r0, &(0x7f0000000240)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000340)={0x58, 0x0, 0x0, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_SERVICE={0x18, 0x1, [@IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@dev}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x5}, @IPVS_CMD_ATTR_SERVICE={0x4}, @IPVS_CMD_ATTR_DEST={0x20, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6=@ipv4={[], [], @local}}]}]}, 0x58}}, 0x0) ioctl$FITRIM(0xffffffffffffffff, 0xc0185879, &(0x7f0000000500)) [ 291.893515] ? __sys_sendto+0x97b/0xb80 [ 291.897514] ? __se_sys_sendto+0x107/0x130 [ 291.901761] ? __x64_sys_sendto+0x6e/0x90 [ 291.905929] ? do_syscall_64+0xcf/0x110 [ 291.909922] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 291.915322] ? __msan_get_context_state+0x9/0x30 [ 291.920090] ? INIT_INT+0xc/0x30 [ 291.923471] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 291.928866] ? __msan_get_context_state+0x9/0x30 [ 291.933655] kmsan_memcpy_origins+0x13d/0x1b0 [ 291.938181] __msan_memcpy+0x6f/0x80 [ 291.941920] skb_copy_bits+0x1d2/0xc90 [ 291.945844] skb_copy+0x56c/0xbc0 [ 291.949340] tcp_send_synack+0x7a3/0x18f0 [ 291.953517] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 291.959008] tcp_rcv_state_process+0x29b5/0x6e50 [ 291.963812] tcp_v6_do_rcv+0x113f/0x21a0 [ 291.967909] ? tcp_v6_destroy_sock+0x60/0x60 [ 291.972339] __release_sock+0x32d/0x760 [ 291.976344] release_sock+0x99/0x2a0 [ 291.980080] __inet_stream_connect+0xdff/0x15d0 [ 291.984782] ? wait_woken+0x5b0/0x5b0 [ 291.988606] tcp_sendmsg_locked+0x6655/0x6c30 [ 291.993121] ? kmsan_set_origin+0x83/0x130 [ 291.997389] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 292.002770] ? aa_label_sk_perm+0x8e9/0x960 [ 292.007105] ? futex_wait+0x785/0xa90 [ 292.010938] ? __msan_poison_alloca+0x1e0/0x2b0 [ 292.015633] ? __local_bh_enable_ip+0x46/0x260 [ 292.020241] ? __msan_warning+0xb0/0xd0 [ 292.024572] ? __msan_poison_alloca+0x1e0/0x2b0 [ 292.029270] tcp_sendmsg+0xb2/0x100 [ 292.032918] ? tcp_sendmsg_locked+0x6c30/0x6c30 [ 292.037609] inet_sendmsg+0x4e9/0x800 [ 292.041428] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 292.046802] ? security_socket_sendmsg+0x1bd/0x200 [ 292.051757] ? inet_getname+0x490/0x490 [ 292.055756] __sys_sendto+0x97b/0xb80 [ 292.059602] ? syscall_return_slowpath+0x123/0x8c0 [ 292.064570] ? put_timespec64+0x162/0x220 [ 292.068740] __se_sys_sendto+0x107/0x130 [ 292.072830] __x64_sys_sendto+0x6e/0x90 [ 292.076821] do_syscall_64+0xcf/0x110 [ 292.080643] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 292.085839] RIP: 0033:0x457569 [ 292.089043] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 292.107956] RSP: 002b:00007f0199ac0c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 292.115684] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000457569 [ 292.122969] RDX: 000000000000d14b RSI: 0000000020000100 RDI: 0000000000000003 [ 292.130253] RBP: 000000000072bf00 R08: 0000000020b63fe4 R09: 000000000000001c [ 292.137531] R10: 0000000020000004 R11: 0000000000000246 R12: 00007f0199ac16d4 [ 292.144807] R13: 00000000004c3c1d R14: 00000000004d5e98 R15: 00000000ffffffff [ 292.152093] Uninit was stored to memory at: [ 292.156427] kmsan_internal_chain_origin+0x136/0x240 [ 292.161535] __msan_chain_origin+0x6d/0xd0 [ 292.165775] save_stack_trace+0xfa/0x110 [ 292.169843] kmsan_internal_chain_origin+0x136/0x240 [ 292.174951] kmsan_memcpy_origins+0x13d/0x1b0 [ 292.179453] __msan_memcpy+0x6f/0x80 [ 292.183178] skb_copy_bits+0x1d2/0xc90 [ 292.187251] skb_copy+0x56c/0xbc0 [ 292.190708] tcp_send_synack+0x7a3/0x18f0 [ 292.194863] tcp_rcv_state_process+0x29b5/0x6e50 [ 292.199736] tcp_v6_do_rcv+0x113f/0x21a0 [ 292.203835] __release_sock+0x32d/0x760 [ 292.207815] release_sock+0x99/0x2a0 [ 292.211538] __inet_stream_connect+0xdff/0x15d0 [ 292.216222] tcp_sendmsg_locked+0x6655/0x6c30 [ 292.220724] tcp_sendmsg+0xb2/0x100 [ 292.224357] inet_sendmsg+0x4e9/0x800 [ 292.228162] __sys_sendto+0x97b/0xb80 [ 292.231969] __se_sys_sendto+0x107/0x130 [ 292.236034] __x64_sys_sendto+0x6e/0x90 [ 292.240038] do_syscall_64+0xcf/0x110 [ 292.243843] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 292.249026] [ 292.250654] Uninit was stored to memory at: [ 292.254985] kmsan_internal_chain_origin+0x136/0x240 [ 292.260098] __msan_chain_origin+0x6d/0xd0 [ 292.264348] __save_stack_trace+0x833/0xc60 [ 292.268676] save_stack_trace+0xc6/0x110 [ 292.272745] kmsan_internal_chain_origin+0x136/0x240 [ 292.277857] kmsan_memcpy_origins+0x13d/0x1b0 [ 292.282358] __msan_memcpy+0x6f/0x80 [ 292.286080] skb_copy_bits+0x1d2/0xc90 [ 292.289972] skb_copy+0x56c/0xbc0 [ 292.293430] tcp_send_synack+0x7a3/0x18f0 [ 292.297588] tcp_rcv_state_process+0x29b5/0x6e50 [ 292.302353] tcp_v6_do_rcv+0x113f/0x21a0 [ 292.306416] __release_sock+0x32d/0x760 [ 292.310392] release_sock+0x99/0x2a0 [ 292.314112] __inet_stream_connect+0xdff/0x15d0 [ 292.318788] tcp_sendmsg_locked+0x6655/0x6c30 [ 292.323288] tcp_sendmsg+0xb2/0x100 [ 292.326928] inet_sendmsg+0x4e9/0x800 [ 292.330735] __sys_sendto+0x97b/0xb80 [ 292.334537] __se_sys_sendto+0x107/0x130 [ 292.338604] __x64_sys_sendto+0x6e/0x90 [ 292.342582] do_syscall_64+0xcf/0x110 [ 292.346392] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 292.351580] [ 292.353206] Uninit was stored to memory at: [ 292.357534] kmsan_internal_chain_origin+0x136/0x240 [ 292.362649] __msan_chain_origin+0x6d/0xd0 [ 292.366889] save_stack_trace+0xfa/0x110 [ 292.370956] kmsan_internal_chain_origin+0x136/0x240 [ 292.376071] kmsan_memcpy_origins+0x13d/0x1b0 [ 292.380572] __msan_memcpy+0x6f/0x80 [ 292.384288] skb_copy_bits+0x1d2/0xc90 [ 292.388183] skb_copy+0x56c/0xbc0 [ 292.391643] tcp_send_synack+0x7a3/0x18f0 [ 292.395801] tcp_rcv_state_process+0x29b5/0x6e50 [ 292.400567] tcp_v6_do_rcv+0x113f/0x21a0 [ 292.404633] __release_sock+0x32d/0x760 [ 292.408614] release_sock+0x99/0x2a0 [ 292.412333] __inet_stream_connect+0xdff/0x15d0 [ 292.417010] tcp_sendmsg_locked+0x6655/0x6c30 [ 292.421513] tcp_sendmsg+0xb2/0x100 [ 292.425144] inet_sendmsg+0x4e9/0x800 [ 292.428956] __sys_sendto+0x97b/0xb80 [ 292.432764] __se_sys_sendto+0x107/0x130 [ 292.436829] __x64_sys_sendto+0x6e/0x90 [ 292.440812] do_syscall_64+0xcf/0x110 [ 292.444620] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 292.449807] [ 292.451438] Uninit was stored to memory at: [ 292.455774] kmsan_internal_chain_origin+0x136/0x240 [ 292.460888] __msan_chain_origin+0x6d/0xd0 [ 292.465134] __save_stack_trace+0x833/0xc60 [ 292.469469] save_stack_trace+0xc6/0x110 [ 292.473545] kmsan_internal_chain_origin+0x136/0x240 [ 292.478655] kmsan_memcpy_origins+0x13d/0x1b0 [ 292.483160] __msan_memcpy+0x6f/0x80 [ 292.486881] skb_copy_bits+0x1d2/0xc90 [ 292.490778] skb_copy+0x56c/0xbc0 [ 292.494238] tcp_send_synack+0x7a3/0x18f0 [ 292.498399] tcp_rcv_state_process+0x29b5/0x6e50 [ 292.503162] tcp_v6_do_rcv+0x113f/0x21a0 [ 292.507223] __release_sock+0x32d/0x760 [ 292.511195] release_sock+0x99/0x2a0 [ 292.514905] __inet_stream_connect+0xdff/0x15d0 [ 292.519574] tcp_sendmsg_locked+0x6655/0x6c30 [ 292.524068] tcp_sendmsg+0xb2/0x100 [ 292.527688] inet_sendmsg+0x4e9/0x800 [ 292.531483] __sys_sendto+0x97b/0xb80 [ 292.535283] __se_sys_sendto+0x107/0x130 [ 292.539338] __x64_sys_sendto+0x6e/0x90 [ 292.543309] do_syscall_64+0xcf/0x110 [ 292.547108] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 292.552289] [ 292.553910] Uninit was stored to memory at: [ 292.558226] kmsan_internal_chain_origin+0x136/0x240 [ 292.563414] __msan_chain_origin+0x6d/0xd0 [ 292.567643] save_stack_trace+0xfa/0x110 [ 292.571700] kmsan_internal_chain_origin+0x136/0x240 [ 292.576794] kmsan_memcpy_origins+0x13d/0x1b0 [ 292.581290] __msan_memcpy+0x6f/0x80 [ 292.584998] skb_copy_bits+0x1d2/0xc90 [ 292.588878] skb_copy+0x56c/0xbc0 [ 292.592334] tcp_send_synack+0x7a3/0x18f0 [ 292.596479] tcp_rcv_state_process+0x29b5/0x6e50 [ 292.601239] tcp_v6_do_rcv+0x113f/0x21a0 [ 292.605297] __release_sock+0x32d/0x760 [ 292.609267] release_sock+0x99/0x2a0 [ 292.612974] __inet_stream_connect+0xdff/0x15d0 [ 292.617638] tcp_sendmsg_locked+0x6655/0x6c30 [ 292.622124] tcp_sendmsg+0xb2/0x100 [ 292.625745] inet_sendmsg+0x4e9/0x800 [ 292.629538] __sys_sendto+0x97b/0xb80 [ 292.633331] __se_sys_sendto+0x107/0x130 [ 292.637381] __x64_sys_sendto+0x6e/0x90 [ 292.641347] do_syscall_64+0xcf/0x110 [ 292.645155] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 292.650328] [ 292.651946] Uninit was stored to memory at: [ 292.656262] kmsan_internal_chain_origin+0x136/0x240 [ 292.661360] __msan_chain_origin+0x6d/0xd0 [ 292.665586] __save_stack_trace+0x833/0xc60 [ 292.669903] save_stack_trace+0xc6/0x110 [ 292.673963] kmsan_internal_chain_origin+0x136/0x240 [ 292.679061] kmsan_memcpy_origins+0x13d/0x1b0 [ 292.683555] __msan_memcpy+0x6f/0x80 [ 292.687263] skb_copy_bits+0x1d2/0xc90 [ 292.691140] skb_copy+0x56c/0xbc0 [ 292.694589] tcp_send_synack+0x7a3/0x18f0 [ 292.698730] tcp_rcv_state_process+0x29b5/0x6e50 [ 292.703477] tcp_v6_do_rcv+0x113f/0x21a0 [ 292.707538] __release_sock+0x32d/0x760 [ 292.711513] release_sock+0x99/0x2a0 [ 292.715224] __inet_stream_connect+0xdff/0x15d0 [ 292.719890] tcp_sendmsg_locked+0x6655/0x6c30 [ 292.724380] tcp_sendmsg+0xb2/0x100 [ 292.727999] inet_sendmsg+0x4e9/0x800 [ 292.731792] __sys_sendto+0x97b/0xb80 [ 292.735585] __se_sys_sendto+0x107/0x130 [ 292.739639] __x64_sys_sendto+0x6e/0x90 [ 292.743606] do_syscall_64+0xcf/0x110 [ 292.747401] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 292.752579] [ 292.754193] Uninit was stored to memory at: [ 292.758516] kmsan_internal_chain_origin+0x136/0x240 [ 292.763614] __msan_chain_origin+0x6d/0xd0 [ 292.767845] save_stack_trace+0xfa/0x110 [ 292.771905] kmsan_internal_chain_origin+0x136/0x240 [ 292.777005] kmsan_memcpy_origins+0x13d/0x1b0 [ 292.781890] __msan_memcpy+0x6f/0x80 [ 292.785598] skb_copy_bits+0x1d2/0xc90 [ 292.789480] skb_copy+0x56c/0xbc0 [ 292.792957] tcp_send_synack+0x7a3/0x18f0 [ 292.797102] tcp_rcv_state_process+0x29b5/0x6e50 [ 292.801855] tcp_v6_do_rcv+0x113f/0x21a0 [ 292.805928] __release_sock+0x32d/0x760 [ 292.809893] release_sock+0x99/0x2a0 [ 292.813599] __inet_stream_connect+0xdff/0x15d0 [ 292.818260] tcp_sendmsg_locked+0x6655/0x6c30 [ 292.822752] tcp_sendmsg+0xb2/0x100 [ 292.826381] inet_sendmsg+0x4e9/0x800 [ 292.830176] __sys_sendto+0x97b/0xb80 [ 292.833968] __se_sys_sendto+0x107/0x130 [ 292.838034] __x64_sys_sendto+0x6e/0x90 [ 292.841999] do_syscall_64+0xcf/0x110 [ 292.845797] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 292.850976] [ 292.852639] Local variable description: ----acpar@ip6t_do_table [ 292.858684] Variable was created at: [ 292.862392] ip6t_do_table+0xb7/0x2c20 [ 292.866272] ip6table_mangle_hook+0x2fe/0x9b0 19:11:32 executing program 1: r0 = gettid() unshare(0x28020400) exit(0x0) syz_open_procfs$namespace(r0, &(0x7f0000000000)='ns/pid_for_children\x00') 19:11:32 executing program 3: r0 = memfd_create(&(0x7f0000000480)='\x00\x00\x00\x00\x00\x00\x00\x00', 0x3) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) mmap$binder(&(0x7f0000e0c000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f00000f0000/0x4000)=nil, 0x4000, 0x0, 0x31, 0xffffffffffffffff, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000000540)={'broute\x00', 0x0, 0x3, 0x2e, [], 0x4, &(0x7f00000003c0)=[{}, {}, {}, {}], &(0x7f00000000c0)=""/46}, &(0x7f0000000440)=0x78) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x13, r0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$TUNGETFILTER(r0, 0x801054db, &(0x7f0000000680)=""/217) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) fstat(0xffffffffffffffff, &(0x7f0000000280)) setsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x0, &(0x7f0000000780)=ANY=[], 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000140)="660f3828bf0080dce12664670f013e66b9f609000066b8d41a4d4366ba000000000f300f019800007fbe0f013b66b9c70b000066b80060000066ba000000000f30b200f086b8ee00", 0x48}], 0x1, 0x0, &(0x7f00000003c0), 0x0) sendmsg$IPVS_CMD_GET_INFO(r0, &(0x7f0000000240)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000340)={0x60, 0x0, 0x0, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_SERVICE={0x18, 0x1, [@IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@dev}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x5}, @IPVS_CMD_ATTR_SERVICE={0xc, 0x1, [@IPVS_SVC_ATTR_PORT={0x8}]}, @IPVS_CMD_ATTR_DEST={0x20, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6=@ipv4={[], [], @local}}]}]}, 0x60}}, 0x0) ioctl$FITRIM(0xffffffffffffffff, 0xc0185879, &(0x7f0000000500)) 19:11:32 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(0xffffffffffffff9c, 0x84, 0x22, &(0x7f0000000140)={0x0, 0x8, 0x35, 0x9}, &(0x7f0000000340)=0x10) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x7a00000000000000) 19:11:33 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(0xffffffffffffff9c, 0x84, 0x22, &(0x7f0000000140)={0x0, 0x8, 0x35, 0x9}, &(0x7f0000000340)=0x10) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x7a00000000000000) 19:11:33 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x7a00000000000000) 19:11:33 executing program 3: r0 = socket$can_raw(0x1d, 0x3, 0x1) arch_prctl(0x0, &(0x7f0000000180)="e1dfc0c9eda0b5801dfa438ad780c547f1386236634511a40ebc29fa138eb0ee21baba18f2893c49c17706d35ac957e9ca49a0496550acde") bind$can_raw(r0, &(0x7f0000000140), 0x10) setsockopt(r0, 0x65, 0x1, &(0x7f0000000080), 0x1d0) ioctl$sock_inet_SIOCGIFADDR(r0, 0x8915, &(0x7f0000000000)={'gre0\x00', {0x2, 0x4e23, @local}}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) close(r0) 19:11:33 executing program 1: r0 = gettid() unshare(0x28020400) exit(0x0) syz_open_procfs$namespace(r0, &(0x7f0000000000)='ns/pid_for_children\x00') 19:11:33 executing program 5: mkdir(&(0x7f00000000c0)='./file0\x00', 0x11a) mount(&(0x7f0000000400)=ANY=[], &(0x7f0000000480)='./file0\x00', &(0x7f0000000440)='sysfs\x00', 0x18008, &(0x7f0000000100)) eventfd(0x0) ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, 0xffffffffffffffff) syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(0xffffffffffffffff, 0xc0a85352, &(0x7f00000004c0)={{}, 'port0\x00'}) openat$vhci(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vhci\x00', 0x0, 0x0) connect(0xffffffffffffffff, &(0x7f00000002c0)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast2}}}, 0x80) socketpair$unix(0x1, 0x20000000000003, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = open(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) flistxattr(r1, &(0x7f0000000140)=""/231, 0xfed3) 19:11:33 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) ioctl(0xffffffffffffffff, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) 19:11:34 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x10, 0x3, 0xc) sendmsg(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="24000000100001000000fd946fa2830020200a0009000300001c85680c1ba3f00400ff5e28000000060affffba16a0aa1c0009c001da5a80d10900000000000000290900f8e658c90c4ba2d3a9719007cd883845ceabc10a78397865", 0x5c}], 0x1}, 0x0) 19:11:34 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_RUN(r0, 0xae80, 0x7a00000000000000) 19:11:34 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) ioctl(0xffffffffffffffff, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) 19:11:35 executing program 3: r0 = socket$inet(0x10, 0x3, 0xc) sendmsg(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="24000000100001000000fd946fa2830020200a0009000300001c85680c1ba3f00400ff5e28000000060affffba16a0aa1c0009c001da5a80d10900000000000000290900f8e658c90c4ba2d3a9719007cd883845ceabc10a78397865895dc6756ef6a20cb680291943f1eb0f9ff9efd1ec9bf70da9dc04aea6235df97085b9ec48bbab9a76bf8a2f", 0x88}], 0x1}, 0x4080) [ 295.968286] netlink: 20 bytes leftover after parsing attributes in process `syz-executor2'. 19:11:35 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_RUN(r0, 0xae80, 0x7a00000000000000) 19:11:35 executing program 5: seccomp(0x4000000000000001, 0x0, &(0x7f0000028ff0)={0x0, &(0x7f00000b3000)}) prctl$seccomp(0x16, 0x1, &(0x7f0000000000)={0x20000000000001c2, &(0x7f00000002c0)=[{0x10001, 0x400, 0x20}, {0x3, 0xa310, 0x2, 0x4}]}) [ 296.059852] netlink: 20 bytes leftover after parsing attributes in process `syz-executor2'. [ 296.131338] netlink: 20 bytes leftover after parsing attributes in process `syz-executor3'. 19:11:35 executing program 2: r0 = socket$inet_sctp(0x2, 0x5, 0x84) sendmmsg$inet_sctp(r0, &(0x7f0000001740)=[{&(0x7f0000000000)=@in={0x2, 0x0, @local}, 0x10, &(0x7f0000000040)=[{&(0x7f0000000180)='5', 0x1}], 0x1, &(0x7f0000001680)}], 0x1, 0x0) [ 296.239110] kauditd_printk_skb: 3 callbacks suppressed [ 296.239142] audit: type=1326 audit(1542049895.285:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=8677 comm="syz-executor5" exe="/root/syz-executor5" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45a3ca code=0x0 19:11:35 executing program 1: r0 = gettid() unshare(0x28020400) syz_open_procfs$namespace(r0, &(0x7f0000000000)='ns/pid_for_children\x00') 19:11:35 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) ioctl(0xffffffffffffffff, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) 19:11:35 executing program 3: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") r1 = syz_open_dev$dspn(&(0x7f0000af6ff6)='/dev/dsp#\x00', 0x1, 0x0) r2 = epoll_create(0xc) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f00000000c0)) 19:11:35 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_RUN(r0, 0xae80, 0x7a00000000000000) 19:11:35 executing program 2: socket$inet(0x2, 0x4000000000000001, 0x0) 19:11:35 executing program 1: r0 = gettid() unshare(0x28020400) syz_open_procfs$namespace(r0, &(0x7f0000000000)='ns/pid_for_children\x00') 19:11:35 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) 19:11:36 executing program 0: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_RUN(r1, 0xae80, 0x7a00000000000000) 19:11:36 executing program 3: r0 = memfd_create(&(0x7f00000000c0)='#em1#+\x00', 0x0) write(r0, &(0x7f0000000180)="c93e6ea921d76f854aa2398bc97b16b7f612644f1e27017a", 0x18) mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, r0, 0x0) r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080), 0x0, 0x0, &(0x7f0000000100)}) 19:11:36 executing program 2: r0 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x1, 0x2) r1 = epoll_create(0xc) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000000c0)) 19:11:36 executing program 5: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000223fd4)=[@in={0x2, 0x0, @loopback}], 0x10) 19:11:36 executing program 1: r0 = gettid() unshare(0x28020400) syz_open_procfs$namespace(r0, &(0x7f0000000000)='ns/pid_for_children\x00') [ 297.283129] binder: 8715:8716 ioctl c0306201 20000000 returned -14 19:11:36 executing program 4: bind$inet6(0xffffffffffffffff, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) sendto$inet6(0xffffffffffffffff, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) [ 297.353944] binder: 8715:8720 ioctl c0306201 20000000 returned -14 19:11:36 executing program 3: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket(0xa, 0x1, 0x0) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x82002, 0x0) write$sndseq(r1, &(0x7f00000003c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @control={0x0, 0x5}}], 0x30) dup2(r0, r1) 19:11:36 executing program 0: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_RUN(r1, 0xae80, 0x7a00000000000000) 19:11:36 executing program 5: memfd_create(&(0x7f0000c19ff0)='trustedvboxnet0\x00', 0x0) 19:11:36 executing program 1: r0 = gettid() exit(0x0) syz_open_procfs$namespace(r0, &(0x7f0000000000)='ns/pid_for_children\x00') 19:11:37 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(0xffffffffffffffff, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) 19:11:37 executing program 0: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_RUN(r1, 0xae80, 0x7a00000000000000) 19:11:37 executing program 3: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket(0xa, 0x1, 0x0) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x82002, 0x0) write$sndseq(r1, &(0x7f00000003c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @control={0x0, 0x5}}], 0x30) dup2(r0, r1) 19:11:37 executing program 5: ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$pptp(0x18, 0x1, 0x2) connect$pptp(r0, &(0x7f0000000040), 0x1e) 19:11:37 executing program 2: 19:11:37 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_RUN(r1, 0xae80, 0x7a00000000000000) 19:11:37 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000), 0x1c) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) 19:11:37 executing program 3: 19:11:37 executing program 2: 19:11:37 executing program 5: 19:11:37 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_RUN(r1, 0xae80, 0x7a00000000000000) 19:11:38 executing program 1: r0 = gettid() exit(0x0) syz_open_procfs$namespace(r0, &(0x7f0000000000)='ns/pid_for_children\x00') 19:11:38 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) 19:11:38 executing program 3: 19:11:38 executing program 2: r0 = memfd_create(&(0x7f00000000c0)='#em1#+\x00', 0x0) write(r0, &(0x7f0000000180)="c93e6ea921d76f854aa2398bc97b16b7f612644f1e27017a", 0x18) mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, r0, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080), 0x0, 0x0, &(0x7f0000000100)}) getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r0, 0x84, 0x1b, &(0x7f0000000040), &(0x7f0000000100)=0x8) 19:11:38 executing program 5: [ 299.147544] binder: 8777:8779 ioctl c0306201 20000000 returned -14 19:11:38 executing program 2: 19:11:38 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_RUN(r1, 0xae80, 0x7a00000000000000) 19:11:38 executing program 3: 19:11:38 executing program 5: 19:11:38 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) 19:11:38 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_RUN(r1, 0xae80, 0x7a00000000000000) 19:11:38 executing program 2: 19:11:39 executing program 5: 19:11:39 executing program 3: 19:11:39 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_RUN(r1, 0xae80, 0x7a00000000000000) 19:11:39 executing program 2: 19:11:39 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) 19:11:39 executing program 1: r0 = gettid() exit(0x0) syz_open_procfs$namespace(r0, &(0x7f0000000000)='ns/pid_for_children\x00') 19:11:39 executing program 5: 19:11:39 executing program 2: 19:11:39 executing program 3: 19:11:39 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_RUN(r1, 0xae80, 0x7a00000000000000) 19:11:39 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x0, &(0x7f00000001c0)="0a5c2d0240316285717070") setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) 19:11:39 executing program 5: 19:11:39 executing program 2: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x0, 0x0) ioctl$VHOST_SET_VRING_KICK(r0, 0x330b, &(0x7f0000000240)) 19:11:39 executing program 3: 19:11:40 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x7a00000000000000) 19:11:40 executing program 5: 19:11:40 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x0, &(0x7f00000001c0)="0a5c2d0240316285717070") setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) 19:11:40 executing program 3: 19:11:40 executing program 1: unshare(0x28020400) exit(0x0) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/pid_for_children\x00') 19:11:40 executing program 2: 19:11:40 executing program 5: 19:11:40 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x7a00000000000000) 19:11:40 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x0, &(0x7f00000001c0)="0a5c2d0240316285717070") setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) 19:11:40 executing program 2: keyctl$update(0x2, 0x0, &(0x7f0000001340)="40c9e27a5202", 0x6) listen(0xffffffffffffffff, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(0xffffffffffffffff, &(0x7f0000000100), 0x0, 0x20000004, &(0x7f000031e000), 0x1c) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/tcp6\x00') socketpair$inet6(0xa, 0x0, 0x0, &(0x7f0000000080)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = accept4$inet6(r0, &(0x7f0000000400)={0xa, 0x0, 0x0, @local}, &(0x7f0000000440)=0x1c, 0x0) r3 = socket$inet6(0xa, 0x0, 0x0) syz_genetlink_get_family_id$team(&(0x7f0000000600)='team\x00') r4 = openat$mixer(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/mixer\x00', 0x4a02, 0x0) r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) syz_genetlink_get_family_id$team(&(0x7f0000000200)='team\x00') mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x10, r5, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r5, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000140), 0x0, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_ACCEPT(r1, &(0x7f0000000280)={0x8, 0x120, 0xfa00, {0x1, {0x9, 0x400, "d144014072b9575d2525fd2508bedf11859b407cca0cc19d0ba4ca2c04d9ded3f4dc2836e218d230d1c042466f9a22cbb9e60b48dc052c433f9e3d04e3b65df895282372b3ab124ed031283087620f14a7f132be953709d2c5363a9caf53d5e4fc6edbd9ed4dff7df3fd5b702c067088971eb6e3b5fcd56042725e718a7951364bd7a072b7e7423662428e642a11399eca8a773c3851e543d68225db74e900e02f88fd46d03dcca70d7f9fb1f332b616c90c5769cadd32af893acb86d18c15b9a7ed5f4af056b5bd12b55f3a21f90849bb1a1e8e629416f387fbc3d6471c9c2b27001bfebe08bb0515bc2a6c75b20bbe61324814336d117b99f8ed41d2709d15", 0x5c, 0x7ff, 0x8, 0x0, 0x9, 0x7, 0x100000001, 0x1}}}, 0x128) fadvise64(r5, 0x0, 0x8efe, 0x0) r6 = perf_event_open(&(0x7f0000000180)={0x6, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fcntl$F_SET_FILE_RW_HINT(r3, 0x40e, &(0x7f0000000480)=0x3) ioctl$VIDIOC_SUBDEV_S_CROP(r5, 0xc038563c, &(0x7f00000004c0)={0x1, 0x7fffffff, {0x4, 0x6, 0x8000000002}}) mlockall(0x3) close(r6) ioctl$RTC_ALM_READ(r4, 0x80247008, &(0x7f0000000040)) r7 = openat$null(0xffffffffffffff9c, &(0x7f0000000100)='/dev/null\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r2, 0x84, 0x6d, &(0x7f0000000500)={0x0, 0x45, "f7071b630531a7a8b6e3ddf9fded590dd1ff0fabebda6a9ba78baac37bb767fcef34ecd9060f3cdf47f1b419bef10dbe82a2132e6aea229a9b3b4312e99ab4faf1c67665eb"}, &(0x7f0000000580)=0x4d) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r7, 0x84, 0x75, &(0x7f00000005c0)={r8, 0x9}, 0x8) 19:11:40 executing program 3: r0 = socket$inet6(0xa, 0x2000000802, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000f68000)={@loopback, 0x800, 0x0, 0xff, 0x1}, 0x20) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@local, 0x800, 0x2}, 0x20) 19:11:41 executing program 3: ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$pptp(0x18, 0x1, 0x2) bind$pptp(r0, &(0x7f0000000280)={0x18, 0x2, {0x0, @loopback}}, 0x1e) writev(0xffffffffffffffff, &(0x7f0000000040), 0x0) 19:11:41 executing program 5: r0 = socket$inet6(0xa, 0x100000002, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote, 0x13}, 0x1c) sendto$inet6(r0, &(0x7f0000000180), 0x0, 0x0, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @ipv4={[], [], @multicast2}}, 0x1c) write(0xffffffffffffffff, &(0x7f00000000c0), 0x0) write$binfmt_aout(r0, &(0x7f0000000380), 0x20) 19:11:41 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f00000001c0)) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) 19:11:41 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x7a00000000000000) [ 302.438852] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. 19:11:41 executing program 1: unshare(0x28020400) exit(0x0) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/pid_for_children\x00') 19:11:41 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f00000001c0)) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) 19:11:41 executing program 5: 19:11:41 executing program 2: 19:11:41 executing program 3: perf_event_open(&(0x7f0000aaa000)={0x2, 0x70, 0x859, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000000c0)={0xffffffffffffffff, 0x28, &(0x7f0000000080)}, 0x10) syz_open_dev$vcsa(&(0x7f0000000100)='/dev/vcsa#\x00', 0x0, 0x0) setsockopt$inet_udp_int(r0, 0x11, 0x1, &(0x7f0000000040), 0xfe91) 19:11:42 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8914, &(0x7f0000000180)={'lo\x00@\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000000c0)={'lo\x00', 0xfff7fffffffffffb}) 19:11:42 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x800000000001, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_bt_hidp_HIDPCONNADD(0xffffffffffffffff, 0x400448c8, &(0x7f0000000400)=ANY=[]) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0) ioctl$TIOCGPTPEER(r2, 0x5441, 0x10001) getsockopt$inet_sctp_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f00000002c0)={0x0, 0x100000001}, &(0x7f0000000300)=0x14) r3 = syz_open_procfs(0x0, &(0x7f0000000080)="2f6578650000000000000f1ce3000000000000000000000000") mmap$perf(&(0x7f0000105000/0x4000)=nil, 0x4000, 0x0, 0x11, r3, 0x0) ioctl$EVIOCGUNIQ(r3, 0x80404508, &(0x7f00000004c0)=""/4096) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)) ustat(0x0, &(0x7f0000000080)) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000100), 0xffffffffffffffff) mount(&(0x7f0000000180)=@sg0='/dev/sg0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='ecryptfs\x00', 0x0, &(0x7f00000001c0)="7f") r4 = fcntl$getown(r0, 0x9) syz_open_procfs(r4, &(0x7f0000000200)='net/ip6_mr_vif\x00') mprotect(&(0x7f0000104000/0x3000)=nil, 0x3000, 0x0) pread64(r3, &(0x7f0000003c00)=""/4096, 0xffffff72, 0x0) getsockopt$XDP_MMAP_OFFSETS(0xffffffffffffffff, 0x11b, 0x1, &(0x7f0000000140), &(0x7f0000000480)=0x60) [ 303.185073] device lo entered promiscuous mode 19:11:42 executing program 5: r0 = syz_open_procfs(0x0, &(0x7f0000000200)="2f6578650000c10000000000e9ff0700000000000054fa07424adee916d2da75afe70b35a0fd6a1f0200f5ab26d7a071fb35331ce39c5a6568641006d7c0206a74e33326530000000000000000000000") read(r0, &(0x7f0000000000)=""/151, 0x97) 19:11:42 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f00000001c0)) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) 19:11:42 executing program 3: ioctl(0xffffffffffffffff, 0x0, &(0x7f00000001c0)) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000540), 0xffffffffffffffff) r0 = syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0xb8d3, 0x1) ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0xa1}) [ 303.607481] ecryptfs_parse_options: eCryptfs: unrecognized option [] [ 303.614372] ecryptfs_parse_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README [ 303.626911] Error parsing options; rc = [-22] 19:11:42 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xfffffffffffffe14) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) 19:11:42 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000240)=@assoc_value={0x0, 0x2e11}, 0x8) write$binfmt_misc(r1, &(0x7f0000000100)=ANY=[@ANYBLOB="e56ba559d0077e8d6526b8221f9d036cdb14a3a1468b181e0b7bae77819fab8a7257472fb9875e5e4d293fd9319e5771a0c078c1890b5fadd6f33dba797323a1468edb1cb75dd7"], 0x47) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r2, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) 19:11:42 executing program 1: unshare(0x28020400) exit(0x0) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/pid_for_children\x00') [ 303.891641] usb usb5: usbfs: process 8929 (syz-executor3) did not claim interface 0 before use 19:11:43 executing program 3: socketpair$unix(0x1, 0x8000000000000003, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f0000000280)={0x77, 0x0, [0x40000084], [0xc1]}) 19:11:43 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f00000001c0)="0a5c2d024031") setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) [ 304.358538] ecryptfs_parse_options: eCryptfs: unrecognized option [] [ 304.365405] ecryptfs_parse_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README [ 304.377930] Error parsing options; rc = [-22] 19:11:43 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @loopback}, 0x10) r1 = socket$inet(0x2, 0x3, 0x0) setsockopt$inet_group_source_req(r1, 0x0, 0x2e, &(0x7f0000000300)={0x1, {{0x2, 0x0, @multicast1}}, {{0x2, 0x0, @broadcast}}}, 0x108) setsockopt$inet_int(r0, 0x0, 0xc, &(0x7f0000000200)=0x6, 0x4) 19:11:43 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f00000001c0)="0a5c2d024031") setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) 19:11:43 executing program 3: r0 = socket$inet(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000250007031dfffd946fa2830020200a0009000000001d85680c1ba3a20400ff7e280000002600ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47b6268e3966cf055d90f15a3", 0x4c}], 0x1}, 0x0) sendmsg(0xffffffffffffffff, &(0x7f00000038c0)={0x0, 0x0, &(0x7f00000037c0)=[{&(0x7f00000002c0)="9a6f37ea204010037c", 0x9}], 0x1, &(0x7f0000003880)}, 0x0) recvmmsg(r0, &(0x7f0000000240)=[{{&(0x7f0000000080)=@ipx, 0x80, &(0x7f0000000200), 0x0, &(0x7f0000001540)=""/4096, 0x1000}}], 0x40001c2, 0x0, 0x0) [ 305.168870] netlink: 4 bytes leftover after parsing attributes in process `syz-executor3'. [ 305.251777] netlink: 4 bytes leftover after parsing attributes in process `syz-executor3'. [ 305.323125] netlink: 4 bytes leftover after parsing attributes in process `syz-executor3'. 19:11:45 executing program 2: 19:11:45 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000240)=@assoc_value={0x0, 0x2e11}, 0x8) write$binfmt_misc(r1, &(0x7f0000000100)=ANY=[@ANYBLOB="e56ba559d0077e8d6526b8221f9d036cdb14a3a1468b181e0b7bae77819fab8a7257472fb9875e5e4d293fd9319e5771a0c078c1890b5fadd6f33dba797323a1468edb1cb75dd7"], 0x47) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r2, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) 19:11:45 executing program 0: r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) mmap(&(0x7f0000010000/0x3000)=nil, 0x3000, 0x0, 0x100000000020011, r0, 0x0) ioctl$BINDER_GET_NODE_DEBUG_INFO(r0, 0xc018620b, &(0x7f0000000080)) r1 = syz_open_dev$mouse(&(0x7f0000000140)='/dev/input/mouse#\x00', 0x401, 0x0) setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000240)={0x100000000, {{0xa, 0x0, 0xa1d9, @local, 0x1}}, 0x1, 0x1, [{{0xa, 0x4e23, 0x586, @mcast2, 0x800}}]}, 0x110) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000500)={0x4, 0x0, &(0x7f0000000480)=[@enter_looper], 0x1, 0x0, &(0x7f00000004c0)='8'}) ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000040)={0x42, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="116348409d93960490f77d454eb1978916e7580651a8231197bff7a46695895296fcf3cf2ece4bb485296e320657ba28fc7503415661630a81b432e3f6cd382057b1"], 0x0, 0x0, &(0x7f0000000680)}) r2 = openat$vsock(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vsock\x00', 0x10000, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000540)={"8e0e9c77e5b08f9ba17893279d7e42cae2caab24a1acba735decad09a9b09710f10374789c76c503004985544a4e2774581387f9d13e4be743c6ba4cbcb5602072fe7ef1c96db8aca19483851e2805e6e44b0dad23631b05a8c66d2819c408d7e5b8cf3a124971233bf44597c213b1fbeb90fdab51ec9baa99ab93709bb7f4e62b2e250b07cc6830bd45ea3732eb568850ce1bb394b03e28d6e80b1adcbe084a1330942cbf70c34546390dfcdc11b068b08927ce2d0e670861132d67cd085f80db5a45d4e1c9f73adbc93030cb58ab33a361275a0d599def57f4b571c494e7e6e5f8805e0408745de4ebee6f6ecf43c02f858a121ef856d9a646ad77ed408778a396a568adabded7c7f19dfad13d26613ca1b8d0ffa87fedf32badadcc880eba77c802566b8bf92e34b68b13abe1a8c8d317c177795edc0ae4a91d232bc191fe000edf75b3750a2156b7e59ccfb2c4b4b9895edb31855f3b412ff65bb139a8ec90d65ec27ec0ed7efac2bab0abd7824494c7fd26b4769c530823c748f2b9a20ea46a4e8d13c78b74d281b8160a20320b0b8d2b410889e747c376cfbc85c28a8243e0a4b48206e2cc3465385eb74268b0b262cd8db9658e384e17d1fdf22990ca508ae03d0da5fa0dc078a308b88a6dfbb5c78a21ed4615fe332070fb247b93331a6b6cce7bd7e60eabb5f4c7246ca50dcaae712697f1a607f3e87be62f6674a956b8d8210e12c785a7f1fa33a15c728dd05dbea2deb1ed34382afc1eae04201c2f75c10f82b829427d463bcffb29d1a642f8ab10beb3e9e4ac7a053daa34f89020d969699a8af5032230b63b05c39cb357dc3771efb6de1b1964cf61ffb8f652c35601448bc12100b3d45793daf3038bb73cfa006f39344b6ba8cb646142e87348083f9a9d797a9d9d8e771196192efa212c631fcc5faece3a8cce74cc6b41a40a8a7ff4afc13588dc47fceee48ba86ecd518dc8179d0c8a93a28e5122bf194d68819cdfd62b89ca2d93ae9410a3247c5a4d35322aa84f94b854e93fc0ad71992adad392ee5576d3441d58a3e77a04e301361e007fbaffbdf7b6cfd1852cb7b93d5eda30965b36ed4100e558f7e0ce24337d87052f761a2999d459c83b01dc4de71632a06cd5ebc8fe695bc7765937c47e56cfce6820a7803732b70064e20fb79fc356b0193210cdd09aea740dedf52715aaeb8762f1649b49cfa7a37b8c3c3f49fc44e41dcd8da60db75fa19f251a33f47b2600ec0bae152c6182241be9ae7a54ba92658b69676902f7bb7745090abb8b0980b8f87a835e46bbb1a3d327182f0801a11695d680048620299e26901ffa2e6966b07a0ffc77b8d2a2ad278c7839442c140c89051c074c4d523928a504ae1566a85056737f91edf4dca14db3b1c9e6a8db49f9b51d2216716bf360f3b87c27551bdc1bd59d3a4914d9dd6571fc47"}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) 19:11:45 executing program 1: r0 = gettid() unshare(0x0) exit(0x0) syz_open_procfs$namespace(r0, &(0x7f0000000000)='ns/pid_for_children\x00') 19:11:45 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f00000001c0)="0a5c2d024031") setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) 19:11:45 executing program 3: r0 = openat$ion(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184908, &(0x7f0000000080)) [ 306.355000] binder: 8983 RLIMIT_NICE not set [ 306.372995] ion_ioctl: ioctl validate failed 19:11:45 executing program 2: socketpair$unix(0x1, 0x8000000000000003, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f0000000280)={0x77, 0x0, [0x4b564d04, 0x0, 0x140], [0xc1]}) timer_gettime(0x0, &(0x7f0000000080)) 19:11:45 executing program 3: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket(0xa, 0x1, 0x0) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x82002, 0x0) getsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000100), 0x10) write$sndseq(r1, &(0x7f00000003c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @control={0x0, 0x5}}], 0x30) dup2(r0, r1) 19:11:45 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000240)=@assoc_value={0x0, 0x2e11}, 0x8) write$binfmt_misc(r1, &(0x7f0000000100)=ANY=[@ANYBLOB="e56ba559d0077e8d6526b8221f9d036cdb14a3a1468b181e0b7bae77819fab8a7257472fb9875e5e4d293fd9319e5771a0c078c1890b5fadd6f33dba797323a1468edb1cb75dd7"], 0x47) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r2, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) 19:11:45 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f00000001c0)="0a5c2d024031628571") setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) [ 306.790020] kvm [8993]: vcpu0, guest rIP: 0xfff0 disabled perfctr wrmsr: 0xc1 data 0x0 [ 306.859643] kvm [8993]: vcpu0, guest rIP: 0xfff0 disabled perfctr wrmsr: 0xc1 data 0x0 19:11:46 executing program 3: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket(0xa, 0x1, 0x0) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x82002, 0x0) getsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000100), 0x10) write$sndseq(r1, &(0x7f00000003c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @control={0x0, 0x5}}], 0x30) dup2(r0, r1) 19:11:46 executing program 3: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f00000ba000)={0x1, 0x5, &(0x7f0000346fc8)=ANY=[@ANYBLOB="18050000000002000000000000000000611000000000000020000000000000009500000000000000"], &(0x7f0000f6bffb)='GPL\x00', 0xfffffffffffffffc, 0xfb, &(0x7f00001a7f05)=""/251}, 0x48) 19:11:46 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f00000001c0)="0a5c2d024031628571") setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) 19:11:46 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000240)=@assoc_value={0x0, 0x2e11}, 0x8) write$binfmt_misc(r1, &(0x7f0000000100)=ANY=[@ANYBLOB="e56ba559d0077e8d6526b8221f9d036cdb14a3a1468b181e0b7bae77819fab8a7257472fb9875e5e4d293fd9319e5771a0c078c1890b5fadd6f33dba797323a1468edb1cb75dd7"], 0x47) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r2, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) 19:11:46 executing program 0: r0 = socket(0x400020000000010, 0x2, 0x0) write(r0, &(0x7f00000000c0)="1f00000056000d6dfcffff05bc0203030701ff2104173f8100000002030039", 0x1f) 19:11:46 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000240)='threaded\x00', 0xf96d) ioctl$TUNSETOWNER(0xffffffffffffffff, 0x400454cc, 0x0) 19:11:46 executing program 1: r0 = gettid() unshare(0x0) exit(0x0) syz_open_procfs$namespace(r0, &(0x7f0000000000)='ns/pid_for_children\x00') 19:11:46 executing program 3: 19:11:46 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000240)=@assoc_value={0x0, 0x2e11}, 0x8) write$binfmt_misc(r1, &(0x7f0000000100)=ANY=[@ANYBLOB="e56ba559d0077e8d6526b8221f9d036cdb14a3a1468b181e0b7bae77819fab8a7257472fb9875e5e4d293fd9319e5771a0c078c1890b5fadd6f33dba797323a1468edb1cb75dd7"], 0x47) socket$inet6_sctp(0xa, 0x1, 0x84) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) 19:11:46 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f00000001c0)="0a5c2d024031628571") setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) 19:11:46 executing program 2: 19:11:47 executing program 0: r0 = socket(0x400020000000010, 0x2, 0x0) write(r0, &(0x7f00000000c0)="1f00000056000d6dfcffff05bc0203030701ff2104173f8100000002030039", 0x1f) 19:11:47 executing program 3: 19:11:47 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f00000001c0)="0a5c2d02403162857170") setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) 19:11:47 executing program 2: 19:11:47 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000240)=@assoc_value={0x0, 0x2e11}, 0x8) write$binfmt_misc(r1, &(0x7f0000000100)=ANY=[@ANYBLOB="e56ba559d0077e8d6526b8221f9d036cdb14a3a1468b181e0b7bae77819fab8a7257472fb9875e5e4d293fd9319e5771a0c078c1890b5fadd6f33dba797323a1468edb1cb75dd7"], 0x47) socket$inet6_sctp(0xa, 0x1, 0x84) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) 19:11:47 executing program 3: 19:11:47 executing program 0: r0 = socket(0x400020000000010, 0x2, 0x0) write(r0, &(0x7f00000000c0)="1f00000056000d6dfcffff05bc0203030701ff2104173f8100000002030039", 0x1f) 19:11:47 executing program 1: r0 = gettid() unshare(0x0) exit(0x0) syz_open_procfs$namespace(r0, &(0x7f0000000000)='ns/pid_for_children\x00') 19:11:47 executing program 2: 19:11:47 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f00000001c0)="0a5c2d02403162857170") setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) 19:11:48 executing program 2: 19:11:48 executing program 3: 19:11:48 executing program 0: r0 = socket(0x400020000000010, 0x2, 0x0) write(r0, &(0x7f00000000c0)="1f00000056000d6dfcffff05bc0203030701ff2104173f8100000002030039", 0x1f) 19:11:48 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000240)=@assoc_value={0x0, 0x2e11}, 0x8) write$binfmt_misc(r1, &(0x7f0000000100)=ANY=[@ANYBLOB="e56ba559d0077e8d6526b8221f9d036cdb14a3a1468b181e0b7bae77819fab8a7257472fb9875e5e4d293fd9319e5771a0c078c1890b5fadd6f33dba797323a1468edb1cb75dd7"], 0x47) socket$inet6_sctp(0xa, 0x1, 0x84) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) 19:11:48 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f00000001c0)="0a5c2d02403162857170") setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) 19:11:48 executing program 3: 19:11:48 executing program 2: 19:11:48 executing program 0: write(0xffffffffffffffff, &(0x7f00000000c0)="1f00000056000d6dfcffff05bc0203030701ff2104173f8100000002030039", 0x1f) 19:11:48 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000240)=@assoc_value={0x0, 0x2e11}, 0x8) write$binfmt_misc(r1, &(0x7f0000000100)=ANY=[@ANYBLOB="e56ba559d0077e8d6526b8221f9d036cdb14a3a1468b181e0b7bae77819fab8a7257472fb9875e5e4d293fd9319e5771a0c078c1890b5fadd6f33dba797323a1468edb1cb75dd7"], 0x47) sendto$inet6(0xffffffffffffffff, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) 19:11:48 executing program 1: gettid() unshare(0x28020400) exit(0x0) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/pid_for_children\x00') 19:11:48 executing program 2: 19:11:48 executing program 3: 19:11:48 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) 19:11:48 executing program 0: r0 = socket(0x0, 0x2, 0x0) write(r0, &(0x7f00000000c0)="1f00000056000d6dfcffff05bc0203030701ff2104173f8100000002030039", 0x1f) 19:11:49 executing program 2: 19:11:49 executing program 3: 19:11:49 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000240)=@assoc_value={0x0, 0x2e11}, 0x8) write$binfmt_misc(r1, &(0x7f0000000100)=ANY=[@ANYBLOB="e56ba559d0077e8d6526b8221f9d036cdb14a3a1468b181e0b7bae77819fab8a7257472fb9875e5e4d293fd9319e5771a0c078c1890b5fadd6f33dba797323a1468edb1cb75dd7"], 0x47) sendto$inet6(0xffffffffffffffff, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) 19:11:49 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) 19:11:49 executing program 0: r0 = socket(0x400020000000010, 0x0, 0x0) write(r0, &(0x7f00000000c0)="1f00000056000d6dfcffff05bc0203030701ff2104173f8100000002030039", 0x1f) 19:11:49 executing program 3: 19:11:49 executing program 2: 19:11:49 executing program 1: gettid() unshare(0x28020400) exit(0x0) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/pid_for_children\x00') 19:11:49 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) 19:11:49 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000240)=@assoc_value={0x0, 0x2e11}, 0x8) write$binfmt_misc(r1, &(0x7f0000000100)=ANY=[@ANYBLOB="e56ba559d0077e8d6526b8221f9d036cdb14a3a1468b181e0b7bae77819fab8a7257472fb9875e5e4d293fd9319e5771a0c078c1890b5fadd6f33dba797323a1468edb1cb75dd7"], 0x47) sendto$inet6(0xffffffffffffffff, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) 19:11:49 executing program 3: 19:11:49 executing program 2: 19:11:50 executing program 0: socket(0x400020000000010, 0x2, 0x0) write(0xffffffffffffffff, &(0x7f00000000c0)="1f00000056000d6dfcffff05bc0203030701ff2104173f8100000002030039", 0x1f) 19:11:50 executing program 2: 19:11:50 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) sendto$inet6(0xffffffffffffffff, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) 19:11:50 executing program 3: 19:11:50 executing program 0: r0 = socket(0x400020000000010, 0x2, 0x0) write(r0, &(0x7f00000000c0), 0x0) 19:11:50 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000240)=@assoc_value={0x0, 0x2e11}, 0x8) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r2, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) 19:11:50 executing program 2: 19:11:51 executing program 1: gettid() unshare(0x28020400) exit(0x0) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/pid_for_children\x00') 19:11:51 executing program 0: r0 = socket(0x400020000000010, 0x2, 0x0) write(r0, &(0x7f00000000c0), 0x0) 19:11:51 executing program 3: 19:11:51 executing program 2: 19:11:51 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x0, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) 19:11:51 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r2, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) 19:11:51 executing program 2: 19:11:51 executing program 0: r0 = socket(0x400020000000010, 0x2, 0x0) write(r0, &(0x7f00000000c0), 0x0) 19:11:51 executing program 3: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) mmap(&(0x7f0000ff0000/0x10000)=nil, 0x10000, 0x0, 0x11011, r0, 0x0) mprotect(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x3) 19:11:51 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x0, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) 19:11:51 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000003e00)="000000cc665a07c00800000000000000a90001") openat$cgroup_ro(r0, &(0x7f0000000200)="6d656d0001792e737761532e63757272656e7400", 0x0, 0x0) 19:11:51 executing program 0: r0 = socket(0x400020000000010, 0x2, 0x0) write(r0, &(0x7f00000000c0)="1f00000056000d6dfcffff05bc020303", 0x10) 19:11:52 executing program 2: r0 = syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x201, 0x8000000000079) ioctl$KVM_SET_CPUID(r0, 0xc0185500, &(0x7f0000000080)=ANY=[@ANYBLOB="2303328408"]) 19:11:52 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) 19:11:52 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x0, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) 19:11:52 executing program 0: r0 = socket(0x400020000000010, 0x2, 0x0) write(r0, &(0x7f00000000c0)="1f00000056000d6dfcffff05bc020303", 0x10) 19:11:52 executing program 3: r0 = memfd_create(&(0x7f0000000000)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) execveat(r0, &(0x7f0000000040)='\x00', &(0x7f0000000200), &(0x7f0000000240), 0x1000) 19:11:52 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-serpent-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080), 0x0) 19:11:52 executing program 2: clone(0x3102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) wait4(0x0, &(0x7f0000000040), 0x80000000, &(0x7f0000000400)) syz_open_procfs(0x0, &(0x7f0000000080)='coredump_filter\x00') r0 = socket$inet(0x2, 0x4000000000000001, 0x0) writev(r0, &(0x7f0000000a80)=[{&(0x7f0000000600)="80", 0x1}], 0x1) 19:11:52 executing program 0: r0 = socket(0x400020000000010, 0x2, 0x0) write(r0, &(0x7f00000000c0)="1f00000056000d6dfcffff05bc020303", 0x10) 19:11:52 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) 19:11:52 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x0, 0x0, @loopback}, 0x1c) 19:11:52 executing program 2: seccomp(0x4000000000000001, 0x0, &(0x7f0000028ff0)={0x0, &(0x7f00000b3000)}) prctl$seccomp(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) socketpair$packet(0x11, 0x3, 0x300, &(0x7f0000000280)) 19:11:52 executing program 1: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='children\x00') pread64(r0, &(0x7f0000000040)=""/12, 0xffffffffffffffc0, 0x0) 19:11:52 executing program 3: recvmsg$kcm(0xffffffffffffffff, &(0x7f00000025c0)={&(0x7f0000002240)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x1ff, &(0x7f0000000180), 0x0, &(0x7f00000024c0)=""/206, 0xce}, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000480)='comm\x00') preadv(r0, &(0x7f00000017c0), 0xef, 0x0) 19:11:53 executing program 0: r0 = socket(0x400020000000010, 0x2, 0x0) write(r0, &(0x7f00000000c0)="1f00000056000d6dfcffff05bc0203030701ff2104173f81", 0x18) 19:11:53 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) 19:11:53 executing program 4: openat$audio(0xffffffffffffff9c, &(0x7f0000000100)='/dev/audio\x00', 0x0, 0x0) r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$dspn(&(0x7f0000af6ff6)='/dev/dsp#\x00', 0x1, 0x0) r2 = epoll_create(0xc) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f00000000c0)) dup2(r0, r1) 19:11:53 executing program 0: r0 = socket(0x400020000000010, 0x2, 0x0) write(r0, &(0x7f00000000c0)="1f00000056000d6dfcffff05bc0203030701ff2104173f81", 0x18) 19:11:53 executing program 1: openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.cpu\x00', 0x200002, 0x0) 19:11:53 executing program 3: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000280), 0x0) 19:11:53 executing program 2: seccomp(0x4000000000000001, 0x0, &(0x7f0000028ff0)={0x0, &(0x7f00000b3000)}) prctl$seccomp(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) 19:11:53 executing program 0: r0 = socket(0x400020000000010, 0x2, 0x0) write(r0, &(0x7f00000000c0)="1f00000056000d6dfcffff05bc0203030701ff2104173f81", 0x18) 19:11:53 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) sendto$inet6(0xffffffffffffffff, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) 19:11:53 executing program 3: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x25d1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) r0 = memfd_create(&(0x7f0000000080)="00000600000000000000", 0x0) inotify_add_watch(r0, &(0x7f0000000380)='./file0\x00', 0x80000020) ioctl$KVM_GET_VCPU_EVENTS(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000000)) getsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(0xffffffffffffffff, 0x84, 0x12, &(0x7f0000000140), &(0x7f00000001c0)=0x4) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x401c5820, &(0x7f0000000200)={0x1, 0x0, 0x8000, 0xe2}) ioctl$sock_inet_SIOCRTMSG(0xffffffffffffffff, 0x890d, &(0x7f00000002c0)={0x6, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}, {0x2, 0x4e24, @dev}, 0x120, 0x4, 0xfffffffffffffff8}) socket(0x0, 0x80005, 0x0) r1 = socket$inet6(0xa, 0x0, 0x88) bind$inet6(r1, &(0x7f0000000000)={0xa, 0x10000000004e20}, 0x1c) connect$inet6(r1, &(0x7f0000000040)={0xa, 0x4e24, 0x0, @dev}, 0x1c) syz_emit_ethernet(0x7b, &(0x7f0000000340)={@local, @local, [], {@ipv6={0x86dd, {0x0, 0x6, "1bfc97", 0x45, 0x88, 0x0, @dev, @mcast2, {[], @udp={0x0, 0x4e20, 0x45, 0x0, [], "e29607149378d33e1db1c73936c77aa3f7fac33b042bd368236862531934ecb1c373d6ea51369e92fb96cc7c6fe4e24d1fcafff87429e50b32881721af"}}}}}}, &(0x7f0000000100)) ioctl$sock_SIOCBRADDBR(r0, 0x89a0, &(0x7f0000000480)='veth1_to_bond\x00') getsockopt$inet_sctp6_SCTP_PR_STREAM_STATUS(0xffffffffffffffff, 0x84, 0x74, &(0x7f00000004c0)=""/230, &(0x7f0000000240)=0xe6) bind(0xffffffffffffffff, &(0x7f00000000c0)=@generic={0xa, "9bab822c32e608631f5c82d557d502005efe7bb80b86526b51833790734bd83b320de89aefc9eb6dc2649bdf2b6ab524effc499e522cfbf5ea7aa1033b283235652bf370539dab5b776d5f788b9960df85ddf0e7bcb92ede0eb3db4ed60dd4c3806342de9067b7aecf9a6ae4edd919aec5bdf5aecb8ef68d0797117341f7"}, 0x80) getsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(0xffffffffffffffff, 0x84, 0x12, &(0x7f0000000280), &(0x7f0000000400)=0x4) 19:11:53 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_GET_EVENT(r0, &(0x7f0000000680)={0xc, 0x8, 0xfa00, {&(0x7f0000000500)}}, 0x10) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000040)={0xffffffffffffffff}, 0x106}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000240)={0x3, 0x40, 0xfa00, {{}, {0xa, 0x0, 0x0, @mcast1}, r1}}, 0x48) 19:11:54 executing program 4: ioctl$TIOCGSOFTCAR(0xffffffffffffffff, 0x5419, &(0x7f0000000500)) ioctl$SNDRV_RAWMIDI_IOCTL_STATUS(0xffffffffffffffff, 0xc0385720, &(0x7f00000001c0)={0x1, {}, 0x50c5, 0x7}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1}, 0x1c) r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) setsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f00000000c0)=@assoc_value, 0x8) r1 = syz_open_procfs(0x0, &(0x7f0000000440)='pagemap\x00') sendfile(r0, r1, &(0x7f0000000200), 0x20010000) ioctl$VHOST_SET_LOG_FD(0xffffffffffffffff, 0x4004af07, &(0x7f00000006c0)=r1) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f00000004c0), 0x0) 19:11:54 executing program 2: r0 = perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x40, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000001080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, &(0x7f00000003c0)="63707526352122000000060000039cd30e35cca01d3d0b0a1ce9e1a387605f60666f8dcc6d5c76fd2e9e09626b31deea1b0d3b81b62cd5b4223726b5797482fb1d83e6f82e2d6d0af3b128e9604401695c8d6c866c68a8fc80de2c4b099a06ef2b72592cf82c59249a74f41af3d61afdd00427799b7ce4b70845ed9780731957b75bf0253e4d4df598be52754a54a60f70013200bbbe9d7235afa8247f3756ed4c4b34cf9040d5540acaca865fc1ce8ded62538de97482e3317a7772e66f000400000000000091498dfde4bb73bf0a004b9ee55ba00a0f00000000000000d56b639fa4f8bb693d8d4b658a1dc1844669512460bcedd9fcf400dae1c6cbb57b875d9cc4992c566d52bc2961db4b2f5c8756f457bf96454fb0b3c7383a95bf8095035d66cd97d641a28c8c8c78be82c0719e878826f127c0b4d98ebc21f5d648ce3d87d79fcd38527508ce0586b80d988df8afbc48f7c26bfdad39fc07511c2c7042d97c2951508b5791b6f3e07c7d5b9f638cc4d9781e7caf86064161c67d45b0936fa2dfb8a73e613bd5d22d") 19:11:54 executing program 0: r0 = socket(0x400020000000010, 0x2, 0x0) write(r0, &(0x7f00000000c0)="1f00000056000d6dfcffff05bc0203030701ff2104173f8100000002", 0x1c) 19:11:54 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) sendto$inet6(0xffffffffffffffff, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) 19:11:54 executing program 1: r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000040)={0x4, 0x0, &(0x7f0000005fd4)=ANY=[@ANYBLOB="11634840"], 0x0, 0x0, &(0x7f0000000680)}) ioctl$BINDER_THREAD_EXIT(0xffffffffffffffff, 0x40046208, 0x0) 19:11:54 executing program 2: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)) 19:11:54 executing program 0: r0 = socket(0x400020000000010, 0x2, 0x0) write(r0, &(0x7f00000000c0)="1f00000056000d6dfcffff05bc0203030701ff2104173f8100000002", 0x1c) 19:11:54 executing program 3: r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$BINDER_THREAD_EXIT(r0, 0xc0046209, 0x0) 19:11:54 executing program 4: ioctl$TIOCGSOFTCAR(0xffffffffffffffff, 0x5419, &(0x7f0000000500)) ioctl$SNDRV_RAWMIDI_IOCTL_STATUS(0xffffffffffffffff, 0xc0385720, &(0x7f00000001c0)={0x1, {}, 0x50c5, 0x7}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1}, 0x1c) r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) setsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f00000000c0)=@assoc_value, 0x8) r1 = syz_open_procfs(0x0, &(0x7f0000000440)='pagemap\x00') sendfile(r0, r1, &(0x7f0000000200), 0x20010000) ioctl$VHOST_SET_LOG_FD(0xffffffffffffffff, 0x4004af07, &(0x7f00000006c0)=r1) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f00000004c0), 0x0) [ 315.820352] binder: 9315:9317 transaction failed 29189/-22, size 0-0 line 2855 [ 315.933480] binder: 9315:9317 transaction failed 29189/-22, size 0-0 line 2855 [ 315.971939] binder: 9325:9327 ioctl c0046209 0 returned -22 19:11:55 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) sendto$inet6(0xffffffffffffffff, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) [ 315.981688] binder: undelivered TRANSACTION_ERROR: 29189 [ 315.990874] binder: undelivered TRANSACTION_ERROR: 29189 19:11:55 executing program 0: r0 = socket(0x400020000000010, 0x2, 0x0) write(r0, &(0x7f00000000c0)="1f00000056000d6dfcffff05bc0203030701ff2104173f8100000002", 0x1c) 19:11:55 executing program 2: socket$inet_udp(0x2, 0x2, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) clone(0x2000002106001ffb, 0x0, 0xfffffffffffffffe, &(0x7f0000000480), 0xffffffffffffffff) mount(&(0x7f0000000240)=@loop={'/dev/loop'}, &(0x7f0000000140)='./file0\x00', &(0x7f00000003c0)='ceph\x00', 0x2, &(0x7f00000004c0)="1f4183aa04e4e2d70a05a432e2254098fc2be23e66ef2a0404b2765df2530a4e369a789bbb6bdfb79d24312146a099ed54ec00ee5c18780b41f571d6f5e8fb2026aba61c622abb98f554373ce67b34e98f5642aeb21e496db347903a256b88fbeca5d47f331977aec836eba82a7750b486a1d87d0091bec46bce4b59b8335d5ee80364da5f93b172c5c9a62f3dff635099c87854900ee7bfd784548171d8c688444a0b599d0aeca0146937bf850162e54b3607ac5eba0f88702518a2616dbdbf2b23dfc6406a75baa574ddfba871fa8e7b148633fd53e1be8d9ac055a30000") 19:11:55 executing program 3: r0 = socket$inet6(0xa, 0x80001, 0x0) setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x90) 19:11:55 executing program 1: socketpair$unix(0x1, 0x8000000000000003, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f0000000280)={0x77, 0x0, [0x40000100, 0x0, 0x140], [0xc1]}) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f0000000100), 0x4) 19:11:55 executing program 2: ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), 0x0, 0x0, &(0x7f0000000180)}) r0 = syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x201, 0x8000000000079) ioctl$KVM_SET_CPUID(r0, 0xc0185500, &(0x7f0000000080)=ANY=[@ANYBLOB="2303328408"]) 19:11:55 executing program 0: r0 = socket(0x400020000000010, 0x2, 0x0) write(r0, &(0x7f00000000c0)="1f00000056000d6dfcffff05bc0203030701ff2104173f81000000020300", 0x1e) [ 316.560870] kvm [9343]: vcpu0, guest rIP: 0xfff0 disabled perfctr wrmsr: 0xc1 data 0x0 19:11:55 executing program 4: ioctl$TIOCGSOFTCAR(0xffffffffffffffff, 0x5419, &(0x7f0000000500)) ioctl$SNDRV_RAWMIDI_IOCTL_STATUS(0xffffffffffffffff, 0xc0385720, &(0x7f00000001c0)={0x1, {}, 0x50c5, 0x7}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1}, 0x1c) r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) setsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f00000000c0)=@assoc_value, 0x8) r1 = syz_open_procfs(0x0, &(0x7f0000000440)='pagemap\x00') sendfile(r0, r1, &(0x7f0000000200), 0x20010000) ioctl$VHOST_SET_LOG_FD(0xffffffffffffffff, 0x4004af07, &(0x7f00000006c0)=r1) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f00000004c0), 0x0) [ 316.639529] kvm [9343]: vcpu0, guest rIP: 0xfff0 disabled perfctr wrmsr: 0xc1 data 0x0 19:11:55 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r2, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) 19:11:55 executing program 3: r0 = syz_open_dev$loop(&(0x7f0000000400)='/dev/loop#\x00', 0x0, 0x0) r1 = memfd_create(&(0x7f0000000100)="74086e750000000000000000008c00", 0x0) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1) ioctl$LOOP_CLR_FD(r0, 0x4c01) 19:11:56 executing program 1: r0 = socket$inet6(0xa, 0x3, 0x8000000003a) connect$inet6(r0, &(0x7f00000002c0)={0xa, 0x0, 0x0, @mcast1, 0x9}, 0x1c) sendmsg(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000001180)="b10b93", 0x3}], 0x1, &(0x7f0000000200)}, 0x8000) sendmsg(r0, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000001480)="d09a", 0x2}], 0x1, &(0x7f0000001780)}, 0x0) 19:11:56 executing program 2: r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$BINDER_THREAD_EXIT(r0, 0x40046205, 0x0) 19:11:56 executing program 0: r0 = socket(0x400020000000010, 0x2, 0x0) write(r0, &(0x7f00000000c0)="1f00000056000d6dfcffff05bc0203030701ff2104173f81000000020300", 0x1e) 19:11:56 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r2, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) [ 317.357859] binder: 9373:9376 ioctl 40046205 0 returned -22 19:11:56 executing program 3: r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) ioctl$EXT4_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000)=0x10000) mkdirat(r0, &(0x7f0000000200)="131377c5fc35d41454d5d41d29ad1a6029598146e6be166e41ad0dbd4054033c9f33bbda8224a2f3d772e7636e48b33cbf708372e8f1b9933ec5127743be2206209ef02df9cbf2f6e880d3382f00", 0x0) 19:11:56 executing program 1: r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000440)='/dev/audio\x00', 0x800, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) r1 = memfd_create(&(0x7f0000000080)="00000600000000000000", 0x0) inotify_add_watch(r1, &(0x7f0000000380)='./file0\x00', 0x80000020) ioctl$KVM_GET_VCPU_EVENTS(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000000)) getsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(0xffffffffffffffff, 0x84, 0x12, &(0x7f0000000140), &(0x7f00000001c0)=0x4) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x401c5820, &(0x7f0000000200)={0x1, 0x0, 0x0, 0xe2}) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) socket(0x0, 0x0, 0x0) r2 = socket$inet6(0xa, 0x80002, 0x88) bind$inet6(r2, &(0x7f0000000000)={0xa, 0x10000000004e20}, 0x1c) connect$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev}, 0x1c) syz_emit_ethernet(0x83, &(0x7f0000000340)={@local, @local, [], {@ipv6={0x86dd, {0x0, 0x6, "1bfc97", 0x4d, 0x88, 0x0, @dev, @mcast2, {[], @udp={0x0, 0x0, 0x4d, 0x0, [], "e29607149378d33e1db1c73936c77aa3f7fac33b042bd368236862531934ecb1c373d6ea51369e92fb96cc7c6fe4e24d1fcafff87429e50b32881721afab69cc3712c37ed0"}}}}}}, &(0x7f0000000100)) ioctl$sock_SIOCBRADDBR(r1, 0x89a0, &(0x7f0000000480)='veth1_to_bond\x00') getsockopt$inet_sctp6_SCTP_PR_STREAM_STATUS(r0, 0x84, 0x74, &(0x7f00000004c0)=""/230, &(0x7f0000000240)=0xe6) bind(0xffffffffffffffff, &(0x7f00000000c0)=@generic={0x0, "9bab822c32e608631f5c82d557d502005efe7bb80b86526b51833790734bd83b320de89aefc9eb6dc2649bdf2b6ab524effc499e522cfbf5ea7aa1033b283235652bf370539dab5b776d5f788b9960df85ddf0e7bcb92ede0eb3db4ed60dd4c3806342de9067b7aecf9a6ae4edd919aec5bdf5aecb8ef68d0797117341f7"}, 0x80) 19:11:56 executing program 2: r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$BINDER_THREAD_EXIT(r0, 0x40046205, 0x0) 19:11:56 executing program 4: ioctl$TIOCGSOFTCAR(0xffffffffffffffff, 0x5419, &(0x7f0000000500)) ioctl$SNDRV_RAWMIDI_IOCTL_STATUS(0xffffffffffffffff, 0xc0385720, &(0x7f00000001c0)={0x1, {}, 0x50c5, 0x7}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1}, 0x1c) r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) setsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f00000000c0)=@assoc_value, 0x8) r1 = syz_open_procfs(0x0, &(0x7f0000000440)='pagemap\x00') sendfile(r0, r1, &(0x7f0000000200), 0x20010000) ioctl$VHOST_SET_LOG_FD(0xffffffffffffffff, 0x4004af07, &(0x7f00000006c0)=r1) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f00000004c0), 0x0) 19:11:56 executing program 0: r0 = socket(0x400020000000010, 0x2, 0x0) write(r0, &(0x7f00000000c0)="1f00000056000d6dfcffff05bc0203030701ff2104173f81000000020300", 0x1e) 19:11:56 executing program 3: mkdir(&(0x7f000002b000)='./file0\x00', 0x0) creat(&(0x7f0000002500)='./file0/bus\x00', 0x0) r0 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0) ioctl$FIDEDUPERANGE(r0, 0xc0045878, &(0x7f0000000000)={0x0, 0x0, 0x800003b}) [ 317.844963] binder: 9395:9402 ioctl 40046205 0 returned -22 19:11:57 executing program 0: r0 = syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x201, 0x8000000000079) ioctl$KVM_SET_CPUID(r0, 0x4004550d, &(0x7f0000000080)=ANY=[]) 19:11:57 executing program 1: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x8d4, 0x20}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f00000ba000)={0x16, 0x5, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x201a7fa6, 0x48, 0x1, 0x4c}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0xfb, &(0x7f00001a7f05)=""/251}, 0x14) 19:11:57 executing program 2: r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$BINDER_THREAD_EXIT(r0, 0x40046205, 0x0) 19:11:57 executing program 4: r0 = socket$inet6_udp(0xa, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @dev, 0x1}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) sendmmsg(r1, &(0x7f0000005fc0), 0x800000000000013, 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000540)={{{@in6=@mcast1, @in=@broadcast}}, {{@in6=@dev}, 0x0, @in6=@remote}}, &(0x7f00000000c0)=0xe8) execve(&(0x7f0000000040)='./file0\x00', &(0x7f0000000300), &(0x7f00000007c0)=[&(0x7f00000006c0)='/proc/sys/net/ipv4/vs/sloppy_sctp\x00']) socket$inet6(0xa, 0x5, 0x0) 19:11:57 executing program 5: bind$inet6(0xffffffffffffffff, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(0xffffffffffffffff, 0x5) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r0, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(0xffffffffffffffff, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) [ 318.408901] binder: 9419:9421 ioctl 40046205 0 returned -22 19:11:57 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000a8eff8)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000ac5000), 0x4) sendmmsg$unix(r1, &(0x7f00000bd000), 0x80, 0x0) close(r0) 19:11:57 executing program 3: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") syz_emit_ethernet(0xfffffe8c, &(0x7f0000000140)={@random="a1f8a32bc6db", @remote, [], {@canfd={0x6558, {{}, 0x0, 0x0, 0x0, 0x0, "62848ab80800059ba6ab7d1f749046bed441226f685c18f62ef15bc8b9076c44b7e0e4b950dc946899d16cc55476a21c010e1d544a69d273cb2ab2b17c09a4ba"}}}}, &(0x7f0000000640)={0x0, 0x1, [0x40000]}) 19:11:57 executing program 1: r0 = syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0xb8d3, 0x1) ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0xa3, 0x1000006}) 19:11:57 executing program 2: r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$BINDER_THREAD_EXIT(r0, 0x40046205, 0x0) 19:11:58 executing program 5: r0 = socket$inet6(0xa, 0x0, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r2, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) 19:11:58 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x800000000001, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_bt_hidp_HIDPCONNADD(0xffffffffffffffff, 0x400448c8, &(0x7f0000000400)=ANY=[]) openat$ipvs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0) ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x0) getsockopt$inet_sctp_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f00000002c0)={0x0, 0x100000001}, &(0x7f0000000300)=0x14) r2 = syz_open_procfs(0x0, &(0x7f0000000080)="2f6578650000000000000f1ce3000000000000000000000000") mmap$perf(&(0x7f0000105000/0x4000)=nil, 0x4000, 0x0, 0x11, r2, 0x0) ioctl$EVIOCGUNIQ(r2, 0x80404508, &(0x7f00000004c0)=""/4096) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)) ustat(0x0, &(0x7f0000000080)) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000100), 0xffffffffffffffff) r3 = fcntl$getown(r0, 0x9) syz_open_procfs(r3, &(0x7f0000000200)='net/ip6_mr_vif\x00') pread64(r2, &(0x7f0000003c00)=""/4096, 0xffffff72, 0x0) getsockopt$XDP_MMAP_OFFSETS(0xffffffffffffffff, 0x11b, 0x1, &(0x7f0000000140), &(0x7f0000000480)=0x60) [ 319.136875] binder: 9444:9445 ioctl 40046205 0 returned -22 19:11:58 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) clone(0x2000002106001ffb, 0x0, 0xfffffffffffffffe, &(0x7f0000000480), 0xffffffffffffffff) mount(&(0x7f0000000240)=@loop={'/dev/loop'}, &(0x7f0000000140)='./file0\x00', &(0x7f00000003c0)='ceph\x00', 0x2, &(0x7f00000004c0)="1f4183aa04e4e2d70a05a432e2254098fc2be23e66ef2a0404b2765df2530a4e369a789bbb6bdfb79d24312146a099ed54ec00ee5c18780b41f571d6f5e8fb2026aba61c622abb98f554373ce67b34e98f5642aeb21e496db347903a256b88fbeca5d47f331977aec836eba82a7750b486a1d87d0091bec46bce4b59b8335d5ee80364da5f93b172c5c9a62f3dff635099c87854900ee7bfd784548171d8c688444a0b599d0aeca0146937bf850162e54b3607ac5eba0f88702518a2616dbdbf2b23dfc6406a75baa574ddfba871fa8e7b148633fd53e1be8d9ac055a30000") 19:11:58 executing program 0: r0 = memfd_create(&(0x7f0000000000)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) clone(0x20002100, 0x0, 0xfffffffffffffffe, &(0x7f0000000100), 0xffffffffffffffff) execveat(r0, &(0x7f0000000040)='\x00', &(0x7f0000000200), &(0x7f0000000240), 0x1000) 19:11:58 executing program 4: r0 = socket$inet6_udp(0xa, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @dev, 0x1}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) sendmmsg(r1, &(0x7f0000005fc0), 0x800000000000013, 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000540)={{{@in6=@mcast1, @in=@broadcast}}, {{@in6=@dev}, 0x0, @in6=@remote}}, &(0x7f00000000c0)=0xe8) execve(&(0x7f0000000040)='./file0\x00', &(0x7f0000000300), &(0x7f00000007c0)=[&(0x7f00000006c0)='/proc/sys/net/ipv4/vs/sloppy_sctp\x00']) socket$inet6(0xa, 0x5, 0x0) 19:11:58 executing program 2: r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)) ioctl$BINDER_THREAD_EXIT(r0, 0x40046205, 0x0) 19:11:58 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) clone(0x2000002106001ffb, 0x0, 0xfffffffffffffffe, &(0x7f0000000480), 0xffffffffffffffff) mount(&(0x7f0000000240)=@loop={'/dev/loop'}, &(0x7f0000000140)='./file0\x00', &(0x7f00000003c0)='ceph\x00', 0x2, &(0x7f00000004c0)="1f4183aa04e4e2d70a05a432e2254098fc2be23e66ef2a0404b2765df2530a4e369a789bbb6bdfb79d24312146a099ed54ec00ee5c18780b41f571d6f5e8fb2026aba61c622abb98f554373ce67b34e98f5642aeb21e496db347903a256b88fbeca5d47f331977aec836eba82a7750b486a1d87d0091bec46bce4b59b8335d5ee80364da5f93b172c5c9a62f3dff635099c87854900ee7bfd784548171d8c688444a0b599d0aeca0146937bf850162e54b3607ac5eba0f88702518a2616dbdbf2b23dfc6406a75baa574ddfba871fa8e7b148633fd53e1be8d9ac055a30000") [ 319.562111] ceph: device name is missing path (no : separator in /dev/loop) 19:11:58 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r2, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) 19:11:58 executing program 0: r0 = syz_open_dev$dspn(&(0x7f0000af6ff6)='/dev/dsp#\x00', 0x1, 0x0) r1 = epoll_create(0xc) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000000c0)) [ 319.695283] binder: 9463:9465 ioctl 40046205 0 returned -22 19:11:59 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) clone(0x2000002106001ffb, 0x0, 0xfffffffffffffffe, &(0x7f0000000480), 0xffffffffffffffff) mount(&(0x7f0000000240)=@loop={'/dev/loop'}, &(0x7f0000000140)='./file0\x00', &(0x7f00000003c0)='ceph\x00', 0x2, &(0x7f00000004c0)="1f4183aa04e4e2d70a05a432e2254098fc2be23e66ef2a0404b2765df2530a4e369a789bbb6bdfb79d24312146a099ed54ec00ee5c18780b41f571d6f5e8fb2026aba61c622abb98f554373ce67b34e98f5642aeb21e496db347903a256b88fbeca5d47f331977aec836eba82a7750b486a1d87d0091bec46bce4b59b8335d5ee80364da5f93b172c5c9a62f3dff635099c87854900ee7bfd784548171d8c688444a0b599d0aeca0146937bf850162e54b3607ac5eba0f88702518a2616dbdbf2b23dfc6406a75baa574ddfba871fa8e7b148633fd53e1be8d9ac055a30000") [ 320.011423] ceph: device name is missing path (no : separator in /dev/loop) 19:11:59 executing program 4: r0 = socket$inet6_udp(0xa, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @dev, 0x1}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) sendmmsg(r1, &(0x7f0000005fc0), 0x800000000000013, 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000540)={{{@in6=@mcast1, @in=@broadcast}}, {{@in6=@dev}, 0x0, @in6=@remote}}, &(0x7f00000000c0)=0xe8) execve(&(0x7f0000000040)='./file0\x00', &(0x7f0000000300), &(0x7f00000007c0)=[&(0x7f00000006c0)='/proc/sys/net/ipv4/vs/sloppy_sctp\x00']) socket$inet6(0xa, 0x5, 0x0) 19:11:59 executing program 2: r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)) ioctl$BINDER_THREAD_EXIT(r0, 0x40046205, 0x0) 19:11:59 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x800000000001, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_bt_hidp_HIDPCONNADD(0xffffffffffffffff, 0x400448c8, &(0x7f0000000400)=ANY=[]) openat$ipvs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0) ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x0) getsockopt$inet_sctp_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f00000002c0)={0x0, 0x100000001}, &(0x7f0000000300)=0x14) r2 = syz_open_procfs(0x0, &(0x7f0000000080)="2f6578650000000000000f1ce3000000000000000000000000") mmap$perf(&(0x7f0000105000/0x4000)=nil, 0x4000, 0x0, 0x11, r2, 0x0) ioctl$EVIOCGUNIQ(r2, 0x80404508, &(0x7f00000004c0)=""/4096) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)) ustat(0x0, &(0x7f0000000080)) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000100), 0xffffffffffffffff) r3 = fcntl$getown(r0, 0x9) syz_open_procfs(r3, &(0x7f0000000200)='net/ip6_mr_vif\x00') pread64(r2, &(0x7f0000003c00)=""/4096, 0xffffff72, 0x0) getsockopt$XDP_MMAP_OFFSETS(0xffffffffffffffff, 0x11b, 0x1, &(0x7f0000000140), &(0x7f0000000480)=0x60) 19:11:59 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) clone(0x2000002106001ffb, 0x0, 0xfffffffffffffffe, &(0x7f0000000480), 0xffffffffffffffff) mount(&(0x7f0000000240)=@loop={'/dev/loop'}, &(0x7f0000000140)='./file0\x00', &(0x7f00000003c0)='ceph\x00', 0x2, &(0x7f00000004c0)="1f4183aa04e4e2d70a05a432e2254098fc2be23e66ef2a0404b2765df2530a4e369a789bbb6bdfb79d24312146a099ed54ec00ee5c18780b41f571d6f5e8fb2026aba61c622abb98f554373ce67b34e98f5642aeb21e496db347903a256b88fbeca5d47f331977aec836eba82a7750b486a1d87d0091bec46bce4b59b8335d5ee80364da5f93b172c5c9a62f3dff635099c87854900ee7bfd784548171d8c688444a0b599d0aeca0146937bf850162e54b3607ac5eba0f88702518a2616dbdbf2b23dfc6406a75baa574ddfba871fa8e7b148633fd53e1be8d9ac055a30000") [ 320.344411] ceph: device name is missing path (no : separator in /dev/loop) [ 320.492874] binder: 9501:9503 ioctl 40046205 0 returned -22 19:11:59 executing program 2: r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)) ioctl$BINDER_THREAD_EXIT(r0, 0x40046205, 0x0) 19:11:59 executing program 3: r0 = socket$inet6(0xa, 0x400000000001, 0x0) close(r0) [ 320.766757] ceph: device name is missing path (no : separator in /dev/loop) [ 320.787403] binder: 9508:9509 ioctl 40046205 0 returned -22 19:11:59 executing program 0: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000500), &(0x7f0000000440)=0xc) r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x82) r1 = memfd_create(&(0x7f00000001c0)="74086e750000000000000000008c00", 0x2) ioctl$EXT4_IOC_MIGRATE(r0, 0x6609) pwritev(r1, &(0x7f0000000340)=[{&(0x7f0000000040)='\'', 0x1}], 0x1, 0x81805) getsockopt$inet6_int(r1, 0x29, 0x0, &(0x7f0000000100), &(0x7f0000000140)=0x4) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x4800) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x73, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x3f}, &(0x7f0000000600)=0xffffffb8) setsockopt$inet_sctp_SCTP_RESET_ASSOC(0xffffffffffffffff, 0x84, 0x78, &(0x7f00000005c0), 0x4) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000240)='/dev/sequencer2\x00', 0x0, 0x0) r2 = socket(0x0, 0x5, 0x0) ioctl$int_in(r2, 0x5421, &(0x7f0000000900)) ioctl$KVM_INTERRUPT(r1, 0x4004ae86, &(0x7f0000000280)) ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, &(0x7f00000000c0)={'irlan0\x00'}) getgroups(0x0, &(0x7f0000000280)) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) sendfile(r0, r0, &(0x7f0000000000), 0x2000005) ioctl$LOOP_CLR_FD(0xffffffffffffffff, 0x4c01) ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000480)={@ipv4={[], [], @dev}, @loopback, @remote, 0x1000, 0x0, 0x0, 0x400, 0x9, 0x2}) ioctl$LOOP_SET_FD(0xffffffffffffffff, 0x4c00, r1) 19:12:00 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(0xffffffffffffffff, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r2, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) 19:12:00 executing program 4: r0 = socket$inet6_udp(0xa, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @dev, 0x1}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) sendmmsg(r1, &(0x7f0000005fc0), 0x800000000000013, 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000540)={{{@in6=@mcast1, @in=@broadcast}}, {{@in6=@dev}, 0x0, @in6=@remote}}, &(0x7f00000000c0)=0xe8) execve(&(0x7f0000000040)='./file0\x00', &(0x7f0000000300), &(0x7f00000007c0)=[&(0x7f00000006c0)='/proc/sys/net/ipv4/vs/sloppy_sctp\x00']) socket$inet6(0xa, 0x5, 0x0) 19:12:00 executing program 2: r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$BINDER_THREAD_EXIT(r0, 0x40046205, 0x0) 19:12:00 executing program 3: 19:12:01 executing program 2: r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$BINDER_THREAD_EXIT(r0, 0x40046205, 0x0) 19:12:01 executing program 3: 19:12:01 executing program 0: [ 322.510528] binder: 9543:9545 ioctl 40046205 0 returned -22 19:12:02 executing program 1: 19:12:02 executing program 3: 19:12:02 executing program 4: 19:12:02 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x0, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r2, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) 19:12:02 executing program 0: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mq_open(&(0x7f0000000a00)='lo.\x00', 0x2, 0x0, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1}) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x0, 0x0) readv(r1, &(0x7f00000000c0)=[{&(0x7f0000000200)=""/255, 0x443}], 0x10000000000000b8) fcntl$getown(r0, 0x9) getpgrp(0x0) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000700)={0x0, @in6={{0xa, 0x0, 0x81, @remote}}}, &(0x7f00000007c0)=0x84) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)) r2 = syz_open_pts(r1, 0x2) r3 = dup3(r2, r1, 0x0) write(r1, &(0x7f0000c34fff), 0xffffff0b) getrlimit(0x9, &(0x7f00000001c0)) chroot(&(0x7f0000000340)='./file0\x00') ioctl$BLKGETSIZE64(r3, 0x80081272, &(0x7f0000000140)) openat$cgroup(0xffffffffffffffff, &(0x7f0000000080)='syz1\x00', 0x200002, 0x0) name_to_handle_at(0xffffffffffffffff, &(0x7f0000000380)='./file0\x00', &(0x7f00000003c0)={0x20, 0x0, "943696fdf230d0517b6e491ed5d0da226ec1dc2db7047b98"}, &(0x7f0000000600), 0xe64455e5a85b7897) openat(0xffffffffffffffff, &(0x7f0000000940)='./file0\x00', 0x0, 0x0) openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup\x00', 0x200002, 0x0) fchdir(0xffffffffffffffff) 19:12:02 executing program 2: r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$BINDER_THREAD_EXIT(r0, 0x40046205, 0x0) [ 323.376426] binder: 9557:9560 ioctl 40046205 0 returned -22 19:12:02 executing program 1: 19:12:02 executing program 3: 19:12:02 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) ioctl$BINDER_THREAD_EXIT(0xffffffffffffffff, 0x40046205, 0x0) 19:12:02 executing program 4: 19:12:02 executing program 1: 19:12:03 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) ioctl$BINDER_THREAD_EXIT(0xffffffffffffffff, 0x40046205, 0x0) 19:12:03 executing program 3: 19:12:03 executing program 4: 19:12:03 executing program 1: 19:12:03 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) ioctl$BINDER_THREAD_EXIT(0xffffffffffffffff, 0x40046205, 0x0) 19:12:03 executing program 0: 19:12:03 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(0xffffffffffffffff, 0x5) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r2, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) 19:12:03 executing program 3: 19:12:03 executing program 4: 19:12:03 executing program 1: 19:12:03 executing program 2: r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$BINDER_THREAD_EXIT(r0, 0x40046205, 0x0) 19:12:03 executing program 3: 19:12:03 executing program 0: 19:12:04 executing program 1: 19:12:04 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r2, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) 19:12:04 executing program 4: [ 325.054010] binder: 9603:9604 ioctl 40046205 0 returned -22 19:12:04 executing program 0: 19:12:04 executing program 2: r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$BINDER_THREAD_EXIT(r0, 0x40046205, 0x0) 19:12:04 executing program 3: 19:12:04 executing program 1: [ 325.506121] binder: 9616:9619 ioctl 40046205 0 returned -22 19:12:04 executing program 4: 19:12:04 executing program 3: 19:12:04 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x0, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r2, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) 19:12:04 executing program 0: 19:12:04 executing program 1: 19:12:04 executing program 2: r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$BINDER_THREAD_EXIT(r0, 0x40046205, 0x0) 19:12:05 executing program 0: 19:12:05 executing program 3: 19:12:05 executing program 4: [ 326.117674] binder: 9637:9639 ioctl 40046205 0 returned -22 19:12:05 executing program 1: 19:12:05 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x0, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r2, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) 19:12:05 executing program 2: r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$BINDER_THREAD_EXIT(r0, 0x40046205, 0x0) 19:12:05 executing program 0: 19:12:05 executing program 4: 19:12:05 executing program 3: [ 326.735134] binder: 9658:9661 ioctl 40046205 0 returned -22 19:12:05 executing program 0: syz_open_dev$mouse(&(0x7f0000000340)='/dev/input/mouse#\x00', 0x7596, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000380), 0x0, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) getsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000180), &(0x7f00000001c0)=0x4) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffffff, 0x84, 0x13, &(0x7f0000000180)={0x0, 0x80000000}, &(0x7f00000001c0)=0x8) ioctl$UFFDIO_REGISTER(r1, 0xc028aa03, &(0x7f0000000000)={{&(0x7f00005e3000/0x800000)=nil, 0x800000}, 0x200000}) syz_open_dev$dspn(&(0x7f0000000200)='/dev/dsp#\x00', 0x80, 0x200) ioctl(r0, 0x20000000008912, &(0x7f0000000140)="0a5c2d0240316285717070") 19:12:05 executing program 1: pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) close(r0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000440)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$RTC_ALM_SET(0xffffffffffffffff, 0x40247007, &(0x7f0000000000)={0x29, 0x0, 0x3, 0x1f, 0x4, 0x0, 0x5, 0xa3}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x2, 0x15, 0x0, 0x0, 0x2, 0x0, 0x70bd2c, 0x25dfdbfe}, 0x10}}, 0x810) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0x1, 0x0, &(0x7f0000000140), 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000002000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, &(0x7f00000001c0)="0f0f280dbaf80c66b8561eac8666efbafc0cecd8d80f01720cbad10466ed26900f019d848066b92902000066b80800000066ba000000000f300f01d10f013b", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(0xffffffffffffffff, 0x40405514, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 'syz1\x00'}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 19:12:06 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$video(&(0x7f0000000000)='/dev/video#\x00', 0xe15, 0x0) pread64(r0, &(0x7f0000000140)=""/4096, 0x1000, 0x0) socketpair$inet(0x2, 0x5, 0x0, &(0x7f0000000040)) getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffff9c, 0x84, 0x18, &(0x7f0000000080), &(0x7f00000000c0)=0x8) 19:12:06 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x0, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r2, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) 19:12:06 executing program 2: r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$BINDER_THREAD_EXIT(r0, 0x40046205, 0x0) 19:12:06 executing program 3: r0 = socket$packet(0x11, 0x3, 0x300) r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={"766574000000000000000000bd6800", 0x43732e5398416f1a}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000140)={&(0x7f00000000c0), 0xc, &(0x7f0000000100)={&(0x7f0000000180)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup2(r0, r1) 19:12:06 executing program 1: [ 327.415569] binder: 9684:9689 ioctl 40046205 0 returned -22 [ 327.549747] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 327.575514] not chained 40000 origins [ 327.579370] CPU: 0 PID: 9688 Comm: syz-executor3 Not tainted 4.19.0+ #83 [ 327.586216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 327.595570] Call Trace: [ 327.598173] [ 327.600345] dump_stack+0x32d/0x480 [ 327.603999] kmsan_internal_chain_origin+0x222/0x240 [ 327.609121] ? __msan_get_context_state+0x9/0x30 [ 327.613896] ? INIT_INT+0xc/0x30 [ 327.617279] ? _raw_spin_lock_irqsave+0x237/0x340 [ 327.622149] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 327.627616] ? depot_save_stack+0x398/0x4b0 [ 327.631953] ? __irqentry_text_end+0x1fa056/0x1fa056 [ 327.637076] ? kmsan_internal_chain_origin+0x90/0x240 [ 327.642296] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 327.647679] ? is_bpf_text_address+0x49e/0x4d0 [ 327.652284] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 327.657761] __msan_chain_origin+0x6d/0xd0 [ 327.662011] ? sch_direct_xmit+0x59b/0x890 [ 327.666263] __save_stack_trace+0x8be/0xc60 [ 327.670601] ? rtnl_newlink+0x20c8/0x3450 [ 327.674766] ? rtnetlink_rcv_msg+0x1148/0x1540 [ 327.679358] ? rtnetlink_rcv+0x50/0x60 [ 327.683359] ? sch_direct_xmit+0x59b/0x890 [ 327.687605] save_stack_trace+0xc6/0x110 [ 327.691690] kmsan_internal_chain_origin+0x136/0x240 [ 327.696819] ? run_timer_softirq+0x55/0xa0 [ 327.701074] ? __kmalloc_node+0xea7/0x1520 [ 327.705325] ? kmsan_internal_chain_origin+0x136/0x240 [ 327.707514] binder: 9695:9696 ioctl 40046205 0 returned -22 [ 327.710614] ? kmsan_memcpy_origins+0x13d/0x1b0 [ 327.710632] ? __msan_memcpy+0x6f/0x80 [ 327.710648] ? pskb_expand_head+0x43b/0x1d20 [ 327.710663] ? erspan_xmit+0x618/0x35d0 [ 327.710680] ? dev_hard_start_xmit+0x6dc/0xe00 [ 327.710695] ? sch_direct_xmit+0x59b/0x890 [ 327.710709] ? __qdisc_run+0x1bac/0x3600 [ 327.710724] ? __dev_queue_xmit+0x2131/0x3e00 19:12:06 executing program 2: r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$BINDER_THREAD_EXIT(r0, 0x40046205, 0x0) [ 327.710738] ? dev_queue_xmit+0x4b/0x60 [ 327.710756] ? ip6_finish_output2+0x1a5b/0x22d0 [ 327.710777] ? ip6_finish_output+0xc13/0xca0 [ 327.710796] ? ip6_output+0x5e4/0x720 [ 327.710827] ? mld_sendpack+0xf2e/0x17b0 [ 327.710852] ? mld_ifc_timer_expire+0x115c/0x1680 [ 327.710873] ? call_timer_fn+0x356/0x7c0 [ 327.710902] ? __run_timers+0xe95/0x1300 [ 327.784870] ? run_timer_softirq+0x55/0xa0 [ 327.789113] ? __do_softirq+0x721/0xc5d [ 327.793103] ? irq_exit+0x305/0x340 [ 327.796774] ? exiting_irq+0xe/0x10 19:12:06 executing program 0: 19:12:06 executing program 2: r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0) ioctl$BINDER_THREAD_EXIT(r0, 0x40046205, 0x0) [ 327.800431] ? smp_apic_timer_interrupt+0x64/0x90 [ 327.805288] ? apic_timer_interrupt+0xf/0x20 [ 327.809704] ? arch_local_irq_restore+0x1c/0x30 [ 327.814387] ? rmqueue+0x120d/0x1260 [ 327.818117] ? get_page_from_freelist+0x1008/0x1c90 [ 327.823148] ? __alloc_pages_nodemask+0x910/0x6640 [ 327.828092] ? alloc_pages_current+0x584/0x7e0 [ 327.832687] ? new_slab+0x3c0/0x1f70 [ 327.836412] ? ___slab_alloc+0x12a7/0x1e40 [ 327.840658] ? __kmalloc_node+0xea7/0x1520 [ 327.844911] ? kvmalloc_node+0x19d/0x3e0 [ 327.848984] ? pfifo_fast_init+0x3c5/0xa50 [ 327.853234] ? qdisc_create_dflt+0x2dc/0x3e0 [ 327.857657] ? mq_init+0x42c/0x970 [ 327.861207] ? dev_activate+0x137f/0x1500 [ 327.865369] ? __dev_open+0x7aa/0x8a0 [ 327.869181] ? __dev_change_flags+0x359/0xb50 [ 327.873688] ? dev_change_flags+0xc7/0x230 [ 327.877940] ? do_setlink+0x1626/0x5d30 [ 327.881920] ? rtnl_newlink+0x20c8/0x3450 [ 327.886077] ? rtnetlink_rcv_msg+0x1148/0x1540 [ 327.890666] ? netlink_rcv_skb+0x394/0x640 [ 327.894908] ? rtnetlink_rcv+0x50/0x60 [ 327.898797] ? netlink_unicast+0x1699/0x1740 [ 327.903211] ? netlink_sendmsg+0x13c7/0x1440 [ 327.907624] ? ___sys_sendmsg+0xe68/0x1250 [ 327.911865] ? __se_sys_sendmsg+0x305/0x460 [ 327.916192] ? __x64_sys_sendmsg+0x4a/0x70 [ 327.920433] ? do_syscall_64+0xcf/0x110 [ 327.924420] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 327.929793] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 327.935187] kmsan_memcpy_origins+0x13d/0x1b0 [ 327.939708] __msan_memcpy+0x6f/0x80 [ 327.943438] pskb_expand_head+0x43b/0x1d20 [ 327.947708] erspan_xmit+0x618/0x35d0 19:12:07 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(0xffffffffffffffff, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) [ 327.951533] ? packet_sock_destruct+0x3b0/0x3b0 [ 327.956225] ? dev_queue_xmit_nit+0x122e/0x1310 [ 327.960926] ? erspan_tunnel_init+0x370/0x370 [ 327.965438] dev_hard_start_xmit+0x6dc/0xe00 [ 327.969877] sch_direct_xmit+0x59b/0x890 [ 327.973964] __qdisc_run+0x1bac/0x3600 [ 327.977878] ? __msan_get_context_state+0x9/0x30 [ 327.982841] __dev_queue_xmit+0x2131/0x3e00 [ 327.987200] dev_queue_xmit+0x4b/0x60 [ 327.991016] ip6_finish_output2+0x1a5b/0x22d0 [ 327.995556] ? __msan_metadata_ptr_for_load_8+0x10/0x20 19:12:07 executing program 1: [ 328.000931] ? ip6_mtu+0x289/0x330 [ 328.004483] ip6_finish_output+0xc13/0xca0 [ 328.008750] ip6_output+0x5e4/0x720 [ 328.012399] ? ip6_output+0x720/0x720 [ 328.016214] ? ac6_seq_show+0x200/0x200 [ 328.020206] mld_sendpack+0xf2e/0x17b0 [ 328.024108] ? mld_send_report+0x4b0/0x4b0 [ 328.028352] mld_ifc_timer_expire+0x115c/0x1680 [ 328.033042] ? __msan_poison_alloca+0x1e0/0x2b0 [ 328.037736] call_timer_fn+0x356/0x7c0 [ 328.041637] ? mld_gq_timer_expire+0xf0/0xf0 [ 328.046071] __run_timers+0xe95/0x1300 [ 328.049973] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 328.055355] ? mld_gq_timer_expire+0xf0/0xf0 [ 328.059797] run_timer_softirq+0x55/0xa0 [ 328.063877] ? timers_dead_cpu+0xb90/0xb90 [ 328.068130] __do_softirq+0x721/0xc5d [ 328.071955] irq_exit+0x305/0x340 [ 328.075425] exiting_irq+0xe/0x10 [ 328.078900] smp_apic_timer_interrupt+0x64/0x90 [ 328.083589] apic_timer_interrupt+0xf/0x20 [ 328.087832] [ 328.090082] RIP: 0010:arch_local_irq_restore+0x1c/0x30 [ 328.095364] Code: e8 69 90 7e ff 66 0f 1f 84 00 00 00 00 00 55 48 89 e5 53 50 48 89 fb e8 22 20 30 00 48 83 38 00 75 0f 48 89 5d f0 ff 75 f0 9d <48> 83 c4 08 5b 5d c3 8b b8 88 0c 00 00 e8 32 1f 30 00 eb e4 55 48 [ 328.114275] RSP: 0018:ffff88015c4cdf20 EFLAGS: 00000292 ORIG_RAX: ffffffffffffff13 [ 328.121996] RAX: ffff88015d5e6388 RBX: 0000000000000292 RCX: 0000000000000000 [ 328.129280] RDX: ffff8801d403fd50 RSI: 0000000000000002 RDI: 0000000000000292 [ 328.136556] RBP: ffff88015c4cdf30 R08: ffff880000000000 R09: 0000000000000002 [ 328.143842] R10: ffffffff8b232990 R11: 0000000000000004 R12: 0000000000000008 [ 328.151123] R13: ffff88021fffad00 R14: ffff88015d5e6388 R15: ffffea000826d100 [ 328.158429] rmqueue+0x120d/0x1260 [ 328.162007] get_page_from_freelist+0x1008/0x1c90 [ 328.166899] __alloc_pages_nodemask+0x910/0x6640 [ 328.171674] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 328.177066] ? __module_address+0x6a/0x610 [ 328.181312] ? ___sys_sendmsg+0xe68/0x1250 [ 328.185562] ? __se_sys_sendmsg+0x305/0x460 [ 328.189898] ? is_bpf_text_address+0x3e5/0x4d0 [ 328.194509] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 328.199906] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 328.205282] ? vmalloc_to_page+0x585/0x6c0 [ 328.209559] ? __msan_poison_alloca+0x1e0/0x2b0 [ 328.214248] alloc_pages_current+0x584/0x7e0 [ 328.218678] new_slab+0x3c0/0x1f70 [ 328.222237] ? kmsan_internal_unpoison_shadow+0x83/0xe0 [ 328.227635] ___slab_alloc+0x12a7/0x1e40 [ 328.231709] ? kvmalloc_node+0x19d/0x3e0 [ 328.235810] __kmalloc_node+0xea7/0x1520 [ 328.239895] ? kvmalloc_node+0x19d/0x3e0 [ 328.243992] kvmalloc_node+0x19d/0x3e0 [ 328.247922] pfifo_fast_init+0x3c5/0xa50 19:12:07 executing program 0: [ 328.252117] ? pfifo_fast_peek+0x3d0/0x3d0 [ 328.256366] qdisc_create_dflt+0x2dc/0x3e0 [ 328.260623] mq_init+0x42c/0x970 [ 328.264019] ? local_bh_enable+0x40/0x40 [ 328.268095] dev_activate+0x137f/0x1500 [ 328.272086] ? _raw_spin_unlock_bh+0x4b/0x60 [ 328.276526] __dev_open+0x7aa/0x8a0 [ 328.280173] __dev_change_flags+0x359/0xb50 [ 328.284533] dev_change_flags+0xc7/0x230 [ 328.288622] do_setlink+0x1626/0x5d30 [ 328.292449] ? validate_nla+0xb85/0xe20 [ 328.296452] ? kmsan_set_origin+0x83/0x130 [ 328.300708] rtnl_newlink+0x20c8/0x3450 [ 328.304714] ? __kernel_text_address+0x250/0x350 [ 328.309494] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 328.314964] ? __save_stack_trace+0x9f2/0xc60 [ 328.319496] ? kmsan_set_origin+0x83/0x130 [ 328.323760] ? kmsan_set_origin+0x83/0x130 [ 328.328008] ? kmsan_internal_unpoison_shadow+0x83/0xe0 [ 328.333389] ? __msan_get_context_state+0x9/0x30 [ 328.338153] ? INIT_BOOL+0x17/0x30 [ 328.341704] ? refcount_sub_and_test_checked+0x5ef/0x710 [ 328.347220] ? rtnl_setlink+0x700/0x700 [ 328.351212] rtnetlink_rcv_msg+0x1148/0x1540 [ 328.355646] ? ___sys_sendmsg+0xe68/0x1250 [ 328.359902] ? __msan_poison_alloca+0x1e0/0x2b0 [ 328.364589] ? should_fail+0x162/0x13c0 [ 328.368591] ? kmsan_set_origin+0x83/0x130 [ 328.372847] netlink_rcv_skb+0x394/0x640 [ 328.376920] ? rtnetlink_bind+0x120/0x120 [ 328.381099] rtnetlink_rcv+0x50/0x60 [ 328.384835] netlink_unicast+0x1699/0x1740 [ 328.389097] ? rtnetlink_net_exit+0x90/0x90 [ 328.393440] netlink_sendmsg+0x13c7/0x1440 [ 328.397711] ___sys_sendmsg+0xe68/0x1250 19:12:07 executing program 1: [ 328.401790] ? netlink_getsockopt+0x16b0/0x16b0 [ 328.406519] ? __fdget+0x329/0x440 [ 328.410079] __se_sys_sendmsg+0x305/0x460 [ 328.414260] __x64_sys_sendmsg+0x4a/0x70 [ 328.418338] do_syscall_64+0xcf/0x110 [ 328.422159] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 328.427362] RIP: 0033:0x457569 [ 328.430567] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 328.449487] RSP: 002b:00007f80ebaa8c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 328.457220] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457569 [ 328.464509] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000005 [ 328.471784] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 328.479063] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f80ebaa96d4 [ 328.486340] R13: 00000000004c3ba1 R14: 00000000004d5dc0 R15: 00000000ffffffff [ 328.493629] Uninit was stored to memory at: [ 328.497968] kmsan_internal_chain_origin+0x136/0x240 [ 328.503087] __msan_chain_origin+0x6d/0xd0 [ 328.507331] __save_stack_trace+0x8be/0xc60 [ 328.511663] save_stack_trace+0xc6/0x110 [ 328.515734] kmsan_internal_chain_origin+0x136/0x240 [ 328.520853] kmsan_memcpy_origins+0x13d/0x1b0 [ 328.525355] __msan_memcpy+0x6f/0x80 [ 328.529078] pskb_expand_head+0x43b/0x1d20 [ 328.533317] erspan_xmit+0x618/0x35d0 [ 328.537125] dev_hard_start_xmit+0x6dc/0xe00 [ 328.541545] sch_direct_xmit+0x59b/0x890 [ 328.545616] __qdisc_run+0x1bac/0x3600 [ 328.549519] __dev_queue_xmit+0x2131/0x3e00 [ 328.553853] dev_queue_xmit+0x4b/0x60 [ 328.557665] ip6_finish_output2+0x1a5b/0x22d0 [ 328.562173] ip6_finish_output+0xc13/0xca0 [ 328.566421] ip6_output+0x5e4/0x720 [ 328.570057] mld_sendpack+0xf2e/0x17b0 [ 328.573958] mld_ifc_timer_expire+0x115c/0x1680 [ 328.578642] call_timer_fn+0x356/0x7c0 [ 328.582545] __run_timers+0xe95/0x1300 [ 328.586444] run_timer_softirq+0x55/0xa0 [ 328.590522] __do_softirq+0x721/0xc5d [ 328.594318] [ 328.595943] Uninit was stored to memory at: [ 328.600281] kmsan_internal_chain_origin+0x136/0x240 [ 328.605399] __msan_chain_origin+0x6d/0xd0 [ 328.609647] __save_stack_trace+0x8be/0xc60 [ 328.613979] save_stack_trace+0xc6/0x110 [ 328.618053] kmsan_internal_chain_origin+0x136/0x240 [ 328.623174] kmsan_memcpy_origins+0x13d/0x1b0 [ 328.627685] __msan_memcpy+0x6f/0x80 [ 328.631406] pskb_expand_head+0x43b/0x1d20 [ 328.635733] erspan_xmit+0x618/0x35d0 [ 328.639547] dev_hard_start_xmit+0x6dc/0xe00 [ 328.643967] sch_direct_xmit+0x59b/0x890 [ 328.648041] __qdisc_run+0x1bac/0x3600 [ 328.651940] __dev_queue_xmit+0x2131/0x3e00 [ 328.656275] dev_queue_xmit+0x4b/0x60 [ 328.660082] ip6_finish_output2+0x1a5b/0x22d0 [ 328.664587] ip6_finish_output+0xc13/0xca0 [ 328.668836] ip6_output+0x5e4/0x720 [ 328.672471] mld_sendpack+0xf2e/0x17b0 [ 328.676372] mld_ifc_timer_expire+0x115c/0x1680 [ 328.681054] call_timer_fn+0x356/0x7c0 [ 328.684954] __run_timers+0xe95/0x1300 [ 328.688851] run_timer_softirq+0x55/0xa0 [ 328.692924] __do_softirq+0x721/0xc5d [ 328.696723] [ 328.698350] Uninit was stored to memory at: [ 328.702700] kmsan_internal_chain_origin+0x136/0x240 [ 328.707848] __msan_chain_origin+0x6d/0xd0 [ 328.712097] __save_stack_trace+0x8be/0xc60 [ 328.716436] save_stack_trace+0xc6/0x110 [ 328.720523] kmsan_internal_chain_origin+0x136/0x240 [ 328.725642] kmsan_memcpy_origins+0x13d/0x1b0 [ 328.730154] __msan_memcpy+0x6f/0x80 [ 328.733879] pskb_expand_head+0x43b/0x1d20 [ 328.738125] erspan_xmit+0x618/0x35d0 [ 328.741935] dev_hard_start_xmit+0x6dc/0xe00 [ 328.746352] sch_direct_xmit+0x59b/0x890 [ 328.750419] __qdisc_run+0x1bac/0x3600 [ 328.754318] __dev_queue_xmit+0x2131/0x3e00 [ 328.758651] dev_queue_xmit+0x4b/0x60 [ 328.762463] ip6_finish_output2+0x1a5b/0x22d0 [ 328.766975] ip6_finish_output+0xc13/0xca0 [ 328.771394] ip6_output+0x5e4/0x720 [ 328.775031] mld_sendpack+0xf2e/0x17b0 [ 328.778931] mld_ifc_timer_expire+0x115c/0x1680 [ 328.784076] call_timer_fn+0x356/0x7c0 [ 328.787976] __run_timers+0xe95/0x1300 [ 328.791875] run_timer_softirq+0x55/0xa0 [ 328.795952] __do_softirq+0x721/0xc5d [ 328.799751] [ 328.801376] Uninit was stored to memory at: [ 328.805707] kmsan_internal_chain_origin+0x136/0x240 [ 328.810831] __msan_chain_origin+0x6d/0xd0 [ 328.815079] __save_stack_trace+0x8be/0xc60 [ 328.819410] save_stack_trace+0xc6/0x110 [ 328.823478] kmsan_internal_chain_origin+0x136/0x240 [ 328.828595] kmsan_memcpy_origins+0x13d/0x1b0 [ 328.833099] __msan_memcpy+0x6f/0x80 [ 328.836828] pskb_expand_head+0x43b/0x1d20 [ 328.841069] erspan_xmit+0x618/0x35d0 [ 328.844981] dev_hard_start_xmit+0x6dc/0xe00 [ 328.849405] sch_direct_xmit+0x59b/0x890 [ 328.853472] __qdisc_run+0x1bac/0x3600 [ 328.857373] __dev_queue_xmit+0x2131/0x3e00 [ 328.861698] dev_queue_xmit+0x4b/0x60 [ 328.865512] ip6_finish_output2+0x1a5b/0x22d0 [ 328.870016] ip6_finish_output+0xc13/0xca0 [ 328.874262] ip6_output+0x5e4/0x720 [ 328.877899] mld_sendpack+0xf2e/0x17b0 [ 328.881791] mld_ifc_timer_expire+0x115c/0x1680 [ 328.886471] call_timer_fn+0x356/0x7c0 [ 328.890386] __run_timers+0xe95/0x1300 [ 328.894283] run_timer_softirq+0x55/0xa0 [ 328.898354] __do_softirq+0x721/0xc5d [ 328.902148] 19:12:07 executing program 4: 19:12:07 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(0xffffffffffffffff, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) 19:12:07 executing program 0: [ 328.903773] Uninit was stored to memory at: [ 328.908111] kmsan_internal_chain_origin+0x136/0x240 [ 328.913226] __msan_chain_origin+0x6d/0xd0 [ 328.917472] __save_stack_trace+0x8be/0xc60 [ 328.921824] save_stack_trace+0xc6/0x110 [ 328.925903] kmsan_internal_chain_origin+0x136/0x240 [ 328.931018] kmsan_memcpy_origins+0x13d/0x1b0 [ 328.935536] __msan_memcpy+0x6f/0x80 [ 328.939258] pskb_expand_head+0x43b/0x1d20 [ 328.943588] erspan_xmit+0x618/0x35d0 [ 328.947397] dev_hard_start_xmit+0x6dc/0xe00 [ 328.952264] sch_direct_xmit+0x59b/0x890 [ 328.956332] __qdisc_run+0x1bac/0x3600 [ 328.960232] __dev_queue_xmit+0x2131/0x3e00 [ 328.964563] dev_queue_xmit+0x4b/0x60 [ 328.968373] ip6_finish_output2+0x1a5b/0x22d0 [ 328.972885] ip6_finish_output+0xc13/0xca0 [ 328.977128] ip6_output+0x5e4/0x720 [ 328.980761] mld_sendpack+0xf2e/0x17b0 [ 328.984659] mld_ifc_timer_expire+0x115c/0x1680 [ 328.989341] call_timer_fn+0x356/0x7c0 [ 328.993241] __run_timers+0xe95/0x1300 [ 328.997139] run_timer_softirq+0x55/0xa0 [ 329.001215] __do_softirq+0x721/0xc5d [ 329.005016] [ 329.006651] Uninit was stored to memory at: [ 329.010987] kmsan_internal_chain_origin+0x136/0x240 [ 329.016196] __msan_chain_origin+0x6d/0xd0 [ 329.020439] __save_stack_trace+0x8be/0xc60 [ 329.024777] save_stack_trace+0xc6/0x110 [ 329.028853] kmsan_internal_chain_origin+0x136/0x240 [ 329.033966] kmsan_memcpy_origins+0x13d/0x1b0 [ 329.038473] __msan_memcpy+0x6f/0x80 [ 329.042200] pskb_expand_head+0x43b/0x1d20 [ 329.046445] erspan_xmit+0x618/0x35d0 [ 329.050254] dev_hard_start_xmit+0x6dc/0xe00 [ 329.054674] sch_direct_xmit+0x59b/0x890 [ 329.058747] __qdisc_run+0x1bac/0x3600 [ 329.062648] __dev_queue_xmit+0x2131/0x3e00 [ 329.066979] dev_queue_xmit+0x4b/0x60 [ 329.070794] ip6_finish_output2+0x1a5b/0x22d0 [ 329.075306] ip6_finish_output+0xc13/0xca0 [ 329.079552] ip6_output+0x5e4/0x720 [ 329.083192] mld_sendpack+0xf2e/0x17b0 [ 329.087089] mld_ifc_timer_expire+0x115c/0x1680 [ 329.091769] call_timer_fn+0x356/0x7c0 [ 329.095668] __run_timers+0xe95/0x1300 [ 329.099566] run_timer_softirq+0x55/0xa0 [ 329.103635] __do_softirq+0x721/0xc5d [ 329.107434] [ 329.109063] Uninit was stored to memory at: [ 329.113401] kmsan_internal_chain_origin+0x136/0x240 [ 329.118519] __msan_chain_origin+0x6d/0xd0 [ 329.122767] __save_stack_trace+0x8be/0xc60 [ 329.127099] save_stack_trace+0xc6/0x110 [ 329.131169] kmsan_internal_chain_origin+0x136/0x240 [ 329.136282] kmsan_memcpy_origins+0x13d/0x1b0 [ 329.140790] __msan_memcpy+0x6f/0x80 [ 329.144522] pskb_expand_head+0x43b/0x1d20 [ 329.148766] erspan_xmit+0x618/0x35d0 [ 329.152575] dev_hard_start_xmit+0x6dc/0xe00 [ 329.156990] sch_direct_xmit+0x59b/0x890 [ 329.161055] __qdisc_run+0x1bac/0x3600 [ 329.164952] __dev_queue_xmit+0x2131/0x3e00 [ 329.169292] dev_queue_xmit+0x4b/0x60 [ 329.173104] ip6_finish_output2+0x1a5b/0x22d0 [ 329.177695] ip6_finish_output+0xc13/0xca0 [ 329.181935] ip6_output+0x5e4/0x720 [ 329.185569] mld_sendpack+0xf2e/0x17b0 [ 329.189463] mld_ifc_timer_expire+0x115c/0x1680 [ 329.194152] call_timer_fn+0x356/0x7c0 [ 329.198061] __run_timers+0xe95/0x1300 [ 329.201958] run_timer_softirq+0x55/0xa0 [ 329.206024] __do_softirq+0x721/0xc5d [ 329.209825] [ 329.211453] Local variable description: ----old.addr.i.i.i@should_fail [ 329.218117] Variable was created at: [ 329.221847] should_fail+0x123/0x13c0 [ 329.225653] __should_failslab+0x278/0x2a0 [ 330.382419] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready 19:12:10 executing program 3: 19:12:10 executing program 1: 19:12:10 executing program 2: r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0) ioctl$BINDER_THREAD_EXIT(r0, 0x40046205, 0x0) 19:12:10 executing program 0: 19:12:10 executing program 4: 19:12:10 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(0xffffffffffffffff, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) 19:12:10 executing program 4: 19:12:11 executing program 3: [ 331.908507] binder: 9726:9727 ioctl 40046205 0 returned -22 19:12:11 executing program 1: 19:12:11 executing program 0: 19:12:11 executing program 2: r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0) ioctl$BINDER_THREAD_EXIT(r0, 0x40046205, 0x0) 19:12:11 executing program 0: 19:12:11 executing program 4: 19:12:11 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080), 0x0, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r2, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) [ 332.432616] binder: 9742:9744 ioctl 40046205 0 returned -22 19:12:11 executing program 3: 19:12:11 executing program 1: 19:12:11 executing program 0: 19:12:11 executing program 2: syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) ioctl$BINDER_THREAD_EXIT(0xffffffffffffffff, 0x40046205, 0x0) 19:12:11 executing program 4: 19:12:11 executing program 1: 19:12:12 executing program 0: 19:12:12 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080), 0x0, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r2, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) 19:12:12 executing program 3: 19:12:12 executing program 2: syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) ioctl$BINDER_THREAD_EXIT(0xffffffffffffffff, 0x40046205, 0x0) 19:12:12 executing program 4: 19:12:12 executing program 1: 19:12:12 executing program 0: 19:12:12 executing program 3: 19:12:12 executing program 4: 19:12:12 executing program 1: 19:12:12 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080), 0x0, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r2, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) 19:12:12 executing program 0: 19:12:12 executing program 2: syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) ioctl$BINDER_THREAD_EXIT(0xffffffffffffffff, 0x40046205, 0x0) 19:12:13 executing program 3: 19:12:13 executing program 1: 19:12:13 executing program 0: 19:12:13 executing program 4: 19:12:13 executing program 2: 19:12:13 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r2, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) 19:12:13 executing program 3: 19:12:13 executing program 1: 19:12:13 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) shmget(0xffffffffffffffff, 0x4000, 0x2, &(0x7f0000ffb000/0x4000)=nil) r0 = openat$ion(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ion\x00', 0x0, 0x0) creat(&(0x7f0000000140)='./file0\x00', 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_STATUS(0xffffffffffffffff, 0xc05c5340, &(0x7f00000004c0)={0x0, 0x8, 0x2, {0x77359400}, 0x0, 0x1}) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000080)={0x10000009, 0xb}) 19:12:13 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x3}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x4c, 0xffffff7f}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x144}}, 0x0) 19:12:13 executing program 4: 19:12:14 executing program 3: 19:12:14 executing program 4: 19:12:14 executing program 1: 19:12:14 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r2, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) 19:12:14 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget(0x3, 0x4000, 0x2, &(0x7f0000ffb000/0x4000)=nil) shmctl$IPC_INFO(r0, 0x3, &(0x7f0000000280)=""/250) r1 = openat$ion(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ion\x00', 0x0, 0x0) creat(&(0x7f0000000140)='./file0\x00', 0x49) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_STATUS(0xffffffffffffffff, 0xc05c5340, &(0x7f00000004c0)={0xc00000, 0x8, 0x2, {0x77359400}, 0x80, 0x1}) ioctl$ION_IOC_ALLOC(r1, 0xc0184900, &(0x7f0000000080)={0x10000009, 0xb, 0x0, 0xffffffffffffffff}) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000180)) getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)) ioctl$SNDRV_TIMER_IOCTL_GINFO(0xffffffffffffffff, 0xc0f85403, &(0x7f00000003c0)={{0x3, 0x3, 0x2, 0x2, 0x800}, 0x8, 0x80000001, 'id0\x00', 'timer0\x00', 0x0, 0x400, 0x80, 0x10000000000000, 0x6}) ioctl$DMA_BUF_IOCTL_SYNC(r2, 0x40086200, &(0x7f0000000240)=0x1) socket$nl_route(0x10, 0x3, 0x0) 19:12:14 executing program 3: futex(&(0x7f0000000ffc), 0x85, 0x0, &(0x7f0000000180)={0x0, 0x1c9c380}, &(0x7f0000000140), 0x3ffffffe) 19:12:14 executing program 0: r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000440)='/dev/audio\x00', 0x800, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x25d1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) inotify_add_watch(0xffffffffffffffff, &(0x7f0000000380)='./file0\x00', 0x0) ioctl$KVM_GET_VCPU_EVENTS(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000000)) getsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(0xffffffffffffffff, 0x84, 0x12, &(0x7f0000000140), &(0x7f00000001c0)=0x4) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x401c5820, &(0x7f0000000200)={0x1, 0x0, 0x8000, 0xe2}) ioctl$sock_inet_SIOCRTMSG(0xffffffffffffffff, 0x890d, &(0x7f00000002c0)={0x6, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}, {0x2, 0x4e24, @dev}, 0x120, 0x4, 0xfffffffffffffff8}) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) socket(0x0, 0x80005, 0x0) r1 = socket$inet6(0xa, 0x80002, 0x88) bind$inet6(r1, &(0x7f0000000000)={0xa, 0x10000000004e20}, 0x1c) connect$inet6(r1, &(0x7f0000000040)={0xa, 0x4e24, 0x0, @dev}, 0x1c) syz_emit_ethernet(0x83, &(0x7f0000000340)={@local, @local, [], {@ipv6={0x86dd, {0x0, 0x6, "1bfc97", 0x4d, 0x88, 0x0, @dev, @mcast2, {[], @udp={0x0, 0x4e20, 0x4d, 0x0, [], "e29607149378d33e1db1c73936c77aa3f7fac33b042bd368236862531934ecb1c373d6ea51369e92fb96cc7c6fe4e24d1fcafff87429e50b32881721afab69cc3712c37ed0"}}}}}}, &(0x7f0000000100)) ioctl$sock_SIOCBRADDBR(0xffffffffffffffff, 0x89a0, &(0x7f0000000480)='veth1_to_bond\x00') getsockopt$inet_sctp6_SCTP_PR_STREAM_STATUS(r0, 0x84, 0x74, &(0x7f00000004c0)=""/230, &(0x7f0000000240)=0xe6) bind(0xffffffffffffffff, &(0x7f00000000c0)=@generic={0x0, "9bab822c32e608631f5c82d557d502005efe7bb80b86526b51833790734bd83b320de89aefc9eb6dc2649bdf2b6ab524effc499e522cfbf5ea7aa1033b283235652bf370539dab5b776d5f788b9960df85ddf0e7bcb92ede0eb3db4ed60dd4c3806342de9067b7aecf9a6ae4edd919aec5bdf5aecb8ef68d0797117341f7"}, 0x80) 19:12:14 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r2, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) 19:12:14 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa100b000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3c}], 0x1, 0x0, &(0x7f0000000100), 0x1e2) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) semop(0x0, &(0x7f0000000000)=[{0x7}, {0x0, 0xf45}], 0x2) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 19:12:17 executing program 2: getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f00000002c0), &(0x7f0000000300)=0x14) socketpair(0x1e, 0x5, 0x0, &(0x7f0000000080)={0x0, 0x0}) ioctl$VIDIOC_OVERLAY(0xffffffffffffffff, 0x4004560e, &(0x7f0000000100)) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x200, &(0x7f0000b6b000), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f0000000080)) mknod(&(0x7f0000000400)='./file0\x00', 0xffc, 0x1) execve(&(0x7f0000000000)='./file0\x00', &(0x7f0000578fe8), &(0x7f0000000500)) r1 = syz_open_procfs(0x0, &(0x7f0000000200)="696f005bfc57169babee54ed16e39e7a8fe4b90016f266e3f63c443b3fc5040006bb5cd4bd7c7373b3d4d470a0cb5617aadbfb64c5f9983c25d024a9f3c489cc438f9e6de1635f672bf70ad3bc27c924384f5586d4a51c6420a4e356e4e5ff7e28104d262f889f390101ccaff805816603f65ba3df555b6c352cd7d84a7267a03436ba") getpeername$unix(0xffffffffffffffff, &(0x7f0000000180), &(0x7f0000000380)=0x6e) pread64(r1, &(0x7f0000000080), 0x2e5, 0x0) clone(0x20002100, 0x0, 0xfffffffffffffffe, &(0x7f0000000340), 0xffffffffffffffff) lseek(r1, 0x0, 0x0) write$P9_RCREATE(r1, &(0x7f0000000140)={0x18}, 0x18) 19:12:17 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getresuid(&(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000100)) r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000940)='./cg/syz0\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x1ff) write$RDMA_USER_CM_CMD_GET_EVENT(r0, &(0x7f0000000680)={0xc, 0x8, 0xfa00, {&(0x7f0000000500)}}, 0x10) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000040)={0xffffffffffffffff}, 0x106}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000240)={0x3, 0x40, 0xfa00, {{}, {0xa, 0x0, 0x0, @mcast1}, r1}}, 0x48) quotactl(0x0, &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000840)) 19:12:17 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r2 = socket$inet6_sctp(0xa, 0x0, 0x84) sendto$inet6(r2, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) 19:12:17 executing program 0: r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000440)='/dev/audio\x00', 0x800, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x25d1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) inotify_add_watch(0xffffffffffffffff, &(0x7f0000000380)='./file0\x00', 0x0) ioctl$KVM_GET_VCPU_EVENTS(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000000)) getsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(0xffffffffffffffff, 0x84, 0x12, &(0x7f0000000140), &(0x7f00000001c0)=0x4) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x401c5820, &(0x7f0000000200)={0x1, 0x0, 0x8000, 0xe2}) ioctl$sock_inet_SIOCRTMSG(0xffffffffffffffff, 0x890d, &(0x7f00000002c0)={0x6, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}, {0x2, 0x4e24, @dev}, 0x120, 0x4, 0xfffffffffffffff8}) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) socket(0x0, 0x80005, 0x0) r1 = socket$inet6(0xa, 0x80002, 0x88) bind$inet6(r1, &(0x7f0000000000)={0xa, 0x10000000004e20}, 0x1c) connect$inet6(r1, &(0x7f0000000040)={0xa, 0x4e24, 0x0, @dev}, 0x1c) syz_emit_ethernet(0x83, &(0x7f0000000340)={@local, @local, [], {@ipv6={0x86dd, {0x0, 0x6, "1bfc97", 0x4d, 0x88, 0x0, @dev, @mcast2, {[], @udp={0x0, 0x4e20, 0x4d, 0x0, [], "e29607149378d33e1db1c73936c77aa3f7fac33b042bd368236862531934ecb1c373d6ea51369e92fb96cc7c6fe4e24d1fcafff87429e50b32881721afab69cc3712c37ed0"}}}}}}, &(0x7f0000000100)) ioctl$sock_SIOCBRADDBR(0xffffffffffffffff, 0x89a0, &(0x7f0000000480)='veth1_to_bond\x00') getsockopt$inet_sctp6_SCTP_PR_STREAM_STATUS(r0, 0x84, 0x74, &(0x7f00000004c0)=""/230, &(0x7f0000000240)=0xe6) bind(0xffffffffffffffff, &(0x7f00000000c0)=@generic={0x0, "9bab822c32e608631f5c82d557d502005efe7bb80b86526b51833790734bd83b320de89aefc9eb6dc2649bdf2b6ab524effc499e522cfbf5ea7aa1033b283235652bf370539dab5b776d5f788b9960df85ddf0e7bcb92ede0eb3db4ed60dd4c3806342de9067b7aecf9a6ae4edd919aec5bdf5aecb8ef68d0797117341f7"}, 0x80) 19:12:17 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa100b000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3c}], 0x1, 0x0, &(0x7f0000000100), 0x1e2) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) pipe(&(0x7f0000000100)) r3 = syz_genetlink_get_family_id$fou(&(0x7f0000000180)='fou\x00') sendmsg$FOU_CMD_GET(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x88001800}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0x1c, r3, 0x12, 0x70bd27, 0x25dfdbff, {}, [@FOU_ATTR_AF={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x20000080) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 19:12:18 executing program 1: r0 = syz_open_dev$sndctrl(&(0x7f0000000040)='/dev/snd/controlC#\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000600)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz0\x00'}) 19:12:18 executing program 3: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000440)='./cgroup.cpu\x00', 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000000)='cpuset.cpus\x00', 0x2, 0x0) r2 = openat$cgroup_ro(r0, &(0x7f00000002c0)='cpuacct.usage_percpu\x00', 0x0, 0x0) sendfile(r1, r2, &(0x7f0000000080), 0x1) 19:12:18 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000200)="696f005bfc57169babee54ed16e39e7a8fe4b90016f266e3f63c443b3fc5040006bb5cd4bd7c7373b3d4d470a0cb5617aadbfb64c5f9983c25d024a9f3c489cc438f9e6de1635f672bf70ad3bc27c924384f5586d4a51c6420a4e356e4e5ff7e28104d262f889f390101ccaff805816603f65ba3df555b6c352cd7d84a7267a03436ba") getpeername$unix(0xffffffffffffffff, &(0x7f0000000180), &(0x7f0000000380)=0x6e) pread64(r0, &(0x7f0000000080), 0x2e5, 0x0) 19:12:18 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r2 = socket$inet6_sctp(0xa, 0x0, 0x84) sendto$inet6(r2, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) 19:12:19 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000200)="696f005bfc57169babee54ed16e39e7a8fe4b90016f266e3f63c443b3fc5040006bb5cd4bd7c7373b3d4d470a0cb5617aadbfb64c5f9983c25d024a9f3c489cc438f9e6de1635f672bf70ad3bc27c924384f5586d4a51c6420a4e356e4e5ff7e28104d262f889f390101ccaff805816603f65ba3df555b6c352cd7d84a7267a03436ba") pread64(r0, &(0x7f0000000080), 0x2e5, 0x0) 19:12:19 executing program 1: recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001400)=@ipx, 0x80}}], 0x1, 0x0, &(0x7f0000003280)) r0 = syz_open_procfs(0x0, &(0x7f0000000100)='net/ip6_mr_vif\x00') preadv(r0, &(0x7f00000017c0), 0x199, 0x0) 19:12:19 executing program 3: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) ftruncate(r1, 0x2007fff) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x8, &(0x7f0000000000)=0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) io_submit(r2, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0xd, 0x1, 0x0, r0, &(0x7f0000000000), 0x200000}]) 19:12:19 executing program 4: pause() r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_DECODER_CMD(r0, 0xc0485660, &(0x7f00000000c0)={0x1}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000180)='/dev/sequencer\x00', 0x88000, 0x0) name_to_handle_at(r3, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000240)={0x8, 0x9}, &(0x7f0000000340), 0x0) bind$inet6(r2, &(0x7f00000000c0)={0xa, 0x4e22}, 0x1c) listen(r2, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r3, 0x40042409, 0x0) sendto$inet6(r1, &(0x7f0000000040), 0x1cc, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @loopback}, 0x1c) mq_open(&(0x7f0000000040)='syzkaller0\x00', 0x40, 0x4, &(0x7f0000000140)={0x0, 0x0, 0x4dd, 0x5, 0x100000000, 0xfff, 0x8, 0x9}) setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f0000000080)='tls\x00', 0x152) setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x1, &(0x7f0000000100), 0x28) r4 = syz_open_dev$amidi(&(0x7f0000000200)='/dev/amidi#\x00', 0x0, 0x1) ioctl$TIOCCONS(r4, 0x541d) sendto$inet6(r1, &(0x7f00000005c0), 0x263e90, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote}, 0x1c) ioctl$sock_SIOCDELDLCI(r1, 0x8981, &(0x7f0000000300)={'syzkaller0\x00'}) openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video37\x00', 0x2, 0x0) 19:12:20 executing program 1: r0 = memfd_create(&(0x7f0000000180)='\x00', 0x0) write(r0, &(0x7f0000000100)="564690f1", 0x4) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x4, 0x11, r0, 0x0) rt_sigtimedwait(&(0x7f0000000140), 0x0, &(0x7f0000000000), 0x8) 19:12:20 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r2 = socket$inet6_sctp(0xa, 0x0, 0x84) sendto$inet6(r2, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) 19:12:32 executing program 0: r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000440)='/dev/audio\x00', 0x800, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x25d1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) inotify_add_watch(0xffffffffffffffff, &(0x7f0000000380)='./file0\x00', 0x0) ioctl$KVM_GET_VCPU_EVENTS(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000000)) getsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(0xffffffffffffffff, 0x84, 0x12, &(0x7f0000000140), &(0x7f00000001c0)=0x4) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x401c5820, &(0x7f0000000200)={0x1, 0x0, 0x8000, 0xe2}) ioctl$sock_inet_SIOCRTMSG(0xffffffffffffffff, 0x890d, &(0x7f00000002c0)={0x6, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}, {0x2, 0x4e24, @dev}, 0x120, 0x4, 0xfffffffffffffff8}) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) socket(0x0, 0x80005, 0x0) r1 = socket$inet6(0xa, 0x80002, 0x88) bind$inet6(r1, &(0x7f0000000000)={0xa, 0x10000000004e20}, 0x1c) connect$inet6(r1, &(0x7f0000000040)={0xa, 0x4e24, 0x0, @dev}, 0x1c) syz_emit_ethernet(0x83, &(0x7f0000000340)={@local, @local, [], {@ipv6={0x86dd, {0x0, 0x6, "1bfc97", 0x4d, 0x88, 0x0, @dev, @mcast2, {[], @udp={0x0, 0x4e20, 0x4d, 0x0, [], "e29607149378d33e1db1c73936c77aa3f7fac33b042bd368236862531934ecb1c373d6ea51369e92fb96cc7c6fe4e24d1fcafff87429e50b32881721afab69cc3712c37ed0"}}}}}}, &(0x7f0000000100)) ioctl$sock_SIOCBRADDBR(0xffffffffffffffff, 0x89a0, &(0x7f0000000480)='veth1_to_bond\x00') getsockopt$inet_sctp6_SCTP_PR_STREAM_STATUS(r0, 0x84, 0x74, &(0x7f00000004c0)=""/230, &(0x7f0000000240)=0xe6) bind(0xffffffffffffffff, &(0x7f00000000c0)=@generic={0x0, "9bab822c32e608631f5c82d557d502005efe7bb80b86526b51833790734bd83b320de89aefc9eb6dc2649bdf2b6ab524effc499e522cfbf5ea7aa1033b283235652bf370539dab5b776d5f788b9960df85ddf0e7bcb92ede0eb3db4ed60dd4c3806342de9067b7aecf9a6ae4edd919aec5bdf5aecb8ef68d0797117341f7"}, 0x80) 19:12:32 executing program 2: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_DECODER_CMD(r0, 0xc0485660, &(0x7f00000000c0)={0x1}) 19:12:32 executing program 3: perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setaffinity(0x0, 0x7, &(0x7f00000000c0)) mount(&(0x7f00000007c0)=ANY=[], &(0x7f0000001840)='./file0\x00', &(0x7f0000000580)='ubifs\x00', 0x0, 0x0) r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000004000/0x2000)=nil, 0x2000, 0x0, 0x1012, r0, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 19:12:32 executing program 1: r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000440)='/dev/audio\x00', 0x800, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x25d1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) r1 = memfd_create(&(0x7f0000000080)="00000600000000000000", 0x0) inotify_add_watch(r1, &(0x7f0000000380)='./file0\x00', 0x80000020) ioctl$KVM_GET_VCPU_EVENTS(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000000)) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x401c5820, &(0x7f0000000200)={0x1, 0x0, 0x8000, 0xe2}) ioctl$sock_inet_SIOCRTMSG(0xffffffffffffffff, 0x890d, &(0x7f00000002c0)={0x6, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}, {0x2, 0x4e24, @dev}, 0x0, 0x4, 0xfffffffffffffff8}) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) r2 = socket$inet6(0xa, 0x80002, 0x88) bind$inet6(r2, &(0x7f0000000000)={0xa, 0x10000000004e20}, 0x1c) connect$inet6(r2, &(0x7f0000000040)={0xa, 0x4e24, 0x0, @dev}, 0x1c) syz_emit_ethernet(0x83, &(0x7f0000000340)={@local, @local, [], {@ipv6={0x86dd, {0x0, 0x6, "1bfc97", 0x4d, 0x88, 0x0, @dev, @mcast2, {[], @udp={0x0, 0x4e20, 0x4d, 0x0, [], "e29607149378d33e1db1c73936c77aa3f7fac33b042bd368236862531934ecb1c373d6ea51369e92fb96cc7c6fe4e24d1fcafff87429e50b32881721afab69cc3712c37ed0"}}}}}}, &(0x7f0000000100)) getsockopt$inet_sctp6_SCTP_PR_STREAM_STATUS(r0, 0x84, 0x74, &(0x7f00000004c0)=""/230, &(0x7f0000000240)=0xe6) 19:12:32 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(0xffffffffffffffff, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) 19:12:32 executing program 4: r0 = syz_open_dev$sndctrl(&(0x7f0000000040)='/dev/snd/controlC#\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_TLV_READ(r0, 0xc008551a, &(0x7f0000000100)=ANY=[@ANYBLOB="050000000c82"]) 19:12:32 executing program 4: perf_event_open(&(0x7f0000aaa000)={0x2000000000000002, 0x70, 0x28, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000100)={0xffffffffffffffff, &(0x7f00000003c0)="b2"}, 0x10) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0) socketpair$inet_udplite(0x2, 0x2, 0x88, &(0x7f0000000080)) r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)="2f67726f75702e7374619fd474002b044a7b09ab0b0274e10985a6fa15b35ba69421f204dec5668a06000000b90ff860e01f262bafac750a6d5ce259cb61ea0cd94458583eef2fc597ea93a7dec9b4168e468be0576d1d0ebf8bc4478f8ed85b547c6924880400000000000000901e428b98add1375f51e135848fea98c6e3574511e0c61ff22ff61f", 0x2761, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0xfffffffffffffd9f, &(0x7f0000000100), 0x0, &(0x7f0000001580), 0x32e5e6b7fa964ed4}, 0x0) socketpair$inet_udplite(0x2, 0x2, 0x88, &(0x7f00000000c0)) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x4030582a, &(0x7f0000000000)) 19:12:32 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(0xffffffffffffffff, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) 19:12:32 executing program 2: syz_emit_ethernet(0x46, &(0x7f0000000080)={@local, @broadcast, [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x10, 0x2c, 0x0, @dev, @local, {[], @dccp={{0x2c00, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}}}}}}}, &(0x7f0000000040)) 19:12:32 executing program 3: getsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0x0, &(0x7f0000000080)=""/40, &(0x7f0000001000)=0x28) r0 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x802122001ffc, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockname$unix(0xffffffffffffffff, &(0x7f0000000780)=@abs, &(0x7f0000000540)=0x6e) r2 = gettid() perf_event_open(&(0x7f0000000400)={0x3, 0x70, 0xc000000000000000, 0x2, 0x2, 0xe565, 0x0, 0x5, 0x0, 0x4, 0x1d, 0x81, 0x8, 0x1000, 0x3, 0x1200, 0x401, 0x401, 0x3, 0x16fdf94d, 0xffffffff, 0x0, 0xf2, 0xfff, 0xcca, 0x7, 0x61, 0x7, 0x0, 0x2, 0x8001, 0x0, 0x400, 0x20, 0x5, 0x8000, 0x10000, 0xee8, 0x0, 0xffffffff, 0x4, @perf_bp={&(0x7f00000003c0), 0x5}, 0x2000, 0xfff, 0x0, 0x7, 0x6, 0xf3d0797, 0xffffffffffffffd0}, r2, 0xffffffffffffffff, r0, 0x3) getpgrp(0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xe, &(0x7f0000001000)=ANY=[@ANYBLOB="b700000005ed0050bfa30000000000000703000031feffff7a0af0fff8ffffff71a4f0ff00000000b7060000000000012d400500000000005504000001ed00001d040000000000002c460000000000006b0a00fe000000008500000007000000b7000000000000009500000000000000"], &(0x7f0000000100)='EPL\x00'}, 0x48) clock_gettime(0x0, &(0x7f0000000140)={0x0, 0x0}) clock_settime(0x0, &(0x7f0000000380)={r3, r4+10000000}) getsockopt$bt_hci(r0, 0x0, 0xffffffffffffffff, &(0x7f0000000900)=""/252, &(0x7f0000000300)=0xfc) mbind(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, &(0x7f0000000180), 0x40, 0x5) sendmsg$IPVS_CMD_FLUSH(r0, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x4080}, 0xc, &(0x7f0000000240)={&(0x7f00000005c0)=ANY=[@ANYBLOB="020000000000fcdbdf251100000024000200080007006c00000008000800f7ffffff08000b00020000000800040000fcff031c0002000800040000000000080007002d0f0000080004004b0000001c00010008000b0073697000080004004e20000008000200af00000068000300140002007369743000000000000000000000000008000300000000001400020065727370616e3000000000000000000008000100020000000800030004000000080004000000000014000600fe8000000000000000000000000000aa08000400050000000800060001000000"], 0x1}, 0x1, 0x0, 0x0, 0xc4}, 0x8000) ioctl$TCSETSF(r0, 0x5404, &(0x7f00000002c0)={0x1000, 0x1, 0x400, 0xa99, 0x9, 0xfffffffffffff000, 0xfffffffffffffffa, 0x3, 0x1, 0x8, 0x3, 0x7}) exit(0xfa0ca8c) ioctl$KVM_SET_ONE_REG(r1, 0x4010aeac, &(0x7f0000000200)={0x0, 0x9}) socket$inet_tcp(0x2, 0x1, 0x0) ioctl$int_in(r1, 0x5473, &(0x7f0000000480)=0xffffffffffffff3b) ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000340)={0x0}) ioctl$DRM_IOCTL_NEW_CTX(r0, 0x40086425, &(0x7f00000006c0)={r5, 0x1}) 19:12:33 executing program 0: r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000440)='/dev/audio\x00', 0x800, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x25d1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) inotify_add_watch(0xffffffffffffffff, &(0x7f0000000380)='./file0\x00', 0x0) ioctl$KVM_GET_VCPU_EVENTS(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000000)) getsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(0xffffffffffffffff, 0x84, 0x12, &(0x7f0000000140), &(0x7f00000001c0)=0x4) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x401c5820, &(0x7f0000000200)={0x1, 0x0, 0x8000, 0xe2}) ioctl$sock_inet_SIOCRTMSG(0xffffffffffffffff, 0x890d, &(0x7f00000002c0)={0x6, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}, {0x2, 0x4e24, @dev}, 0x120, 0x4, 0xfffffffffffffff8}) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) socket(0x0, 0x80005, 0x0) r1 = socket$inet6(0xa, 0x80002, 0x88) bind$inet6(r1, &(0x7f0000000000)={0xa, 0x10000000004e20}, 0x1c) connect$inet6(r1, &(0x7f0000000040)={0xa, 0x4e24, 0x0, @dev}, 0x1c) syz_emit_ethernet(0x83, &(0x7f0000000340)={@local, @local, [], {@ipv6={0x86dd, {0x0, 0x6, "1bfc97", 0x4d, 0x88, 0x0, @dev, @mcast2, {[], @udp={0x0, 0x4e20, 0x4d, 0x0, [], "e29607149378d33e1db1c73936c77aa3f7fac33b042bd368236862531934ecb1c373d6ea51369e92fb96cc7c6fe4e24d1fcafff87429e50b32881721afab69cc3712c37ed0"}}}}}}, &(0x7f0000000100)) ioctl$sock_SIOCBRADDBR(0xffffffffffffffff, 0x89a0, &(0x7f0000000480)='veth1_to_bond\x00') getsockopt$inet_sctp6_SCTP_PR_STREAM_STATUS(r0, 0x84, 0x74, &(0x7f00000004c0)=""/230, &(0x7f0000000240)=0xe6) bind(0xffffffffffffffff, &(0x7f00000000c0)=@generic={0x0, "9bab822c32e608631f5c82d557d502005efe7bb80b86526b51833790734bd83b320de89aefc9eb6dc2649bdf2b6ab524effc499e522cfbf5ea7aa1033b283235652bf370539dab5b776d5f788b9960df85ddf0e7bcb92ede0eb3db4ed60dd4c3806342de9067b7aecf9a6ae4edd919aec5bdf5aecb8ef68d0797117341f7"}, 0x80) 19:12:33 executing program 3: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_DECODER_CMD(r0, 0xc0485660, &(0x7f00000000c0)={0x1}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000180)='/dev/sequencer\x00', 0x88000, 0x0) name_to_handle_at(r3, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000240)={0x8, 0x9}, &(0x7f0000000340), 0x0) bind$inet6(r2, &(0x7f00000000c0)={0xa, 0x4e22}, 0x1c) listen(r2, 0x0) sendto$inet6(r1, &(0x7f0000000040), 0x1cc, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @loopback}, 0x1c) mq_open(&(0x7f0000000040)='syzkaller0\x00', 0x0, 0x4, &(0x7f0000000140)={0x0, 0x0, 0x4dd, 0x5, 0x100000000, 0xfff, 0x8, 0x9}) setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f0000000080)='tls\x00', 0x152) setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x1, &(0x7f0000000100), 0x28) syz_open_dev$amidi(&(0x7f0000000200)='/dev/amidi#\x00', 0x0, 0x1) ioctl$TIOCCONS(0xffffffffffffffff, 0x541d) sendto$inet6(r1, &(0x7f00000005c0), 0x263e90, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote}, 0x1c) ioctl$sock_SIOCDELDLCI(r1, 0x8981, &(0x7f0000000300)={'syzkaller0\x00'}) 19:12:33 executing program 4: pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) close(r0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000440)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$RTC_ALM_SET(0xffffffffffffffff, 0x40247007, &(0x7f0000000000)={0x29, 0x0, 0x3, 0x1f, 0x4, 0x0, 0x5, 0xa3}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000080)) sendmsg$key(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x2, 0x15, 0x0, 0x0, 0x2, 0x0, 0x70bd2c, 0x25dfdbfe}, 0x10}}, 0x810) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0x1, 0x0, &(0x7f0000000140), 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000002000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, &(0x7f00000001c0)="0f0f280dbaf80c66b8561eac8666efbafc0cecd8d80f01720cbad10466ed26900f019d848066b92902000066b80800000066ba000000000f300f01d10f013b", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(0xffffffffffffffff, 0x40405514, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 'syz1\x00'}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 19:12:33 executing program 2: r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f00000001c0)=[@in={0x2, 0x0, @loopback}], 0x10) connect$inet(r0, &(0x7f0000f6fff0)={0x2, 0x4e23, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) listen(r0, 0x20100000000009) accept(r0, &(0x7f0000001280)=ANY=[], &(0x7f0000000000)) listen(r0, 0x0) sendto$inet(r0, &(0x7f0000000200)="cf", 0x1, 0x0, &(0x7f0000a04000)={0x2, 0x4e23, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) 19:12:33 executing program 1: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r1, 0x0, 0x2a, &(0x7f0000008000)={0x1, {{0x2, 0x0, @multicast1}}}, 0x90) mprotect(&(0x7f0000007000/0x2000)=nil, 0x2000, 0x1) setsockopt$inet_msfilter(r1, 0x0, 0x29, &(0x7f0000000000)={@multicast1, @dev={0xac, 0x14, 0x14, 0xe}, 0x0, 0x1, [@multicast1]}, 0x14) getsockopt$inet_buf(r1, 0x0, 0x30, &(0x7f0000008000), &(0x7f0000000080)=0x2e5) 19:12:33 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(0xffffffffffffffff, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) [ 354.588205] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. 19:12:34 executing program 1: listen(0xffffffffffffffff, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(0xffffffffffffffff, &(0x7f0000000100), 0x0, 0x20000004, &(0x7f000031e000), 0x1c) syz_open_procfs(0x0, &(0x7f00000000c0)='net/tcp6\x00') socketpair$inet6(0xa, 0x0, 0x0, &(0x7f0000000080)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = accept4$inet6(r0, &(0x7f0000000400)={0xa, 0x0, 0x0, @local}, &(0x7f0000000440)=0x1c, 0x0) socket$inet6(0xa, 0x0, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) syz_genetlink_get_family_id$team(&(0x7f0000000200)='team\x00') mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x1012, r2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000140), 0x0, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_ACCEPT(0xffffffffffffffff, &(0x7f0000000280)={0x8, 0x120, 0xfa00, {0x1, {0x9, 0x400, "d144014072b9575d2525fd2508bedf11859b407cca0cc19d0ba4ca2c04d9ded3f4dc2836e218d230d1c042466f9a22cbb9e60b48dc052c433f9e3d04e3b65df895282372b3ab124ed031283087620f14a7f132be953709d2c5363a9caf53d5e4fc6edbd9ed4dff7df3fd5b702c067088971eb6e3b5fcd56042725e718a7951364bd7a072b7e7423662428e642a11399eca8a773c3851e543d68225db74e900e02f88fd46d03dcca70d7f9fb1f332b616c90c5769cadd32af893acb86d18c15b9a7ed5f4af056b5bd12b55f3a21f90849bb1a1e8e629416f387fbc3d6471c9c2b27001bfebe08bb0515bc2a6c75b20bbe61324814336d117b99f8ed41d2709d15", 0x0, 0x7ff, 0x8, 0x0, 0x0, 0x0, 0x100000001, 0x1}}}, 0x128) fadvise64(r2, 0x0, 0x0, 0x0) r3 = perf_event_open(&(0x7f0000000180)={0x6, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$VIDIOC_SUBDEV_S_CROP(r2, 0xc038563c, &(0x7f00000004c0)={0x1, 0x7fffffff, {0x0, 0x6, 0x8000000002}}) mlockall(0x3) close(r3) ioctl$RTC_ALM_READ(0xffffffffffffffff, 0x80247008, &(0x7f0000000040)) r4 = openat$null(0xffffffffffffff9c, &(0x7f0000000100)='/dev/null\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000500)={0x0, 0x34, "f7071b630531a7a8b6e3ddf9fded590dd1ff0fabebda6a9ba78baac37bb767fcef34ecd9060f3cdf47f1b419bef10dbe82a2132e"}, &(0x7f0000000580)=0x3c) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r4, 0x84, 0x75, &(0x7f00000005c0)={r5, 0x9}, 0x8) 19:12:34 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r2, &(0x7f0000e33fe0), 0x0, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) 19:12:34 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$dspn(&(0x7f0000af6ff6)='/dev/dsp#\x00', 0x1, 0x0) r1 = epoll_create(0xc) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000000c0)) r2 = syz_open_dev$evdev(&(0x7f0000000080)='/dev/input/event#\x00', 0x2, 0x0) ioctl$EVIOCGRAB(r2, 0x40044590, &(0x7f00000001c0)) r3 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x200100, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) setsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(r4, 0x84, 0x12, &(0x7f00000002c0)=0x5bce, 0x4) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$TCSBRK(r3, 0x5409, 0x4) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) sched_setaffinity(0x0, 0x375, &(0x7f0000000140)=0x5) ioctl$sock_FIOGETOWN(r3, 0x8903, &(0x7f0000000300)) ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r6, 0x4138ae84, &(0x7f00000003c0)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28}) ioctl$KVM_RUN(r6, 0xae80, 0x0) 19:12:35 executing program 3: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_DECODER_CMD(r0, 0xc0485660, &(0x7f00000000c0)={0x1}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000180)='/dev/sequencer\x00', 0x88000, 0x0) name_to_handle_at(r3, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000240)={0x8, 0x9}, &(0x7f0000000340), 0x0) bind$inet6(r2, &(0x7f00000000c0)={0xa, 0x4e22}, 0x1c) listen(r2, 0x0) sendto$inet6(r1, &(0x7f0000000040), 0x1cc, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @loopback}, 0x1c) mq_open(&(0x7f0000000040)='syzkaller0\x00', 0x0, 0x4, &(0x7f0000000140)={0x0, 0x0, 0x4dd, 0x5, 0x100000000, 0xfff, 0x8, 0x9}) setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f0000000080)='tls\x00', 0x152) setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x1, &(0x7f0000000100), 0x28) syz_open_dev$amidi(&(0x7f0000000200)='/dev/amidi#\x00', 0x0, 0x1) ioctl$TIOCCONS(0xffffffffffffffff, 0x541d) sendto$inet6(r1, &(0x7f00000005c0), 0x263e90, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote}, 0x1c) ioctl$sock_SIOCDELDLCI(r1, 0x8981, &(0x7f0000000300)={'syzkaller0\x00'}) 19:12:35 executing program 2: openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/igmp\x00') sendmsg(0xffffffffffffffff, &(0x7f0000002fc8)={&(0x7f0000000080)=@in={0x2, 0x0, @dev}, 0x80, &(0x7f0000000540), 0x0, &(0x7f0000000ac0)=ANY=[]}, 0x0) preadv(r0, &(0x7f00000017c0), 0x1fe, 0x400000000000) sendmsg$IPVS_CMD_SET_CONFIG(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000000), 0xc, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[]}}, 0x0) [ 356.494417] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. 19:12:35 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r2, &(0x7f0000e33fe0), 0x0, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) 19:12:38 executing program 0: r0 = memfd_create(&(0x7f0000000440)="656d30e6d0657270722ac8a9f5b38e25e2dd6f632500630e0489c98b1d06285cc037e956cdf575b04dbf8f009383c6fbcb84fb772a2624599e6f02ba896ccbb0030005d05c2943d24c16ddc9c196e49095f7c1eb5e0e70909c61e6ff8464cddd603a55ee471fe6e186e1b4ba9629c6b8bbd80de2a9e90934e58f1f881b1dc8f91ada3acd2dda93e27718e107b0c2228c1cfac540b9773aee7983eb21090124e61a1b7c10d6ae3b7e41450c306bcb6ae6538d1f5ea3ae4e8020e659e8a8fd22b9cb459d08ead0e9721c580a098839a7434190d7bc26ae008915c41efb175ddaefee25bb94a93624ce19b548731ac08f1351f5f09c13acd2b8afb09651", 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000380)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f02acc7edbcd7a071fb35331ce39c5a0bcb98a3e1f46fd51b139d755efce9768b84ea75c2ff4b3c85caef374d126a56fa4743af7ef55c846bfe7dd16072d260ffddcc8a6d22e02f44d6a360524b86b51a4b58afca35f12201adb024bfb20fbd364e78a232fbef31595029f755740ab15e173dc73ba964a4189007c7c40db8fb4b64dd8ec4d366") fcntl$setstatus(r1, 0x4, 0x4001) sendfile(r0, r1, &(0x7f0000000040), 0x1080005000) 19:12:38 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000800)='cpuacct.usage_all\x00', 0x0, 0x0) write$P9_RVERSION(r0, &(0x7f0000000380)=ANY=[@ANYBLOB="a19f3e05167256a73f81b0b2c7a26ad6f49682479ae7c6a697a87a55f647b2c9d5f6e9141899bb2c864a6722c902f5f42bf83f2f356a0891f2fd91890fc030a54ad3a1886ff322777bc78d70a30e4a84283a94cf3e5f316e4cd80c05ffe02a3f1cb9a472680b8561deca226249597e04addfdc26d10536c48c2941a98f1b9cd5e1d8d1f7a503efb9000000000000"], 0x8e) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f0000000900)={0x0, @in6={{0xa, 0x0, 0x0, @mcast1}}}, 0x90) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) bind$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e20, 0x0, @ipv4={[], [], @rand_addr}}, 0xfffffffffffffef9) syz_open_dev$sndpcmp(&(0x7f00000008c0)='/dev/snd/pcmC#D#p\x00', 0x7ffffffa, 0x605) getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(0xffffffffffffff9c, 0x84, 0x73, &(0x7f00000002c0)={0x0, 0x4, 0x0, 0x0, 0x100000001}, &(0x7f0000000340)=0x18) mount(&(0x7f00000004c0)=ANY=[], &(0x7f000000aff8)='./file0\x00', &(0x7f0000000100)='ramfs\x00', 0x0, &(0x7f0000000000)) sched_setaffinity(0x0, 0x375, &(0x7f0000000140)=0x5) ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, &(0x7f00000007c0)={0x0, 0x2, 0x8001, 0xbfa}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setxattr$trusted_overlay_upper(&(0x7f0000000040)='./file0\x00', &(0x7f0000000200)='trusted.overlay.upper\x00', &(0x7f0000000240)=ANY=[], 0x0, 0x1) setxattr$security_ima(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)='security.ima\x00', &(0x7f0000000500)=@sha1={0x1, "502bc256ec0652d4726d28ce550eff88ec02efa6"}, 0x15, 0x558b69859c24b18e) chdir(&(0x7f0000000540)='./file0\x00') ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f00000005c0)=0x0) syz_open_procfs(r1, &(0x7f0000000600)='Sountstats\x00') statfs(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)=""/72) getpgrp(0x0) open(&(0x7f0000000180)='./file0\x00', 0x40, 0xffffffffffffffff) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) execve(&(0x7f0000000280)='./file0\x00', &(0x7f0000000380), &(0x7f0000000ac0)=[&(0x7f0000000b40)="72616d6673ff"]) r2 = syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r2, 0xc0bc5310, &(0x7f0000000280)={{}, 'port0\x00\x00\x00\t\x00'}) 19:12:38 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_open_dev$dspn(&(0x7f0000af6ff6)='/dev/dsp#\x00', 0x1, 0x0) epoll_create(0xc) r0 = syz_open_dev$evdev(&(0x7f0000000080)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f00000001c0)) setsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(0xffffffffffffffff, 0x84, 0x12, &(0x7f00000002c0), 0x4) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x0) 19:12:38 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r2, &(0x7f0000e33fe0), 0x0, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) 19:12:38 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000001d40)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x0, &(0x7f00000005c0)=0x8001, 0x4) pipe(&(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f0000000340), 0x8eea780d) syz_open_dev$sndseq(&(0x7f0000000180)='/dev/snd/seq\x00', 0x0, 0x40005) write$FUSE_ENTRY(0xffffffffffffffff, &(0x7f0000000a40)={0xba4833a7718ed836, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x1, 0x0, {0x0, 0x0, 0x1}}}, 0x90) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140)={0x1b7}, &(0x7f0000000200)={0x0, r2+30000000}, &(0x7f0000000300)={&(0x7f00000002c0), 0x8}) fcntl$getownex(r0, 0x10, &(0x7f00000001c0)={0x0, 0x0}) tkill(r3, 0x23) 19:12:38 executing program 4: openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x800000000001, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$sock_bt_hidp_HIDPCONNADD(0xffffffffffffffff, 0x400448c8, &(0x7f0000000400)=ANY=[]) openat$ipvs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0) ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x0) getsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f00000002c0)={0x0, 0x100000001}, &(0x7f0000000300)=0x14) r0 = syz_open_procfs(0x0, &(0x7f0000000080)="2f6578650000000000000f1ce3000000000000000000000000") mmap$perf(&(0x7f0000105000/0x4000)=nil, 0x4000, 0x0, 0x11, r0, 0x0) ustat(0x0, &(0x7f0000000080)) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000100), 0xffffffffffffffff) 19:12:38 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r1 = inotify_init1(0x0) r2 = inotify_init() inotify_add_watch(r2, &(0x7f0000000200)='./file0\x00', 0x80000002) inotify_add_watch(r1, &(0x7f0000ac5000)='./file0\x00', 0xa400295c) r3 = open(&(0x7f0000fa3000)='./file0\x00', 0x0, 0x0) rmdir(&(0x7f0000000100)='./file0\x00') dup2(r0, r3) 19:12:38 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r2, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) 19:12:39 executing program 4: perf_event_open(&(0x7f000001d000)={0x7, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 19:12:39 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r2, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) 19:12:39 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000280)={0x77, 0x0, [0x40000084], [0xc1]}) 19:12:39 executing program 1: r0 = openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0) sched_setaffinity(0x0, 0x7, &(0x7f00000000c0)) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0) msgget$private(0x0, 0x2) ioctl$EVIOCGID(r0, 0x80084502, &(0x7f0000000340)=""/210) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) r1 = gettid() clone(0x2e828903, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000140), &(0x7f0000000040)) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x8000000000000014) wait4(r1, &(0x7f0000000040), 0x0, &(0x7f0000000280)) ioctl$VT_GETMODE(r0, 0x5601, &(0x7f0000000100)) ioctl$KDADDIO(r0, 0x4b34, 0x5) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$TUNGETFILTER(0xffffffffffffffff, 0x801054db, &(0x7f0000000140)=""/169) r2 = msgget$private(0x0, 0x0) msgrcv(r2, &(0x7f0000000300)=ANY=[], 0x0, 0x0, 0x0) 19:12:39 executing program 4: r0 = socket$inet6(0xa, 0x803, 0x1) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c1f023c126285719070") pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r1, &(0x7f0000000200)=[{&(0x7f0000000140)="c2", 0x1}], 0x1, 0x0) close(r1) close(r2) 19:12:39 executing program 2: listen(0xffffffffffffffff, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socketpair$inet6(0xa, 0x0, 0x0, &(0x7f0000000080)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x0, 0x0) r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x1012, r0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000140), 0x0, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_ACCEPT(0xffffffffffffffff, &(0x7f0000000280)={0x8, 0x120, 0xfa00, {0x1, {0x9, 0x0, "d144014072b9575d2525fd2508bedf11859b407cca0cc19d0ba4ca2c04d9ded3f4dc2836e218d230d1c042466f9a22cbb9e60b48dc052c433f9e3d04e3b65df895282372b3ab124ed031283087620f14a7f132be953709d2c5363a9caf53d5e4fc6edbd9ed4dff7df3fd5b702c067088971eb6e3b5fcd56042725e718a7951364bd7a072b7e7423662428e642a11399eca8a773c3851e543d68225db74e900e02f88fd46d03dcca70d7f9fb1f332b616c90c5769cadd32af893acb86d18c15b9a7ed5f4af056b5bd12b55f3a21f90849bb1a1e8e629416f387fbc3d6471c9c2b27001bfebe08bb0515bc2a6c75b20bbe61324814336d117b99f8ed41d2709d15", 0x5c, 0x7ff, 0x8, 0x0, 0x9, 0x0, 0x0, 0x1}}}, 0x128) fadvise64(r0, 0x0, 0x8efe, 0x0) r1 = perf_event_open(&(0x7f0000000180)={0x6, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$VIDIOC_SUBDEV_S_CROP(0xffffffffffffffff, 0xc038563c, &(0x7f00000004c0)={0x1, 0x7fffffff, {0x4, 0x6}}) mlockall(0x3) close(r1) ioctl$RTC_ALM_READ(0xffffffffffffffff, 0x80247008, &(0x7f0000000040)) openat$null(0xffffffffffffff9c, &(0x7f0000000100)='/dev/null\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000500)={0x0, 0x45, "f7071b630531a7a8b6e3ddf9fded590dd1ff0fabebda6a9ba78baac37bb767fcef34ecd9060f3cdf47f1b419bef10dbe82a2132e6aea229a9b3b4312e99ab4faf1c67665eb"}, &(0x7f0000000580)=0x4d) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, &(0x7f00000005c0)={r2, 0x9}, 0x8) 19:12:39 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$dspn(&(0x7f0000af6ff6)='/dev/dsp#\x00', 0x1, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f00000000c0)) syz_open_dev$evdev(&(0x7f0000000080)='/dev/input/event#\x00', 0x2, 0x0) r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x200100, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$TCSBRK(r1, 0x5409, 0x4) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f0000000300)) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r4, 0x4138ae84, &(0x7f00000003c0)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28}) ioctl$KVM_RUN(r4, 0xae80, 0x0) [ 360.672418] ptrace attach of "/root/syz-executor1"[10127] was attempted by "/root/syz-executor1"[10129] 19:12:39 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r2, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) 19:12:39 executing program 3: socket$packet(0x11, 0x3, 0x300) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c1f023c126285719070") socket$packet(0x11, 0x2, 0x300) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xa, &(0x7f0000000200)=0x2, 0x4) setsockopt$packet_tx_ring(r1, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_emit_ethernet(0xffa5, &(0x7f0000000080)={@link_local, @empty, [{}], {@can={0xc, {{}, 0x0, 0x0, 0x0, 0x0, "911aab5cc21f21b9"}}}}, &(0x7f00000000c0)) 19:12:40 executing program 0: r0 = memfd_create(&(0x7f00000000c0)='#em1#+\x00', 0x0) mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x0, 0x11, r0, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) ioctl$BINDER_WRITE_READ(r1, 0x40046205, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080), 0x0, 0x0, &(0x7f0000000100)}) [ 361.093506] tpacket_rcv: packet too big, clamped from 65441 to 65406. macoff=82 [ 361.182927] binder: 10153:10154 ioctl 40046205 20000000 returned -22 19:12:40 executing program 4: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)="2f67726f75702e73746174003c23fb572a1f0294e6f378b41ad54b4d9d9a1f63f8785ad188a7e1c88875e05b18a4cb3a9cd12dcea440d899c22c652b3a471b4a7fa2f3fdf6e034d804e5f0df4b1dee483b157624c59c0100e89e6a357c000000", 0x2761, 0x0) ioctl$FITRIM(r0, 0xc0185879, &(0x7f0000000100)={0x0, 0x6ff3e968}) [ 361.265359] binder: 10153:10159 ioctl 40046205 20000000 returned -22 19:12:40 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x800000000001, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_bt_hidp_HIDPCONNADD(0xffffffffffffffff, 0x400448c8, &(0x7f0000000400)=ANY=[]) openat$ipvs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0) ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x0) getsockopt$inet_sctp_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f00000002c0)={0x0, 0x100000001}, &(0x7f0000000300)=0x14) r2 = syz_open_procfs(0x0, &(0x7f0000000080)="2f6578650000000000000f1ce3000000000000000000000000") mmap$perf(&(0x7f0000105000/0x4000)=nil, 0x4000, 0x0, 0x11, r2, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000100), 0xffffffffffffffff) fcntl$getown(r0, 0x9) pread64(r2, &(0x7f0000003c00)=""/4096, 0xffffff72, 0x0) 19:12:40 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r2, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(0xffffffffffffffff, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) 19:12:41 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x800000000001, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x0) getsockopt$inet_sctp_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f00000002c0)={0x0, 0x100000001}, &(0x7f0000000300)=0x14) r2 = syz_open_procfs(0x0, &(0x7f0000000080)="2f6578650000000000000f1ce3000000000000000000000000") mmap$perf(&(0x7f0000105000/0x4000)=nil, 0x4000, 0x0, 0x11, r2, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000100), 0xffffffffffffffff) fcntl$getown(r0, 0x9) pread64(r2, &(0x7f0000003c00)=""/4096, 0xffffff72, 0x0) 19:12:41 executing program 2: seccomp(0x1, 0x6, &(0x7f0000000180)={0x1, &(0x7f00000000c0)=[{0x6}]}) 19:12:41 executing program 5: socket$inet6(0xa, 0x20800a2, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$RDS_GET_MR_FOR_DEST(0xffffffffffffffff, 0x114, 0x7, &(0x7f0000000780)={@un=@abs={0x1, 0x0, 0x4e21}, {&(0x7f0000000680)=""/183, 0x2f1}, &(0x7f0000000300)}, 0xa0) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000400)='/dev/sequencer2\x00', 0x141000, 0x0) r0 = syz_open_dev$dspn(&(0x7f0000000540)='/dev/dsp#\x00', 0x7, 0x0) ioctl$VHOST_SET_VRING_BUSYLOOP_TIMEOUT(r0, 0x4008af23, &(0x7f0000000740)={0xfffffffffffffffd}) io_setup(0x9, &(0x7f0000000380)) io_destroy(0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.cpu/syz1\x00', 0x1ff) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/loop-control\x00', 0x0, 0x0) ioctl$SG_GET_PACK_ID(r0, 0x227c, &(0x7f00000000c0)) socket$inet_smc(0x2b, 0x1, 0x0) getsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0xc, &(0x7f00000005c0), &(0x7f0000000580)=0x4) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r2, 0x0, 0x80, &(0x7f0000000700)=@broute={'broute\x00', 0x20, 0x1, 0x198, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200002c0], 0x0, &(0x7f0000000080), &(0x7f00000002c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff010000000900000000000000000062637368300000fcffffffffffffff006970365f7674693000000000000000006e72300000000000000000000000000076657468315f746f5f62726964676500aaaaaaaaaa000000000000e8feffffffffff0000000000000000b8000000b8000000080100006c696d69740000000000000000000000000000000000000000000000000000002000000000000000ffffff7f010001000000000000000000000000000000000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a310000000000000000000000000000000000000000000000000000fb2b868a00000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000001000000ffffffff00000000"]}, 0x210) setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f0000000d00)=ANY=[], 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0) socket(0x5, 0x805, 0x0) 19:12:41 executing program 3: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000000c0)="0a5c2d0240316285717070") r1 = socket$inet6(0xa, 0x2000000000001, 0x0) setsockopt$inet6_opts(r1, 0x29, 0x36, &(0x7f0000000200)=@hopopts={0x0, 0x13, [], [@generic={0x0, 0x9d, "372edb2e643d6bdd13a6e6a79e36a8632ab8d2b764cc76cd22186c2cf11e1af039ed0455d929a702d24548796f752423aa1c3e5d6ab2f0dab53306d2ccc5f1b42dcf477c960cbe984e0a9af8112d83ae56a35d3d8fe10351a4ab82ff2c0280f30f3443b0bfe187d5e08a99130aff9a235d08adcd3dc6a5b1621b93a1570dbd39654f3fa73106d0fd5daaf1b32c28c5620f9fac2645aeef93cb937be15c"}]}, 0xa8) sendto$inet6(r1, &(0x7f00007a8fff), 0x3a7, 0x20000000, &(0x7f00000001c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) [ 362.430562] audit: type=1326 audit(1542049961.445:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=10191 comm="syz-executor2" exe="/root/syz-executor2" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45a3ca code=0x0 19:12:41 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x1, 0x4) bind$inet(r0, &(0x7f0000738ff0)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000080)={0x2, 0x4e21}, 0x10) 19:12:41 executing program 0: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r1, 0x0, 0x2a, &(0x7f0000008000)={0x1, {{0x2, 0x0, @multicast1}}}, 0x90) mprotect(&(0x7f0000007000/0x2000)=nil, 0x2000, 0x1) getsockopt$inet_buf(r1, 0x0, 0x30, &(0x7f0000008000), &(0x7f0000000080)=0x2e5) [ 362.903288] ebt_limit: overflow, try lower: 2147483647/65537 19:12:42 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_open_dev$dspn(&(0x7f0000af6ff6)='/dev/dsp#\x00', 0x1, 0x0) r0 = epoll_create(0xc) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, 0xffffffffffffffff, &(0x7f00000000c0)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) setsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(0xffffffffffffffff, 0x84, 0x12, &(0x7f00000002c0)=0x5bce, 0x4) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$TCSBRK(0xffffffffffffffff, 0x5409, 0x4) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000300)) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000003c0)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 19:12:42 executing program 1: r0 = memfd_create(&(0x7f00000000c0)='#em1#+\x00', 0x0) write(r0, &(0x7f0000000180), 0x0) mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x0, 0x11, r0, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080), 0x0, 0x0, &(0x7f0000000100)}) getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r0, 0x84, 0x1b, &(0x7f0000000040), &(0x7f0000000100)=0x8) 19:12:42 executing program 2: ioctl$TCGETA(0xffffffffffffffff, 0x5405, &(0x7f0000000200)) r0 = memfd_create(&(0x7f0000000440)="656d30e6d0657270722ac8a9f5b38e25e2dd6f632500630e0489c98b1d06285cc037e956cdf575b04dbf8f009383c6fbcb84fb772a2624599e6f02ba896ccbb0030005d05c2943d24c16ddc9c196e49095f7c1eb5e0e70909c61e6ff8464cddd603a55ee471fe6e186e1b4ba9629c6b8bbd80de2a9e90934e58f1f881b1dc8f91ada3acd2dda93e27718e107b0c2228c1cfac540b9773aee7983eb21090124e61a1b7c10d6ae3b7e41450c306bcb6ae6538d1f5ea3ae4e8020e659e8a8fd22b9cb459d08ead0e9721c580a098839a7434190d7bc26ae008915c41efb175ddaefee25bb94a93624ce19b548731ac08f1351f5f09c13acd2b8afb09651", 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000380)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f02acc7edbcd7a071fb35331ce39c5a0bcb98a3e1f46fd51b139d755efce9768b84ea75c2ff4b3c85caef374d126a56fa4743af7ef55c846bfe7dd16072d260ffddcc8a6d22e02f44d6a360524b86b51a4b58afca35f12201adb024bfb20fbd364e78a232fbef31595029f755740ab15e173dc73ba964a4189007c7c40db8fb4b64dd8ec4d366") fcntl$setstatus(r1, 0x4, 0x4001) sendfile(r0, r1, &(0x7f0000000040), 0x1080005000) [ 363.553418] *** Guest State *** [ 363.556811] CR0: actual=0x000000008005003f, shadow=0x000000008005001f, gh_mask=fffffffffffffff7 [ 363.565868] CR4: actual=0x0000000000002068, shadow=0x0000000000000028, gh_mask=ffffffffffffe871 [ 363.575023] CR3 = 0x0000000000000000 [ 363.578787] PDPTR0 = 0x0000000000000000 PDPTR1 = 0x0000000000000000 [ 363.585424] PDPTR2 = 0x0000000000000000 PDPTR3 = 0x0000000000000000 [ 363.591959] RSP = 0x0000000000000000 RIP = 0x000000000000fff0 [ 363.598071] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 363.604188] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 363.610932] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 363.619139] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 363.627374] SS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 363.635575] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 363.643771] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 363.651803] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 363.659987] GDTR: limit=0x00000000, base=0x0000000000000000 [ 363.668124] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 363.676305] IDTR: limit=0x00000000, base=0x0000000000000000 [ 363.684451] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 363.692640] EFER = 0x0000000000000000 PAT = 0x0007040600070406 19:12:42 executing program 4: [ 363.699097] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 363.706747] Interruptibility = 00000000 ActivityState = 00000000 [ 363.713107] *** Host State *** [ 363.716354] RIP = 0xffffffff812c8203 RSP = 0xffff88006d78f3c8 [ 363.722553] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 363.729023] FSBase=00007f4fbed41700 GSBase=ffff88021fd00000 TRBase=fffffe000003e000 [ 363.737020] GDTBase=fffffe000003c000 IDTBase=fffffe0000000000 [ 363.743067] CR0=0000000080050033 CR3=00000000740ff000 CR4=00000000001426e0 [ 363.750564] Sysenter RSP=fffffe000003d200 CS:RIP=0010:ffffffff8ae01260 [ 363.757431] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 363.763625] *** Control State *** [ 363.767126] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 363.774200] EntryControls=0000d1ff ExitControls=002fefff [ 363.779704] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 363.786821] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 363.793628] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 [ 363.800254] reason=80000021 qualification=0000000000000000 [ 363.806762] IDTVectoring: info=00000000 errcode=00000000 [ 363.812357] TSC Offset = 0xffffff37b68114ff [ 363.816731] EPT pointer = 0x000000007443301e 19:12:42 executing program 1: 19:12:42 executing program 0: [ 363.855671] binder: 10223:10227 ioctl c0306201 20000000 returned -14 19:12:43 executing program 3: [ 364.083595] *** Guest State *** [ 364.087112] CR0: actual=0x000000008005003f, shadow=0x000000008005001f, gh_mask=fffffffffffffff7 [ 364.096221] CR4: actual=0x0000000000002068, shadow=0x0000000000000028, gh_mask=ffffffffffffe871 [ 364.105333] CR3 = 0x0000000000000000 [ 364.109096] PDPTR0 = 0x0000000000000000 PDPTR1 = 0x0000000000000000 [ 364.115736] PDPTR2 = 0x0000000000000000 PDPTR3 = 0x0000000000000000 [ 364.122363] RSP = 0x0000000000000000 RIP = 0x000000000000fff0 [ 364.128386] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [ 364.134524] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [ 364.141456] CS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 364.149609] DS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 364.157735] SS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 364.165873] ES: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 364.174031] FS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 364.182065] GS: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 364.190196] GDTR: limit=0x00000000, base=0x0000000000000000 [ 364.198332] LDTR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 364.206452] IDTR: limit=0x00000000, base=0x0000000000000000 [ 364.215018] TR: sel=0x0000, attr=0x10000, limit=0x00000000, base=0x0000000000000000 [ 364.223147] EFER = 0x0000000000000000 PAT = 0x0007040600070406 19:12:43 executing program 4: 19:12:43 executing program 0: [ 364.229598] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [ 364.237305] Interruptibility = 00000000 ActivityState = 00000000 [ 364.243694] *** Host State *** [ 364.246932] RIP = 0xffffffff812c8203 RSP = 0xffff88009d6af3c8 [ 364.253138] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [ 364.259798] FSBase=00007f4fbecff700 GSBase=ffff88021fc00000 TRBase=fffffe0000003000 [ 364.267841] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000 [ 364.274133] CR0=0000000080050033 CR3=00000000740ff000 CR4=00000000001426f0 [ 364.281232] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff8ae01260 [ 364.288343] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [ 364.294556] *** Control State *** [ 364.298054] PinBased=0000003f CPUBased=b5986dfa SecondaryExec=000000c2 [ 364.304962] EntryControls=0000d1ff ExitControls=002fefff [ 364.310466] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [ 364.317635] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [ 364.324457] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 19:12:43 executing program 3: [ 364.331084] reason=80000021 qualification=0000000000000000 [ 364.337726] IDTVectoring: info=00000000 errcode=00000000 [ 364.343330] TSC Offset = 0xffffff37b68114ff [ 364.347690] EPT pointer = 0x000000007443301e 19:12:43 executing program 4: 19:12:43 executing program 1: 19:12:44 executing program 5: 19:12:44 executing program 2: 19:12:44 executing program 0: 19:12:44 executing program 3: 19:12:44 executing program 1: 19:12:44 executing program 4: 19:12:44 executing program 1: 19:12:44 executing program 2: 19:12:44 executing program 4: 19:12:44 executing program 0: 19:12:44 executing program 3: 19:12:44 executing program 5: 19:12:44 executing program 4: 19:12:44 executing program 1: 19:12:44 executing program 3: 19:12:44 executing program 2: 19:12:44 executing program 0: 19:12:45 executing program 5: 19:12:45 executing program 1: 19:12:45 executing program 4: 19:12:45 executing program 2: 19:12:45 executing program 3: getresuid(&(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000100)) r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_GET_EVENT(r0, &(0x7f0000000680)={0xc, 0x8, 0xfa00, {&(0x7f0000000500)}}, 0x10) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000040)={0xffffffffffffffff}, 0x106}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000240)={0x3, 0x40, 0xfa00, {{}, {0xa, 0x0, 0x0, @mcast1}, r1}}, 0x48) 19:12:45 executing program 0: sched_setaffinity(0x0, 0x7, &(0x7f00000000c0)) pipe(&(0x7f0000000080)) perf_event_open(&(0x7f0000c86f88)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ppp\x00', 0x80, 0x0) clone(0x2102001ff8, 0x0, 0xfffffffffffffffe, &(0x7f0000000140), 0xffffffffffffffff) mount(&(0x7f00000001c0)=ANY=[], &(0x7f00000002c0)='.', &(0x7f0000000280)='ecryptfs\x00', 0x0, 0x0) 19:12:45 executing program 5: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f00000000c0), 0x4) 19:12:45 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) epoll_pwait(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000080), 0x8) ioctl(0xffffffffffffffff, 0x0, &(0x7f00000001c0)) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000540), 0xffffffffffffffff) r0 = syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0xb8d3, 0x1) ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0xa3}) 19:12:45 executing program 1: add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f00000001c0)={'syz'}, 0x0, 0x0, 0xfffffffffffffffc) perf_event_open(&(0x7f0000000040)={0x1, 0x235, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) shutdown(0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) openat$null(0xffffffffffffff9c, &(0x7f0000000640)='/dev/null\x00', 0x40000, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) openat$ppp(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ppp\x00', 0x410000, 0x0) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, r2, &(0x7f0000000540)={0x1}) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000180)="2e65f32efe0a6766c7442400008000006766c7442402000000006766c744240600000000670f011c24b866000f00d066b88044a2b20f23c80f21f866350400d0000f23f80f0766b80500000066b9080000000f01c10f0766b8010000000f01c10f01dfb835008ee0", 0x68}], 0x1, 0x0, &(0x7f00000000c0), 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe4000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000400)="66b9800000c00f326635000400000f300fc71e4425749e66b8eab9ffdd0f23d80f21f86635400000100f23f866b8ef6700000f23c00f21f8663501000f000f23f866b9860b000066b80300000066ba000000000f306666660fd5ef66b8ca9300000f23d00f21f86635100000010f23f8ba6100ec66b80d0000000f23d00f21f866351000000e0f23f8", 0x89}], 0x1, 0x0, &(0x7f0000000180), 0x106e) ioctl$KVM_ASSIGN_DEV_IRQ(r1, 0x4040ae70, &(0x7f0000000580)={0x0, 0x0, 0xffffffff}) ioctl$EVIOCGABS0(0xffffffffffffffff, 0x80184540, &(0x7f0000000340)=""/66) ioctl$VHOST_SET_FEATURES(0xffffffffffffffff, 0x4008af00, &(0x7f0000000200)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000680)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$KVM_RUN(r2, 0xae80, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff) mount(&(0x7f0000000280)=@filename='./file0\x00', &(0x7f0000000500)='./file0\x00', &(0x7f0000000800)='debugfs\x00', 0x2090482, 0x0) munlock(&(0x7f0000fe4000/0x3000)=nil, 0x3000) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f00000006c0)=ANY=[@ANYBLOB="02000000000000000000000000000000000000000000000005000000000000000100000000d4daedd610af05c0185b06129b000000040000000000000000000000f7ffffffff0300000000000000e8ffffffffffffff0000008c0500000000000000000000000000000000000000"]) ioctl$FIGETBSZ(0xffffffffffffffff, 0x2, &(0x7f0000000300)) getsockopt$packet_int(0xffffffffffffffff, 0x107, 0x0, &(0x7f00000003c0), &(0x7f00000004c0)=0x4) [ 366.493411] Error parsing options; rc = [-22] 19:12:45 executing program 0: syz_emit_ethernet(0x1, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd60910ae000103c00008201e5000000000000000000000000000000ff0200000000000000000000000000014e20000004019078007740b900"], &(0x7f0000000100)) 19:12:45 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) bind$inet(r0, &(0x7f0000001600)={0x2, 0x10000004e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f00000002c0)={0x2, 0x4e20}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x3, &(0x7f0000000140)=ANY=[@ANYBLOB="180000000900000000000000000800819500130000000000"], &(0x7f00002bf000)='syzkaller\x00', 0x1, 0xb7, &(0x7f0000000440)=""/183}, 0x48) r3 = socket$kcm(0x29, 0x1000000000002, 0x0) ioctl$sock_kcm_SIOCKCMATTACH(r3, 0x89e0, &(0x7f0000000100)={r0, r2}) ioctl$sock_kcm_SIOCKCMCLONE(r3, 0x89e2, &(0x7f0000001640)={0xffffffffffffffff}) sendmsg$IPVS_CMD_GET_CONFIG(r4, &(0x7f0000000400)={&(0x7f0000000280), 0xc, &(0x7f00000003c0)={&(0x7f0000000300)={0x14}, 0x14}}, 0x0) setsockopt$kcm_KCM_RECV_DISABLE(r3, 0x119, 0x1, &(0x7f0000000000)=0x6, 0x4) [ 366.701488] vhci_hcd: invalid port number 0 19:12:45 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) epoll_pwait(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000080), 0x8) ioctl(0xffffffffffffffff, 0x0, &(0x7f00000001c0)) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000540), 0xffffffffffffffff) r0 = syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0xb8d3, 0x1) ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0xa3}) [ 366.736344] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. 19:12:45 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = msgget$private(0x0, 0x0) msgctl$IPC_SET(r1, 0x1, &(0x7f0000000600)={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffa}) 19:12:45 executing program 3: r0 = socket$rds(0x15, 0x5, 0x0) ioctl$sock_ifreq(r0, 0x89f7, &(0x7f0000000040)={'ip6gre0\x00', @ifru_hwaddr=@random="9e649d1f3554"}) [ 366.936297] vhci_hcd: invalid port number 0 19:12:46 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) epoll_pwait(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000080), 0x8) ioctl(0xffffffffffffffff, 0x0, &(0x7f00000001c0)) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000540), 0xffffffffffffffff) r0 = syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0xb8d3, 0x1) ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0xa3}) 19:12:46 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) epoll_pwait(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000080), 0x8) ioctl(0xffffffffffffffff, 0x0, &(0x7f00000001c0)) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000540), 0xffffffffffffffff) r0 = syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0xb8d3, 0x1) ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0xa3}) [ 367.109945] vhci_hcd: invalid port number 0 19:12:46 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000040)=@req={0xff, 0x0, 0x8000, 0x7fffffff}, 0xfffffffffffffe2c) syz_emit_ethernet(0x1e, &(0x7f0000000000)={@empty, @broadcast, [], {@can={0xc, {{0x3, 0x7, 0xfffffffffffffff7, 0x4}, 0x5, 0x1, 0x0, 0x0, "9688f8ac08fa11f1"}}}}, &(0x7f0000000080)={0x1, 0x3, [0x1be, 0xd30, 0x349, 0xc49]}) r1 = socket(0x10, 0x802, 0x0) write(r1, &(0x7f0000000140)="240000001a0001f00080000400ede80e0af6f92c7839010600f2ffcb0800190005d70000", 0x24) bind(r1, &(0x7f0000000000)=@nfc={0x27, 0x1, 0x2, 0x5}, 0x80) syz_genetlink_get_family_id$nbd(&(0x7f00000001c0)='nbd\x00') r2 = socket$inet6_tcp(0xa, 0x1, 0x0) socket$packet(0x11, 0x2, 0x300) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000ad7000)={0x1, &(0x7f0000acbff8)=[{0x6, 0x0, 0x0, 0x6}]}, 0x10) bind$inet6(r2, &(0x7f0000807fe4)={0xa, 0x4e22}, 0x1c) setsockopt$inet6_int(r2, 0x29, 0x3, &(0x7f0000000000)=0xd9fe, 0x4) sendto$inet6(r2, &(0x7f0000000380), 0x0, 0x200408d4, &(0x7f000072e000)={0xa, 0x4e22, 0x0, @loopback}, 0x1c) setsockopt$IP_VS_SO_SET_STOPDAEMON(0xffffffffffffffff, 0x0, 0x48c, &(0x7f0000000040)={0x0, 'veth0_to_team\x00'}, 0x18) mkdir(&(0x7f00000001c0)='./bus/file0\x00', 0x0) creat(&(0x7f0000000040)='./file0\x00', 0x0) setsockopt$inet_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000240), 0x4) fsetxattr$trusted_overlay_origin(0xffffffffffffffff, &(0x7f0000000440)='trusted.overlay.origin\x00', &(0x7f0000000480)='y\x00', 0x2, 0x0) rt_sigprocmask(0x0, &(0x7f0000000080), &(0x7f00000000c0), 0x8) utimes(&(0x7f0000000000)='./file0\x00', &(0x7f0000000400)={{}, {0x77359400}}) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.cpu\x00', 0x200002, 0x0) fchdir(0xffffffffffffffff) creat(&(0x7f0000000700)='./bus\x00', 0x0) fstatfs(0xffffffffffffffff, &(0x7f0000000140)=""/116) openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='.\x00', 0x0, 0x0) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000280)={{{@in6=@local, @in6=@ipv4={[], [], @multicast1}}}, {{@in6=@mcast1}, 0x0, @in=@multicast1}}, &(0x7f0000000380)=0xe8) setsockopt$packet_drop_memb(0xffffffffffffffff, 0x107, 0x2, &(0x7f00000003c0)={0x0, 0x1, 0x6}, 0x10) ioctl$KDGKBSENT(0xffffffffffffffff, 0x4b48, &(0x7f0000000140)) 19:12:46 executing program 2: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$md(0xffffffffffffff9c, &(0x7f0000000280)='/dev/md0\x00', 0x0, 0x0) ioctl$BLKROSET(r1, 0x40480923, &(0x7f0000000000)=0xfffffdfd) 19:12:46 executing program 3: clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000540), 0xffffffffffffffff) r0 = syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0xb8d3, 0x1) ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0xa3}) [ 367.326471] vhci_hcd: invalid port number 0 19:12:46 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) epoll_pwait(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000080), 0x8) ioctl(0xffffffffffffffff, 0x0, &(0x7f00000001c0)) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000540), 0xffffffffffffffff) ioctl$FS_IOC_FSGETXATTR(0xffffffffffffffff, 0xc0185500, &(0x7f0000000100)={0xa3}) [ 367.490903] vhci_hcd: invalid port number 0 [ 367.525668] vhci_hcd: invalid port number 0 19:12:46 executing program 1: clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff) sched_setscheduler(0x0, 0x5, &(0x7f0000000200)) seccomp(0x1, 0x0, &(0x7f0000000000)={0x25f, &(0x7f00000000c0)=[{}]}) getsockname$packet(0xffffffffffffff9c, &(0x7f0000000440)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000480)=0x14) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000004c0)) keyctl$instantiate(0xc, 0x0, &(0x7f00000002c0)=ANY=[], 0x0, 0x0) 19:12:46 executing program 5: openat$audio(0xffffffffffffff9c, &(0x7f0000000440)='/dev/audio\x00', 0x0, 0x0) memfd_create(&(0x7f0000000080)="00000600000000000000", 0x0) inotify_add_watch(0xffffffffffffffff, &(0x7f0000000380)='./file0\x00', 0x0) r0 = socket$inet6(0xa, 0x80002, 0x88) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x10000000004e20}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e24, 0x0, @dev}, 0x1c) syz_emit_ethernet(0x83, &(0x7f0000000340)={@local, @local, [], {@ipv6={0x86dd, {0x0, 0x6, "1bfc97", 0x4d, 0x88, 0x0, @dev, @mcast2, {[], @udp={0x0, 0x4e20, 0x4d, 0x0, [], "e29607149378d33e1db1c73936c77aa3f7fac33b042bd368236862531934ecb1c373d6ea51369e92fb96cc7c6fe4e24d1fcafff87429e50b32881721afab69cc3712c37ed0"}}}}}}, &(0x7f0000000100)) 19:12:46 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000480)}}, 0x20) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000940)='./cg/syz0\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x1ff) write$RDMA_USER_CM_CMD_GET_EVENT(r0, &(0x7f0000000680)={0xc, 0x8, 0xfa00, {&(0x7f0000000500)}}, 0x10) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000040)={0xffffffffffffffff}, 0x106}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000240)={0x3, 0x40, 0xfa00, {{}, {0xa, 0x0, 0x0, @mcast1}, r1}}, 0x48) quotactl(0x0, &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000840)) openat$vhci(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhci\x00', 0x0, 0x0) 19:12:46 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)) 19:12:46 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) epoll_pwait(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000080), 0x8) ioctl(0xffffffffffffffff, 0x0, &(0x7f00000001c0)) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000540), 0xffffffffffffffff) ioctl$FS_IOC_FSGETXATTR(0xffffffffffffffff, 0xc0185500, &(0x7f0000000100)={0xa3}) 19:12:47 executing program 2: perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 19:12:47 executing program 0: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mq_open(&(0x7f0000000a00)='lo.\x00', 0x2, 0x0, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1}) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x0, 0x0) readv(r1, &(0x7f00000000c0)=[{&(0x7f0000000200)=""/255, 0x443}], 0x1000000000000248) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000180)='/dev/hwrng\x00', 0x0, 0x0) fcntl$getown(r0, 0x9) getpgrp(0x0) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000700)={0x0, @in6={{0xa, 0x0, 0x81, @remote}}}, &(0x7f00000007c0)=0x84) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)) r3 = syz_open_pts(r1, 0x2) r4 = dup3(r3, r1, 0x0) write(r1, &(0x7f0000c34fff), 0xffffff0b) getrlimit(0x9, &(0x7f00000001c0)) chroot(&(0x7f0000000340)='./file0\x00') ioctl$BLKGETSIZE64(r4, 0x80081272, &(0x7f0000000140)) close(r0) openat$cgroup(r2, &(0x7f0000000080)='syz1\x00', 0x200002, 0x0) setsockopt$SO_VM_SOCKETS_BUFFER_MAX_SIZE(0xffffffffffffffff, 0x28, 0x2, &(0x7f0000000100)=0xa611, 0x8) name_to_handle_at(0xffffffffffffffff, &(0x7f0000000380)='./file0\x00', &(0x7f00000003c0)={0x1a, 0x0, "943696fdf230d0517b6e491ed5d0da226ec1"}, &(0x7f0000000600), 0xe64455e5a85b7897) socketpair$inet6_dccp(0xa, 0x6, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup\x00', 0x200002, 0x0) fchdir(r5) 19:12:47 executing program 5: mknod(&(0x7f000086c000)='./file0\x00', 0x103d, 0x0) r0 = open$dir(&(0x7f00004be000)='./file0\x00', 0x80000880, 0x0) close(r0) 19:12:47 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) epoll_pwait(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000080), 0x8) ioctl(0xffffffffffffffff, 0x0, &(0x7f00000001c0)) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000540), 0xffffffffffffffff) ioctl$FS_IOC_FSGETXATTR(0xffffffffffffffff, 0xc0185500, &(0x7f0000000100)={0xa3}) 19:12:47 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1) ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) 19:12:47 executing program 3: r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) r1 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) mmap(&(0x7f0000010000/0x3000)=nil, 0x3000, 0x0, 0x100000000020011, r1, 0x0) ioctl$BINDER_GET_NODE_DEBUG_INFO(r1, 0xc018620b, &(0x7f0000000080)) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000500)={0x4, 0x0, &(0x7f0000000480)=[@enter_looper], 0x1, 0x0, &(0x7f00000004c0)='8'}) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000040)={0x4, 0x0, &(0x7f0000005fd4)=ANY=[@ANYBLOB="11634840"], 0x0, 0x0, &(0x7f0000000680)}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$BINDER_THREAD_EXIT(r1, 0x40046208, 0x0) [ 368.378805] binder: 10410 RLIMIT_NICE not set [ 368.437278] binder: 10410 RLIMIT_NICE not set 19:12:47 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) epoll_pwait(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000080), 0x8) ioctl(0xffffffffffffffff, 0x0, &(0x7f00000001c0)) r0 = syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0xb8d3, 0x1) ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0xa3}) 19:12:47 executing program 3: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x3c) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x11, &(0x7f0000000080)={@mcast1}, 0x20) ioctl$KVM_SET_LAPIC(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000280)={"b61d3bbe52d75028290785806c026a89b9b1f382d910b3a4aa7b7a3be01627489bc78960dc4a8d8006367a195b9537b7da7acbd83e0c7d61ff9ee151c07b4a894822001e51c79ea8d975f519bd4c83773fab6d212d3bc009fdbe498bc54a964bc215400866865357fa8e35ef56474dc150404bf29ed0456914aa67901bf3d7bb3ba29e324fca8bd4a0b1b2bd278ea3a0576d82c8ae7d8e1fa5e723eee2bb10337bbd3c66f17e7948f81d8da2527dde4a2cd834303701ba103fd94a0c993fa9b5aa87cac21aa20bbe3c531f3c9e8669beca073b815e7c537fa9be19d59d746dda736ce163d030baae4f0950b5b23c7075cf9d19230bc6bf00eb1f130720d75a0f79ba1dd1d46a35bb539fc1d8a9393157a475375c53ed18909358365b478f1fbbea0a1ca9f467747ffb219a8c84c16bc5eb0f2799ef3bb223983ae829346b4f97dd22a040076fcd796b6c96b69b772fc9647ccfb451421195eab4dcec01a0ae5cf1eeb88cbf60a9a58a252997574fa4d3fa15bd5730bcb6b3dcbd030a02b62adf0c5f9b866d768f638248db923b0360cb0ebee0377228f71abe62f9c8b381f7d43be979417a721d041799eaddcaf7f92ffc2b207469251cab19ede5712a340c7c809ae5071851eae8307e464c4c9f04a6be73b0131401cbead4c9772e1bff9a75610e5ef0f22ea700bdac176d1d303bc4fc45f1a80cf38dd8cc2040c0fdec25243ab41e2d5b4371e25c4374926e7ef808821f05ff339ceca62ad91e010389279989f4146fe45ed09b80d32bce8176eeb5b00ef3c7cc5594f59d0dc9e48a4744f6d380ffb7dd8a7f662c1487e78c6941dd35a8d17c29d2c6905a770da057b33ee6e7a03a228ba26b3b9d703548ee6b2a680ee570919d73055421056009ad7f97409b83769aa2be3cbde957d65ea0396d045ad838d993ead88f01649a9c0e868ca9ee0fdd32fe11d1d18fb37bb61537f83680a80aa67c3a7b1bc26025b0286042bc453c3487fabc7d173a4edc3cb978f55cbdcc8d84d85dbaff93970e623f235b40485ca6ffdea0d56c9b87879fbcbea0f1e3e3d70d6d804d4de7e09bfa292d63b68139abe327863c86f559c3933ddc3651fd6fe5552e1654b1bca74f0dd11734a38f4de120a13f5a28fa4a16bc886c47f2a1c47572ec37de795a9aa8c943ee5162219171c3f78603e3ffeec37c20fbbd1394eda40b7e9d8a6b863f1ba8bfe778bb98527aa6e65f8d192f1b50b6d9890ae25c1ffc8e0fa432fe93d4cc7cd80d2715722a8e65f811f20176bc92e5cb1845824fc21c65d654e2d5f7d2810bcaefd14b26fb183f48606343fc981b35133d50f125bdc32f7510a7bb866b9f7d57c393ea253834ca0726e00640ebf77cffcd343dd203946443b16f59d43e59dff2e35701bc5852fafa68c03d486e2a4a65a0ef69fe29931828d5ba94ce954f3b21b493db"}) [ 368.662546] binder: release 10409:10410 transaction 5 in, still active [ 368.669448] binder: send failed reply for transaction 5 to 10409:10420 [ 368.678851] binder: undelivered TRANSACTION_COMPLETE [ 368.684297] binder: undelivered TRANSACTION_ERROR: 29189 19:12:47 executing program 2: mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_GET_EVENT(r0, &(0x7f0000000680)={0xc, 0x8, 0xfa00, {&(0x7f0000000500)}}, 0x10) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000040)={0xffffffffffffffff}, 0x106}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, &(0x7f0000000240)={0x3, 0x40, 0xfa00, {{}, {0xa, 0x0, 0x0, @mcast1}, r1}}, 0x48) syz_open_dev$midi(&(0x7f0000000340)='/dev/midi#\x00', 0x7, 0x880) execve(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000380), &(0x7f0000000500)) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) 19:12:47 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1) ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) 19:12:48 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0x3, 0x4000, 0x2, &(0x7f0000ffb000/0x4000)=nil) r0 = openat$ion(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000080)={0x10000009, 0xb, 0x0, 0xffffffffffffffff}) ioctl$SNDRV_TIMER_IOCTL_GINFO(0xffffffffffffffff, 0xc0f85403, &(0x7f00000003c0)={{0x3, 0x3, 0x0, 0x2}, 0x0, 0x80000001, 'id0\x00', 'timer0\x00', 0x0, 0x400, 0x80, 0x10000000000000, 0x6}) ioctl$DMA_BUF_IOCTL_SYNC(r1, 0x40086200, &(0x7f0000000240)=0x1) socket$nl_route(0x10, 0x3, 0x0) [ 368.931668] vhci_hcd: invalid port number 0 19:12:48 executing program 0: 19:12:48 executing program 2: 19:12:48 executing program 3: 19:12:48 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) epoll_pwait(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000080), 0x8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000540), 0xffffffffffffffff) r0 = syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0xb8d3, 0x1) ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0xa3}) 19:12:48 executing program 1: r0 = socket$inet(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000134000)={0x2, 0x4e23, @broadcast}, 0x10) 19:12:48 executing program 0: sched_setaffinity(0x0, 0x8, &(0x7f0000000140)) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mknod(&(0x7f000086c000)='./file0\x00', 0x103d, 0x0) r0 = open$dir(&(0x7f00004be000)='./file0\x00', 0x80000880, 0x0) close(r0) 19:12:48 executing program 3: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_DECODER_CMD(r0, 0xc0485660, &(0x7f00000000c0)={0x1, 0x0, @stop_pts=0x1d8}) [ 369.775375] vhci_hcd: invalid port number 0 19:12:48 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000540), 0xffffffffffffffff) r0 = syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0xb8d3, 0x1) ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0xa3}) 19:12:49 executing program 2: 19:12:49 executing program 1: [ 370.487684] vhci_hcd: invalid port number 0 19:12:49 executing program 1: 19:12:50 executing program 3: 19:12:50 executing program 5: 19:12:50 executing program 2: 19:12:50 executing program 0: 19:12:50 executing program 4: epoll_pwait(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000080), 0x8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000540), 0xffffffffffffffff) r0 = syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0xb8d3, 0x1) ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0xa3}) 19:12:50 executing program 3: [ 371.277436] vhci_hcd: invalid port number 0 19:12:50 executing program 1: 19:12:50 executing program 0: 19:12:50 executing program 2: 19:12:50 executing program 5: 19:12:50 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) epoll_pwait(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000080), 0x8) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000540), 0xffffffffffffffff) r0 = syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0xb8d3, 0x1) ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0xa3}) 19:12:50 executing program 0: 19:12:50 executing program 2: 19:12:50 executing program 3: [ 371.762450] vhci_hcd: invalid port number 0 19:12:50 executing program 1: 19:12:51 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) epoll_pwait(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000080), 0x8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000540), 0xffffffffffffffff) r0 = syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0x0, 0x1) ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0xa3}) 19:12:51 executing program 0: 19:12:51 executing program 5: 19:12:51 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) epoll_pwait(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000080), 0x8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000540), 0xffffffffffffffff) r0 = syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0xb8d3, 0x0) ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0xa3}) 19:12:51 executing program 2: 19:12:51 executing program 1: 19:12:51 executing program 3: 19:12:51 executing program 5: 19:12:51 executing program 2: 19:12:51 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) epoll_pwait(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000080), 0x8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000540), 0xffffffffffffffff) r0 = syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0xb8d3, 0x0) ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0xa3}) 19:12:51 executing program 0: 19:12:51 executing program 1: 19:12:51 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) epoll_pwait(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000080), 0x8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000540), 0xffffffffffffffff) syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0xb8d3, 0x1) ioctl$FS_IOC_FSGETXATTR(0xffffffffffffffff, 0xc0185500, &(0x7f0000000100)={0xa3}) 19:12:51 executing program 3: 19:12:51 executing program 5: 19:12:52 executing program 2: 19:12:52 executing program 1: 19:12:52 executing program 0: 19:12:52 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) epoll_pwait(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000080), 0x8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000540), 0xffffffffffffffff) r0 = syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0xb8d3, 0x1) ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)) 19:12:52 executing program 3: 19:12:52 executing program 5: 19:12:52 executing program 2: 19:12:52 executing program 1: 19:12:52 executing program 0: 19:12:52 executing program 2: [ 373.687225] vhci_hcd: default hub control req: 0000 v0000 i0000 l0 19:12:52 executing program 3: 19:12:52 executing program 0: 19:12:52 executing program 1: 19:12:52 executing program 5: 19:12:53 executing program 4: 19:12:53 executing program 2: 19:12:53 executing program 3: 19:12:53 executing program 0: 19:12:53 executing program 4: 19:12:53 executing program 5: 19:12:53 executing program 1: 19:12:53 executing program 2: 19:12:53 executing program 3: 19:12:54 executing program 0: 19:12:54 executing program 2: 19:12:54 executing program 5: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ppp\x00', 0x0, 0x0) ioctl$NBD_SET_TIMEOUT(r0, 0xab09, 0x0) mq_timedreceive(r0, &(0x7f00000003c0)=""/156, 0xfffffffffffffeef, 0x0, 0x0) ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r0, 0xc0305710, &(0x7f0000000140)={0x1, 0x5, 0x3}) setsockopt$inet_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f0000000100), 0x4) r1 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x667, 0x80000005, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x400000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, @perf_config_ext}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$FS_IOC_SETVERSION(r1, 0x40087602, &(0x7f0000000200)) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000180)="2f67726f75702e73746174003c23fb572a1f0294e6f378b41ad54b4d9d9a1f63f8785ad188a7e1c88875e05b18a4cb3a9cd12dcea440d899c22c652b3a471b4a7fa2f3fdf6e034d804e5f0df4b1dee483b157624c59c0100e89e6a357c000000", 0x2761, 0x0) write$cgroup_int(r2, &(0x7f0000000080)=0x3f00, 0x297ef) 19:12:54 executing program 4: r0 = socket$can_raw(0x1d, 0x3, 0x1) arch_prctl(0x0, &(0x7f0000000180)="e1dfc0c9eda0b5801dfa438ad780c547f1") bind$can_raw(r0, &(0x7f0000000140), 0x10) setsockopt(r0, 0x65, 0x1, &(0x7f0000000080), 0x1d0) ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'gre0\x00', {0x2, 0x4e23, @local}}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r0) 19:12:54 executing program 1: openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x800000000001, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000080)="2f6578650000000000000f1ce3000000000000000000000000") mmap$perf(&(0x7f0000105000/0x4000)=nil, 0x4000, 0x0, 0x11, r0, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000100), 0xffffffffffffffff) mount(&(0x7f0000000180)=@sg0='/dev/sg0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='ecryptfs\x00', 0x0, &(0x7f00000001c0)="7f") pread64(r0, &(0x7f0000003c00)=""/4096, 0xffffff72, 0x0) [ 375.005871] ion_buffer_destroy: buffer still mapped in the kernel 19:12:54 executing program 3: r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000440)='/dev/audio\x00', 0x800, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x25d1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) r1 = memfd_create(&(0x7f0000000080)="00000600000000000000", 0x0) inotify_add_watch(r1, &(0x7f0000000380)='./file0\x00', 0x80000020) ioctl$KVM_GET_VCPU_EVENTS(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000000)) getsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(0xffffffffffffffff, 0x84, 0x12, &(0x7f0000000140), &(0x7f00000001c0)=0x4) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x401c5820, &(0x7f0000000200)={0x1, 0x0, 0x8000, 0xe2}) ioctl$sock_inet_SIOCRTMSG(0xffffffffffffffff, 0x890d, &(0x7f00000002c0)={0x6, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}, {0x2, 0x4e24, @dev}, 0x120, 0x4, 0xfffffffffffffff8}) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) socket(0x0, 0x80005, 0x0) r2 = socket$inet6(0xa, 0x80002, 0x88) bind$inet6(r2, &(0x7f0000000000)={0xa, 0x10000000004e20}, 0x1c) syz_emit_ethernet(0x83, &(0x7f0000000340)={@local, @local, [], {@ipv6={0x86dd, {0x0, 0x6, "1bfc97", 0x4d, 0x88, 0x0, @dev, @mcast2, {[], @udp={0x0, 0x4e20, 0x4d, 0x0, [], "e29607149378d33e1db1c73936c77aa3f7fac33b042bd368236862531934ecb1c373d6ea51369e92fb96cc7c6fe4e24d1fcafff87429e50b32881721afab69cc3712c37ed0"}}}}}}, &(0x7f0000000100)) ioctl$sock_SIOCBRADDBR(r1, 0x89a0, &(0x7f0000000480)='veth1_to_bond\x00') getsockopt$inet_sctp6_SCTP_PR_STREAM_STATUS(r0, 0x84, 0x74, &(0x7f00000004c0)=""/230, &(0x7f0000000240)=0xe6) bind(0xffffffffffffffff, &(0x7f00000000c0)=@generic={0xa, "9bab822c32e608631f5c82d557d502005efe7bb80b86526b51833790734bd83b320de89aefc9eb6dc2649bdf2b6ab524effc499e522cfbf5ea7aa1033b283235652bf370539dab5b776d5f788b9960df85ddf0e7bcb92ede0eb3db4ed60dd4c3806342de9067b7aecf9a6ae4edd919aec5bdf5aecb8ef68d0797117341f7"}, 0x80) getsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(0xffffffffffffffff, 0x84, 0x12, &(0x7f0000000280), &(0x7f0000000400)=0x4) 19:12:54 executing program 2: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x0, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r2, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) 19:12:54 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x0, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r2, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) 19:12:54 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000240)=@assoc_value={0x0, 0x2e11}, 0x8) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r2, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) 19:12:54 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x0, &(0x7f00000001c0)="0a5c2d0240316285717070") setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) 19:12:55 executing program 0: sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000040)=@in6={0xa, 0x0, 0x0, @dev}, 0x80, &(0x7f0000000640), 0x0, &(0x7f0000000740)}, 0x3) r0 = socket$kcm(0xa, 0x522000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x0, 0xffffff7f00000000, 0x7e4c, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0) 19:12:56 executing program 5 (fault-call:4 fault-nth:0): openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) epoll_pwait(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000080), 0x8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000540), 0xffffffffffffffff) r0 = syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0xb8d3, 0x1) ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0xa3}) 19:12:56 executing program 2: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x0, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r2, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) 19:12:56 executing program 4 (fault-call:7 fault-nth:0): r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r2, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) [ 377.777322] FAULT_INJECTION: forcing a failure. [ 377.777322] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 377.789385] CPU: 1 PID: 10655 Comm: syz-executor5 Not tainted 4.19.0+ #83 [ 377.796366] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 377.805771] Call Trace: [ 377.808471] dump_stack+0x32d/0x480 [ 377.812196] should_fail+0x11e5/0x13c0 [ 377.816183] __alloc_pages_nodemask+0x6fd/0x6640 [ 377.821042] ? kmsan_set_origin+0x83/0x130 [ 377.825386] ? kmsan_internal_unpoison_shadow+0x83/0xe0 [ 377.830874] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 377.836315] ? process_measurement+0x252e/0x2830 [ 377.841309] alloc_pages_current+0x584/0x7e0 [ 377.845917] __get_free_pages+0x33/0xc0 [ 377.849957] proc_control+0x389/0x1d30 [ 377.853944] ? __msan_get_context_state+0x9/0x30 [ 377.858800] ? INIT_BOOL+0xc/0x30 [ 377.862352] ? mutex_lock+0x2f7/0x420 [ 377.866245] usbdev_do_ioctl+0x6c35/0xcfb0 [ 377.870571] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 377.876159] ? kmsan_set_origin+0x83/0x130 [ 377.880487] ? kmsan_set_origin+0x83/0x130 [ 377.884836] ? __msan_poison_alloca+0x1e0/0x2b0 [ 377.889588] usbdev_ioctl+0x8c/0xb0 [ 377.893300] ? usbdev_poll+0x3f0/0x3f0 [ 377.897248] do_vfs_ioctl+0xf77/0x2d30 [ 377.901245] ? security_file_ioctl+0x92/0x200 [ 377.905826] __se_sys_ioctl+0x1da/0x270 [ 377.909896] __x64_sys_ioctl+0x4a/0x70 [ 377.913849] do_syscall_64+0xcf/0x110 [ 377.917713] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 377.922973] RIP: 0033:0x457569 [ 377.926228] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 377.945189] RSP: 002b:00007f4fbed40c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 377.952979] RAX: ffffffffffffffda RBX: 00007f4fbed40c90 RCX: 0000000000457569 [ 377.960304] RDX: 0000000020000100 RSI: 00000000c0185500 RDI: 0000000000000003 [ 377.967633] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 377.974956] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4fbed416d4 [ 377.982277] R13: 00000000004bf8f9 R14: 00000000004cfb50 R15: 0000000000000004 19:12:57 executing program 0 (fault-call:3 fault-nth:0): r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$BINDER_THREAD_EXIT(r0, 0x40046205, 0x0) 19:12:57 executing program 3: r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000440)='/dev/audio\x00', 0x800, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x25d1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) r1 = memfd_create(&(0x7f0000000080)="00000600000000000000", 0x0) inotify_add_watch(r1, &(0x7f0000000380)='./file0\x00', 0x80000020) ioctl$KVM_GET_VCPU_EVENTS(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000000)) getsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(0xffffffffffffffff, 0x84, 0x12, &(0x7f0000000140), &(0x7f00000001c0)=0x4) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x401c5820, &(0x7f0000000200)={0x1, 0x0, 0x8000, 0xe2}) ioctl$sock_inet_SIOCRTMSG(0xffffffffffffffff, 0x890d, &(0x7f00000002c0)={0x6, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}, {0x2, 0x4e24, @dev}, 0x120, 0x4, 0xfffffffffffffff8}) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) socket(0x0, 0x80005, 0x0) r2 = socket$inet6(0xa, 0x80002, 0x88) bind$inet6(r2, &(0x7f0000000000)={0xa, 0x10000000004e20}, 0x1c) syz_emit_ethernet(0x83, &(0x7f0000000340)={@local, @local, [], {@ipv6={0x86dd, {0x0, 0x6, "1bfc97", 0x4d, 0x88, 0x0, @dev, @mcast2, {[], @udp={0x0, 0x4e20, 0x4d, 0x0, [], "e29607149378d33e1db1c73936c77aa3f7fac33b042bd368236862531934ecb1c373d6ea51369e92fb96cc7c6fe4e24d1fcafff87429e50b32881721afab69cc3712c37ed0"}}}}}}, &(0x7f0000000100)) ioctl$sock_SIOCBRADDBR(r1, 0x89a0, &(0x7f0000000480)='veth1_to_bond\x00') getsockopt$inet_sctp6_SCTP_PR_STREAM_STATUS(r0, 0x84, 0x74, &(0x7f00000004c0)=""/230, &(0x7f0000000240)=0xe6) bind(0xffffffffffffffff, &(0x7f00000000c0)=@generic={0xa, "9bab822c32e608631f5c82d557d502005efe7bb80b86526b51833790734bd83b320de89aefc9eb6dc2649bdf2b6ab524effc499e522cfbf5ea7aa1033b283235652bf370539dab5b776d5f788b9960df85ddf0e7bcb92ede0eb3db4ed60dd4c3806342de9067b7aecf9a6ae4edd919aec5bdf5aecb8ef68d0797117341f7"}, 0x80) getsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(0xffffffffffffffff, 0x84, 0x12, &(0x7f0000000280), &(0x7f0000000400)=0x4) [ 378.567285] FAULT_INJECTION: forcing a failure. [ 378.567285] name failslab, interval 1, probability 0, space 0, times 1 [ 378.579079] CPU: 0 PID: 10668 Comm: syz-executor0 Not tainted 4.19.0+ #83 [ 378.586073] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 378.595485] Call Trace: [ 378.598165] dump_stack+0x32d/0x480 [ 378.601883] should_fail+0x11e5/0x13c0 [ 378.605851] __should_failslab+0x278/0x2a0 [ 378.610188] should_failslab+0x29/0x70 [ 378.614136] __kmalloc+0xcf/0x4d0 [ 378.617677] ? _raw_spin_lock+0x1fb/0x2f0 [ 378.621907] ? binder_get_thread+0x46d/0x1200 [ 378.626479] binder_get_thread+0x46d/0x1200 [ 378.630912] binder_ioctl+0x61b/0x2850 [ 378.634885] ? kmsan_set_origin+0x83/0x130 [ 378.639224] ? do_vfs_ioctl+0x187/0x2d30 [ 378.643366] ? binder_poll+0xbe0/0xbe0 [ 378.647305] do_vfs_ioctl+0xf77/0x2d30 [ 378.651300] ? security_file_ioctl+0x92/0x200 [ 378.655902] __se_sys_ioctl+0x1da/0x270 [ 378.659983] __x64_sys_ioctl+0x4a/0x70 [ 378.663936] do_syscall_64+0xcf/0x110 [ 378.667805] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 378.673054] RIP: 0033:0x457569 [ 378.676310] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 378.695271] RSP: 002b:00007f58e870cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 378.703068] RAX: ffffffffffffffda RBX: 00007f58e870cc90 RCX: 0000000000457569 [ 378.710398] RDX: 0000000000000000 RSI: 0000000040046205 RDI: 0000000000000003 [ 378.717724] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 378.725050] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f58e870d6d4 [ 378.732373] R13: 00000000004be83f R14: 00000000004ce818 R15: 0000000000000006 [ 378.740207] binder: 10664:10668 ioctl 40046205 0 returned -12 [ 378.956707] FAULT_INJECTION: forcing a failure. [ 378.956707] name failslab, interval 1, probability 0, space 0, times 0 [ 378.968253] CPU: 1 PID: 10674 Comm: syz-executor4 Not tainted 4.19.0+ #83 [ 378.975250] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 378.984665] Call Trace: [ 378.987340] dump_stack+0x32d/0x480 [ 378.991153] should_fail+0x11e5/0x13c0 [ 378.995134] __should_failslab+0x278/0x2a0 [ 378.999454] should_failslab+0x29/0x70 [ 379.003444] kmem_cache_alloc+0x146/0xe20 [ 379.007684] ? sock_alloc_inode+0x61/0x300 [ 379.012027] ? sockfs_mount+0xa0/0xa0 [ 379.015915] sock_alloc_inode+0x61/0x300 [ 379.020129] ? sockfs_mount+0xa0/0xa0 [ 379.024012] new_inode_pseudo+0x95/0x460 [ 379.028163] __sys_accept4+0x2df/0x12a0 [ 379.032224] ? prepare_exit_to_usermode+0x182/0x4d0 [ 379.037370] ? syscall_return_slowpath+0x123/0x8c0 [ 379.042400] ? __se_sys_write+0x2fd/0x370 [ 379.046632] __se_sys_accept+0x9a/0xc0 [ 379.050632] __x64_sys_accept+0x4a/0x70 [ 379.054681] do_syscall_64+0xcf/0x110 [ 379.058580] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 379.063859] RIP: 0033:0x457569 [ 379.067117] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 379.086103] RSP: 002b:00007f0199a9fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002b [ 379.093902] RAX: ffffffffffffffda RBX: 00007f0199a9fc90 RCX: 0000000000457569 [ 379.101236] RDX: 0000000020000280 RSI: 0000000020000080 RDI: 0000000000000003 [ 379.108597] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 379.115936] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0199aa06d4 [ 379.123260] R13: 00000000004bd526 R14: 00000000004cbf80 R15: 0000000000000006 19:12:58 executing program 1 (fault-call:5 fault-nth:0): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) 19:12:58 executing program 2 (fault-call:1 fault-nth:0): r0 = socket(0x400020000000010, 0x2, 0x0) write(r0, &(0x7f00000000c0)="1f00000056000d6dfcffff05bc0203030701ff2104173f8100000002030039", 0x1f) 19:12:58 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) getsockopt$inet6_mreq(r0, 0x29, 0x14, &(0x7f0000000040), &(0x7f00000000c0)=0x14) epoll_pwait(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000080), 0x8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000540), 0xffffffffffffffff) r1 = syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0xb8d3, 0x1) ioctl$FS_IOC_FSGETXATTR(r1, 0xc0185500, &(0x7f0000000100)={0xa3}) 19:12:58 executing program 0 (fault-call:3 fault-nth:1): r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$BINDER_THREAD_EXIT(r0, 0x40046205, 0x0) 19:12:58 executing program 3 (fault-call:3 fault-nth:0): r0 = gettid() unshare(0x28020400) exit(0x0) syz_open_procfs$namespace(r0, &(0x7f0000000000)='ns/pid_for_children\x00') [ 379.463489] FAULT_INJECTION: forcing a failure. [ 379.463489] name failslab, interval 1, probability 0, space 0, times 0 [ 379.474966] CPU: 1 PID: 10683 Comm: syz-executor2 Not tainted 4.19.0+ #83 [ 379.481958] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 379.491383] Call Trace: [ 379.494060] dump_stack+0x32d/0x480 [ 379.497805] should_fail+0x11e5/0x13c0 [ 379.501801] __should_failslab+0x278/0x2a0 [ 379.506151] should_failslab+0x29/0x70 [ 379.510141] kmem_cache_alloc_node+0x164/0xec0 [ 379.514836] ? __alloc_skb+0x32e/0xeb0 [ 379.518953] __alloc_skb+0x32e/0xeb0 [ 379.522788] netlink_sendmsg+0xc9e/0x1440 [ 379.527063] ? netlink_getsockopt+0x16b0/0x16b0 [ 379.531828] sock_write_iter+0x404/0x4e0 [ 379.536095] ? sock_read_iter+0x4e0/0x4e0 [ 379.540058] vhci_hcd: invalid port number 0 [ 379.540335] __vfs_write+0x882/0xb80 [ 379.548424] vfs_write+0x4a3/0x8f0 [ 379.552054] __se_sys_write+0x17a/0x370 [ 379.556137] __x64_sys_write+0x4a/0x70 [ 379.560098] do_syscall_64+0xcf/0x110 [ 379.563979] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 379.569312] RIP: 0033:0x457569 [ 379.572603] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 379.591596] RSP: 002b:00007f9b1a5e0c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 379.599401] RAX: ffffffffffffffda RBX: 00007f9b1a5e0c90 RCX: 0000000000457569 [ 379.606760] RDX: 000000000000001f RSI: 00000000200000c0 RDI: 0000000000000003 19:12:58 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x2) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffffff) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) socket$inet6_tcp(0xa, 0x1, 0x0) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) syz_open_dev$rtc(&(0x7f0000000000)='/dev/rtc#\x00', 0xffffffff, 0x100) sendto$inet6(r2, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) 19:12:58 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) ioctl$EVIOCGBITSND(r0, 0x80404532, &(0x7f00000001c0)=""/107) epoll_pwait(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000080), 0x8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000540), 0xffffffffffffffff) r1 = syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0xb8d3, 0x1) ioctl$VHOST_GET_FEATURES(r0, 0x8008af00, &(0x7f0000000040)) ioctl$FS_IOC_FSGETXATTR(r1, 0xc0185500, &(0x7f0000000100)={0xa3}) [ 379.614110] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 379.621459] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f9b1a5e16d4 [ 379.628828] R13: 00000000004c2af4 R14: 00000000004d8cb8 R15: 0000000000000004 [ 379.699661] FAULT_INJECTION: forcing a failure. [ 379.699661] name failslab, interval 1, probability 0, space 0, times 0 [ 379.711442] CPU: 1 PID: 10691 Comm: syz-executor1 Not tainted 4.19.0+ #83 [ 379.718464] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 379.727999] Call Trace: [ 379.730668] dump_stack+0x32d/0x480 [ 379.734390] should_fail+0x11e5/0x13c0 [ 379.738394] __should_failslab+0x278/0x2a0 [ 379.742738] should_failslab+0x29/0x70 [ 379.746723] __kmalloc+0xcf/0x4d0 [ 379.750277] ? tcp_sendmsg_locked+0x640c/0x6c30 [ 379.755023] ? tcp_sendmsg+0xb2/0x100 [ 379.758933] tcp_sendmsg_locked+0x640c/0x6c30 [ 379.762181] binder: 10692:10695 ioctl 40046205 0 returned -22 [ 379.763554] ? kmsan_set_origin+0x83/0x130 [ 379.763632] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 379.763703] ? aa_label_sk_perm+0x8e9/0x960 [ 379.783655] ? __msan_poison_alloca+0x1e0/0x2b0 [ 379.788419] ? __local_bh_enable_ip+0x46/0x260 [ 379.793095] ? __msan_warning+0xb0/0xd0 [ 379.797198] ? __msan_poison_alloca+0x1e0/0x2b0 [ 379.801978] tcp_sendmsg+0xb2/0x100 [ 379.802439] vhci_hcd: invalid port number 0 [ 379.805681] ? tcp_sendmsg_locked+0x6c30/0x6c30 [ 379.814715] inet_sendmsg+0x4e9/0x800 [ 379.818622] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 379.824046] ? security_socket_sendmsg+0x1bd/0x200 [ 379.829049] ? inet_getname+0x490/0x490 [ 379.833092] __sys_sendto+0x97b/0xb80 [ 379.837017] ? syscall_return_slowpath+0x123/0x8c0 [ 379.842040] __se_sys_sendto+0x107/0x130 [ 379.846200] __x64_sys_sendto+0x6e/0x90 19:12:58 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) epoll_pwait(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000080), 0x8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000540), 0xffffffffffffffff) r1 = syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0xb8d3, 0x1) dup(r0) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000040)=[{0x7}], 0x1) ioctl$FS_IOC_FSGETXATTR(r1, 0xc0185500, &(0x7f0000000100)={0xa3}) [ 379.850241] do_syscall_64+0xcf/0x110 [ 379.854113] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 379.859376] RIP: 0033:0x457569 [ 379.862633] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 379.881605] RSP: 002b:00007f9f4ce76c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 379.889402] RAX: ffffffffffffffda RBX: 00007f9f4ce76c90 RCX: 0000000000457569 [ 379.896736] RDX: 000000000000d14b RSI: 0000000020000100 RDI: 0000000000000003 [ 379.904070] RBP: 000000000072bf00 R08: 0000000020b63fe4 R09: 000000000000001c [ 379.911396] R10: 0000000020000004 R11: 0000000000000246 R12: 00007f9f4ce776d4 [ 379.918725] R13: 00000000004c3c1d R14: 00000000004d5e98 R15: 0000000000000005 19:12:59 executing program 2 (fault-call:1 fault-nth:1): r0 = socket(0x400020000000010, 0x2, 0x0) write(r0, &(0x7f00000000c0)="1f00000056000d6dfcffff05bc0203030701ff2104173f8100000002030039", 0x1f) [ 380.064942] vhci_hcd: invalid port number 0 [ 380.099744] FAULT_INJECTION: forcing a failure. [ 380.099744] name failslab, interval 1, probability 0, space 0, times 0 [ 380.111272] CPU: 0 PID: 10713 Comm: syz-executor3 Not tainted 4.19.0+ #83 [ 380.118259] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 380.127761] Call Trace: [ 380.130424] dump_stack+0x32d/0x480 [ 380.134175] should_fail+0x11e5/0x13c0 [ 380.138160] __should_failslab+0x278/0x2a0 [ 380.142508] should_failslab+0x29/0x70 [ 380.146494] kmem_cache_alloc+0x146/0xe20 [ 380.150754] ? getname_flags+0x136/0xac0 [ 380.154889] ? fsnotify+0x1810/0x18a0 [ 380.158780] getname_flags+0x136/0xac0 [ 380.162755] getname+0x55/0x60 [ 380.166022] do_sys_open+0x538/0x960 [ 380.169846] __se_sys_open+0xad/0xc0 [ 380.173666] __x64_sys_open+0x4a/0x70 [ 380.177576] do_syscall_64+0xcf/0x110 [ 380.181453] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 380.186724] RIP: 0033:0x4111a1 [ 380.190074] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 8a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 d3 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 380.194931] FAULT_INJECTION: forcing a failure. [ 380.194931] name failslab, interval 1, probability 0, space 0, times 0 [ 380.209026] RSP: 002b:00007f80eba87bb0 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 380.209076] RAX: ffffffffffffffda RBX: 00007f80eba87c90 RCX: 00000000004111a1 [ 380.209104] RDX: 0000000000403a65 RSI: 0000000000000002 RDI: 00007f80eba87bd0 [ 380.209130] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000027 [ 380.209157] R10: 0000000000000013 R11: 0000000000000293 R12: 00007f80eba886d4 [ 380.209183] R13: 00000000004c51bc R14: 00000000004d89d0 R15: 0000000000000003 [ 380.265972] CPU: 1 PID: 10715 Comm: syz-executor2 Not tainted 4.19.0+ #83 [ 380.272956] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 380.282367] Call Trace: [ 380.285030] dump_stack+0x32d/0x480 [ 380.288744] should_fail+0x11e5/0x13c0 [ 380.292717] __should_failslab+0x278/0x2a0 [ 380.297061] should_failslab+0x29/0x70 19:12:59 executing program 1 (fault-call:5 fault-nth:1): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) [ 380.301046] __kmalloc_node_track_caller+0x279/0x14e0 [ 380.306344] ? __msan_get_context_state+0x9/0x30 [ 380.311162] ? INIT_INT+0xc/0x30 [ 380.314630] ? kmem_cache_alloc_node+0x27b/0xec0 [ 380.319479] ? netlink_sendmsg+0xc9e/0x1440 [ 380.323905] ? netlink_sendmsg+0xc9e/0x1440 [ 380.328332] __alloc_skb+0x42b/0xeb0 [ 380.332137] netlink_sendmsg+0xc9e/0x1440 [ 380.336419] ? netlink_getsockopt+0x16b0/0x16b0 [ 380.341177] sock_write_iter+0x404/0x4e0 [ 380.345366] ? sock_read_iter+0x4e0/0x4e0 19:12:59 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) recvfrom(r1, &(0x7f0000000000)=""/87, 0x57, 0x10041, &(0x7f0000000100)=@l2={0x1f, 0x1, {0x5, 0x2, 0x9, 0xbc6, 0x2, 0x9}, 0x0, 0x1000}, 0x80) sendto$inet6(r2, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) [ 380.349638] __vfs_write+0x882/0xb80 [ 380.353446] vfs_write+0x4a3/0x8f0 [ 380.357072] __se_sys_write+0x17a/0x370 [ 380.361150] __x64_sys_write+0x4a/0x70 [ 380.365108] do_syscall_64+0xcf/0x110 [ 380.368980] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 380.374228] RIP: 0033:0x457569 [ 380.377487] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 19:12:59 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) epoll_pwait(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000080), 0x8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000540), 0xffffffffffffffff) r0 = syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0x1000, 0x2042) ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0xa3}) ioctl$UI_SET_FFBIT(r0, 0x4004556b, 0x71) [ 380.396480] RSP: 002b:00007f9b1a5e0c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 380.404309] RAX: ffffffffffffffda RBX: 00007f9b1a5e0c90 RCX: 0000000000457569 [ 380.411660] RDX: 000000000000001f RSI: 00000000200000c0 RDI: 0000000000000003 [ 380.419007] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 380.426356] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f9b1a5e16d4 [ 380.433682] R13: 00000000004c2af4 R14: 00000000004d8cb8 R15: 0000000000000004 19:12:59 executing program 0: r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)) r1 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x4, 0x181002) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x3) ioctl$BINDER_THREAD_EXIT(r0, 0x40046205, 0x0) [ 380.574152] FAULT_INJECTION: forcing a failure. [ 380.574152] name failslab, interval 1, probability 0, space 0, times 0 [ 380.585775] CPU: 0 PID: 10721 Comm: syz-executor1 Not tainted 4.19.0+ #83 [ 380.592779] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 380.602194] Call Trace: [ 380.604871] dump_stack+0x32d/0x480 [ 380.608608] should_fail+0x11e5/0x13c0 [ 380.612605] __should_failslab+0x278/0x2a0 [ 380.616922] should_failslab+0x29/0x70 [ 380.620908] kmem_cache_alloc+0x146/0xe20 [ 380.625135] ? dst_alloc+0x289/0x3c0 [ 380.628918] ? kmsan_set_origin+0x83/0x130 [ 380.633248] dst_alloc+0x289/0x3c0 [ 380.636878] ip6_pol_route+0x176f/0x2700 [ 380.641015] ? INIT_INT+0xc/0x30 [ 380.644458] ? __kernel_text_address+0x250/0x350 [ 380.649327] ip6_pol_route_output+0x11b/0x140 [ 380.653915] fib6_rule_lookup+0x38b/0x6d0 [ 380.658135] ? ip6_route_output_flags+0x5e0/0x5e0 [ 380.663098] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 380.668584] ip6_route_output_flags+0x579/0x5e0 [ 380.673344] ip6_dst_lookup_tail+0x119f/0x1d10 [ 380.678010] ? ima_match_policy+0xf8/0x22f0 [ 380.682406] ? ima_get_action+0x14b/0x160 [ 380.686646] ? __msan_poison_alloca+0x1e0/0x2b0 [ 380.691427] ? ip6_dst_lookup_flow+0x75/0x290 [ 380.696020] ? tcp_v6_connect+0x12d0/0x2ab0 [ 380.700418] ip6_dst_lookup_flow+0x102/0x290 [ 380.704906] tcp_v6_connect+0x12d0/0x2ab0 [ 380.709186] ? __msan_poison_alloca+0x1e0/0x2b0 [ 380.713940] ? tcp_v6_pre_connect+0x1e0/0x1e0 [ 380.718561] __inet_stream_connect+0x3f1/0x15d0 [ 380.723363] tcp_sendmsg_locked+0x6655/0x6c30 [ 380.727957] ? kmsan_set_origin+0x83/0x130 [ 380.732309] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 380.737770] ? aa_label_sk_perm+0x8e9/0x960 [ 380.742188] ? __msan_poison_alloca+0x1e0/0x2b0 [ 380.746942] ? __local_bh_enable_ip+0x46/0x260 [ 380.751612] ? __msan_warning+0xb0/0xd0 [ 380.755719] ? __msan_poison_alloca+0x1e0/0x2b0 [ 380.760468] tcp_sendmsg+0xb2/0x100 [ 380.764184] ? tcp_sendmsg_locked+0x6c30/0x6c30 [ 380.768915] inet_sendmsg+0x4e9/0x800 [ 380.772823] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 380.778259] ? security_socket_sendmsg+0x1bd/0x200 [ 380.783818] ? inet_getname+0x490/0x490 [ 380.787868] __sys_sendto+0x97b/0xb80 [ 380.791800] ? syscall_return_slowpath+0x123/0x8c0 [ 380.796922] __se_sys_sendto+0x107/0x130 [ 380.801085] __x64_sys_sendto+0x6e/0x90 [ 380.805124] do_syscall_64+0xcf/0x110 [ 380.809005] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 380.814250] RIP: 0033:0x457569 [ 380.817507] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 380.836494] RSP: 002b:00007f9f4ce76c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 380.844311] RAX: ffffffffffffffda RBX: 00007f9f4ce76c90 RCX: 0000000000457569 [ 380.851638] RDX: 000000000000d14b RSI: 0000000020000100 RDI: 0000000000000003 [ 380.858969] RBP: 000000000072bf00 R08: 0000000020b63fe4 R09: 000000000000001c [ 380.866384] R10: 0000000020000004 R11: 0000000000000246 R12: 00007f9f4ce776d4 [ 380.873716] R13: 00000000004c3c1d R14: 00000000004d5e98 R15: 0000000000000005 19:12:59 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0xd, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x2, 0x808c0) setsockopt$bt_BT_VOICE(r3, 0x112, 0xb, &(0x7f0000000040)=0x2f0, 0x2) sendto$inet6(r2, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) fcntl$F_GET_RW_HINT(r2, 0x40b, &(0x7f0000000100)) 19:13:00 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x428100, 0x2) epoll_pwait(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000080), 0x8) accept4$packet(r0, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000000c0)=0x14, 0x80000) lstat(&(0x7f0000000140)='./file1\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0}) setsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000240)={{{@in=@local, @in, 0x4e24, 0x4, 0x4e21, 0x1a9, 0x2, 0xa0, 0xa0, 0x2b, r1, r2}, {0x80, 0x9, 0x200, 0x4, 0x5, 0x7, 0x80, 0x3}, {0x9, 0x6ca6, 0xfff, 0x5}, 0x8, 0x6e6bb5, 0x2, 0x1, 0x1, 0x3}, {{@in6=@mcast1, 0x4d3, 0x2b}, 0xa, @in6=@ipv4={[], [], @multicast2}, 0x3503, 0x0, 0x3, 0x100, 0x10001, 0x5, 0x4}}, 0xe8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000540), 0xffffffffffffffff) r3 = syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0xb8d3, 0x1) fcntl$getown(r0, 0x9) ioctl$FS_IOC_FSGETXATTR(r3, 0xc0185500, &(0x7f0000000100)={0xa3}) 19:13:00 executing program 2 (fault-call:1 fault-nth:2): r0 = socket(0x400020000000010, 0x2, 0x0) write(r0, &(0x7f00000000c0)="1f00000056000d6dfcffff05bc0203030701ff2104173f8100000002030039", 0x1f) [ 380.925822] binder: 10730:10733 ioctl 40046205 0 returned -22 [ 380.968100] binder: 10730:10737 ioctl 40046205 0 returned -22 [ 381.168257] FAULT_INJECTION: forcing a failure. [ 381.168257] name failslab, interval 1, probability 0, space 0, times 0 [ 381.179909] CPU: 0 PID: 10745 Comm: syz-executor2 Not tainted 4.19.0+ #83 [ 381.186906] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 381.196320] Call Trace: [ 381.198985] dump_stack+0x32d/0x480 [ 381.202708] should_fail+0x11e5/0x13c0 [ 381.206687] __should_failslab+0x278/0x2a0 [ 381.210997] should_failslab+0x29/0x70 [ 381.213939] vhci_hcd: invalid port number 0 [ 381.214959] kmem_cache_alloc_node+0x164/0xec0 [ 381.223914] ? __alloc_skb+0x32e/0xeb0 [ 381.227950] __alloc_skb+0x32e/0xeb0 [ 381.231754] netlink_dump+0x47d/0x1750 [ 381.233399] vhci_hcd: invalid port number 0 [ 381.235712] ? __msan_get_context_state+0x9/0x30 [ 381.244843] ? INIT_S64+0xd/0x30 [ 381.248281] ? mutex_unlock+0x21c/0x300 [ 381.252363] __netlink_dump_start+0x100b/0x1110 [ 381.257160] rtnetlink_rcv_msg+0x141b/0x1540 [ 381.261650] ? br_mdb_init+0x110/0x110 [ 381.265606] ? br_mdb_init+0x110/0x110 [ 381.269631] ? poison_store+0x230/0x410 [ 381.273713] ? should_fail+0x162/0x13c0 [ 381.277807] ? kmsan_set_origin+0x83/0x130 [ 381.282153] netlink_rcv_skb+0x394/0x640 [ 381.286313] ? rtnetlink_bind+0x120/0x120 [ 381.290567] rtnetlink_rcv+0x50/0x60 [ 381.294348] netlink_unicast+0x1699/0x1740 [ 381.298692] ? rtnetlink_net_exit+0x90/0x90 [ 381.303124] netlink_sendmsg+0x13c7/0x1440 [ 381.307483] ? netlink_getsockopt+0x16b0/0x16b0 [ 381.312262] sock_write_iter+0x404/0x4e0 [ 381.316438] ? sock_read_iter+0x4e0/0x4e0 [ 381.320698] __vfs_write+0x882/0xb80 [ 381.324499] vfs_write+0x4a3/0x8f0 [ 381.328143] __se_sys_write+0x17a/0x370 [ 381.332218] __x64_sys_write+0x4a/0x70 [ 381.336167] do_syscall_64+0xcf/0x110 [ 381.340039] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 381.345286] RIP: 0033:0x457569 [ 381.348559] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 381.367545] RSP: 002b:00007f9b1a5e0c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 381.375334] RAX: ffffffffffffffda RBX: 00007f9b1a5e0c90 RCX: 0000000000457569 [ 381.382666] RDX: 000000000000001f RSI: 00000000200000c0 RDI: 0000000000000003 [ 381.389992] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 381.397320] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f9b1a5e16d4 [ 381.404646] R13: 00000000004c2af4 R14: 00000000004d8cb8 R15: 0000000000000004 19:13:00 executing program 3 (fault-call:3 fault-nth:1): r0 = gettid() unshare(0x28020400) exit(0x0) syz_open_procfs$namespace(r0, &(0x7f0000000000)='ns/pid_for_children\x00') 19:13:00 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) tee(r1, r0, 0x8, 0xb) ioctl(r1, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) setsockopt$inet6_group_source_req(r1, 0x29, 0x2f, &(0x7f0000000080)={0x3, {{0xa, 0x4e23, 0x3, @empty, 0x1}}, {{0xa, 0x4e20, 0x0, @empty, 0x7}}}, 0x108) sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) 19:13:00 executing program 0: r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$BINDER_THREAD_EXIT(r0, 0x40046205, 0x0) 19:13:00 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) ioctl$FIBMAP(r0, 0x1, &(0x7f00000000c0)=0x120000000) epoll_pwait(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000080), 0x8) clone(0xe050200, 0x0, 0xfffffffffffffffe, &(0x7f0000000280), 0xffffffffffffffff) ioctl$EVIOCGMTSLOTS(r0, 0x8040450a, &(0x7f0000000040)=""/19) r1 = syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0xb8d3, 0x1) lsetxattr(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=@random={'os2.', '/dev/bus/usb/00#/00#\x00'}, &(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x15, 0x2) ioctl$FS_IOC_FSGETXATTR(r1, 0xc0185500, &(0x7f0000000100)={0xff8, 0x2007}) [ 381.657347] vhci_hcd: default hub control req: f80f v0000 i0007 l0 [ 381.706555] binder: 10756:10763 ioctl 40046205 0 returned -22 [ 381.719499] FAULT_INJECTION: forcing a failure. [ 381.719499] name failslab, interval 1, probability 0, space 0, times 0 [ 381.731095] CPU: 0 PID: 10764 Comm: syz-executor3 Not tainted 4.19.0+ #83 [ 381.738087] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 381.747494] Call Trace: [ 381.750213] dump_stack+0x32d/0x480 [ 381.753932] should_fail+0x11e5/0x13c0 [ 381.758030] __should_failslab+0x278/0x2a0 [ 381.762345] should_failslab+0x29/0x70 [ 381.766305] kmem_cache_alloc+0x146/0xe20 [ 381.770557] ? __alloc_file+0xd2/0x7b0 [ 381.774577] ? __msan_poison_alloca+0x1e0/0x2b0 [ 381.779369] __alloc_file+0xd2/0x7b0 [ 381.783202] alloc_empty_file+0x1f5/0x4b0 [ 381.787442] path_openat+0x21c/0x7450 [ 381.791319] ? __msan_poison_alloca+0x1e0/0x2b0 [ 381.796064] ? __should_failslab+0x278/0x2a0 [ 381.800576] ? __msan_poison_alloca+0x1e0/0x2b0 [ 381.805340] ? expand_files+0x79/0xdb0 [ 381.809334] ? __msan_poison_alloca+0x1e0/0x2b0 [ 381.814107] ? do_filp_open+0x84/0x720 [ 381.818071] ? do_sys_open+0x63d/0x960 [ 381.822040] do_filp_open+0x2c9/0x720 [ 381.825934] do_sys_open+0x63d/0x960 [ 381.829750] __se_sys_open+0xad/0xc0 [ 381.833573] __x64_sys_open+0x4a/0x70 [ 381.837436] do_syscall_64+0xcf/0x110 [ 381.841308] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 381.846576] RIP: 0033:0x4111a1 [ 381.849838] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 8a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 d3 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 381.868805] RSP: 002b:00007f80eba87bb0 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 381.876612] RAX: ffffffffffffffda RBX: 00007f80eba87c90 RCX: 00000000004111a1 [ 381.883945] RDX: 0000000000403a65 RSI: 0000000000000002 RDI: 00007f80eba87bd0 [ 381.891270] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000027 [ 381.898606] R10: 0000000000000013 R11: 0000000000000293 R12: 00007f80eba886d4 19:13:00 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r2, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r3 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0xa9, 0x200) ioctl$TUNSETTXFILTER(r3, 0x400454d1, &(0x7f0000000040)=ANY=[@ANYBLOB="00000200aaaac1c264aaaaaaaaaaaaaa"]) r4 = accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r4, 0x84, 0x7b, &(0x7f0000000100)={0x0, 0x7f}, &(0x7f0000000140)=0x8) setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r4, 0x84, 0x71, &(0x7f0000000180)={r5, 0x3}, 0x8) 19:13:00 executing program 0: r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$BINDER_THREAD_EXIT(r0, 0x40046205, 0x0) r2 = add_key(&(0x7f0000000000)='id_resolver\x00', &(0x7f0000000040)={'syz', 0x1}, &(0x7f0000000080)="3d2fe8cba18d22da92ea83501e53f0bf75fe84eb9795fb43c2b748dc56327513243791aab843f9d341c87947fa177bd431899632dd6151fb", 0x38, 0xfffffffffffffffc) r3 = add_key(&(0x7f00000000c0)='ceph\x00', &(0x7f0000000140)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffb) keyctl$negate(0xd, r2, 0x7, r3) 19:13:01 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) epoll_pwait(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000080), 0x8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000540), 0xffffffffffffffff) r1 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x1b8d3, 0x9) ioctl$DRM_IOCTL_AGP_ALLOC(r1, 0xc0206434, &(0x7f0000000040)={0x9, 0x0, 0xe5e683ace84781a5, 0x7954}) ioctl$DRM_IOCTL_SG_FREE(r0, 0x40106439, &(0x7f0000000140)={0x100000001, r2}) ioctl$FS_IOC_FSGETXATTR(r1, 0xc0185500, &(0x7f0000000100)={0xa3}) [ 381.905936] R13: 00000000004c51bc R14: 00000000004d89d0 R15: 0000000000000003 19:13:01 executing program 2 (fault-call:1 fault-nth:3): r0 = socket(0x400020000000010, 0x2, 0x0) write(r0, &(0x7f00000000c0)="1f00000056000d6dfcffff05bc0203030701ff2104173f8100000002030039", 0x1f) [ 382.084028] binder: 10772:10773 ioctl 40046205 0 returned -22 [ 382.289874] FAULT_INJECTION: forcing a failure. [ 382.289874] name failslab, interval 1, probability 0, space 0, times 0 [ 382.301686] CPU: 1 PID: 10783 Comm: syz-executor2 Not tainted 4.19.0+ #83 [ 382.308678] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 382.318177] Call Trace: [ 382.320840] dump_stack+0x32d/0x480 [ 382.324573] should_fail+0x11e5/0x13c0 [ 382.328568] __should_failslab+0x278/0x2a0 [ 382.332881] should_failslab+0x29/0x70 [ 382.336837] __kmalloc_node_track_caller+0x279/0x14e0 [ 382.342105] ? __msan_get_context_state+0x9/0x30 [ 382.346926] ? INIT_INT+0xc/0x30 [ 382.350359] ? kmem_cache_alloc_node+0x27b/0xec0 [ 382.355182] ? netlink_dump+0x47d/0x1750 [ 382.359343] ? netlink_dump+0x47d/0x1750 [ 382.363509] __alloc_skb+0x42b/0xeb0 [ 382.367323] netlink_dump+0x47d/0x1750 [ 382.371287] ? __msan_get_context_state+0x9/0x30 [ 382.376112] ? INIT_S64+0xd/0x30 [ 382.379562] ? mutex_unlock+0x21c/0x300 [ 382.383660] __netlink_dump_start+0x100b/0x1110 [ 382.388463] rtnetlink_rcv_msg+0x141b/0x1540 [ 382.392973] ? br_mdb_init+0x110/0x110 [ 382.396933] ? br_mdb_init+0x110/0x110 [ 382.400929] ? poison_store+0x230/0x410 [ 382.405011] ? should_fail+0x162/0x13c0 [ 382.409115] ? kmsan_set_origin+0x83/0x130 [ 382.413454] netlink_rcv_skb+0x394/0x640 [ 382.417632] ? rtnetlink_bind+0x120/0x120 [ 382.421959] rtnetlink_rcv+0x50/0x60 [ 382.425745] netlink_unicast+0x1699/0x1740 [ 382.430073] ? rtnetlink_net_exit+0x90/0x90 [ 382.434503] netlink_sendmsg+0x13c7/0x1440 19:13:01 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) epoll_pwait(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000080), 0x8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff) r0 = syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0xb8d3, 0x1) ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0xa3}) 19:13:01 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f00000002c0)={@in6={{0xa, 0x4e22, 0x9, @empty, 0x5}}, 0xe0b3, 0x2, 0x0, "06c8bea26a25855bacd4008cf20d5a049400483e66844ec7d9eed5085372fad65dece4c7517a7a2092835f9048ab4bd9c788f0e58ccf8156bb770e9ce5d4c2771eef3e3c28f3202176eb59a097d7d1a3"}, 0xd8) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f00000004c0)={@in6={{0xa, 0x4e21, 0xfff, @loopback}}, 0x9, 0x31, 0x105, "ecb5b9ff750bfccb33045c605bcd40db702c64cdbe7c284df4953b1a3f9d7f661c0d1b4f62e092f3fa7c0f99f38d8a0e762f63977fa04a64f12fe0294fd9519ab2765d1cabb9fe70a98eddbf39a9ef0a"}, 0xd8) r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000200)={0xffffffffffffffff}, 0x106, 0x3}}, 0x20) write$RDMA_USER_CM_CMD_JOIN_IP_MCAST(r2, &(0x7f0000000280)={0x10, 0x30, 0xfa00, {&(0x7f0000000040), 0x0, {0xa, 0x4e23, 0x6, @ipv4={[], [], @multicast1}, 0x1}, r3}}, 0x38) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000080)='cubic\x00', 0x6) sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) 19:13:01 executing program 0: r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x0, 0x0) ioctl$DRM_IOCTL_GET_UNIQUE(r3, 0xc0106401, &(0x7f0000000080)={0x8f, &(0x7f00000001c0)=""/143}) ioctl$BINDER_THREAD_EXIT(r0, 0x40046205, 0x0) ioctl$sock_SIOCINQ(r1, 0x541b, &(0x7f0000000000)) [ 382.438889] ? netlink_getsockopt+0x16b0/0x16b0 [ 382.443655] sock_write_iter+0x404/0x4e0 [ 382.447830] ? sock_read_iter+0x4e0/0x4e0 [ 382.452064] __vfs_write+0x882/0xb80 [ 382.455868] vfs_write+0x4a3/0x8f0 [ 382.459495] __se_sys_write+0x17a/0x370 [ 382.463624] __x64_sys_write+0x4a/0x70 [ 382.467606] do_syscall_64+0xcf/0x110 [ 382.471484] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 382.476755] RIP: 0033:0x457569 19:13:01 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r2, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet6_MCAST_LEAVE_GROUP(r0, 0x29, 0x2d, &(0x7f0000000100)={0x1, {{0xa, 0x4e22, 0x0, @mcast1, 0x403}}}, 0x88) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) [ 382.480012] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 382.499070] RSP: 002b:00007f9b1a5e0c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 382.506876] RAX: ffffffffffffffda RBX: 00007f9b1a5e0c90 RCX: 0000000000457569 [ 382.514212] RDX: 000000000000001f RSI: 00000000200000c0 RDI: 0000000000000003 [ 382.521572] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 382.528911] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f9b1a5e16d4 [ 382.536243] R13: 00000000004c2af4 R14: 00000000004d8cb8 R15: 0000000000000004 [ 382.634340] vhci_hcd: invalid port number 0 [ 382.672673] binder: 10788:10792 ioctl 40046205 0 returned -22 19:13:02 executing program 3 (fault-call:3 fault-nth:2): r0 = gettid() unshare(0x28020400) exit(0x0) syz_open_procfs$namespace(r0, &(0x7f0000000000)='ns/pid_for_children\x00') 19:13:02 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) epoll_pwait(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000080), 0x8) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r0, 0x4010ae68, &(0x7f0000000040)={0x2, 0x6000}) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000002c0), 0xffffffffffffffff) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000001c0)={0x0, @in6={{0xa, 0x4e22, 0x9, @local, 0x7ec}}}, &(0x7f00000000c0)=0x84) setsockopt$inet_sctp_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000140)=@assoc_value={r1, 0x2}, 0x8) r2 = syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0xb8d3, 0x1) ioctl$FS_IOC_FSGETXATTR(r2, 0xc0185500, &(0x7f0000000100)={0x7, 0x40000000000, 0x0, 0x0, 0x2000000}) mknodat(r0, &(0x7f0000000280)='./file0\x00', 0x40, 0x9) 19:13:02 executing program 0: r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='cgroup.events\x00', 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r1, 0x4010aeab, &(0x7f0000000080)={0xffffffff, 0x4}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000100)=[{0x8, 0x2}, {0x4, 0x8}], 0x2) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$BINDER_THREAD_EXIT(r0, 0x40046205, 0x0) socketpair$inet_udp(0x2, 0x2, 0x0, &(0x7f00000000c0)) 19:13:02 executing program 1: socketpair$inet6(0xa, 0x6, 0x800, &(0x7f0000000340)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_SIOCBRADDBR(r0, 0x89a0, &(0x7f0000000300)='gretap0\x00') bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x2, 0x0) ioctl$KVM_XEN_HVM_CONFIG(r2, 0x4038ae7a, &(0x7f0000000180)={0x20, 0x9bb, &(0x7f0000000080)="3fde467acc27a80d49a3a0045b1f3da39062a88250959a3b81bcae530cc086112a19e5a2c26652031e4f7cb6230cb543e28825e2b259a3a5b1996426fb375e612fae0a3a9077ee1468b1d9d9a13778b8615ce64666a575f704e5c7e020622fc11ba0116275bea6e8a7bab4e0cc1ea9a3a030130a62d299f1a8b036a0589265bb6a0302e5db2abcad80d610b89f93d55b88e6e6b9166e1ae5f9512a6eb18550e0acf328a6688b4e5f7483af3efc4205b78bb2aeec206d237b439f11b44deed1a7110ac021c17e0e517df13e4bfbd844558ce0a37adc7a216d2004315f0b7c5017fd6a9f23cb18b616032b8f25c6ebbb60816d47ecf5f0ec3203333a764e035c", &(0x7f0000000200)="e7b938f6d513f15c972c498097005f9bac87563d540cdb0720c9524fb478bed00028e86ca3b68ae39c4146063d95aa1da770b03996b59b9df0c61b143c956c3162767d64d001c25c536297a4c63b216858f945dfecc332adea69f067e2c5a54b02b2199b1d2ca5393a0ffd0fb18aec60f7bd474fd413ccbf4796dc46653b56c3168244d9078dc3a8447d4e5b2f5924983078b1c0e0a77ca9644c332b77eddc85fd3c3707f3adb13f7192b308708418da27f0fdc68927e7782eff61e0cb5c4944c5869a10e588f1a8caa933a7edf447751089e064e834d6d89d134b88cb52af9075a4c31be1a6bbe8de1f3513cfc212d3c78c08936a309024be1285", 0xff, 0xfb}) ioctl(r1, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) 19:13:02 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) socket$inet6(0xa, 0xa, 0x1ff) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r2, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r3 = accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) getsockopt$inet6_opts(r3, 0x29, 0x3f, &(0x7f0000000000)=""/63, &(0x7f0000000040)=0x3f) 19:13:02 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) epoll_pwait(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000080), 0xffffffffffffff38) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000540), 0xffffffffffffffff) r0 = syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0xb8d3, 0x1) ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0xa3}) [ 383.113980] vhci_hcd: default hub control req: 0700 v0000 i0000 l0 [ 383.123384] binder: 10808:10812 ioctl 40046205 0 returned -22 19:13:02 executing program 2 (fault-call:1 fault-nth:4): r0 = socket(0x400020000000010, 0x2, 0x0) write(r0, &(0x7f00000000c0)="1f00000056000d6dfcffff05bc0203030701ff2104173f8100000002030039", 0x1f) [ 383.240438] FAULT_INJECTION: forcing a failure. [ 383.240438] name failslab, interval 1, probability 0, space 0, times 0 [ 383.252220] CPU: 1 PID: 10823 Comm: syz-executor3 Not tainted 4.19.0+ #83 [ 383.259216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 383.268633] Call Trace: [ 383.271309] dump_stack+0x32d/0x480 [ 383.275035] should_fail+0x11e5/0x13c0 [ 383.279024] __should_failslab+0x278/0x2a0 [ 383.283389] should_failslab+0x29/0x70 [ 383.287354] __kmalloc+0xcf/0x4d0 [ 383.290881] ? apparmor_file_alloc_security+0x240/0x700 [ 383.296323] apparmor_file_alloc_security+0x240/0x700 [ 383.301634] ? apparmor_file_permission+0x4d0/0x4d0 [ 383.306755] security_file_alloc+0xcf/0x1a0 [ 383.311181] __alloc_file+0x22b/0x7b0 [ 383.315070] alloc_empty_file+0x1f5/0x4b0 [ 383.319301] path_openat+0x21c/0x7450 [ 383.323183] ? __msan_poison_alloca+0x1e0/0x2b0 [ 383.327922] ? __should_failslab+0x278/0x2a0 [ 383.332409] ? __msan_poison_alloca+0x1e0/0x2b0 [ 383.337177] ? expand_files+0x79/0xdb0 [ 383.341174] ? __msan_poison_alloca+0x1e0/0x2b0 [ 383.345948] ? do_filp_open+0x84/0x720 [ 383.349918] ? do_sys_open+0x63d/0x960 [ 383.353881] do_filp_open+0x2c9/0x720 [ 383.357805] do_sys_open+0x63d/0x960 [ 383.361641] __se_sys_open+0xad/0xc0 [ 383.365448] __x64_sys_open+0x4a/0x70 [ 383.369323] do_syscall_64+0xcf/0x110 [ 383.373210] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 383.378459] RIP: 0033:0x4111a1 [ 383.381737] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 8a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 d3 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 383.400710] RSP: 002b:00007f80eba87bb0 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 383.408548] RAX: ffffffffffffffda RBX: 00007f80eba87c90 RCX: 00000000004111a1 [ 383.415884] RDX: 0000000000403a65 RSI: 0000000000000002 RDI: 00007f80eba87bd0 [ 383.423219] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000027 [ 383.430572] R10: 0000000000000013 R11: 0000000000000293 R12: 00007f80eba886d4 [ 383.437901] R13: 00000000004c51bc R14: 00000000004d89d0 R15: 0000000000000003 19:13:02 executing program 0: getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f00000001c0)={{{@in6=@dev, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@remote}, 0x0, @in6=@mcast1}}, &(0x7f0000000080)=0xe8) getgroups(0x1, &(0x7f00000000c0)=[0xee01]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)) r2 = eventfd2(0x5, 0x80000) r3 = openat$null(0xffffffffffffff9c, &(0x7f0000000140)='/dev/null\x00', 0x80, 0x0) tee(r2, r3, 0x7, 0xd) chown(&(0x7f0000000040)='./file0\x00', r0, r1) r4 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)) r5 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x5, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$BINDER_THREAD_EXIT(r4, 0x40046205, 0x0) 19:13:02 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KDGKBTYPE(r0, 0x4b33, &(0x7f0000000200)) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x4e23}, 0x1c) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = syz_open_dev$audion(&(0x7f0000000140)='/dev/audio#\x00', 0x0, 0x2000) ioctl$VIDIOC_G_STD(r2, 0x80085617, &(0x7f0000000180)) ioctl(r1, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) r3 = syz_open_dev$vcsn(0xfffffffffffffffe, 0x101, 0x101000) r4 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhci\x00', 0x640, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffff9c, 0x0, 0x6, &(0x7f0000000080)='dctcp\x00'}, 0x30) mq_notify(r4, &(0x7f0000000100)={0x0, 0xd, 0x0, @tid=r5}) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r4, 0x84, 0x6, &(0x7f0000000280)={0x0, @in6={{0xa, 0x4e22, 0x7, @mcast1, 0x8}}}, &(0x7f0000000340)=0x84) getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r3, 0x84, 0x22, &(0x7f0000000380)={0x3, 0x8, 0x7ff, 0x54, 0x0}, &(0x7f00000003c0)=0x10) getsockopt$inet_sctp6_SCTP_STATUS(r4, 0x84, 0xe, &(0x7f0000000400)={r6, 0x1, 0xeced, 0x400, 0x8, 0x9, 0xaa, 0x100, {r7, @in={{0x2, 0x4e24}}, 0x4, 0x5, 0xffffffffffffff81, 0x2, 0xa}}, &(0x7f00000004c0)=0xb0) sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) openat$vsock(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vsock\x00', 0x8000, 0x0) [ 383.599976] vhci_hcd: invalid port number 0 19:13:02 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) fchdir(r0) r1 = socket(0x400020000000010, 0x2, 0x0) write(r1, &(0x7f00000000c0)="1f00000056000d6dfcffff05bc0203030701ff2104173f8100000002030039", 0x1f) 19:13:02 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) epoll_pwait(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000080), 0x8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000540), 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_DELDEST(r0, 0x0, 0x488, &(0x7f00000001c0)={{0x6c, @rand_addr=0x2fb7, 0x4e20, 0x0, 'dh\x00', 0x0, 0x2, 0x4}, {@loopback, 0x4e21, 0x0, 0x2, 0x3, 0xff}}, 0x44) r1 = syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0xb8d3, 0x1) ioctl$FS_IOC_FSGETXATTR(r1, 0xc0185500, &(0x7f0000000100)={0xa3}) [ 383.628427] vhci_hcd: invalid port number 0 19:13:02 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23, 0xfffffffffffffffd, @loopback, 0xfffffffffffffffe}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r2, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) [ 383.724301] binder: 10833:10837 ioctl 40046205 0 returned -22 [ 383.869750] vhci_hcd: invalid port number 0 19:13:03 executing program 3 (fault-call:3 fault-nth:3): r0 = gettid() unshare(0x28020400) exit(0x0) syz_open_procfs$namespace(r0, &(0x7f0000000000)='ns/pid_for_children\x00') 19:13:03 executing program 2: r0 = socket(0x400020000000010, 0x2, 0x0) sendmsg$nl_generic(r0, &(0x7f00000003c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x90080000}, 0xc, &(0x7f0000000040)={&(0x7f0000000440)={0x16d, 0x3, 0x8, 0x70bd2c, 0x25dfdbff, {0x12}, [@typed={0x44, 0x47, @binary="6ab5d5056161c605f2f7bb62e4c6eb95333dac57dd9f527fb66626f8951256896c2f6ee0785c1da2170e64f98473255eafddb0c4a2f6133b6cfc5d52e1c1327e"}, @typed={0x8, 0x32, @ipv4=@multicast1}, @nested={0x24c, 0x35, [@generic="e6c9e730287891e7243e452579c701c4d1586eecd5397f8336bc5c055f299047b9a8a42ffaefccb7a9c5bba1725d8a04a02f59444caeed715c85b2b370cba4884e18ae072e9da86d841dda83cc712e2bbe4983ea00466cd707cd27e8d1a5cb1f0dc8d08f8516a1204004c869f8e8bd25eb44a17e076c0cdcb5dee1e12ce0983c63f5364e9cd54edb9ff2cfdeb09f3ac2a58021501b666f42a9a72c22e972d8ffc09717744ad0e2c2ce198554de94446e723ee2cd14174108f588f4de5f92e82ff6cd8e5de81c71e73e59b968d5fbf8fe9003b955e96a887274032e5af5", @generic="002e66e8a85d74c446ed8e75c5a1bc02922a37c80492ad819bbf310f7c9c2a7241d3fb912b01b7416da84ae7bc6946aa3fbb0a723ea1639e23560c5b0158c29470ef61ae6dcbe45635224a251cf1d46bbddca3233808501ba118104db69a712dd86821d5ba5e4bcd1df0becb3bf9991f7e2afe4874b57e6b1449e4cbd9188d8fb1230868b3facce1f1fd76591a6c14c72354029f46711f7b8340582a20a8305cec26acfc94a02cceb9689bfffb9b8f3e734f8bbaf4f5d7c9d5be45f249dcbc0256027ba911f92be115e90d09bbddd5d839ee85dce343d5ad1da2", @generic="ed3ab8c3413f4329f2db2dbf9e337ad0bc21995fc483dcd583763245c98413b1d7bcc3be404fbe5071b8a1698e5a19acebaf005f4b986ebe6205b3d2a6060bc7e607aacc196aa27dd9970ee361c5230737fe0e392d692fcfd85894e1bf27004ee262dbbd964477a2ac81dcfa40f9246966524607964d118b1d8f874d495eb6217a43b52cef5b9a67ba83aa916039fa82"]}, @typed={0x4, 0x93}, @typed={0x8, 0x23, @ipv4=@multicast2}, @typed={0x8, 0x51, @u32=0x10000}]}, 0x2c0}, 0x1, 0x0, 0x0, 0x40}, 0x8000) write(r0, &(0x7f00000000c0)="1f00000056000d6dfcffff05bc0203030701ff2104173f8100000002030039", 0x1f) 19:13:03 executing program 0: r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$sock_inet_SIOCGIFDSTADDR(r1, 0x8917, &(0x7f0000000000)={'nr0\x00', {0x2, 0x4e22}}) ioctl$BINDER_THREAD_EXIT(r0, 0x40046205, 0x0) 19:13:03 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) epoll_pwait(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000080), 0x8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000540), 0xffffffffffffffff) getpeername$packet(r0, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f00000000c0)=0x14) getsockopt$IP6T_SO_GET_REVISION_MATCH(r0, 0x29, 0x44, &(0x7f00000001c0)={'NETMAP\x00'}, &(0x7f0000000200)=0x1e) ioctl$SG_SCSI_RESET(r0, 0x2284, 0x0) connect$packet(r0, &(0x7f0000000140)={0x11, 0xf7, r1, 0x1, 0x80, 0x6, @broadcast}, 0x14) r2 = syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0xb8d3, 0x1) ioctl$FS_IOC_FSGETXATTR(r2, 0xc0185500, &(0x7f0000000100)={0xa3}) 19:13:03 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) r2 = socket$inet6_sctp(0xa, 0x0, 0x84) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(0xffffffffffffff9c, 0x84, 0x76, &(0x7f0000000000)={0x0, 0xfff}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp6_SCTP_CONTEXT(r2, 0x84, 0x11, &(0x7f00000000c0)={r3, 0x3}, &(0x7f0000000100)=0x8) 19:13:03 executing program 4: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000040)={0x2b, @multicast2, 0x4e21, 0x0, 'sed\x00', 0x2, 0xff, 0x3}, 0x2c) r1 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r1, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r1, 0x5) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r2, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) getsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r2, 0x84, 0x7, &(0x7f0000000100), &(0x7f0000000140)=0x4) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r3, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r1, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) [ 384.361806] vhci_hcd: invalid port number 0 [ 384.367126] binder: 10863:10865 ioctl 40046205 0 returned -22 19:13:03 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) epoll_pwait(0xffffffffffffffff, &(0x7f0000000140), 0x0, 0x0, &(0x7f0000000080), 0x7) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000540), 0xffffffffffffffff) r1 = syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0x80, 0x1) ioctl$FS_IOC_FSGETXATTR(r1, 0xc0185500, &(0x7f0000000100)={0xa3}) getsockopt$inet_sctp_SCTP_STATUS(r0, 0x84, 0xe, &(0x7f00000001c0)={0x0, 0x2, 0x7, 0x90ca, 0xffffffff, 0x3a48, 0x4, 0x9, {0x0, @in6={{0xa, 0x4e24, 0x401, @dev={0xfe, 0x80, [], 0x13}, 0x40}}, 0xf81, 0x6, 0x9, 0x6d5fd198}}, &(0x7f0000000040)=0xb0) setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f00000000c0)=@sack_info={r2, 0x80, 0xfffffffffffff5b9}, 0xc) 19:13:03 executing program 2: socket(0x400020000000010, 0x2, 0x0) r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x1, 0x0) ioctl$KVM_KVMCLOCK_CTRL(r0, 0xaead) write(r0, &(0x7f0000000240)="1f0000b2245f151356000d6dfc390001003ea025d4cc58fae59f0b547ae8aee67eb9bfe28d97d84024b6ef67f5dcc78b524b40bf97ed9b2358dd7dd6df64b85f2c143c27fdfc47e000000000001ba74e3a9552459bc0f56de23dc0163cf3d898c724a4bff9b7a570b6556f4c4d49ce7da98789b426e7721fc7571672aa13eabc05df2ec9e2528c9865fad88538ad1b2557f74e2f791237580564bfa208546acb6fd70877a5cb7b1bc1302596ec4cc44d1f37a3a9c47b1201e6560a102ce13ba9ff4ca96154e7dc0587faa7a07afbeaa66dd41a51071589ed35d46a07f1116eedef65bf8aa26450a0c94b579f6c21615d245e1d53a325134d42760d7b8ad3d9c418bc27f2107095eda12bca5210e1d788c7b95fa461d6c272056072aed9d4b80a9f322f343b9f9acc88843b4248da916ea19e0ddc3c5874b3b47c7ce7860a5f8849ef4a063639c423207f2fe777ed95bbaff6314b7626932a3305c3c043db1fd7099c77e29a5a5a9b390ed6fd849e", 0xffffffffffffff11) [ 384.586053] FAULT_INJECTION: forcing a failure. [ 384.586053] name failslab, interval 1, probability 0, space 0, times 0 [ 384.597691] CPU: 1 PID: 10867 Comm: syz-executor3 Not tainted 4.19.0+ #83 [ 384.604698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 384.614121] Call Trace: [ 384.616804] dump_stack+0x32d/0x480 [ 384.620549] should_fail+0x11e5/0x13c0 [ 384.624574] __should_failslab+0x278/0x2a0 [ 384.628914] should_failslab+0x29/0x70 [ 384.632907] __kmalloc+0xcf/0x4d0 [ 384.636470] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 384.641924] ? __task_pid_nr_ns+0x3e7/0x430 [ 384.646321] ? proc_self_get_link+0x171/0x360 [ 384.650933] proc_self_get_link+0x171/0x360 [ 384.655368] ? proc_setup_self+0x660/0x660 [ 384.659679] link_path_walk+0x1361/0x21a0 [ 384.663931] ? proc_setup_self+0x660/0x660 [ 384.668263] path_openat+0x3b7/0x7450 [ 384.672136] ? __msan_poison_alloca+0x1e0/0x2b0 [ 384.676882] ? __should_failslab+0x278/0x2a0 [ 384.681392] ? __msan_poison_alloca+0x1e0/0x2b0 [ 384.686154] ? expand_files+0x79/0xdb0 [ 384.690170] ? do_filp_open+0x84/0x720 [ 384.694136] ? do_sys_open+0x63d/0x960 [ 384.698102] do_filp_open+0x2c9/0x720 [ 384.702008] do_sys_open+0x63d/0x960 [ 384.705829] __se_sys_open+0xad/0xc0 [ 384.709644] __x64_sys_open+0x4a/0x70 [ 384.713536] do_syscall_64+0xcf/0x110 [ 384.717407] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 384.722657] RIP: 0033:0x4111a1 [ 384.725917] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 8a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 d3 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 384.744948] RSP: 002b:00007f80eba87bb0 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 384.752748] RAX: ffffffffffffffda RBX: 00007f80eba87c90 RCX: 00000000004111a1 [ 384.760081] RDX: 0000000000403a65 RSI: 0000000000000002 RDI: 00007f80eba87bd0 [ 384.767417] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000027 [ 384.774757] R10: 0000000000000013 R11: 0000000000000293 R12: 00007f80eba886d4 19:13:03 executing program 0: r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) socket$inet6_sctp(0xa, 0x5, 0x84) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='memory.current\x00', 0x0, 0x0) ioctl$sock_inet_udp_SIOCOUTQ(r1, 0x5411, &(0x7f0000000040)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$BINDER_THREAD_EXIT(r0, 0x40046205, 0x0) 19:13:03 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) epoll_pwait(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000080), 0x8) ioctl$EVIOCGEFFECTS(r0, 0x80044584, &(0x7f00000001c0)=""/152) clone(0x40000000, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) r1 = syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0xb8d3, 0x1) connect$inet(r1, &(0x7f0000000140)={0x2, 0x4e21}, 0x10) openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-control\x00', 0x103080, 0x0) ioctl$FS_IOC_FSGETXATTR(r1, 0xc0185500, &(0x7f0000000100)={0xa3}) [ 384.782615] R13: 00000000004c51bc R14: 00000000004d89d0 R15: 0000000000000003 [ 384.956878] binder: 10895:10896 ioctl 40046205 0 returned -22 19:13:04 executing program 2: r0 = socket(0x400020000000010, 0x2, 0x0) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x14100, 0x0) ioctl$LOOP_SET_DIRECT_IO(r1, 0x4c08, 0x80000001) write(r0, &(0x7f00000000c0)="1f00000056000d6dfcffff05bc0203030701ff2104173f8100000002030039", 0x1f) [ 385.123752] IPVS: ftp: loaded support on port[0] = 21 19:13:04 executing program 1: r0 = syz_open_dev$admmidi(&(0x7f0000000180)='/dev/admmidi#\x00', 0x3, 0x0) ioctl$EVIOCSFF(r0, 0x40304580, &(0x7f0000000200)={0x51, 0x9, 0x7ba, {0xffff}, {0x20, 0x8}, @const={0x8, {0x7f, 0x4, 0x53a0, 0xffff}}}) setsockopt$SO_VM_SOCKETS_BUFFER_MAX_SIZE(r0, 0x28, 0x2, &(0x7f0000000280)=0x59b1, 0x8) pkey_mprotect(&(0x7f0000002000/0x4000)=nil, 0x4000, 0x5, 0xffffffffffffffff) r1 = syz_open_dev$sg(&(0x7f0000001000)='/dev/sg#\x00', 0x0, 0x2) ioctl$SG_NEXT_CMD_LEN(r1, 0x2283, &(0x7f0000000180)=0xcc) write$evdev(r1, &(0x7f0000001fdc)=[{}, {{0x77359400}}], 0x11a) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r2, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r3, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") r4 = openat$audio(0xffffffffffffff9c, &(0x7f0000000100)='/dev/audio\x00', 0x100, 0x0) write$cgroup_subtree(r4, &(0x7f0000000140)={[{0x2f, 'memory'}, {0x2b, 'pids'}, {0x2b, 'rdma'}, {0x2f, 'cpu'}]}, 0x19) setsockopt$inet6_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) socketpair$inet(0x2, 0x2, 0x1ff, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f0000000080)={0x4, [0x0, 0x0, 0x0, 0x0]}, &(0x7f00000000c0)=0x14) sendto$inet6(r2, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r4, 0x84, 0x1, &(0x7f0000000240)={r6, 0xffffffffffff8799, 0xab0, 0x1, 0x363, 0x80}, 0x14) 19:13:04 executing program 3 (fault-call:3 fault-nth:4): r0 = gettid() unshare(0x28020400) exit(0x0) syz_open_procfs$namespace(r0, &(0x7f0000000000)='ns/pid_for_children\x00') 19:13:04 executing program 0: r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cpuacct.stat\x00', 0x0, 0x0) ioctl$KVM_DEASSIGN_DEV_IRQ(r1, 0x4040ae75, &(0x7f0000000040)={0x4, 0x101, 0x0, 0x100}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$BINDER_THREAD_EXIT(r0, 0x40046205, 0x0) [ 385.313706] vhci_hcd: invalid port number 0 19:13:04 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r2 = socket$inet6_sctp(0xa, 0xfffffffffffffffc, 0x84) sendto$inet6(r2, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) [ 385.418175] binder: 10910:10911 ioctl 40046205 0 returned -22 [ 385.437676] FAULT_INJECTION: forcing a failure. [ 385.437676] name failslab, interval 1, probability 0, space 0, times 0 [ 385.449379] CPU: 0 PID: 10912 Comm: syz-executor3 Not tainted 4.19.0+ #83 [ 385.456375] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 385.465784] Call Trace: [ 385.468448] dump_stack+0x32d/0x480 [ 385.472170] should_fail+0x11e5/0x13c0 [ 385.476152] __should_failslab+0x278/0x2a0 [ 385.480466] should_failslab+0x29/0x70 [ 385.484447] kmem_cache_alloc+0x146/0xe20 [ 385.488676] ? __d_alloc+0xcc/0xf90 [ 385.492494] ? __msan_poison_alloca+0x1e0/0x2b0 [ 385.497277] __d_alloc+0xcc/0xf90 [ 385.500813] ? __msan_poison_alloca+0x1e0/0x2b0 [ 385.505605] d_alloc_parallel+0x1ce/0x26e0 [ 385.509954] ? kmsan_get_shadow_origin_ptr+0x142/0x410 [ 385.515360] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 385.520797] ? __d_lookup+0x821/0x960 [ 385.524719] ? __msan_poison_alloca+0x1e0/0x2b0 [ 385.529500] ? __msan_poison_alloca+0x1e0/0x2b0 [ 385.534346] ? __lookup_slow+0x7d/0x760 [ 385.538426] ? walk_component+0x34c/0xba0 [ 385.542650] __lookup_slow+0x18c/0x760 [ 385.546630] walk_component+0x34c/0xba0 [ 385.550697] link_path_walk+0xb6c/0x21a0 [ 385.554873] ? proc_setup_self+0x660/0x660 [ 385.559205] path_openat+0x3b7/0x7450 [ 385.563081] ? __msan_poison_alloca+0x1e0/0x2b0 [ 385.567871] ? __should_failslab+0x278/0x2a0 [ 385.572381] ? __msan_poison_alloca+0x1e0/0x2b0 [ 385.577156] ? expand_files+0x79/0xdb0 [ 385.581182] ? do_filp_open+0x84/0x720 [ 385.585160] ? do_sys_open+0x63d/0x960 [ 385.589128] do_filp_open+0x2c9/0x720 [ 385.593020] ? noop_direct_IO+0x40/0x40 [ 385.597074] do_sys_open+0x63d/0x960 [ 385.600987] __se_sys_open+0xad/0xc0 [ 385.604797] __x64_sys_open+0x4a/0x70 [ 385.608678] do_syscall_64+0xcf/0x110 [ 385.612578] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 385.617831] RIP: 0033:0x4111a1 [ 385.621088] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 8a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 d3 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 385.640058] RSP: 002b:00007f80eba87bb0 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 385.647860] RAX: ffffffffffffffda RBX: 00007f80eba87c90 RCX: 00000000004111a1 [ 385.655196] RDX: 0000000000403a65 RSI: 0000000000000002 RDI: 00007f80eba87bd0 19:13:04 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r2, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) getsockopt$inet_sctp6_SCTP_STATUS(r1, 0x84, 0xe, &(0x7f0000000100)={0x0, 0xdf, 0x3f, 0x401, 0x64124d72, 0x0, 0x5, 0x101, {0x0, @in={{0x2, 0x4e24, @multicast1}}, 0x647, 0x5, 0x9, 0x5, 0x5}}, &(0x7f0000000000)=0xb0) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r0, 0x84, 0x70, &(0x7f00000002c0)={r3, @in6={{0xa, 0x4e22, 0x280000000000, @local, 0x329}}, [0xfffffffffffff800, 0x41b, 0x2, 0x1, 0x6, 0x4, 0x5, 0x6, 0x9, 0x6, 0x7f, 0xffffffffffff8001, 0x7, 0x8, 0x490f]}, &(0x7f0000000040)=0x100) 19:13:04 executing program 2: openat$full(0xffffffffffffff9c, &(0x7f0000000100)='/dev/full\x00', 0xffff, 0x0) r0 = socket(0x400020000000010, 0xa, 0x0) write(r0, &(0x7f00000000c0)="1f00000056000d6dfcffff05bc0203030701ff2104173f8100000002030039", 0x1f) pipe2(&(0x7f0000000000)={0xffffffffffffffff}, 0x4000) ioctl$EVIOCSREP(r1, 0x40084503, &(0x7f0000000040)=[0x2, 0xa2]) [ 385.662616] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000027 [ 385.669944] R10: 0000000000000013 R11: 0000000000000293 R12: 00007f80eba886d4 [ 385.677275] R13: 00000000004c51bc R14: 00000000004d89d0 R15: 0000000000000003 [ 385.777169] IPVS: ftp: loaded support on port[0] = 21 [ 385.848103] vhci_hcd: invalid port number 0 19:13:05 executing program 0: r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) fsetxattr$security_ima(r0, &(0x7f0000000240)='security.ima\x00', &(0x7f0000000280)=@ng={0x4, 0xb, "de675551fa3a2471fce8e4"}, 0xd, 0x2) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffff9c, 0x0, 0x10, &(0x7f0000000000)={{{@in=@dev, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@dev}, 0x0, @in6=@remote}}, &(0x7f0000000140)=0xe8) fstat(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fchown(r0, r1, r2) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$BINDER_THREAD_EXIT(r0, 0x40046205, 0x0) 19:13:05 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0x3, 0x2) ioctl$DRM_IOCTL_MODESET_CTL(r2, 0x40086408, &(0x7f0000000080)={0x4, 0x9}) ioctl(r1, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) 19:13:05 executing program 2: r0 = socket(0x400020000000010, 0x2, 0x0) write(r0, &(0x7f0000000080)="a6d20000560005837d5bff05bc0203030701ff2104173f8100000002020039", 0x1ef) set_tid_address(&(0x7f0000000040)) getpeername$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @ipv4={[], [], @remote}}, &(0x7f0000000240)=0x1c) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000100)={@in={{0x2, 0x4e24, @rand_addr=0xffffffffffff0000}}, 0x80000001, 0xffffffffffffff85, 0xba12, "849bd2e4bc12b5b51443a921908874848532986e6a2ef2209be1fc424f76cc746a8785e06466539c37a82ddc6c5da8e6e48152c271ad733bd1d278a619056dbd94b2d13a92b01445e261ddfa042429df"}, 0xd8) set_tid_address(&(0x7f0000000000)) ioctl$FIDEDUPERANGE(r0, 0xc0189436, &(0x7f00000000c0)={0x7, 0x8, 0x1, 0x0, 0x0, [{r0, 0x0, 0xffff}]}) [ 386.063237] binder: 10929:10930 ioctl 40046205 0 returned -22 [ 386.103319] binder: 10929:10933 ioctl 40046205 0 returned -22 19:13:05 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) geteuid() r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r2 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x7, 0x200002) ioctl$KDGETLED(r2, 0x4b31, &(0x7f0000000040)) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r3, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) socket$inet6(0xa, 0x8000b, 0x1) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) 19:13:05 executing program 0: r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$BINDER_THREAD_EXIT(r0, 0x40046205, 0x0) lsetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)=@known='trusted.overlay.impure\x00', &(0x7f0000000080)='/dev/binder#\x00', 0xd, 0x1) 19:13:05 executing program 5: r0 = syz_open_dev$media(&(0x7f00000000c0)='/dev/media#\x00', 0x1, 0x400) r1 = openat(r0, &(0x7f0000000000)='./file0\x00', 0x403, 0x0) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r1, 0x84, 0xf, &(0x7f0000000300)={0x0, @in={{0x2, 0x4e23, @rand_addr=0x7}}, 0x6, 0x10001, 0x10001, 0x39, 0x1f}, &(0x7f00000003c0)=0x98) getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000400)={r2, 0xc8, "2bac1b0db8d545f33107385f036928dc187761b0a63b3dc013c1cc1a1e61d97ae55c91c5fc78f2e466f2dbca7b97daa53c3c890d614ccb2038280737265f10b3e36e22af91786df0bbd952a154a7a20b968c1facfd9f1e3b57d9001e6ac440b48bc8399c55d3f88968a0c8170574511f9ec5aef84bbe72841f5eec6cbfb083e76ea31b92e3dcbcfeeb91d4578db6c1f562b7852e94ddb9447629522bfd002f57dec9e9fddb00e96c5ee941ea1a16de07a53c97bba5d121d4fd317c5e392f604b57963954f07b12d4"}, &(0x7f0000000500)=0xd0) epoll_pwait(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000080), 0x8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000540), 0xffffffffffffffff) ioctl$PIO_CMAP(r1, 0x4b71, &(0x7f0000000040)={0x4, 0xa2d, 0x0, 0x80000001, 0x7fff, 0x100}) getsockopt$inet_sctp6_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f00000001c0)={0x0, 0x9, 0x2, [0x6, 0x100000000]}, &(0x7f0000000200)=0xc) getsockopt$inet_sctp_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f0000000240)={r3, 0x4, 0xff, 0x2, 0x0, 0x401}, &(0x7f0000000280)=0x14) r4 = syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0xb8d3, 0x1) socketpair$inet6_udplite(0xa, 0x2, 0x88, &(0x7f00000002c0)) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r4, 0x800c6613, &(0x7f0000000140)={0x0, @speck128, 0x2, "065a5b85885b7879"}) ioctl$FS_IOC_FSGETXATTR(r4, 0xc0185500, &(0x7f0000000100)={0xa3}) 19:13:05 executing program 3 (fault-call:3 fault-nth:5): r0 = gettid() unshare(0x28020400) exit(0x0) syz_open_procfs$namespace(r0, &(0x7f0000000000)='ns/pid_for_children\x00') 19:13:05 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = epoll_create1(0x0) r2 = epoll_create1(0x0) close(r1) r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r3, 0xc004743e, &(0x7f0000000800)=""/246) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000c85000)) epoll_ctl$EPOLL_CTL_MOD(r2, 0x3, r3, &(0x7f0000000000)={0x80000001}) epoll_ctl$EPOLL_CTL_MOD(r2, 0x3, r3, &(0x7f00000000c0)) ppoll(&(0x7f0000000080)=[{r2}], 0x1, &(0x7f0000000140), &(0x7f0000000180), 0x8) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) r4 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r4, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) 19:13:05 executing program 2: write(0xffffffffffffffff, &(0x7f00000000c0)="1f00000056000d6dfcffff05bc0203030701ff2104173f8100000002030039", 0x1f) [ 386.690481] binder: 10948:10949 ioctl 40046205 0 returned -22 19:13:05 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) r1 = semget(0x0, 0x4, 0x60) r2 = socket$l2tp(0x18, 0x1, 0x1) ioctl(r2, 0x8912, &(0x7f00000000c0)="153f6234418dd25d766070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syslog(0xa, &(0x7f0000000800)=""/26, 0x1a) semctl$GETZCNT(r1, 0x3, 0xf, &(0x7f00000002c0)=""/106) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(0xffffffffffffff9c, 0x84, 0x73, &(0x7f0000000000)={0x0, 0x1, 0x30, 0x20, 0x1}, &(0x7f0000000040)=0x18) r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/hwrng\x00', 0x40, 0x0) write$P9_RXATTRWALK(r4, &(0x7f0000000200)={0xf, 0x1f, 0x2}, 0xf) setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000100)={0x10000, 0x4, 0x4, 0x0, 0x5, 0x48000000000000, 0xff, 0xec, r3}, 0x20) r5 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r5, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) socket$inet_sctp(0x2, 0x1, 0x84) ioctl$LOOP_GET_STATUS(r4, 0x4c03, &(0x7f0000000380)) ioctl$TUNSETVNETLE(r4, 0x400454dc, &(0x7f0000000240)=0x1) ioctl$SNDRV_RAWMIDI_IOCTL_INFO(r4, 0x810c5701, &(0x7f0000000440)) r6 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r6, &(0x7f0000000140)='X', 0x1, 0x0, &(0x7f0000000180)={0xa, 0x4e21, 0x0, @dev={0xfe, 0x80, [], 0x1c}}, 0x1c) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$KVM_TRANSLATE(r4, 0xc018ae85, &(0x7f0000000340)={0x1f000, 0x100000, 0x401, 0xb8, 0xfffffffffffffffe}) syncfs(r4) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f00000005c0)={r3, 0x20, &(0x7f0000000580)=[@in={0x2, 0x4e23, @broadcast}, @in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x1f}}]}, &(0x7f0000000600)=0x10) semget(0x1, 0x6, 0x0) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) [ 386.763373] vhci_hcd: invalid port number 0 [ 386.778778] FAULT_INJECTION: forcing a failure. [ 386.778778] name failslab, interval 1, probability 0, space 0, times 0 [ 386.790633] CPU: 1 PID: 10960 Comm: syz-executor3 Not tainted 4.19.0+ #83 [ 386.797622] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 386.807031] Call Trace: [ 386.809698] dump_stack+0x32d/0x480 [ 386.813420] should_fail+0x11e5/0x13c0 [ 386.817434] __should_failslab+0x278/0x2a0 [ 386.821755] should_failslab+0x29/0x70 [ 386.825721] kmem_cache_alloc+0x146/0xe20 [ 386.829947] ? kmsan_get_shadow_origin_ptr+0x142/0x410 [ 386.835293] ? proc_alloc_inode+0x5e/0x1b0 [ 386.839612] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 386.845063] proc_alloc_inode+0x5e/0x1b0 [ 386.849198] ? proc_reg_compat_ioctl+0x260/0x260 [ 386.854027] new_inode_pseudo+0x95/0x460 [ 386.858165] new_inode+0x6a/0x3e0 [ 386.861689] proc_pid_make_inode+0x71/0x890 [ 386.866083] proc_task_lookup+0x514/0xae0 [ 386.870305] ? proc_tgid_io_accounting+0xd30/0xd30 [ 386.875301] __lookup_slow+0x58f/0x760 [ 386.879283] walk_component+0x34c/0xba0 [ 386.883353] link_path_walk+0xb6c/0x21a0 [ 386.887524] ? proc_setup_self+0x660/0x660 [ 386.891868] path_openat+0x3b7/0x7450 [ 386.895829] ? __msan_poison_alloca+0x1e0/0x2b0 [ 386.900567] ? __should_failslab+0x278/0x2a0 [ 386.902171] vhci_hcd: invalid port number 0 [ 386.905054] ? __msan_poison_alloca+0x1e0/0x2b0 19:13:06 executing program 0: r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$BINDER_THREAD_EXIT(r0, 0x40046205, 0x0) [ 386.914091] ? expand_files+0x79/0xdb0 [ 386.918083] ? do_filp_open+0x84/0x720 [ 386.922055] ? do_sys_open+0x63d/0x960 [ 386.926004] do_filp_open+0x2c9/0x720 [ 386.929874] ? noop_direct_IO+0x40/0x40 [ 386.933922] do_sys_open+0x63d/0x960 [ 386.937733] __se_sys_open+0xad/0xc0 [ 386.941537] __x64_sys_open+0x4a/0x70 [ 386.945404] do_syscall_64+0xcf/0x110 [ 386.949814] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 386.955056] RIP: 0033:0x4111a1 [ 386.958308] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 8a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 d3 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 386.977274] RSP: 002b:00007f80eba87bb0 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 386.985068] RAX: ffffffffffffffda RBX: 00007f80eba87c90 RCX: 00000000004111a1 [ 386.992398] RDX: 0000000000403a65 RSI: 0000000000000002 RDI: 00007f80eba87bd0 [ 386.999720] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000027 [ 387.007045] R10: 0000000000000013 R11: 0000000000000293 R12: 00007f80eba886d4 19:13:06 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x101c00, 0x0) openat$userio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/userio\x00', 0x400, 0x0) epoll_pwait(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000080), 0x8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000540), 0xffffffffffffffff) ioctl$RTC_ALM_READ(r0, 0x80247008, &(0x7f0000000040)) r1 = syz_open_dev$usb(&(0x7f0000000140)='/dev/bus/usb/00#/00#\x00', 0x400000b8d3, 0x1) ioctl$FS_IOC_FSGETXATTR(r1, 0xc0185500, &(0x7f0000000100)={0xa3}) ioctl$BLKROGET(r1, 0x125e, &(0x7f0000000180)) [ 387.014374] R13: 00000000004c51bc R14: 00000000004d89d0 R15: 0000000000000003 19:13:06 executing program 2: r0 = socket(0x400020000000010, 0x2, 0x0) write(r0, &(0x7f00000000c0)="1f00000056000d6dfcffff05bc0203030701ff2104173f8100000002030039", 0x1f) setsockopt$inet6_dccp_int(r0, 0x21, 0x10, &(0x7f0000000000)=0x4, 0x4) [ 387.231883] binder: 10972:10973 ioctl 40046205 0 returned -22 19:13:06 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) r2 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dlm_plock\x00', 0x0, 0x0) bind$alg(r2, &(0x7f0000000280)={0x26, 'rng\x00', 0x0, 0x0, 'stdrng\x00'}, 0x58) read$eventfd(r2, &(0x7f0000000240), 0x8) sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) ioctl(r0, 0x8000, &(0x7f0000000100)="810246ac8549068c11cadaa78847a178d998d7f29fbc98d69ec2f8bd1459a1c2821188f0d70b1d3e761ac26594d4c6cbc90a55d56cbb7a8119e7ed06be58443bcafab5c3e8b2ac82dd9ce39573b76f4cf75983a39ab52e92fd1d2a39fb6ced61a22e36937bda19a4d26076aedd5cce1e8c74b453073a1567b1c16fb148abda46e54124ca39ee6c51") 19:13:06 executing program 0: r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$BINDER_THREAD_EXIT(r0, 0x40046205, 0x0) 19:13:06 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) epoll_pwait(r0, &(0x7f00000000c0), 0x0, 0x4, &(0x7f0000000080), 0xfd89) setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f00000001c0)=0x104, 0x4) syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0xb8d3, 0x1) ioctl$SG_GET_PACK_ID(r0, 0x227c, &(0x7f00000000c0)) lsetxattr$trusted_overlay_upper(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='trusted.overlay.upper\x00', &(0x7f0000000200)={0x0, 0xfb, 0xe3, 0x1, 0xffff, "fd755d6229e13f00fb930632ce530e45", "5db6474daf0bd1ac21a6f2268e8b898281a503ef5abd90716a3a229bb24d53b93f2c363ab0a3eba1fc8dc8d7e69609714acee56100c21f171d4be66be890b556ea83b0f343a16e573cc307257151c08e319a1c5444682bae1eb5a06ab3d48d5fd8f582318770e7aaf31ac363150499eebe29ee564cb3f743a4f371fb47c4fd975520c17d674fdefd759a0c675843fa7eb4e90467c7e045acfa11c1da9d2f1a0d4f5ee8cb3e6f061e4e5234be0581032e40764e5b0fe4d02dafc52074e4cde81376dfb8c67f2fb5cea68bc558a89b"}, 0xe3, 0x1) 19:13:06 executing program 3 (fault-call:3 fault-nth:6): r0 = gettid() unshare(0x28020400) exit(0x0) syz_open_procfs$namespace(r0, &(0x7f0000000000)='ns/pid_for_children\x00') 19:13:06 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) clock_gettime(0x0, &(0x7f0000007200)={0x0, 0x0}) recvmmsg(r0, &(0x7f0000006f80)=[{{0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000500)=""/76, 0x4c}, {&(0x7f0000000580)=""/23, 0x17}, {&(0x7f00000005c0)=""/84, 0x54}, {&(0x7f0000000640)=""/98, 0x62}, {&(0x7f00000006c0)=""/91, 0x5b}, {&(0x7f0000000740)=""/113, 0x71}, {&(0x7f00000007c0)=""/41, 0x29}, {&(0x7f0000000800)=""/101, 0x65}], 0x8, &(0x7f0000000900)=""/48, 0x30, 0xffff}, 0x3}, {{&(0x7f0000000940)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast1}}}, 0x80, &(0x7f0000002b40)=[{&(0x7f00000009c0)=""/4096, 0x1000}, {&(0x7f00000019c0)=""/4096, 0x1000}, {&(0x7f00000029c0)=""/165, 0xa5}, {&(0x7f0000002a80)=""/84, 0x54}, {&(0x7f0000002b00)=""/31, 0x1f}], 0x5, &(0x7f0000002bc0)=""/121, 0x79, 0x10000}, 0xfffffffffffff801}, {{&(0x7f0000002c40)=@ethernet={0x0, @link_local}, 0x80, &(0x7f0000002f00)=[{&(0x7f0000002cc0)=""/41, 0x29}, {&(0x7f0000002d00)=""/14, 0xe}, {&(0x7f0000002d40)=""/201, 0xc9}, {&(0x7f0000002e40)=""/163, 0xa3}], 0x4, &(0x7f0000002f40)=""/132, 0x84, 0x1f}, 0xff5}, {{&(0x7f0000003000)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @ipv4={[], [], @loopback}}}}, 0x80, &(0x7f0000005280)=[{&(0x7f0000003080)=""/28, 0x1c}, {&(0x7f00000030c0)=""/120, 0x78}, {&(0x7f0000003140)=""/4096, 0x1000}, {&(0x7f0000004140)=""/4096, 0x1000}, {&(0x7f0000005140)=""/212, 0xd4}, {&(0x7f0000005240)=""/27, 0x1b}], 0x6}}, {{&(0x7f0000005300)=@generic, 0x80, &(0x7f0000005480)=[{&(0x7f0000005380)=""/72, 0x48}, {&(0x7f0000005400)=""/78, 0x4e}], 0x2, &(0x7f00000054c0)=""/125, 0x7d, 0xffff}, 0xffff}, {{&(0x7f0000005540)=@rc, 0x80, &(0x7f00000056c0)=[{&(0x7f00000055c0)=""/206, 0xce}], 0x1, 0x0, 0x0, 0x8}, 0x6}, {{&(0x7f0000005700)=@ethernet={0x0, @broadcast}, 0x80, &(0x7f0000005840)=[{&(0x7f0000005780)=""/162, 0xa2}], 0x1, &(0x7f0000005880)=""/16, 0x10, 0x10001}, 0x8000}, {{0x0, 0x0, &(0x7f0000005bc0)=[{&(0x7f00000058c0)=""/168, 0xa8}, {&(0x7f0000005980)=""/145, 0x91}, {&(0x7f0000005a40)=""/74, 0x4a}, {&(0x7f0000005ac0)=""/121, 0x79}, {&(0x7f0000005b40)=""/70, 0x46}], 0x5, &(0x7f0000005c40)=""/51, 0x33, 0x1f}, 0x1}, {{0x0, 0x0, &(0x7f0000005d00)=[{&(0x7f0000005c80)=""/100, 0x64}], 0x1, &(0x7f0000005d40)=""/44, 0x2c, 0x1}, 0x8001}, {{&(0x7f0000005d80)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, 0x80, &(0x7f0000006ec0)=[{&(0x7f0000005e00)=""/4096, 0x1000}, {&(0x7f0000006e00)=""/32, 0x20}, {&(0x7f0000006e40)=""/127, 0x7f}], 0x3, &(0x7f0000006f00)=""/87, 0x57, 0x200}, 0x4}], 0xa, 0x140, &(0x7f0000007240)={r1, r2+30000000}) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r3, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) getsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r0, 0x84, 0x8, &(0x7f0000000380), &(0x7f00000003c0)=0x4) r4 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r4, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r5 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x100000001, 0x8000) getdents(r5, &(0x7f0000000400)=""/229, 0xe5) ioctl$SG_IO(r5, 0x2285, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0xdd, 0x2, @buffer={0x0, 0x33, &(0x7f0000000040)=""/51}, &(0x7f0000000100)="e56383befd38ec6439c0efdcce730f16095db683545feef6601dad777f85261bc2ef90b4cce35b218fd3a3df33a064aa602a8007188c20d0a9640cb02e7691d302d82227a1bbd9eaad7d8c66f826afb1684eaa23bacd127c29702a0a222795a3ca278f94eca03de2fdaf7d4c41ac070e17773c19b4f5500140161a7703abfb4b619dfcd6c4da498ccc7beb740255a027e3546ec8840a2d22c28750bfe4f491c62bba2f587fbed3b60042191dd45cc90caa39af34167bede8b8e1b8913bd4b1c7e2e4697acf7ff4d771a442fe06ab1a09f74fb96d249d3e3c26df0931f0", &(0x7f0000000200)=""/71, 0x1, 0x37, 0x3, &(0x7f00000002c0)}) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) [ 387.742133] binder: 10988:10989 ioctl 40046205 0 returned -22 19:13:06 executing program 2: write(0xffffffffffffffff, &(0x7f00000000c0)="1f00000056000d6dfcffff05bc0203030701ff2104173f8100000002030039", 0x1f) r0 = syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0x0, 0x2) ioctl$ASHMEM_SET_NAME(r0, 0x41007701, &(0x7f0000000040)='eth0-,lo\x00') 19:13:07 executing program 0: r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) getpeername(r0, &(0x7f0000000000)=@nfc_llcp, &(0x7f0000000080)=0x80) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)) ioctl$BINDER_THREAD_EXIT(r0, 0x40046205, 0x0) 19:13:07 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='dctcp\x00', 0x6) sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) 19:13:07 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) epoll_pwait(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000080), 0x8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000540), 0xffffffffffffffff) r0 = syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0xb8d3, 0x1) ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0xa3}) [ 388.404465] FAULT_INJECTION: forcing a failure. [ 388.404465] name failslab, interval 1, probability 0, space 0, times 0 [ 388.416127] CPU: 0 PID: 11002 Comm: syz-executor3 Not tainted 4.19.0+ #83 [ 388.423106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 388.432526] Call Trace: [ 388.435203] dump_stack+0x32d/0x480 [ 388.438945] should_fail+0x11e5/0x13c0 [ 388.443211] __should_failslab+0x278/0x2a0 [ 388.447513] should_failslab+0x29/0x70 [ 388.451458] kmem_cache_alloc+0x146/0xe20 [ 388.455665] ? __alloc_file+0xd2/0x7b0 [ 388.459649] ? __msan_poison_alloca+0x1e0/0x2b0 [ 388.464418] __alloc_file+0xd2/0x7b0 [ 388.468207] alloc_empty_file+0x1f5/0x4b0 [ 388.472429] path_openat+0x21c/0x7450 [ 388.476306] ? __msan_poison_alloca+0x1e0/0x2b0 [ 388.481035] ? __should_failslab+0x278/0x2a0 [ 388.485525] ? __msan_poison_alloca+0x1e0/0x2b0 [ 388.490279] ? expand_files+0x79/0xdb0 [ 388.494266] ? __msan_poison_alloca+0x1e0/0x2b0 [ 388.499035] ? do_filp_open+0x84/0x720 [ 388.503002] ? do_sys_open+0x63d/0x960 [ 388.506980] do_filp_open+0x2c9/0x720 [ 388.510882] do_sys_open+0x63d/0x960 [ 388.514955] __se_sys_open+0xad/0xc0 [ 388.518747] __x64_sys_open+0x4a/0x70 [ 388.522604] do_syscall_64+0xcf/0x110 [ 388.526471] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 388.531728] RIP: 0033:0x4111a1 [ 388.534979] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 8a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 d3 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 19:13:07 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20001000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) [ 388.553935] RSP: 002b:00007f80eba87bb0 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 388.559051] vhci_hcd: invalid port number 0 [ 388.561724] RAX: ffffffffffffffda RBX: 00007f80eba87c90 RCX: 00000000004111a1 [ 388.573344] RDX: fffffffffffffffe RSI: 0000000000000000 RDI: 00007f80eba87bd0 [ 388.580668] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000027 [ 388.587984] R10: 0000000000000013 R11: 0000000000000293 R12: 00007f80eba886d4 [ 388.595308] R13: 00000000004c51bc R14: 00000000004d89d0 R15: 0000000000000003 19:13:07 executing program 2: r0 = fcntl$dupfd(0xffffffffffffff9c, 0x0, 0xffffffffffffff9c) ioctl$VT_WAITACTIVE(r0, 0x5607) r1 = socket(0x400020000000010, 0x2, 0x0) write(r1, &(0x7f00000000c0)="1f00000056000d6dfcffff05bc0203030701ff2104173f8100000002030039", 0x1f) 19:13:07 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r3 = socket$inet6(0xa, 0x1000000000002, 0x0) getsockopt$IP6T_SO_GET_REVISION_TARGET(r3, 0x29, 0x45, &(0x7f0000000000)={'IFLETIMER\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00 \x00'}, &(0x7f0000000280)=0xfffffe95) ioctl(r3, 0x8912, &(0x7f0000000200)="153e0f34488dd25d766070") ioctl$KVM_NMI(r2, 0xae9a) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000300)=[@text16={0x10, &(0x7f0000000340)="643e67660f3a61ca9bbaf80c66b8bc5d158866efbafc0c66ed66b9800000c00f326635001000000f30f40f38c94bf80f380b5775260f01ca0f21360f180ad810", 0x40}], 0x2d3, 0xfffffffffffffffc, &(0x7f0000000280), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) epoll_pwait(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000080), 0x8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000540), 0xffffffffffffffff) r4 = syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0xb8d3, 0x1) ioctl$FS_IOC_FSGETXATTR(r4, 0xc0185500, &(0x7f0000000100)={0xa3}) [ 388.607175] vhci_hcd: invalid port number 0 [ 388.608451] binder: 11014:11015 ioctl 40046205 0 returned -22 [ 388.640056] binder: 11014:11015 ioctl 40046205 0 returned -22 19:13:07 executing program 4: r0 = socket$inet6(0xa, 0x4, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x0, 0x84) openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-monitor\x00', 0x1ffffc, 0x0) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r2, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) 19:13:07 executing program 0: r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) munlock(&(0x7f0000ffe000/0x2000)=nil, 0x2000) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)) r1 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-monitor\x00', 0x200001, 0x0) ioctl$SCSI_IOCTL_BENCHMARK_COMMAND(r1, 0x3) getsockopt$inet_sctp6_SCTP_AUTOCLOSE(r1, 0x84, 0x4, &(0x7f00000001c0), &(0x7f0000000200)=0x4) ioctl$SCSI_IOCTL_GET_IDLUN(r1, 0x5382, &(0x7f0000000040)) clock_gettime(0x4, &(0x7f0000000080)) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0) ioctl$BINDER_THREAD_EXIT(r0, 0x40046205, 0x0) syz_open_dev$mouse(&(0x7f0000000140)='/dev/input/mouse#\x00', 0x2, 0x404540) 19:13:08 executing program 2: r0 = socket(0x400020000000010, 0x5, 0xfffd) r1 = open(&(0x7f0000000000)='./file0\x00', 0x80000, 0x110) write$P9_RCLUNK(r1, &(0x7f0000000040)={0x20e, 0x79, 0x1}, 0x1cc) write(r0, &(0x7f00000000c0)="1f00000056000d6dfcffff05bc0203030701ff2104173f8100000002030039", 0x1f) setsockopt$inet_group_source_req(r0, 0x0, 0x2f, &(0x7f0000000100)={0x6f0a, {{0x2, 0x4e24, @multicast1}}, {{0x2, 0x4e20, @local}}}, 0x108) [ 389.081361] vhci_hcd: invalid port number 0 [ 389.101395] binder: 11039:11041 ioctl 40046205 0 returned -22 [ 389.235121] binder: 11039:11049 ioctl 40046205 0 returned -22 19:13:08 executing program 3: r0 = gettid() r1 = syz_open_dev$cec(&(0x7f0000000040)='/dev/cec#\x00', 0x0, 0x2) setsockopt$IP6T_SO_SET_ADD_COUNTERS(r1, 0x29, 0x41, &(0x7f0000000080)=ANY=[@ANYBLOB="6e61740000000000000000000000000000000000000000050000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0x68) unshare(0x28020400) ioctl$TCSETSW(r1, 0x5403, &(0x7f0000000100)={0x5, 0x3c050, 0x10001, 0x6, 0x2, 0x3, 0x1, 0x9, 0xfffffffffffffff7, 0x9, 0x6, 0x2}) exit(0x0) syz_open_procfs$namespace(r0, &(0x7f0000000000)='ns/pid_for_children\x00') setsockopt$bt_BT_DEFER_SETUP(r1, 0x112, 0x7, &(0x7f0000000180)=0x2, 0xfffffffffffffeb2) 19:13:08 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000000)='tls\x00', 0x4) sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) 19:13:08 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) epoll_pwait(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000080), 0x8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000540), 0xffffffffffffffff) r1 = syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0xb8d3, 0x1) ioctl$VIDIOC_SUBDEV_G_CROP(r0, 0xc038563b, &(0x7f0000000040)={0x1, 0x101, {0x200, 0x9, 0x4a, 0x5}}) ioctl$FS_IOC_FSGETXATTR(r1, 0xc0185500, &(0x7f0000000100)={0xa3}) 19:13:08 executing program 2: r0 = socket(0x400020000000010, 0x2, 0x0) write(r0, &(0x7f00000000c0)="1f00000056000d6dfcffff05bc0203030701ff2104173f8100000002030039", 0x1f) signalfd(r0, &(0x7f0000000000)={0x7b0}, 0x8) 19:13:08 executing program 0: r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x3) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)) ioctl$BINDER_THREAD_EXIT(r0, 0x40046205, 0x0) 19:13:08 executing program 4: r0 = socket$inet6(0xa, 0xd, 0x80) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000000)) sendto$inet6(r2, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x1ed) socket$inet_icmp_raw(0x2, 0x3, 0x1) [ 389.707302] binder: 11063:11066 ioctl 40046205 0 returned -22 [ 389.739485] vhci_hcd: invalid port number 0 19:13:08 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x101000, 0x0) ioctl$BLKALIGNOFF(r0, 0x127a, &(0x7f00000000c0)) ioctl$KVM_GET_MP_STATE(r0, 0x8004ae98, &(0x7f0000000140)) epoll_pwait(r0, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000080), 0x8) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f00000001c0), 0xffffffffffffffff) r1 = syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0xb8d5, 0x401) syz_open_dev$sndpcmp(&(0x7f0000000040)='/dev/snd/pcmC#D#p\x00', 0x5, 0x1) ioctl$FS_IOC_FSGETXATTR(r1, 0xc0185500, &(0x7f0000000100)={0xa3}) [ 389.766041] binder: 11063:11077 ioctl 40046205 0 returned -22 19:13:09 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0x0, 0x2) ioctl$VIDIOC_OVERLAY(r0, 0x4004560e, &(0x7f0000000040)=0x9) r1 = socket(0x400020000000010, 0x2, 0x0) write(r1, &(0x7f00000000c0)="1f00000056000d6dfcffff05bc0203030701ff2104173f8100000002030039", 0x1f) 19:13:09 executing program 0: r0 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x1, 0x240) getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(0xffffffffffffff9c, 0x84, 0x70, &(0x7f00000001c0)={0x0, @in6={{0xa, 0x4e20, 0x5, @mcast2, 0x8df3}}, [0x80000000, 0x8, 0x9, 0x1000, 0x5, 0x3, 0x9, 0x6f, 0x1fffffffc, 0x80000000, 0x1, 0x8000800, 0xc121, 0x200, 0xffffffff]}, &(0x7f0000000040)=0x100) getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r0, 0x84, 0x70, &(0x7f00000002c0)={r1, @in={{0x2, 0x4e24, @multicast2}}, [0x4, 0x80000000, 0x7, 0x6, 0x2, 0x67e, 0x7, 0x7, 0x20, 0x4, 0x3, 0x1, 0x6, 0x9, 0x9]}, &(0x7f0000000080)=0x100) r2 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$BINDER_THREAD_EXIT(r2, 0x40046205, 0x0) 19:13:09 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x10000, 0x0) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r2, 0x84, 0x1e, &(0x7f0000000040), &(0x7f0000000100)=0x4) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r3, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) 19:13:09 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) rename(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='./file0\x00') [ 390.329488] binder: 11093:11095 ioctl 40046205 0 returned -22 [ 390.494549] vhci_hcd: invalid port number 0 19:13:09 executing program 0: r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x4400, 0x0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000040)={0x0, 0x4}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r2, 0x84, 0x10, &(0x7f00000000c0)=@assoc_value={r3, 0x2}, &(0x7f0000000140)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$BINDER_THREAD_EXIT(r0, 0x40046205, 0x0) [ 390.738243] binder: 11108:11110 ioctl 40046205 0 returned -22 19:13:09 executing program 3: r0 = gettid() unshare(0x28020400) openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc0\x00', 0x80, 0x0) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(0xffffffffffffff9c, 0x84, 0x6c, &(0x7f0000000080)={0x0, 0xf8, "1788f076171f38c57a701ab708a32e97f426b59973f010b122c1f0fe25fbaf5e5c67e584b50d903bacef4608a455fa1488e141d97742a69bfbfd37c2215afc1cd46792f2ac5435e8c84755f9b1da2e5e0b4ff751a929bae510e49c60511704c7f76148d37a9a384b841c830ca5783393c16b8b14ef0043dd3329c34f637d4f89779b1a6856c74e868daeecda150375c69cc83cad54dc8255ed543687b79b8b146eca6feab06fd20fc5a57e3692767709e4bb4ab9f1028d7b5fff5e3a5eda23ef3f8916704b331f20ff725f26a94eb7fc7109cd24f96912084fc83938f2c0be6bd2c343968a026e8c5df37996eadc9916508696bb29c8611d"}, &(0x7f0000000180)=0x100) exit(0x0) syz_open_procfs$namespace(r0, &(0x7f0000000000)='ns/pid_for_children\x00') 19:13:09 executing program 2: r0 = socket(0x400020000000010, 0x2, 0x0) openat$smack_task_current(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/attr/current\x00', 0x2, 0x0) mlockall(0x1) write(r0, &(0x7f00000000c0)="1f00000056000d6dfcffff05bc0203030701ff2104173f8100000002030039", 0x1f) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000040)={0x0, 0xa9, 0x2, 0xfd8, 0x2, 0x3, 0x6, 0x400, 0x6a92de02, 0x0, 0x7}, 0xb) 19:13:09 executing program 4: r0 = socket$inet6(0xa, 0xfffffffffffffffd, 0x474e49a0) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x2, 0x4000) ioctl$EVIOCGMASK(r1, 0x80104592, &(0x7f0000000040)={0x0, 0xc4, &(0x7f0000000100)="c5dc2619ad48f517d1c61916d6f1e22da8bbb08fec06bd286d95a5de3faf93948d13926cecb95893913ab8a7d7635aaabf953d23b161d9606a1be35c68c554c65949c610aa5ee4ed1e648b5755381fd520fcac03bcd3e09cf22b4841548a8592afd49274cf958fe66c98729278e04dd8dbf38eb315819f720b0fbcc2ff6dc2c1410b18b94a7d6279483d3c9b7c530145a40350763eb20c0f4e38a455dc92bcab7360133738080c290e964cbbeae1247a41ceb537ad6e155126f845c96233622f7ee0f655"}) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r2, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r3, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000200)=0x80) 19:13:09 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) ioctl$sock_inet_tcp_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000040)) epoll_pwait(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000080), 0x8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000540), 0xffffffffffffffff) r1 = syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0xb8d3, 0x1) ioctl$FS_IOC_FSGETXATTR(r1, 0xc0185500, &(0x7f0000000100)={0xa3}) 19:13:09 executing program 1: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) request_key(&(0x7f0000000040)='keyring\x00', &(0x7f00000000c0)={'syz'}, 0x0, 0xfffffffffffffffe) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000d84000)={0xa, 0x2}, 0x24) r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x100, 0x0) ioctl$sock_bt_bnep_BNEPGETSUPPFEAT(r2, 0x800442d4, &(0x7f0000000080)=0x1) ioctl$VIDIOC_G_JPEGCOMP(r2, 0x808c563d, &(0x7f0000000240)) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) open(&(0x7f0000000500)='./file0\x00', 0x60000, 0x131) ioctl$VT_RESIZEX(r2, 0x560a, &(0x7f0000000440)={0x1, 0x8, 0x2, 0x9, 0x9, 0x2}) setsockopt$inet6_tcp_TLS_RX(r2, 0x6, 0x2, &(0x7f0000000480), 0x4) ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f00000003c0)={&(0x7f0000000380)=[0x1, 0xaf, 0x9, 0x3, 0x20, 0x6], 0x6, 0x100000001, 0x4, 0x1, 0x3f, 0x6, {0x800, 0x101, 0x7fff, 0xfffffffffffffffd, 0x5, 0x8, 0x4, 0x1, 0x6, 0x2, 0xfa11, 0x2, 0x2, 0x3, "85ef5b4cf8659da9ddd3953e4806308fb6f0235e9e2bfd43379695b5f5151c93"}}) getsockopt$inet_IP_IPSEC_POLICY(r2, 0x0, 0x10, &(0x7f00000000c0)={{{@in=@local, @in=@local}}, {{@in6=@loopback}, 0x0, @in=@multicast1}}, &(0x7f0000000200)=0xe8) ioctl$TIOCGPTPEER(r2, 0x5441, 0x8001) ioctl(r3, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285714f8e") ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r3, 0x800c6613, &(0x7f0000000580)={0x0, @aes128, 0x20001, "7fb8c67e792d0328"}) setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r2, 0x84, 0x65, &(0x7f00000004c0)=[@in6={0xa, 0x4e20, 0x7, @empty, 0x1}, @in={0x2, 0x4e24, @local}], 0x2c) sendto$inet6(r1, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) recvfrom(r1, &(0x7f0000000300)=""/98, 0x62, 0x1, 0x0, 0x0) 19:13:10 executing program 0: r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x7fff, 0x10002) setsockopt$inet_sctp6_SCTP_RECVRCVINFO(r2, 0x84, 0x20, &(0x7f0000000080)=0x10001, 0x4) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x3f) ioctl$BINDER_THREAD_EXIT(r0, 0x40046205, 0x0) r3 = fcntl$dupfd(r1, 0x406, r1) setsockopt$bt_BT_POWER(r3, 0x112, 0x9, &(0x7f0000000040)=0x84, 0x1) [ 391.016287] vhci_hcd: invalid port number 0 [ 391.083975] binder: 11128:11129 ioctl 40046205 0 returned -22 [ 391.126931] binder: 11128:11135 ioctl 40046205 0 returned -22 19:13:10 executing program 2: r0 = socket(0x400020000000010, 0x2, 0x0) write(r0, &(0x7f00000000c0)="1f00000056000d6dfcffff05bc0203030701ff2104173f8100000002030039", 0x1f) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x100, 0x0) ioctl$SNDRV_RAWMIDI_IOCTL_PVERSION(r1, 0x80045700, &(0x7f0000000040)) 19:13:10 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r2, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r3 = socket$inet(0x2, 0x7fc, 0x1) getsockopt$inet_dccp_buf(r3, 0x21, 0xf, &(0x7f0000000100)=""/187, &(0x7f0000000000)=0xbb) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) 19:13:10 executing program 1: bind$inet6(0xffffffffffffffff, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) ptrace$setregset(0x4205, 0x0, 0x201, &(0x7f0000000000)={&(0x7f00000000c0)="b5d0109a081cebb90fc99cdb10eb41e047dbd3f570a0fc981e94e218486c6e535b6a199004a8367e2a020ed88328b3593f3dd63767078406cf08fe3a8cba343194a02da8cde6b81cbdd12a7be0ade87cfc0ecd8cbdc8d8ea47784c35b607e9b778fa9626c8e6e369ef2edb27866ff29a143afab6a55c23a97511be7b6274b3ee10c76c", 0x83}) openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) sendto$inet6(r0, &(0x7f0000000100), 0x0, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x5, 0x0, @loopback, 0x1}, 0xfffffffffffffff7) 19:13:10 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x4) epoll_pwait(0xffffffffffffffff, &(0x7f0000000040), 0x15555668, 0x0, &(0x7f0000000040), 0x196) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000540), 0xffffffffffffffff) r1 = syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0xb8d3, 0x1) ioctl$FS_IOC_FSGETXATTR(r1, 0xc0185500, &(0x7f0000000100)={0xa3}) ioctl$sock_inet_tcp_SIOCOUTQ(r0, 0x5411, &(0x7f0000000080)) 19:13:10 executing program 0: r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$BINDER_THREAD_EXIT(r0, 0x40046205, 0x0) r2 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x5, 0x640000) getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1f, &(0x7f0000000040)={@ipv4={[], [], @remote}, 0x0}, &(0x7f0000000080)=0x14) setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f00000000c0)={@multicast2, @local, r3}, 0xc) [ 391.478004] vhci_hcd: invalid port number 0 [ 391.518916] vhci_hcd: invalid port number 0 19:13:10 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) epoll_pwait(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000080), 0x8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000540), 0xffffffffffffffff) ioctl$KVM_NMI(r0, 0xae9a) r1 = syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0xb8d3, 0x1) ioctl$FS_IOC_FSGETXATTR(r1, 0xc0185500, &(0x7f0000000100)={0xa3}) [ 391.744721] vhci_hcd: invalid port number 0 [ 391.765389] binder: 11158:11161 ioctl 40046205 0 returned -22 19:13:11 executing program 3: r0 = gettid() unshare(0x28020400) ptrace$PTRACE_SECCOMP_GET_FILTER(0x420c, r0, 0x57d, &(0x7f0000000080)=""/101) open(&(0x7f0000000040)='./file0\x00', 0x400, 0x2e) exit(0x0) syz_open_procfs$namespace(r0, &(0x7f0000000000)='ns/pid_for_children\x00') 19:13:11 executing program 2: r0 = socket(0x400020000000010, 0x2, 0x0) write(r0, &(0x7f0000000000)="1f00000056000d6dfcffff05bc0203030701ff2104173f8100000002030039", 0x8) ioctl$sock_inet_SIOCSIFPFLAGS(r0, 0x8934, &(0x7f0000000040)={'ipddp0\x00', 0x7}) 19:13:11 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x32) epoll_pwait(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000080), 0x8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000540), 0xffffffffffffffff) r1 = syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0xb8d3, 0x1) ioctl$KVM_SET_VCPU_EVENTS(r1, 0x4040aea0, &(0x7f0000000040)={0x5, 0x4000000, 0x6, 0x0, 0xfc, 0x9, 0x0, 0x3dc, 0x8, 0x7, 0x100000000, 0x9, 0x0, 0x100000001, 0xc3b, 0x1, 0x7, 0x80000000, 0xfffffffffffff8a8}) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f00000001c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0], &(0x7f0000000200)=0x10) ioctl$TIOCGPGRP(r1, 0x540f, &(0x7f00000000c0)=0x0) ptrace$peek(0x3, r2, &(0x7f0000000140)) ioctl$FS_IOC_FSGETXATTR(r1, 0xc0185500, &(0x7f0000000100)={0xa3}) 19:13:11 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r2, 0x84, 0x12, &(0x7f0000000000)=0x1, 0x4) sendto$inet6(r2, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) 19:13:11 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) r2 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x80000001, 0x20200) signalfd4(r0, &(0x7f00000000c0)={0x101}, 0x8, 0x800) setsockopt$inet_sctp_SCTP_I_WANT_MAPPED_V4_ADDR(r2, 0x84, 0xc, &(0x7f0000000080), 0x4) sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) 19:13:11 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)) r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0x0, 0x2) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$BINDER_THREAD_EXIT(r0, 0x40046205, 0x0) r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vcs\x00', 0x402000, 0x0) ioctl$VIDIOC_S_MODULATOR(r2, 0x40445637, &(0x7f00000000c0)={0x2, "424a7ff611de19e5f8dc3ec9602ff269d0a79d6d3f1b2cde6e2e329eec5a2976", 0x400, 0x2, 0x3, 0x10, 0x7}) [ 392.084883] vhci_hcd: invalid port number 0 [ 392.142611] vhci_hcd: invalid port number 0 [ 392.217067] binder: 11184:11186 ioctl 40046205 0 returned -22 19:13:11 executing program 2: pipe(&(0x7f0000000000)) r0 = socket(0x400020000000010, 0x2, 0x0) write(r0, &(0x7f00000000c0)="1f00000056000d6dfcffff05bc0203030701ff2104173f8100000002030039", 0x1f) 19:13:11 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) epoll_pwait(0xffffffffffffffff, &(0x7f0000000040), 0x155555555555562b, 0xa782, &(0x7f0000000080)={0xfffffffffffffffe}, 0x8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000540), 0xffffffffffffffff) ioctl$FS_IOC_GETFLAGS(r0, 0x80086601, &(0x7f0000000040)) r1 = syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0xb8d3, 0x1) write$RDMA_USER_CM_CMD_JOIN_MCAST(r1, &(0x7f00000001c0)={0x16, 0x98, 0xfa00, {&(0x7f0000000140)={0xffffffffffffffff}, 0x2, 0xffffffffffffffff, 0x1c, 0x0, @in={0x2, 0x4e21}}}, 0xa0) write$RDMA_USER_CM_CMD_LEAVE_MCAST(r0, &(0x7f0000000280)={0x11, 0x10, 0xfa00, {&(0x7f00000000c0), r2}}, 0x18) ioctl$FS_IOC_FSGETXATTR(r1, 0xc0185500, &(0x7f0000000100)={0xa3}) 19:13:11 executing program 1: socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$IP_VS_SO_GET_TIMEOUT(r0, 0x0, 0x486, &(0x7f0000000200), &(0x7f0000000240)=0xc) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) getsockopt$inet_sctp_SCTP_CONTEXT(0xffffffffffffff9c, 0x84, 0x11, &(0x7f0000000440)={0x0, 0x52a}, &(0x7f0000000480)=0x8) getsockopt$inet_sctp6_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f00000004c0)={r2, 0xc399, 0xff, 0x1400000000000, 0x4, 0x9}, &(0x7f0000000500)=0x14) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r3, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") sendto$inet6(r1, &(0x7f0000000280)="39ae163e237f7269aa66b6192c68ab472671fba9667005e055d4f474bc025a94457750e2cfedb8cd6d68315015f7450dee6b72128e5684ccab606500d61ed13599ed09688a7bc6940a37f5db12a9bd48572b15d14bac468dc14d9a7cca7c3ffcce96cee4450c37c6ddd1fc728d32a3a468a2ca55fc4768094c2389e17cca06b33174484e87b216667c3b869e46069c8b68cb95eb7eb4028757eeca7055b1934f03628693cc6b1f2b9e2f1700dd47b30595f51457a35b05a0343e98f29aa5a9", 0xbf, 0x4000000, &(0x7f0000000340)={0xa, 0x4e23, 0x3, @ipv4={[], [], @multicast1}, 0x400}, 0x1c) setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffff9c, 0x84, 0x13, &(0x7f0000000000)={0x0, 0x9}, &(0x7f0000000080)=0x8) r5 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000380)='/dev/dlm-control\x00', 0x0, 0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f00000003c0)={0x0, 0x0}) write$P9_RGETLOCK(r5, &(0x7f0000000400)={0x24, 0x37, 0x2, {0x1, 0x3, 0xfffffffffffffff7, r6, 0x6, 'dctcp\x00'}}, 0x24) setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000000c0)={r4, 0x2, 0x30}, 0xc) sendto$inet6(r1, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) r7 = shmget$private(0x0, 0x2000, 0xd10, &(0x7f0000ffc000/0x2000)=nil) shmctl$IPC_INFO(r7, 0x3, &(0x7f0000000100)=""/81) 19:13:11 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) epoll_pwait(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000080), 0x8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000540), 0xffffffffffffffff) setsockopt$inet_udp_int(r0, 0x11, 0x67, &(0x7f0000000040)=0x7, 0x4) syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0xb8d3, 0x1) 19:13:11 executing program 0: r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) fsetxattr$trusted_overlay_opaque(r0, &(0x7f0000000080)='trusted.overlay.opaque\x00', &(0x7f00000000c0)='y\x00', 0x2, 0x2) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$BINDER_THREAD_EXIT(r0, 0x40046205, 0x0) r2 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0xfffffffffffffff8, 0x400) setsockopt$inet_tcp_int(r2, 0x6, 0x18, &(0x7f0000000040)=0x7, 0x4) 19:13:11 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) r1 = syz_open_dev$dmmidi(&(0x7f0000000040)='/dev/dmmidi#\x00', 0x4, 0x1) ioctl$SG_GET_ACCESS_COUNT(r1, 0x2289, &(0x7f0000000100)) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23, 0x5, @loopback}, 0x259) listen(r0, 0x5) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r2, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) ioctl$UI_SET_SWBIT(r1, 0x4004556d, 0x0) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r3, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) fallocate(r3, 0x20, 0x2, 0x8573) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) [ 392.735777] binder: 11206:11208 ioctl 40046205 0 returned -22 19:13:12 executing program 3: r0 = gettid() unshare(0x20102) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040)='/dev/hwrng\x00', 0x10000, 0x0) ioctl$SIOCGIFHWADDR(r1, 0x8927, &(0x7f0000000080)) exit(0x4d) syz_open_procfs$namespace(r0, &(0x7f0000000000)='ns/uts\x00') syz_open_procfs$namespace(r0, &(0x7f0000000140)='ns/user\x00') 19:13:12 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) r1 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x5, 0x1) ioctl$SNDRV_CTL_IOCTL_ELEM_LIST(r1, 0xc0505510, &(0x7f0000000200)={0x0, 0x4, 0x7ff, 0x10001, &(0x7f0000000080)=[{}, {}, {}, {}]}) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r2, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) 19:13:12 executing program 2: socket$can_raw(0x1d, 0x3, 0x1) r0 = socket(0x400020000000010, 0x2, 0x0) r1 = syz_genetlink_get_family_id$team(&(0x7f0000000040)='team\x00') getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000080)={0x0, @local}, &(0x7f0000000100)=0xc) accept4$packet(r0, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000600)=0x14, 0x2d5e459a1bbbbb4e) accept$packet(r0, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000200)=0x14) accept4$packet(r0, &(0x7f0000000240)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000280)=0x14, 0x80800) getpeername$packet(r0, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000300)=0x14) sendmsg$TEAM_CMD_OPTIONS_GET(r0, &(0x7f00000005c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000580)={&(0x7f0000000640)=ANY=[@ANYBLOB="28020000cea0d3673ef4189fd684c3f0b5211cd199304f773b258ea1b4842ec7d27910aac6d21f26100255383ebea69217f479b7a0132fb090bf8bb0f11df8d4d3308f1fef852e5b44845e1c19274ba03fbaf0bd646a89e33ce117f25957e38f97d62ff87e0584eb73f384c665d11089f0d4dcb2e0457bdc0cceb8b03f0a79977c0effbd4f73ad5a80c77d52835aaaff8de479a10a7a3a7f664eda3f1af99c88e9c5fc86a233", @ANYRES16=r1, @ANYBLOB="00012cbd7000fddbdf250200000008000100", @ANYRES32=r2, @ANYBLOB="c001020038000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000800030003000000080004000100000084000100240001006270665f686173685f66756e6300000000000000000000000000000000000000080003000b00000054000400c80c060501000000fdff7f00b409000000000309080000000000070400000000090000020000000009000406000000000300d4cb010001000300f803f7ffffff03000805ffffffff0600080e200000003800010024000100616374697665706f727400000000000000000000000000000000000000000000080003000300000008000400", @ANYRES32=r3, @ANYBLOB="4c000100240001006c625f74785f6d6574686f64000000000000000000000000000000000000000008000300050000001c000400686173685f746f5f706f72745f6d617070696e6700000000400001002400010071756575655f69640000000000000000000000000000000000000000000000000800030003000000080004009bffffff08000600", @ANYRES32=r4, @ANYBLOB="3c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000008000300060000000400040008000600", @ANYRES32=r5, @ANYBLOB="08000100", @ANYRES32=r6, @ANYBLOB="4400020040000100240001006c625f686173685f737461747300000000000000000000000000000000000000080003000b00000008000400020000000800070000000000"], 0x228}, 0x1, 0x0, 0x0, 0x4000}, 0x40) write(r0, &(0x7f00000000c0)="1f00000056000d6dfcffff05bc0203030701ff2104173f8100000002030039", 0x1f) 19:13:12 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) epoll_pwait(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000080), 0x8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000540), 0xffffffffffffffff) r0 = syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0xb8d3, 0x1) ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0xa3}) r1 = add_key(&(0x7f0000000040)='encrypted\x00', &(0x7f00000000c0)={'syz', 0x1}, &(0x7f0000000140)="34864e072d52e58ec84ad12f945f734106fae391821236f3490f", 0x1a, 0xfffffffffffffffa) r2 = add_key(&(0x7f00000002c0)='cifs.spnego\x00', &(0x7f0000000300)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffff9) keyctl$instantiate_iov(0x14, r1, &(0x7f0000000280)=[{&(0x7f00000001c0)="4369f1d9eb95521afc319a3ac0d92f463681e2bc1fa3", 0x16}, {&(0x7f0000000200)="06a57ae233eaa57cb42fd0df48554087f618a289b49e315481710800bf3285cb96f9f9df2518bfe8000886a1f0cd30c3fd8052b6f90d54eb3a7c504fbef61a02bdb5d78e01fe2a9db754d2db6d04b36fee58e3255d4d9b740dd58699b0cf28920673c4ded1e8c5bfce", 0x69}, {&(0x7f0000000580)="5ddf2d33d3ec5c38c7faebab187f903c2f8393d6baa3fca4917d7127b8cdaf698503d90a84b92d22dcdb45fadb716b85806a07ed94a93495dd883bc06187490536d488186da495264adba25b7dbc236ca63f865fedebf2277c21d1961f924fe6958bbe4e1b8db42a17e1de088b40a879c6d6b195dd303eae8808d76a7f32e831a7f786465c93353bfed817253d236e35bb8ba5f2ef8a2bd34a39dab71491ff5cb3165afb1c734b843c662bc930de4a87018d56cbfdbea37ffce85e3388c4ffdd9cf95b9ccbd28c69c8b9bc904e08d0f0a8771f12373d2acb2f8903704fb184b22f984b2058a9944bae4b2d4e0f93f9e103b401cb17c878a7a76d0b62e07a700ff9123a3edda77f513c72f3f556f4792474d0d90e1f1e980744530efc040df91ac65331aff7d9465c841522632d1a0ad4ecd064f55d9a10bf8dc1428885d8508396187bc3b2fe2e249b03d1b01d99e68cb4a73d07ca957382336a51b7a662965799a227370782a7eb4c909eefad8e5073474fe87aa664f79267a95a23aa53e140f2253b877e58897a01b409e607e0689e08f49e5cb195d4b814f6dde2a63223b08f22d6188d604b0d4ad10e203459fa5ff8c53ec23a37a8d1d344947eaebea794583121b53e3fc59e628d6a706a7b0e0eb66773fa01251d04a8dffd268128f46642c27450ad71fd04fa76c084530bd1278eef0152c5d38bc83553c8e17ddf734236443bf8e3b9522d46d8c18cd3e97a2f417eddd137d786a56afc5bf4fedd9669f2a593d78e71d59215993e4979555cb710e155ee64ce68475aafb2d9b7fff577d99f40524d41c06e0d2935505d0c720053bfab823676ddff0c60c3a01be470446ce1db10f326cd3a7d1f156a37369fc5db2c78e2db03263968beb757bc5df8d67621596c34d487d36daca4369416d961aafa12cf31b2ee66033c746b6e50e69e73910c0c0146bb1e93b7515b9fca9fcaf01681c3037f87c82e1b672eb3833f8feab6135a50ef62bfb2b14d1fbe57386e6a09c7ffe57ced4da63af8e9a353acb5063caed08d36611cddbf043a49f05eaff1e7b564dbd944473ed52dd4165268843ee8ea1ec51057c82f611df9c0c76674cf8d1039b786394e15a40c4951d3c717289d1aa9a3c4404f5e278ca9fdcfcd3fe112b7ca14b83d051c180a8dfafd088b505b01ae97f919179388fec16db1e0f92cdb6a571bc6e867db188b16cace1b6b128dfd8829b5c81a71005619959409e41446effb2f8c2e128e8b1c1a77305065180cdb6fbb2160ab4e8b22e571c732e4a7da16b70644941494b035290ee49a707a26bdc5ce60d6896ad4ec910555dd9a46b098d7a175c8ef89e56ef7bd3521386c184d8946ab6bd458cd0b15bd03f687dfd231babe4881c9680cd4f8729f982a93a69145586ff7ee01af20ffc90bf1b5a9a5995f6561ee7612baa2ab6d6da0edd2c80042c426e68f194cf6612e10b160497cab24556ee22a0cc3dfccb7675cbea6f1424e797c259bdc7f1576c55fe27d7e9c971ccec0c9e92e5c4e0dd1f13510015562653c12bd387bdd9c5d99cc25967b52adc78122c14f6b5b697ca0e0f3173e68d34e116df32f3f9ca45fff45fe5de9f05e3560b05a3316ccf555f72bfefb89a81d7d6d051f44abcdd5956fd4e861476efa3f3e2468bb5b0065dae4673f0b84e72d64f8c7b2a13eca00933580e4ed2f25a8f33cac5fe3ea2d75087676994a7b21c18cfe6faf450e9f50a52d5dfafc65e5fa288d6ce4d4921024c773b5d96da8393e658e451bef760c42690e4c004325a675c3f847d6fa2b751b8f4fafa96446b6b19ba62180822d631541750c379103548c04c24cef15ab817ba9e46d9f9c165cd7fc13b72d94dc59e29e24f0d5c6c86ef127cb66c9cbd5d469b8ca7215e8ba2c6c245230dca6a8339797fe30a127f8b6b93e3e815afb0ea8b2b2af0150637e657073d8d9eaf1b088552a440655c3a44ea18ad54abc09d44ce5f532c65c27fa049902f9a100b95aa376f324c46adf0e41733236ab0a3c5cb55bcf93776038bc491d9239583cfc4359c2d38bc5606be6ef3f482ae12e8dbac9e0cb6151ecf67b2dadd2a905c6d1e441470a9c7f5bae906b1df0192d823ed12ab9c7d67ec213084155b64aed18325fb4f5968ea59a8048bef045aa235ab09fab36514da9bc7a6ae26c4423ced140cf180720e42d4aef15df8e53106e1009689b5bd3769745a4a951ddd2af2d2048e2b69638acdbf57e6e47179544958196a1b051553ebd1b696d5ab34a97c355ca7bf6d333c4bb28be8e538cd28641a6ee604bdf04059e1d74eff9f97e6525107348040ae0c361619ae02a89c6e1ba04f7b490540c91a0c5fcb5e69d1b06fae69888eac3aa541543dbc3912068c2c28a2e15a8b148e55ad56c3570a7af45f3e48519f913f49cb90edb8a6a109fb5faa8a757add562b37fdd9fd3b93d51b51e106e295e29df105faed5e7da620e830438dd9eda963e369a7be556aee98bf638712e0ba6c0299cbedf0a81038093dbb2a87332c58edafdcdb01e687522e90c5cc5987b9f3f6bd23297eba013d6a8f082b2bb6e45207d967e77c611d66b8cc2c0b41ea9b84189307194ab89a37a6a3e9301b358077e0aed86489db7adada5db6084f7a3e41960a13f004010e31dab916dbe8140968523e26e206e7540ef32f306c4d352768d54113d3021c97cfdbbcb543abbf5c3adef4e62fe78f7b7269d7d0f4fe051972e78fd67678d6aa60e6981d0c6bb6cf2a28d1d69fdfe082fb673989f693362ac40af788781ce23efafe5319feff22eccacc3f5ed1c8d41fbdee978a0ec5830add71969094382ed7544139c7127e5ba0f535ca66c87a8d980dc5baf83be928114cdbb03a0798926c9e01f360075cee3667654a1fdf79c539f95baec17aeecccf5981a9f5e39960da7bd4dca3aea7f625c6ba0bdbe2912194ee680aeb75496fdb64fbcfcf12d08312fc784b944fe864963801707f3849decdf5ac45857c561684d9d0daf8706905ca8f257c9361123a2d935670a5eba6b237c27417a62ad8d9948b76a502d5d354e0493ffa103102c6fad4903ec57e1d973a74eace9eb9c1d728bfb5aca43e06cc00e4d6b32fea5f090a3ec6c3518d1d4e71ef1a52cd79a41b13f25674845288c5194013cb43f8ec97e41b1454e96fc70c71c6d140a411337f639ac6f255787fdb7cbc1bfa47c97a0e984b968ba2e05f8698b904b0d8209b0cf7dbaa871ea484a3afae89f1e3ab2d43b325cb315d90daefacd7926131a868fc7f75b120dafd98207643e4bb594be0699a2574c997dfd0c504af9736bdba914dd8b3c7b006b9410ed7b5c6984e695f27194f5855778d683b61ababdbd2b730a2d098c1dd6e7fd06a06d73357701caf827f7289ada5fa66e057f91ffb48ece8cc3e1450899a1495a7ff92518c42c1e1cd2b9c54ee9c8f36f0cb99056bf5622b9e5b037797580026b7ded128d40ea9ff424f095e9e012e0981a6db429cbb6f648d4aa038eab3658e1b705ca8212ea58dbd8376308d569b49ecc41c6f5437913e13f0b96c2827eb7c5ecc4d8386945fd08faa428fad223cf7fb5dd683fcef35ce83818fdb7d021bc6f9f77f4121bd33e76a2720bd7126fe8507af16d813f876d14807be1d43a96a7309da9b3aac5020db45b74ba51002a3c1a7ee54db6eba1edeeb370bcc155dcffeb82955d95e592c0632431e7e2e887146e90cad70cec437916063e4ff826d101fd4d973af1bd32f95770a45d2d1ace8450a536275f4c26ed97edbf11c7f914f6b316c3cc5c3a9e0e31e92e8202c7c2b362a86579d3cf18c31cd22276c24016d0259fd43e4a9bbedc6c1c65c83e6cfa1dee4ad8b26ae4064c0742c1fd4571e7a33c400cc57e5fddda99210a120eec66a27b5ddf4744e5c078f22390a1b435339f02a2604067f853a6828e890f831a63582b6c3b71c12405627094f6fef23db38f908d03499b3e74e3ed8c258533cfa1f5a48e901d21eab615f0b6c7d9541c3afb3ae47b2e22c0ce51ec5632c0306a36076e4c0bbebeecd93a03ee07e3dfa88727f3e640a5f1338242d7736dd876f05ad5687612e06b17ef438fe1ded958cc30d24f68796af6469e17b44963f265d23380fbcbc7bd4e0c44c1c14eccb76bddf4508bb4e481dcf40b2d8639450bab45f62146fe0f373837e3b3ecbd25a9836d5bd3a1de04cffeba650a34b0c7a7cd3a179a87405992fc760ec80a76a9829f266901be5bbd0d296caeff73ff6a5cd8a41756a9bcd10b790d2e6a9d7a6612abaf36c0217583f70b7103dc4bace9de8b7c28a2acbc33b600be1b0d8b32c50285031ccfd6187ec8b1abc3fa86602adfdf051e4ba9fd422c155235bcb79890b3316a2783adaa5813300c4392ed2719cfaebdd1d9c87bab71719bd3af91f8edf542ae22fbf43325442703eae235a81602b5027806dcd14e7f74e58f6b7aef7025a997adca74e06b25fc3f5665e501ecb6ecc8b5804c40d6faa97db4b3972f2b382cfb79631ea57f71835119f81c35081db795190fcf70029a6c7de2f9e1f6f507618844e1a3dc5ca51ccbf847d71da407920b82ca636bb511bb41337b117300c0ce9e3c15e71f7a4b502e6f6539aed3d69d6daabaa7f5821d59505946ec32113255ec9bca6c6d882e46181b6053ccfd69d96e63996887ee56c624341faf6d23ab1ea14d4e4280fa7e52be9b8829f0fb046e7f210a1aaecbe9adb8f8cb3d485d6f50c6a95b8cb6c3c08cf22ccedec1aa9e9f970ca3e08cf19cf8f18535b57dc9ce05e15cd37c28bc136ac541563e1a07700fa6074e682fa4e6692d655a772ba7094068920894e01beabee8c87df79f74a4f44b8d515805fd8d0fb354461caddb40d326c3ef65c86ff8bb78cfa00acaf05ba36303e8b029633d5e5d8b1de62418e8c53ebc0df50f15f3cdefbfb96d4fcf6cf7bb5eac58b6bcc7bd0c0e8829b6f7fdd4c2ddd132dcd6ab575a58e7c574656592011f38e0aedcc95794f030b305653eb492be356e8b765e11657ddf7f323ebd774c0de2c87ca4c06529cb071d787681d6354104776c56ed102c2e69d07615f0e6353bd58e9b12f7f46087a5fed2739a2bd880e065d7bbf4555cb76bcaa8a53614681c52175ec23ccdba5cca4945d4554dd6572e186483fd0efbced0e29e5c544a2e84098fafdfbcd185d2cc89041d8c742b76dd67e7f856922d27ecbaa10b860e5eb43c06d60c303cf3a480158752a50e1cce3bfbb0182e9a5245426e357d89fea4008b6a1139e0938f276198f7bf330ac65ef71cd56e8a41483fc0c5fd27ceeb3e4599df448e89d85d5b39a8de747904a486d28cc3dbb9071372f489166ce3c589422a1109d77f290b0ef017f0ad91610c653ddd6020601a708d0c65bc221dd3cea18da67025e3dbf45e5ed6753aa046bc2db1be2521c18c5e70a225c180088c58ffa4702d7e122e44a740dcd036e38f234b23f409e7622563c6c054d2a91108d59227d5e8f51545afa2a49edcdbfa22b03289bf9f8c0854e81ab09646aeadc3b06fbfb507ba4a21431b7d3e054a7bf6987cc6898a2e317b6c0efcbd84088c0c9536908b32d1a50e8af8653418115c4cb7b940f2c997992268c28342bf26f23c1bbfafc7ed4d10201f88fbc03803826b5b787cb32624a3a6d5e5657ba067ceda1114c726c1bcd7b7a6a2b7ec6c0667377d47d979fa2e4d72a1da52d91d8268c492f6dfd88a51eb6c5b5a8ea16556400a8979a8f2800192f7f9ac18ba074b50f564f51666409e7ebda68d74317ea5e85b90db969cbc64f3d29badcbada6e2325ca4688667", 0x1000}, {&(0x7f0000001580)="cd9ae699581dbf55ca6a2a328146d9d56c872c6cb54136c9e5ae5b2cd2d0d23ef615947ac6b9115ea3c60b01b34b46067ac28f22d7dd9953473092fb056360f1311ff038290dc785e305b5e62c0cf4cb7650acebf353f531b1316d0a629c81229202120ccf311f34648c769c6847272701c6f5c30ed94e26c4680ad09eb50664547f320bc8161473c89349d8134aea5b0ceeef6a9a1c8d4eb0f064072c93e3f62979a16e69992cdbfa50ef7baf1f174e04df935c59f7f215c6ebb94eb0862a6a411722efda2cc2908492cdf28ff0b8eb3db19dc9c31fee55e50a14e4b92b6195221f5a440f7a3b5616545b11ecd5cbdfc6fd665371584d9027a129bbda2b463d502dd556a9221fe6d7e277f44a4234f3f2408e70afc50185df0d943c3b59c602e17a78435d62d397d64beb388cf230ecaf8322fa36e9d6e52c4454b272d82f22fbd9216597117ddf0f74e150212725ec50a2c216f9aa1654dee2aa2514aa1e23101e9088bb2a378554fc55611349fea78658c366de79422709f7b44b845d5d6cd6a36a949fe9d471d6f7f1c9702abd5b4d6e30c95176c4d8243853ffdfce950b9f276b2e6fe49783e72cb7ed925ac45e6237755ff27225387130e17bad80c426d9fd45c7756a533ecc7f2cac18471f4dd2039a64ae001fffab444194dfdd01d90ac5ad5e01c7a15ab05d86c80bddcf086a0784d5e4764815682a1b82d2a8ac838669b453bf77c0840d6e7ba3b50879b8df2b80ae742c8ae378cdc14f7f9b2da04f4cce30d506050b0e58b586bd3cecbefb8e92334ba9b2c8fbcb6152792a71ee933cf75479dbd1327508dbf06ed7cc02bda8a5cf0c7a43d98378fb49cb0d06f387363c1b33b9ffe0be08142c6ced808bab3c8b45caf1f41c34af282732e688f5bd1bd28a20f0d7e5ed15f86797cb64d72e65c54171393d1ba269f3f72dd11cef7a3da659d719fba8ddd91f7f0bd49a0c5b4b135f81651648b554371a8a137d57617443459011a689c5e7cc49c2d4a7c6eccfc153a1c49118a7d650ca621eab73cd050e627bc374e893f51d54dfca390ec7fa2f477a8e16524b1564b25ceed4f8810c75ee6f1152426557a5caa1eaf6b16219c60d4ab28c8670c7bc2b2ae073bacf011a5bdb37bd0f7645c0514038866b52ed159250c45ceb16233d6fb21ed20edd56d2a1ad86ffc81c57dd4d27440a38ebf99069acc66cf8d49fc3b61cb5151d3092ff4ef12b601abbfa6d458c0001f83316a6ece0343fdfee5244508532f061052380e8a79e89ca6720e8b41963d33779df150973f7d5042a42c76b40c6ed5fb14fcb5d52ee184d9084b9141e52be6c923d53a003ed6ed98a88fe332a2af7aa2aecd3cf8ab8ea6a450ab64b6488bb03af25db22bfd238b0817a3351a61f417e6a5763613d7536680f98a0c1f52079f9e2fecf60d8409c9820e6f4fd2374d6d83533289f2c1212fd7f0203f70d204d3630f76b6760944ac37347d2534b6611d0afa8e13b789ef159069d74d473492e46be6966c95cfa366854b7daa02f41119131ff4b1759f11e0c489dec484d82263c15622bb718f69b67f338d9b0f5d4c791a19f4d50e16d4b7a674f4379be956df448b041737b7b0ed9e87d4aece0baa0514501467cf3e63f4d38a4d9018c72f0ecef9857cb925a678496c97261df8b51667471338ee544294b0c053236420dc8ab08561fd7d896c79cc58bcd8522244645a2cf58875a03ce2ce29fb46b21aab5a3e6b6319ec17ed51f1a6d31e931ec7e781f82affb1297b826c679e1ca1c0bf76fe43098d49a7a91d8d10290cd921110f4368957a67ad4e87a713f6600d1bd8031234993aa04425bc852b61d8d0b8a78aeab743cfc79071e0fab3f909527f22cfe9f70fb82ff09b698305667d6f31fbdfc4bcdcbe18dd1e2c95e710cb96a684fd88c6147c6a670446a21ac4f4836217aa8498b509bc96b3801be98037b9aec862aaa67ac98026df3bb41237b6d5932503df6630c1caa388b841fa8ce8a246725f33f5a9396404fd1557175138c205e81ce42c23a0452912284db73169aa5eac33c6004dae054513dfdeacfbb4feb572af83d08a5100338b0839732d05986231d795b49bb39bb99e3bc7f26ef3a9d110cbbc6679ed93c4a483d3f02224b4c0423f758348c22f2e89be3688de52290096aa8bfb08debc3b3c7215c8b16ae20507ea2318a2a5b94e8ad73027073902ac967ab1ef7181d63efada0d208018115c68e28d48697fccfb2b89f89de9037b46871965502d139f83572c531d0175df76c189ffa1b2ea422296902b0536e2f2e4041850cb50073d9b86dc36c24a45d698458ab9fb4f3b12f132fab4891ec4ee1abbc35d28ca32536f4c7fa58b6f8eeb788780fa75c2d6916e1a1df3cf948fecc35f856f38a71ed885f5c1af35dbd600e479b96306e7a53faeef916bcb5230b6f6d7b64dcad54bb4ea0cca44d2e487ae4594c73a97f7b208c12129900e11eb1132675627ba2c5af20fbe71b6058287cac8efefc541d323033a4cedf06b26302d69e6b98688cc372671c33a7e89bc4272f59b573ffde8865818b4f8dad2a1138d3679620728a11845f62158f12b6db943ae06c4e614f96d99b390ec80e04f1336e943fadaa8381a99388d87e186ba9ac42acd855c6edd76cb48a0e44c8c19eaa6e07614f2952c2a8780aa3db4216533fecaf7265ce9f6004b63580bf798ab2afe7e132031fdcb16cb94d23daebd92614410ea95ba5ce0fa32fed8df750c08deb0d7485c4dc733eba3af9abff5049b3b3671b0e85b83a51175dcdc97ec742a5f48288efe421810943be33efb8afc030bef8f59726cc89455729425c0ec8c89ba2ac359742d7b69b265817963141cf6c4218391ab4bd0f3905fff251589074e448db2d5c40be8e2284c25628aa521d4d09ec99dacb9c436d18c4a4191e76a4eab07f5a52f37ba4ef8b9e320ee6bf7e83975cf0e0f16a2ec4cd1e421e94b601f179a6469c33b50029d323e4774eca304f3e37928b97e237a674922e6b410cfe8d3ab6ad55980554d99a1f7cab6bcfde70bffbeda993da53ae5691267ea54bb6a67e09545a915de7bdc3f463d553c77b0bc7757609078ab6d8801e71ecadb97c10db7cb2a5ff5e770807d9a1b2bec8681d8458261480e00a1760e3a4fc5b52bf78e1f4a8a11a3ab8ae2bd0cb9036a36ba00e78da338f9915333857eddf38499b0e126ab52b6ab36fae7c4bf03cb5c4c1b6522b25443e9e051fb107faf7d32b8acd3878118f0e3f2ffcc2655b0c44b54ed5f29076c48dae39e11d73bb6ce55f7629bc7668feb778f1febbb89049674cbf1ece0acbcefb72f7c57b9db1cb0fc8dd2f97bed1535b9330dde4c8055e7fedde7d9d07a442f051e8315c77f2c37d002e3326dca22af423a5a90d90c5d553dcd125bd936b2054778dba5a256e095995e1164326910e1b1debd80db9a6b6905c274ae15e75a2bce0f3c059fc032be457b9ae7a5cb424b48a0c606b08f7f005186228538755086bed36e3bc92e7e57a8067138c8bb9753dd2a2b3906b877f3e72a6fe6591670d70ba9abd6460518a0ac0551a88efabdd536b4a81ec867ac7ca1270af50201411d039c212dd69d9e88d7552acc4c7b0e920b1dcbf5aabb3f9481cde3e34548697484891475a8f2edad3875b42577b7f5be60fb87c9f5162731ba5903421b20e8eca40be4828fd149e112fe761cb04a10da6b10d1d1d9334e20cde342048d0d986106acd36dcd6195eeef4d22759cb64e4017e736df3b29f9c169a4d381fc0b76ec63891be6db2a9e34cf8c781a517e55f9bf86619598d3455c9d8197872340783784ae2b8f750d73b6c924da0f028faa957bd0ac6e33d7351f614a7f7e60ce84b06eb3180f2997339fc03a69cdf00ddee0ec0c6d003383d52b559f0260e7a354c4f9180f944b6e92dcbf4192408b9ecf86a57775eb1c836a45285cc1d8ffef9b2680943cba05e72278146234b2c03c5136f4841caeb7f1c97b1f693d605eadb30ca2bc93da3fea70f4c0795c032ddf5a1d200f6bc17251f647d3e2769ba31af0ef4fb42f0d38d309bbdb6b4a39ed6de79413aee3a941939c962d2e53a8cf148dfacabd1bf25178a080e97ac6d985a60e7c63f678f9b38e35d133cc9c5b7cf8ff2933a6091e0af1f85fc8dc30aaf87bf6ee7b8374c76fefb112f0b17968b70e6e1d193bde2b60a58431da608b03744876216a827c680fdae57284b10eba8956aebfa40ee663dd601f1512548cdd48936dc6fac953e10b76fc716cd2964304b2131659c7b21f6724297e8966f344d9f88516a3b698eb2eb6d7a89f33ffa837d5ca8d95e17d05bb5f31afb0b3446794422ad3d7469afd4984e7840e36f76d3810b3100a52cfe5cd364971818092062be5f18036cde5aa92a7ee581f206fb5199eb655b6dbe5b1c68b02a25d358af59660f027a3f7d2f764e55fbae2d6505c3b2e8aeb3044dcca46d02c73fb47faa023ddb6891896b2c6ad911d225ecd5e1c11ff1a8305786c21ec912b6e46f7f2040372a76014bb700e243233a2b8cc1e5bdbd168aaea5015f4a8b9c0d40176de39a2c7e8c92dfb0db75ebed652252c7508010cb98cde4de049d9a5b9d4bfb7269b60d796c696eade219dd72188c9f5d678e8bf7fd15006b03f1ba9bbbc0dd4fce7b15aabd2accb5d4ae2bc70b6f010fe2685422009b4df461df8a26da0cd79430237e27b465e324fb0ecf06ea2fa2031a53618f29996ef45c4948d14b7ce7804f77b06f1af2c6762f369a261af0093f179a970bafaa84652311925749da9b170eb53e9156bcd3cb7023520d02b0f2f0e7ae5218770cbe0a1d8de976d642d179910889c658f7f4ce384bc005b3bdd38b8494dd6da5945bc60e2b11e85dd9baad07bfb7c0c4a927139ee73e2e90f50bd83951f0461f71443c8b8d13dee1f0df2f60bc9b3758c49ce095798455ffe02652fad4e20c2a37649ed6f3fff3fbfccfbf60abe1f791d73473793c81f76fd914c02a3946ff0da6c9008d9238626fa550aa0cef4df9deb64c4de201edcbcac7d774da3e62f67c50e8ae6cdf076ee5b277b24627f0b739a9c314755e8de14f251cc33cc58d6921f4544a61d110c0580f7770d8a48a3effd62fad0413b810e719a54bb09b99e1d5b66de86da179310eb0603d8db723e876eb1412180e7e0de13d1a959b8c11e76bb4d4a32625176d090ee4386a2cd10056eb766ddfb5dc62b7bab2484c1314bbc6fe23f22a0cb0571eccc6f4ed43f4f6701172b56f39a9f76950e0b6ffa1aa1d1c3167823007976854634dbb329f60f3c05eee73b3d9e20e8d0f56e4f313a44aea5c116884037b4b95b35fd05437af4b9eb3a29109af05d218e8d2b1807f9d8927e85ef691434f37dcde5935016163bd01585dcae2d0b5738dfc673567ca05d7a784b7ac976d9dfa0be234ba0e07bdee895b00c32358cd6c913779c83256f288841e87c7b10fb92a2d4a98867a493ff9d390a136643f44284df76cdefe639b88540041329fbfaf74d0c56973c7c546560ca16b4296986984a110bf42a6e2da2384c3df75f2a2355819b9d14ab919b3c64c4ed8cfb2f62b019cac11ff8cccbbfa9ac5e0d2b6278728de9e3a01c0fd822ead8d745329c432ca47270cde8f844fa4a0f57795c60291f3d20467ee6b3d3300d9effcd7a583149a184654356985b8d8007e690c019c50b9505e88e7ed7dd9fc41df2a4ab445092f08683fe46532a555dff97ab1bc1b9762acd395d970383f61324efcfcded072df2ce7b79287f2a7832e4595e857f5af97636d2cc7f102015e9b44", 0x1000}], 0x4, r2) 19:13:12 executing program 0: r0 = syz_open_dev$sndpcmp(&(0x7f0000000040)='/dev/snd/pcmC#D#p\x00', 0x10001, 0x100) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f00000001c0)=@mangle={'mangle\x00', 0x1f, 0x6, 0x530, 0x0, 0xc8, 0x0, 0x2c8, 0xc8, 0x498, 0x498, 0x498, 0x498, 0x498, 0x6, &(0x7f0000000080), {[{{@ip={@local, @local, 0x0, 0xffffffff, 'veth1\x00', 'nr0\x00', {0xff}, {0xff}, 0x5c, 0x2, 0x64}, 0x0, 0x98, 0xc8}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x200, 0x24cb, @local, 0x4e23}}}, {{@ip={@multicast2, @loopback, 0xffffffff, 0xffffff00, 'bpq0\x00', 'bpq0\x00', {0xff}, {}, 0x2, 0x3, 0x8}, 0x0, 0xc0, 0xf0, 0x0, {}, [@inet=@rpfilter={0x28, 'rpfilter\x00', 0x0, {0x3}}]}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x5, 0x7, @dev={0xac, 0x14, 0x14, 0x1e}, 0x4e21}}}, {{@uncond, 0x0, 0xe8, 0x110, 0x0, {}, [@common=@inet=@set1={0x28, 'set\x00', 0x1, {{0x100000000, 0x9, 0xffffffff}}}, @common=@icmp={0x28, 'icmp\x00', 0x0, {0x17, 0x100000000, 0x1, 0x1}}]}, @unspec=@CHECKSUM={0x28, 'CHECKSUM\x00'}}, {{@ip={@broadcast, @loopback, 0xff000000, 0xffffffff, 'syzkaller0\x00', '\x00', {0xff}, {0xff}, 0x6f, 0x0, 0x5}, 0x0, 0x98, 0xc0}, @ECN={0x28, 'ECN\x00', 0x0, {0x11, 0x100, 0x2}}}, {{@uncond, 0x0, 0xe8, 0x110, 0x0, {}, [@inet=@rpfilter={0x28, 'rpfilter\x00', 0x0, {0xf}}, @inet=@rpfilter={0x28, 'rpfilter\x00', 0x0, {0x4}}]}, @unspec=@CHECKSUM={0x28, 'CHECKSUM\x00'}}], {{[], 0x0, 0x70, 0x98}, {0x28}}}}, 0x590) r1 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000140), &(0x7f0000000b80)=0xb) ioctl$BINDER_THREAD_EXIT(r1, 0x40046205, 0x0) r4 = dup3(r2, r1, 0x80000) ioctl$RTC_WKALM_RD(r4, 0x80287010, &(0x7f0000000000)) ioctl$KVM_SET_XSAVE(r4, 0x5000aea5, &(0x7f0000000780)={"a11b0cc02243063db23f0bf55ff483120961187a24a302b57fe95b32b23e24a8e73a14599e313c469dfb3a2ec3e31555bcbecc0d66e11364cb9c2e8dea219b93bad9bcbeae9ff7549cfc6000e0bdd40fa6c85c7fe31205a2466e53305c4d237670f5e5f33290e38007dae4cc1531febc519d1a3ff5b6a6616fc1748e14c1651d6cd742d9746316015566a09bb2a4f0d7e3f083431a8fe088c2f43270e9f09af7daadf469ec4341bd21ec2304186221bf692cb7dbba7486fa9dd530fe3330237e29831b82a5898b3bb11181e2e99876f969f2814915d97416d6366ffd328fca8b1335df42ad7af2ae4773dda687c6b3c0ff39dce39f97cb721f2a1055dc0558abe35885316e859cbdbf2266ac7abc63d1d82b88957b0a771a4926c60f56cdeadebf8a61bec3c4e3c6396c574cfb5d0ecaf667b6ce54cd48f99a5e0d686e47b286df2e0f91bbc6e6d547d9ef02a8eec177987bc922e2035ab86e2beaaf434f80b06c227aa66add4eb6b85888f0efe37015c69d6a554f6b1d7c10ee6584e98344b3a4ec73b98b7f2300fa2f3c2a78a710c3e382d94b0044039355ef77ce44aeafad8a2322d5fc02ea2237417566e0cbdc6078fec2bcbd0ac789fe1a005efde0c9999df80d3d9a2e1c06599dc9f9548a6a726fdd309670ef33175b234e971d3ff07bf87a35319f5b52e952354147b1318d3ab61df2301a9af541640d7013e9d800add9ed9926f3ef0c2e4cbcf0deaa6d286fa9fa6b61dfaae912f8c9873f3704a1a982d6801533945a754c587fac77ac7556c3722dbeec7a9e6d72e54994d4d0d81ddbfa8146f1dd0c44096b02e8502d39fe6d8df0bf1cf0a6796045a74211db536292a43cec65e8410cf779214aa3c7628912849d9e4a6c92ce9f138a3a2e138b5750dbf708878cb1bb774b1c2967fed8017270f9da9b9fe4ef9c28bc274c143aca9da04087eaf7989f8fb5f0588c18be5676e6a205e801a430908b72d1b303414d565df2f54ca18bce64e3e6168ffc9d1b37b83703f4408f8bc8ce2bdebabaa7d749b1b6a4fa87f0887efcbe003b0e17d46b7cbd4fc080e315de85a62a374b2868e7ab87df735c58172d881188750a976ada91c9549b7ae9aa037cbb240fceec52f2c57d11ea6ae69a247aac71d8adfd0b9b041f95efa7aa30abbc55b23b4138898ca3b4db39de29e6e1508bd05b8891d756b7de21ddbc4f2c6f1ac1deeda9d91c56f2bf5f45b9ae669cc6f221ff75ac2b8e1b3ab7f6dd028a32be8877188da62114734360632d33cc3bf75f86983dde82bf07a94cd6cf854c1a85b48b701a85b82f8102b4a081742bc88c2b65150d8bd34667c2228b44b007cb7a6534a70cc82a79f18d0de336b75c89187c62b5241908eac0b342616a1d9cbcca67cf9ad4af4107aa71c38217408aba05f8a485cb7e8b5923fdb6e9fd1b4678f6ca03afebbca1"}) 19:13:12 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) epoll_pwait(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000080), 0x8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000540), 0xffffffffffffffff) r0 = syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0xb8d3, 0x1) getresuid(&(0x7f0000000140)=0x0, &(0x7f00000001c0), &(0x7f0000000200)) r2 = getgid() getresuid(&(0x7f0000000240), &(0x7f0000000280)=0x0, &(0x7f00000002c0)) mount$fuse(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='fuse\x00', 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB="2c726f6f746d6f64653d3030303030b030303030303030303030303132303030302c757365725f69643d", @ANYRESDEC=r1, @ANYBLOB=',group_id=', @ANYRESDEC=r2, @ANYBLOB=',allow_other,appraise_type=imasig,seclabel,subj_role=/dev/bus/usb/00#/00#\x00,appraise,measure,defcontext=user_u,appraise,smackfstransmute=/dev/bus/usb/00#/00#\x00,euid<', @ANYRESDEC=r3, @ANYBLOB=',smackfsfloor=/dev/bus/usb/00#/00#\x00,\x00']) ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0xa3}) [ 393.247763] binder: 11226:11229 ioctl 40046205 0 returned -22 19:13:12 executing program 1: r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0xa8400, 0x0) ioctl$VIDIOC_ENUM_DV_TIMINGS(r0, 0xc0945662, &(0x7f0000000340)={0x40, 0x7fffffff, [], {0x0, @bt={0xffff, 0x4, 0x1, 0x2, 0x8100000000000, 0x0, 0x0, 0x7fffffff, 0x6, 0x0, 0x2, 0x2, 0x2728, 0x1, 0x0, 0x3c}}}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x6, 0x101000) ioctl$EVIOCGNAME(r2, 0x80404506, &(0x7f0000000080)=""/25) getsockopt$inet_IP_IPSEC_POLICY(r2, 0x0, 0x10, &(0x7f0000000200)={{{@in6=@remote, @in6=@ipv4={[], [], @local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@broadcast}, 0x0, @in6=@local}}, &(0x7f0000000180)=0xe8) ioctl$sock_inet6_SIOCSIFDSTADDR(r2, 0x8918, &(0x7f0000000300)={@remote, 0x2b, r3}) bind$inet6(r1, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r2, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) sendto$inet6(r1, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) 19:13:12 executing program 0: r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = mmap$binder(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x2000001, 0x40010, r0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000140)={0x8c, 0x0, &(0x7f00000001c0)=[@enter_looper, @acquire, @increfs_done={0x40106308, r2, 0x4}, @register_looper, @enter_looper, @clear_death={0x400c630f, 0x4, 0x2}, @release={0x40046306, 0x2}, @increfs={0x40046304, 0x3}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, 0x10, &(0x7f0000000000), &(0x7f0000000040)=[0x277e176ac61b0535, 0x38]}}], 0x42, 0x0, &(0x7f0000000080)="3130db019ba6b1848c3457705bb97d414d9a29e2138fb81c6d04b8a919f34620411fa547fad57070ce3d4068701e778253270bcc50a780ecc408fc0996dbaf168fd7"}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$BINDER_THREAD_EXIT(r0, 0x40046205, 0x0) [ 393.465019] vhci_hcd: invalid port number 0 19:13:12 executing program 2: r0 = socket(0x400020000000010, 0x2, 0x0) bind$netlink(r0, &(0x7f0000000000)={0x10, 0x0, 0x25dfdbfc}, 0xc) write(r0, &(0x7f00000000c0)="1f00000056000d6dfcffff05bc0203030701ff2104173f8100000002030039", 0x1f) [ 393.548079] vhci_hcd: invalid port number 0 19:13:12 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) epoll_pwait(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000080), 0x8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000540), 0xffffffffffffffff) r0 = syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0xb8d3, 0x1) ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0xa3}) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r0, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x40, r1, 0xb00, 0x70bd2a, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_DAEMON={0x2c, 0x3, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x2}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e23}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x231f}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x100000000}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x88c0}, 0x20040001) [ 393.641662] binder: 11244:11249 Acquire 1 refcount change on invalid ref 0 ret -22 [ 393.649806] binder: 11244:11249 BC_INCREFS_DONE u0000000000000000 no match [ 393.657107] binder: 11244:11249 ERROR: BC_REGISTER_LOOPER called after BC_ENTER_LOOPER [ 393.665370] binder: 11244:11249 ERROR: BC_ENTER_LOOPER called after BC_REGISTER_LOOPER [ 393.673610] binder: 11244:11249 BC_CLEAR_DEATH_NOTIFICATION invalid ref 4 [ 393.680690] binder: 11244:11249 Release 1 refcount change on invalid ref 2 ret -22 [ 393.688654] binder: 11244:11249 IncRefs 0 refcount change on invalid ref 3 ret -22 [ 393.696633] binder: 11244:11249 transaction failed 29189/-22, size 0-16 line 2855 19:13:12 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) write$binfmt_aout(r0, &(0x7f0000000580)={{0x107, 0xc7d3, 0x0, 0x236, 0x2ad, 0x100, 0xaa, 0x5}, "2345526be3075d770d24227e4aa4fe6772ff7e102faf35d20843d42304fff54ce691d287965c7061474b6f18451da7b77230ef0a9885b0e1f55c5c1f1e32540e89648daab1cf17bcf7574e4056655cd8fd7ae4eb047b7ef21b4d3f9e5fbc13fc12a496e40734aaf7b1b1e2afebf9505d0c7a5d2798513aeb0a7b71d6f28a6e2afa32d99e292d0236531c2e4371ed8e7d451928be8cc9bafc0b8b1d351fd3a349a26f4805dda6ae0467d27d30e62d6fb8", [[], [], []]}, 0x3d0) epoll_pwait(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x3ffff, &(0x7f0000000040), 0x8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000540), 0xffffffffffffffff) syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0xb8d3, 0x1) ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0x8, 0x0, 0x0, 0x0, 0x7}) 19:13:12 executing program 2: r0 = socket(0x400020000000010, 0x4, 0x0) r1 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x2baef310, 0x0) write$P9_RLERROR(r1, &(0x7f0000000040)={0x12, 0x7, 0x2, {0x9, '&vboxnet1'}}, 0x12) write(r0, &(0x7f00000000c0)="1f00000056000d6dfcffff05bc0203030701ff2104173f8100000002030039", 0x1f) [ 393.910680] binder: 11244:11249 ioctl 40046205 0 returned -22 [ 394.042947] cgroup: fork rejected by pids controller in /syz5 [ 394.103480] binder: undelivered TRANSACTION_ERROR: 29189 19:13:13 executing program 3: r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet6(0xa, 0x5, 0x0) close(r2) r3 = openat$tun(0xffffffffffffff9c, &(0x7f00000006c0)='/dev/net/tun\x00', 0x2, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000280)={"0000000000000000000000000200", 0x1}) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f0000000180), 0xc, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="2800000010005fba000000000000000000000000", @ANYRES32=0x0, @ANYBLOB="0300a80000002000839ca28c0e090049"], 0x28}}, 0x0) r5 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) ftruncate(r5, 0x2007fff) sendfile(r2, r5, &(0x7f0000d83ff8), 0x800000000024) creat(&(0x7f0000000200)='./bus\x00', 0x0) unshare(0x28020400) exit(0x0) syz_open_procfs$namespace(r0, &(0x7f0000000000)='ns/pid_for_children\x00') 19:13:13 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) r2 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm_plock\x00', 0x101000, 0x0) ioctl$sock_SIOCGPGRP(r2, 0x8904, &(0x7f0000000080)) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f0000000280)=0x0) r4 = getpgid(r3) fstat(r0, &(0x7f0000000980)={0x0, 0x0, 0x0, 0x0, 0x0}) r6 = getgid() r7 = gettid() getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f00000013c0)={{{@in6=@ipv4={[], [], @broadcast}, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@loopback}, 0x0, @in=@rand_addr}}, &(0x7f00000014c0)=0xe8) r9 = socket(0x1e, 0x2, 0x0) unshare(0x20400) ppoll(&(0x7f0000000400)=[{r9}], 0x1, &(0x7f0000000440)={0x0, 0x1c9c380}, &(0x7f0000000480), 0x8) getgroups(0x1, &(0x7f0000001500)=[0x0]) sendmsg$nl_generic(r2, &(0x7f0000004780)={&(0x7f0000002600)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000004740)={&(0x7f0000004d00)=ANY=[@ANYBLOB="101500003400000025bd7000ffdbdf25120000001c1f0ff85056f82466f6c9805886cb6fed7332e9ffe656dad89680703f6db79bc4cb02f9c6ae93001633be2fb6947afd1c5cfae411d190e75dd9e01dc6115394c9adee3feed6ef94b28d7a9d42522329f2972c17ded25ddfb8c0025e0090005c0064a29dabe49a078acfbba13e30cc239c07d0354ba89faab6c7bb32b6adf22160eda9ae4071ae3a7aa75f73756d46ca08b346ad286fa77d99566eff452f092336f4b186e4f11bfdd951d25ad4fb685c3eaa57a51c4b590f2525bbc54a1eaa1b80002ebc1c9dd9456901bcfaf1f0936eed3f461b21e94f66575eaee03e9126e7f8f9f73500a07e61987292265425c34e85ecb54b83ed311a241f88afa9c20dfcadd9cf06096a4f00fa649926c53e35c269b83be592b6f417b275635d67c93320dbb62cbe0bcca07f13a967b963b68f9daaa2ed3b80e3e08effe7118e96a5b31b5471e394c49cb649e3ae7d87a2861edcff2d0bd9b2a3e7c22e836011c63fc6d13cb34cc2fedb7df5719a8adc8b91d35fdc815baca93f24bb93e1bc78c6eeeed56a4b1a62b6c8d90a0c9b5d845879bf5fa76ec2746508628057a4ceddb2e4b9a650e106a069024fba1da0bbcb8e98a138b9c7ff1b696b29dd753f0efb2a7c9f8542cc80f618255de932cf8050159ca9c5b47a3de69ab8b1618b29bdd1478d579b1cc873df199aaad654bce465e5ce001f452746cf1791afcf2569b9fd7d060d66832f60285bbb68f2481fa773da8b31d9062ea0d335dbc148fbc802a62713d16f29a67d690c385c0951945a822cd2bbd7416fb48b22565140a9df694672233795ceaa829b9fb0e7b3c4c314a5c7dbb92a9280ca3b3549f68ffa51c6ff1461b38a3a67336df018ac8a0bc9cb0361e0c3155a76f49111706fb7e7d76fa2a4efc4df348cc705360e28ab6a6606dcc4c4fefea8dd540a2b2d358df5b06f5792bd8726e0ffee8d9808b65eae7279441ef282a5923b908fb35cba4ca065962371f35b0630e88c0831adab8ab69ad532664175832de839854b92e110f2ff5017502528efaa2c64c065a739512d79c527ad0a1c0da2e83cd09e87dba1d581e2a752f19ffc423874cf5a26cb8504568c2b332149797fd2773b6821000000d8110700ebf68d6b301e0ae50e90f43155018795b4ca4df2f4bff910d33d84d94f70dc3ef5f56357788c48561e7d5344a99c5dc1c66027e3acd146092a8ce56362fa882b51630902e4a718a7a2ecdd96cb58e1e0abe680f7c16dac63946d1f5c4b7526fe55917a5cde25d3a46d3473d994ccb4dcc6bfd7e9718861b5488b8bd192ceb4536af4de7a3144606ee90f824f9e5f477c30eb25c6061d19396a6db885014ee797d83139f6fff34f07af6f0d479c126a2351a588aa9cb25cd739f6c14491e6f065686bbfb0bfbfe79c54b38ee4180a76160411326b788f10bc76a537f6ee3f43a7306e221a611af0bb65459935c6b080f5126d00a23f92a430606e37a25651e0f6e5aaadd4e7ba491906552a4ce731794d2987f891e9fea93acb8511e6ec7a83cb6c381b06c92765ed54ffb829d9bcfb03c9daa7ed70b1d9e5468d9c529101eada71193f064e2d5e2afd2e526534782b8b2481b4db48e6e7606c2dcc0668adca7d44eed248f941b39db5d0ddbfd8ec8016bba14eefcf138a7c8079a0da659fc52bb3f43612c7c11b885daea431f4f2dce4cf9ad61c7c73674aea5346fbef87a6c93373af5fffcaf67006cf6f47d4dee6c4d2839477754356c5bdd48a57814d6f9bb005b48d01ed71c774e516d8c3516d46e6c89c434027ecce6824897e56515efa35a3f70735eb53a88ce30dc691940ebc2020a3f2b692fff124ec6185b35c53e283cf28cc2a7bf34f489455a2f8470ad39c7e141e097eae8f7c7a61f6a0fb34a40534d23b79d95260b2bb6d5c2b1d5ed81749029b34477bca3d2e2f482637eb24216c4328154d679304871fbc47c498ebfa0380e3cf4ebb7413e825e0d0649635713211a90c9de86ef521f81af85c6dc48d182c572248b18fdbabc641165078c86cd91fa23478afe73d46dac7be11700b34dd811b7529bba3b4af11ae33d999f48c7187b3b248cb482a953ac6f3b0f4532dc8e0cfbc4a3f1d6f5b60e9a4b204ba683fb708510a100ba183936141f3d6d150f891405f93bb251bdedaf453f496ceb5cfd81f92de87344b9810ae455c6f7734a010b08d363a3b40641546bd91885dc4d090b13953a569147691cb4efc75516dea304f0eb0babcc5ea10bc61e3b5b0001552b707f270f132a303228824a5818c9362198b44607cd90a3268189607e22a90778c384f937df763ed7ae1b091edaf255b94378d64b3117389838509e9566816a2f2716cd2b44c99e92578085c4562720a585c281f70dc4c7491afce5b6fa4c3863078738eb57d19ab2100da6998a6c90af1f765391eb304e8c241f3b9da986bc8a8ebe22473e4cf48d454b9d1071546275e64be76414ccf9a99a83876f79ba373be2e3942ff10d9106fe8f5ee4d1b38d524c8bf5bb72f871bdb869084425ef801061e8ac5860b58017a1b19d3bf0fcee72fd865698beb5592fa2971ff9194ff36ec26a2eae400107a83a7400aafabe925a3555ae1584806f49018623e9fcd1338a0ebbeb56f4ac6d78283d6c9cb88c366c0fdedbb0c3572cbf0f0f0492fffe2e5c013c0e758830ff58610a47914a9bb2586495870376fadf6ec6b059cf3736281ae77ba5d8c7f3bef7cd2cd9e3ff9605dadc50eeae6d3561897b4f583bd3b026e3efd625cf1ab5625c7f2628ac9ccd0e1e50890bc9051b26026ec3d0899e1cd00f51619d27d47c8525055467ad896e0306193e6e5a557b41d044867a1f6e7e6aabd94d6f188ea596d83089d596f1194ffe083bc526e563321c2ffc4a1b48e31894ded35987a596400cbc3c3d75e091c0a7111536747a28182bd1dd0c9e56e43a7812465d7f03f9e9d5e425406c25888af2a40536bcbb3bc5bbaa1169c6b994f9c295ebd9a99609910059bbae6d2010e060e713cb746afaa5a93a79eb4a3c0dbb7fc8fb2bd932bc85152253b8959dd453f55384860f80810452fc151088e5b674cade40d2900e8a9019c56807b2ddda4b28f5e3277227690f75060887e9e544c18659f35001c8ad778a0bc5a760f519d1cf9825ede36fbddbe3e5dfa44b459445c19349c0db4f43e2d41d77d2bb7bf3c6237827acce3f0d04cd7593e9de3ee39d2a2cd669b323e41d9960da5ad0469f23f07e6b346cdd45fea1c51630dfe3398c578541172cf880254229c695c477d982281b327534c7f422642be7c9d6fcad2c5f55335c64c16ea55d676efd7de2b95a10c409aa624bfda384596b94ba265cb47de6382527ba5c42b43b08f63b7a46e7465e8b974ca217c74979520fc44cb0215249837c3c39fb12575ac7b5ec472a80b9062f83ea9e9bec27ac3aecd1e58143165f8232c60088394ed6fcb01b478800ba108c5667107dd3a19fe951f494016449d4e14a1c2e94e127b262a530761ba0c15535b42358f55c86991058976f2375e30b96ab66245f163cfe2d70fee6f7fcaa672a4d37d62eb2b984774709f1940eadaf2df074c1fdf4d1ea5f77d96434ce698b1b84d6e8956d98e8b9063e806d7303c6942a5f123fa26dd7edb2ddace147dce0811a1c382e9294060a5023d157e8e389a85a49b14d1927b8839553450fb3359dc39da1d0034ef9e3e18e6bfc5d65336e23123917d2c5d40e3ef285c3765acca9bb5f1a9afc6862b075143f2e82dbc619a8134ce2e2147375a6c7f0661d5732677007e6544226f43467661cc07192930f639e87e47861c04ceca7125a6083e71b963eedf1c643d36030b369a0414a9695ea35fc60a18e2d5d3e56720584725b6d9065a506d43e1b919dbcd13e319b79bc811ef6dfde0a7eda51b5e67bb318c96781962be738b202520eb656b55bc2dafb49ba5bc2663878219c2a14e43ccd0490c6a027ddc1730aea72396d1e35cb286cdb1d5d74601f795e8029fb48623d1b39a4879a1cfe13884d8c390871e2b2eb16a16c59602b02b00be8b5dc27978b511b36769956c61a9ebba261c446d229d01c0776b195fdacafc44eb1c4fb104de39e928fef7f06849aea4f1ee5bf5fcde00db0d8579ac03e923946499c18a0bae7089eecdb410546306b3f8dc49d826cbc75c3e4d954f9af8e6321d558c62a92669ca9c5da85880ccb2be1a6dd6f0ede6a2f40cdf93a348a7edc567c3db0878799223d36d80427eaf78f6d02a33236d6cbeed9cc9fa0292b98e3578a03fbceeaa199407bad82cc05b6b9b7239b67bec9784baa47a6b42077890f021a0deeb605d35741a0cac99617c8618390ce26487691e5dad2decccef9257d8fa2af78cf07105e10fe7642d0e6b899a727891ebe4538a1d50aabf9232b01b5be7b10006e9d2a0563e9427812d4872742f2b77026452a8f0bab38875b9804ee338bd609154ba4eb90de6f4703868568ca7d42327e141477c8f1922f21745c78ad1cbbd6f72cae7127dd00863d54449c897a1ae3f194448f52d89e285a2d0ec40092d2c440c80a700375c4dc93f3837ff19dc1a63b5df089bee2edad5b5c0b0a2e677a43c9db88258e5b58e5a2a74af3e0959ab08c5da141358a29ba18ab50ae575d68b089693e4bf6c020d1c71d6ff059644a759e51ea0527c85025f48c529350c97e0beba5e50e7a98497cf7f3e7c9c27bca4f295c9bcd8d4e116c57c37506b805a642a893e4324b8fe9a30aea9ac32a60e0d10438c3a16d07de545d4fb10a5f9d933c3787bcba47f0f1d4ab357d107c15207bc3398863bfbfbbb8b08b06235167e6e43d2ad5f12f338909fa56827717909a0bd43da88008ee52cf668cd50582c5b5a47f895db8ff530e9042a9c1e8a1a58e9e89e2435fdd713d3b88ed603d526591b27f52af8af5fc2f6432e8e8a135d4d9b4fe20d401f6b50bb27933b7c231b688e1e41eec8309ae61e431e6465a191416ca01a9d948fdd5f6192434d0813d8cbe4b7b6356303e00cb3ef05916902c1bfaeb2d35def220c0152a81558081d5a23a7517f4fe93cb025de822bfb8344a2e388cda55c525cc63c28df776d03e35f02c51d6c27ed904654249574f42d2096b37dd196482be0eeb2002dea3dde24d3e6cafcba5d2042d1a8a9a5a0409782deaf551f5afc36701eeb5225c34348f3a79f3e6819690da148a8951c088fc89b41f9e3f6adf10b0c40e0047f32fc40219c7196902e49bb98e8f3123a61f268fd6f4fc384eaf6822b3012b5c21bb445f7053c1a5fd3ba3e7a7492ff950101014b33009d5c7f7a9e1bb263e737afc37d72c2d0bedeef0a31c64e0560c1f38feac724f73f907060896b574abcd83689e5ef366c4eb1df6b01b01260e6c237d68d15a0b5870bfdfcff2b918cc39156bff2d17230ee04bb327b5e277f59cb91e04c5721fa74865c3088ead76a8bfa9343dc9d69bb4720268627b437125497525426ac0d3d0b0b8af8813b4532e1f5ae4a7fd9a3f721bb13657a0798e2fccf7203ea4275697a3fb01a5ab09dc7d307f26bc975a41abe6d0f7dabe4dff5b5bbd1633fe070af4c92d432d642e1825e6d115358fa48f5a5236c34f016c30bda10b328de2fe630a982d91c69608b16ce38e7367197619d0381c0bb6627323c57ff7573864db95843d7926c417a766f4d8a9db1633661b16ee02f2dd9b10eebf387dd18eaeeeccc717b22c993325533325629c1e042f380518688053b18618833c003d2a76f0a8f56364f03a1ff8725339f500dda623bf998caf555f4af8a548206c0e44a052ec0cb3ee6c8739aca773b815ecc5d70728a8893c84bf9b884bd89ce18f8a87d2faa27e83bc41ab7929774e6db9f5c3a84d921c2c2c05c841c51e6d1fb3fb4829b62a6d48f71559d139a34a4e4ca0c079d9810cbbfff049760c2a55533edee0e1888a38c136cd007ab1c1d95323f67233f73746afffc1f668835a6f3e206807990fb7277bab460d004760c07fbf0070303cdfaa53d373cab3134c074d827cef47610f223dbbcf1d7461d8e7cc3b9bc79f45897abf0fc79e2c21e0469922c7aff785b94658d2038e6f1efef73b9da590c8b5e6201aa6c842b1a48466cb81b29a313b1c791210cb76852164a4f7549caadac25ee2af18e7e159187bb34a051580d62d9564f289e43a613728c32c93e570dd6ed9fba48178fc19f2a382f1149948267b21af9f451b651034196bf58fee7dfea7d5c06543d742c187959acbd68b5fdef0be41fbec1ebed11dfe33c91ee1127b28a6661070ad07c1c6d65c58531212e02121f6cfc47eadc02ecbc39980f8b57c960a8c9133a20081affb370e959eb74604b7efe6380376499692b553e61df2371b2b786dd34bcf8b201457e0ae5337c6c7d0dabc098e7d973053cb2dfa29d730f357e02a187a1d0ccfcd860df02992c2841eb6bddc73e5b65218b16bdeb27c3f41e7f01997e37fcf1cbffa39c980a3f3c34e03c1e14cc1042e8802ea32ab38b401633884c8733eaa5a916c0c3fb968305effc81963309f585df1158e60488babed1b9857d0250529107f9694bb42c44d94768c283db49e5f5d18062f0f18b8702b939a3fe306917d937019992ff6ef26e41b4ab0af53cfb524c18aab998cbf1f7c0b9e547b271754294e5a420dbf340e87dc84d2a7aa49af458eec492e2a194b88aa6e7b8f5006e9a8bbad532418dba02f048e38d2df2b39f8fe68f1046936f4e810d40bfbf0453b67f3b2795f3e37b86178746f832d2cf93e7a52a4916ecd0157d49ccabc52f489c195b70a0cdb0b6fbb3c2916e718e4cecea920b9f4625d99f9cacea67fd2ec6910c156d1c3d65b8bf679539b6f94e3c72fdd3fa94a49c0d0d37da1e735bbffd45025c5856721f299b333a0f443e5f7a073426d9797f748bdb9d9bec7d1015cc138a48a48560030016523747a6b6e84141817ab344a4c0b8a23c49122e0807642d3b3e397e1a959e39ca4a5ab0b698bc2d238777e25cad1a175d6ba53a890bce830d81b9fc12a52ecb4d0fe2848a5984e8cec6afe278e8ca2d87381165ba3b44c42d87ff0d26640947d3849a386e4604b0304b13d41a2078385ff79c20015a0a2cf93ba4f7c643837b32a1cc02aaad153299bbcc15a61b9505ed788e51c8aeef3cf8ad2a5c6b44efe334ea451495a132345952f4802c257916a47cd5cc8f79a94ca05b7c648abb85241d9b0f6b9f61c730bc6154cefc61d66b76ed726e72f2013db87cdde0c721098b1ae29bb65b34330282b53bfbf3e52e5e1a36db96e60f2b77e09405dc13ac9dccc70879b4bb6b7bed9fa0058fad24f71e9553d0c5ddb2da0c4125174c4ee4fcec83786726fa19494cad6ae26331a5d6b56d5297e2e3a03e6543e44a7378dfb30a13de0290ad956667bd84cd64ff85d28de5d4dceb8be13811630fbdc211954abcecae9f3016458f78f199ae67c2807782caa185203bb2cade12420c8fb9ec0b02925dfdad5645a3f43cc3b83b433517e87f7320efaa183edca809e60313cd3aa308f663a3472abd3f0dfdfffd7a891ba23b15043cbeef2e85350de7286a5f880a0338332f6bc2f8fa0907325e5ace70f217476be4f647b177e8ed000000080071000400000000000000000000"], 0x1510}, 0x1, 0x0, 0x0, 0x4000004}, 0x800) r11 = getpgid(0x0) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffff9c, 0x0, 0x10, &(0x7f0000002880)={{{@in6=@dev, @in=@rand_addr, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast1}, 0x0, @in6=@mcast1}}, &(0x7f0000002980)=0xe8) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f00000029c0)={0x0, 0x0, 0x0}, &(0x7f0000002a00)=0xc) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000002a40)=0x0) fstat(r1, &(0x7f0000002a80)={0x0, 0x0, 0x0, 0x0, 0x0}) r16 = getgid() ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f0000002b00)=0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000004a80)={{{@in6=@local, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@dev}, 0x0, @in=@local}}, &(0x7f0000000a00)=0x2ac) lstat(&(0x7f0000002c80)='./file0\x00', &(0x7f0000002cc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r20 = getpid() getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffff9c, 0x0, 0x10, &(0x7f0000002d40)={{{@in, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@dev}, 0x0, @in6=@loopback}}, &(0x7f0000002e40)=0xe8) lstat(&(0x7f0000002e80)='./file0\x00', &(0x7f0000002ec0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) sendmmsg$unix(r2, &(0x7f0000003080)=[{&(0x7f0000000100)=@abs={0x1, 0x0, 0x4e22}, 0x6e, &(0x7f0000000700)=[{&(0x7f0000000180)="8c35034941c28ecaa9d24cd7da8910e6a10386dacf3e3688f996e782ed5e46b0ee26a355b80bb89cf8394b480b7ff77a53309a51891e83c263d9a0c54a1d4c289365f335871b136e67445c32bddbeadec92d91258f9c9e03f80873e2511c1838d496166200d19c25e2b1eeffd81bb5db47285e3cf5f4803ae37430e3030121ca16e9d2da87e92c4b70c1f9928b", 0x8d}, {&(0x7f0000000240)="c31493998c862f35e8", 0x9}, {&(0x7f00000002c0)="198e9592bc3db52fe586cb622b107cc45e76f9b3c762110b67c740294104bc051b03875144075d7a394c6102833e624d300fcaaee4eaea37984ac0efbd4ec6b3ce5590c2ae82c27c3a0468eb4327940adc229fcc8ec3772c9896258d06b614847aa120b8bb7403d0903d5e574476d3820c19625399a5ee4ec7a33bd608e56dc92adccfb4eaf279c58cdb4e85c0", 0x8d}, {&(0x7f0000000380)="15aa0ab910015edb5dc434c63344f5352a2ffa3949096748bf9f70aabaa9a203f9ac4dcb098aba7e8aa8c114d3d4c07f8ae7b052b060d86770a1c73c93f4a9444c77372441ebfaf0c5aeb736bcd41155a1497d703ce02b0097aa2e3cb9a20a3026c2eb1052b8bd340984fd52aaeef854ac9f4f54cbeb0bfdcd7dc05798c327bfb18deaf41cbe11ea4c1e9fa5415630664f1f4adfc114829d6d851e1b78a89860dc6c4043d399525189a806896aebc8758274f7b827cf2e7b4efc6c05367476711bb7561d", 0xc4}, {&(0x7f0000000480)="8c1f2f9bd388c8d6776e02d66e71ad72e6d9309d70a3346ebc600c50e9f2844d76d028a5b95d28e18e8760b3862c26de542198fdfe45667aa284cc8da573a9599d9184f22dd877f088d132643bbc6d0464197e3278473fde497d08f6e08a051805", 0x61}, {&(0x7f0000000500)="2abb3d47f9a40a3ad9000cd4fb4018736ae61fab9a089acd5256373aa7a6a62ac1d27b7796a39227254ae540b2fb7d4baf70071d1cd499c4d1a0d631b41f1b6c91165a67554d72ea7f7545ed44501cf365970621b62f977d18825c119a9a6b81b95f0ba578dccac6bf8a322112bbe94482572f56098104fb910820507891eebf018fa98c9b61fd36572ca574d93ab6f3774a637e53497c7ebbccbb69ba017d315563950190ffb149135b9e214613ea91c7e3048d35ed68b69dd082b8daad195adf74603a8ac0e75d95f050ff87c2322b28f7c0", 0xd3}, {&(0x7f0000000600)="520f9771175d779ee188ba4d0c1949f7158e3b27362594a2f97035546d81cdab71fff2ff349a9dfb3f0b382e5bc458ea9ec0b1558ed5a943936317a08fbf5412065dd47fef5b9b9f7cef7b4f54e8d676d74fb845cffdc783f52beb5fbd3f8d40ae4c3827a9c09e762f447ff4653c484bced30eda081ef0538fc5263ab85d60029a3df40930c377ed1131c63a5885ab9de0e92e785ac4813c61a714ad0850", 0x9e}, {&(0x7f00000006c0)="ef08ab8522e7c0722000576885f852ff743771", 0x13}], 0x8, &(0x7f0000000780)=[@rights={0x20, 0x1, 0x1, [r0, r0, r0, r0]}], 0x20, 0x20000080}, {&(0x7f00000007c0)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000940)=[{&(0x7f0000000840)="49a7d7b83638c2d5c9188a54b31deaa566d16d886e65b390d21e146adc54384777b2531f265fcb35d2870dc016f6012b302f43a1882fc9bb9514bf36f886950a36679f92ac730be6be2fc37d35004e32772d88c244c43dcdf8fe2be4f0d081e0709f711a73cd99b0ae6d9d1825643a88b335a205a6d1e84cc040821e47b4c68d8afb5e447c339c7b35e1caf76ca2047cc3619e6c8e4c75220462504511bfa4ea09a62c0dda1ca8a88cbfd2aeba5042af5e13f20d53fb27b9816482b2016b3d743e01dd2b0490607b18e5e6f28e466a3240", 0xd1}], 0x1, &(0x7f0000004b80)=ANY=[@ANYBLOB="20000000000000000100000002000000a54d25fc87020dbd43f565e35fb4cf09ca141a25d8df3cb9bbe8d566800eaf542f7d5cf133c7a1ecc2e6f85e4ca906c054825b410ad47c97d6425ea8728b1d5ecae804bb50a5005c12ee0f921af639ecc8c185e3b637cc7843cd151d6c06957cb62400000000000000000000000000000000701bfb230318d72a9f5273822f24c1855ef67835c7ce7f9c718550be0887126ad5881d0fd7a9b3b9e857dbbaa5cbd15a4d263d7cbc1558de54bd1c81dcf1e70b16635747f71afbe101e501b43ab1ba5b40cb127de56dd5890691f9717785d082581eb4187e6afd31bbfcc999ecb9a3790a079256f6a8225e911ee1cb9a20b41623c2cf73de3e607ad638e2", @ANYRES32=r4, @ANYRES32=r5, @ANYRES32=r6, @ANYBLOB="0000000028000000000000000100000001000000", @ANYRES32=r1, @ANYRES32=r1, @ANYRES32=r0, @ANYRES32=r1, @ANYRES32=r0, @ANYBLOB='\x00\x00\x00\x00'], 0x48, 0xc0}, {&(0x7f0000000a80)=@abs={0x0, 0x0, 0x4e23}, 0x6e, &(0x7f0000000b80)=[{&(0x7f0000000b00)="a5b87252a2b97b34d5be03307ee4a93098f37f4357aa35e702741dece150ca509803ccb1141fcdc47c14a821142d5858d6a31ddc3e234006f992127f750450d6f2d059942aa560495330537de64a618e164fcf", 0x53}], 0x1, 0x0, 0x0, 0x20040800}, {&(0x7f0000000bc0)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000001100)=[{&(0x7f0000000c40)="250fa827d90dc2d079033429c8d8fc114381b694bc99c35dfea259d5e35dbb57c841fb13ee813140a4f987330f87bcab7771e31ef182be96e93d40c9091928e1d7e8832b985911f304ece89c51e65e3e5a1024d6c507c911f42e5c78cb8080dccb6ccebc69659523770f627a856054518337ceb2dea2d050", 0x78}, {&(0x7f0000000cc0)="89ae4ea88b16f544bdd0296525aa1d2c933cd0c9b58cfa2f6cf2c2633cd4b391741b3bcb17d8f82a3296c7ab9e29ae6a39aeb44acd293d25b0f3436dec54b5bbda40b578aa8d50886c70eb56873b84b9ecee713f97715f56c7056d22b56842b0217b1547c1a649b1bd0517464df7aeaa069256ff6e78d4a8e471688cb133fb9ebd3489bf2823c56868b50aa0ffd205127eab92c2fa0032cfbf1eda38f2ffbda5bd599193912502b7af1b52a3fa", 0xad}, {&(0x7f0000000d80)="0549ee437a868cbf30143db4a96d2dbcccf74d54b5a9a356d3ee72632e365b57b497a2cad74f7500a98fd3e2c429a6f28e6d3932", 0x34}, {&(0x7f0000000dc0)="2e6b8b8b95540d5273d8ac67fcb5be96633a5f6de25884167cf0c6fb8358b3d37ddf72838cd9f68bf188a657f6354ae9a4ff0d12d8c4389d2b7f8e648a4b190fac31d72f37a23db1df95057cb7e3fdbeebb87901faeb03ddb1d56214d8c45d4edc19340b7ca7da40edd93f4dd808b302d5e2fe87bb6b95de6df9f07dc3806a7c4f7dec4e39a6836570dbbbcdb3e7662d42987f75c89af3b020fda94bd1344436d8d9625612bd49267be215debfa72b97e3544905d4f097d5d1c493ca60877714daf0d44b3290c9a3da82fb7dd29a8ab815362420a37aec95f7c830ee4f", 0xdd}, {&(0x7f0000000ec0)="e03d175f9e42bfbdfd93fb4d5205b23503282c769114218fa71e41bf1befe6f89cdab651a35bc85ed0ba666a4b75a03572eb044fe994f66628563667bec4f7b9a952bc90ad87520c498b7882a6faca97f16e62301976173755faa2ce39cd1dce143d581e06dcb120397c65eda3e55c3de67139a1412bd1992aab1685598250cb7b541e0e2472fb66583636b6665bfb2b01bbbc055cdc8a87ca9b27e8d8eefef7c0a50b64ac6588c272aac9ba33507a9ae94140508a0d", 0xb6}, {&(0x7f0000000f80)="8c1687e58be09060d9602b13f2485de9cfb2f319fa7169e6cb1dcf4367730501bb988d894cf7b304533f9f8c107550c2bf36d262d1e6cddbe05ef6019ad379c45697433f78e43c761a4e6a6d9a28979c891f2f5cc862779a52a5a410d13e5e7b321cba7575cb1b9db832cc756419340e53b104ba1b21b5b7bbb4ef44a3196e1b2a4cfafc717857e48e3da84aae322b6c71457ae24451b7eabe8f71391bb50fd841d9cd38509d206be0e1c55f50d26eebec9d6ca688421e77a4103ae32f83a3afa6b5980d22c28aa971fdcef54e7e4472d612123b1718b306da", 0xd9}, {&(0x7f0000001080)="a98877571e32b90f192e790b733e48df52687b1071f31e1d23d8a2f7cdb7e328e402b341010e54054c5f27cbc07177f2c8bf3aaadf09ce6ae24acb48d9da5a1717cff9334be38ab776494e831bd799761da760df400870963c4fcc9603dafb0a22efe249b23dfa", 0x67}], 0x7, &(0x7f0000001180)=[@rights={0x28, 0x1, 0x1, [r0, r1, r0, r0, r0]}, @rights={0x20, 0x1, 0x1, [r0, r1, r0, r1]}], 0x48, 0x4000}, {&(0x7f0000001200)=@abs={0x1, 0x0, 0x4e24}, 0x6e, &(0x7f0000001380)=[{&(0x7f0000001280)="61a10dae6fe7be06bd0c3aebf9a11e118b3130fca68b06e7800d46f4f017a81e9587298d8e08aee022374429f49c5f9507b1fb31f4021d2eb4f9d8b2a2d38e2bd3eb85a148975773da81df7a8c2dabb85b8c81dff82ef6b396ab8e535e1511010dad573576adc1e662ecb5a79ba83ed1d733d1c206c36b7088bab5d203cfa1d9b3d9b120e86da458bff68abd76b2402cec3af2eddf50ecbdc0d9053b2fa7eeb139618a46990462b3a3c462e9e5c1646250bbaec52066e8fecd127e2730690249e5b3a24a0a3f20337500a572fc0728e15f94340f72a167876093e4", 0xdb}], 0x1, &(0x7f0000001540)=[@cred={0x20, 0x1, 0x2, r7, r8, r10}, @rights={0x20, 0x1, 0x1, [r1, r0, r0, r1]}], 0x40, 0xc804}, {&(0x7f0000001580)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000002800)=[{&(0x7f0000001600)="078253870a4b885be89779c3a0a8dc731c7b4bcfe1b313ccbc5d6a28968499a62efff25754e4bf8d04a19e06235a7b63ccd7f4b6edce3e3166d47c42389aac1d3b57b01aa97eaa100d7286053cc3b4560c9594172219e022201628eabc819534a58c3dca8d13dd9dd92951fa1c01c93304a8916475a9131ee6b52e586a92f08bd0ed437db4e2e53ffbd3fcec34b896d357012208d4bff7d3a07a696eb49fe36750a7558ad54663221163142caebd4888ff86dd7cb5e3ef25450537372cdd2985906c634626629a6773bdaaf634f8e9030c81653145b8da3971eb1fd77fe0da9038bbd847f280fcd2f06534248e01de074209c6353f397d49b4d77726eb15dcaa926d0614a6afe729c84f31a84ad50b9d208c8297dc8a6fd2868e3ea0989638f2787dc694642788032f5d5ca578932d510888f8ab98e5f59befa5af4c760b188221d811dfaf8fec4fbd970579e8c4a0939d489da40ac126c9a5949b13934572947843dabe0bbf78752ad1115adebe9fc3e89e65f06d60a20970c5aff343b4583d0d85880cf1a355cc7972360e509888a4217b7b96dbcaf3e64da92b3163e2797d3644b7caa37dfdc9abd44c2c74770b53f00a5c288ea5e73cd6eb1434151b62a147f6109bf267231b1180f724177cc9e74569719f76cd514ba1d548f08f385a9ca7d0e34e17061d3d8a2c99e5f7e6c9d95d4a39ff785c8345b7a3087f2ece22117c43ae383146625fa8490c86988d7c630b255268a1ba1c587497b76820d5eec44317265b67489178a891c445a1ceb7dcfbc63dfbadab6077ef056841ace65f196fdce8f120700390c348fac04d2592639953350d8adf046e332f961156ee47a815f1d0a8ef921c0e611e583cbc70b88e10c412bb711e8b35d295faa8de7864cdc3daf5b9d42ceea6aa0ecbd34dbe172414023c76da30d5bba1f6b56ea9fdb6c3fbd296251585da0158d3ae67f517388513ca5bd9e3849f1edfd3be08ae0aacb0df2dd5ea3c6b42c16628e63136df4f664ad95a8644058509d040d861b707079ad588e625815c0c4d1f9dc27ca8260cb29ec9d8b80e0edabeb8f49b4e84da4e1981b3d50f46db7e95a9cbd0b63d765621975abf641b216ba764e0813864c2130ccf6e6c78ca3b2290151e8deb610ad9fa45a9496b1442820263c76844267c5eef98d30e2f7ba97d50dd2329f7438beda2233612272b9ebab8683b6fe6d52ad024d1a068dcbd7208ccbd64d7e0e6618b67359888ad325e65a39c9fbff0d2f463310cd75876e3f922bb932e3b723b0bc96c55bb868e9ecac8dd4b595b42de654039fd26e2eb05c7809253a66f9d334990540c9876a0e73b4f8096f4e642ac68acb1c9ed8967995cf9caf0f12d9dc64dce954e441e424ade74b387161b29e58f1c5decd2e64c299ad2ff7c064e29fa3fac2916501fc2f0754359f64acf255e22a442f656947b350cd88592042010c6902e3e24dedb64b42d185580be00e6d29f189e18a8f5b1cb3f3d7d285b0599b52eaa5876410de2461c87c3655d0f1d24bba680ca29f76072327f0c2ffdad602aef55bc3ad2d3878bfeef35f4e5a257c5659c6ae6d16e446d8dfd620275c20773528edb4a23080996daca7d6375cdf7b6d425cf7f5cf4eff5c3d70d3461e561bf89d15ef849d20622437111c1fc70e7589b2539493dada7fea15b8c26461aa96871c9da8c33336cca0a35b3c1e9b7c58b7af2a645dd416633044ab19fee30a2b265f6bc75dba9fa852491cc5fea990c162b1a916f44fef26f38841fc152e968e7fdb3315f2848c07cff5674f53175f726b103a7fbac763548cb779b2ca5b1c53c97a8b70d51307700d52ab758510cce1a72400d6cf9c818cff6ef7e7d66ef37c521056278722e3ab751490ebd00bdbca0bcc87fe15d678f3f5269a66027dab844306e454aa3e1066f4cf03700cb4b313b7908d77010e119620a939801c59ce0ce1c8734c4a5368a65d835614383ad26c9875f5e4ab69cd245b96ae09cf1612e028fcf6b78c9c7083277c63bd59da60bdd1e796a3206794dafa0944e35eaf3b472463e486f5b65d945b95ac3c7952df0d338969a7af40ff1ded3d6f31799ca9e2617e2273fcd8a73c598a7e7505edf039715970393ce528cf4a8e024fb9a5dd518e097704df6d29cbd3716cf791d95c8ce2836b15741144e87fc91aa1a65cfa841b7051040724c5d70974b0d9013e75e2de84871a596b9c9d3f99f1ba886eed21ce9078f528a3b13f644a976949890d4c6e17ef1345ebf58d58a50c6150c2ab8fb4de5ded0011f570582ac5ff1304c39dae872649cde1f161247d1833b21db11c169b72cb64c7496477b5f145702ab6f7fe6bb9fdcba5701c9a3565dbd481c635473dfd69f5899e2efcd7ccf3eab0e86eaa9109a94702a3a3bb183f63882fed0fa33dab33d058e054c9fd68934d842b9190fb0241ade9fd267431c5c388a9da0436114e0bd82fea6cba9513a69e59180734ce6618333bd7f379ca5dc4836c09e8c69738f4c65d475d065b9a1206c82b6713e19e1aefb9dd13e18c43c1694c6fd3a9703c2e48baedf58bdaf5393d22a5b23345e4bed81d88061bb48eafcc1b699c424a5bd4d4e913eee64c6ff05429304fd377a77d4507dab4b7a646bc97e0178d27a12de1a7d1e3b572cfe45f78a035069fff4e18a463667227d1ed904a2f589d083a080b6cc561fec3dff2ad447f0f684027623267e64448c37f9dc7b46397091844833120af50f5313b1135e7b04bd1f1cf3c13306e8d8345873ddf7186352b658ee5b3d767699862ce984c184b43949030a4bc31e1ff00fe037d74ed1b810d6a04375ca506805ab9ca55fe0e6b06728a2bf5e975a55435f3589ed2bca13931042b85e2b4b3beff6fed77b79ee419dbc05d3a696c5b3841664b4ee8b1420f5fcaf86893c13d4e38b98db8cd243849936d0327db7f47c8cb32fb1c7ed5d705172065c9d1977f59d1809a29949dbc44daf5b27388ca0db85e6ce89c29a6218ace595a8c86da7ed3ae3614ade885f47cfa0082b69202ecca638e9d619abc73345086f0f3453d6a4a7ff6d8aaeecec01237118f446166f9629198b58a8b1c31a0ddf8c91c9ad61915a8936ae8e750c1bff5210767d92d163cb99a3d9c61f8933000a05fac3c3535eed5be1b8640d44523e3b29bd8b3a5d8d89e158af25a69d9676a2012fc09738b4676b6ff58edaf94037f791402030225232a801fa63a7fd4905db08785fb6303c4510db05c8993950fe3c20dc4ccf558577a17af50ffd77bf3bd097b910ac24ca0023ecede8c6cdce3a05acd4a067dce63b27a7f514166fe4c7fb4ab1f000b59a473604691aac7edee49e5968dfd0d6f72d3abee5ebcf097950b723ea749e6115abeba070aa2f1c1989eafe7656c30b792b52a79e60724f5c8167a3cb10f4ce0e2564e83c6aebd522577966bafdb62b5706634858866fa385c54716d64294a7ae848ee08b5eeb44c717445a03661a2b0dddd5eda2780c7684ed7a64ee91fbb10dbaf898e9d15123d99d00ffe68409fabb816a79babd0703cd22c1dba97357907c79c7e183836d97931a781924563ffb7c419e654c71d51369d1bc3fc5522b2531a545591459deacbb6821cec9ac669f09719d84b9fde1fc8b07562b7c1ac345ef0ca38bffb794b1b0093edbe27d2fcc15dae15bc43bba7edea4db49229ff1d0e191d8cc06d6fac6d70c6abaa9484a56f8f97dc0f295e5c012ee2656b8932b0cc6ee2c11395fda10a636568ac9803a52e52c0fa08efcbf4f1215397088b36a98ef04c42e3371a4f7e8925299218204715bc15515af29c85c27955dd504d475acc96f0f05e1a16233f134216f4f63e2702d955317a225c103f1adacec22710d0765f03f1fcb2bd7534624f6a5ce0fc0c85745a3ceb194988568e20c1034395bada2baeff527a7a909263e3bb621c0e3eeb995042089344687a473a60ae2d2b8d15605784df3c17df113bce133bd57248ef1cb481e2034e212adc66e1c918dffc48d655255e9c641333bc73113b6b67750cfd06552b0a6542a27530a6e9c79b5e4338149d6ea9e35fab5d5361b6952c143028a92d32faed343ccb214e3196079869b09d583888bce36be4e0f03a387e8b1836769212137d79a4c77cd109b75a505520918fd8955ca8d8a17c20e11f08f50d316abba4349e188bee3dd038921379fb992c5be305ba8a641c6eec5b5d5aa6cd9032ef4f1b1abdb84a8570be4edc4f81b1935c3c2d142da8cdbac2343e67d8632b897dd803e7a33d5adc8c1b6c3ddceedbc2de0399d6abadce249c70dea65b2b40503477c974a2fcf6e5512f9b66891724776907e74790e9ee8cdaa70fcfec5ae2bf31bc5003801de8d20d0c4b8083149e96431ef7157bcafadc554a19b88ba45f8de0d12f1ca0e56fda2db870e46f4c996b2e8d61d3de844a06c2fc4db753226d2e69548bfb29fcc7215fb6d9578f3e848e3a72c0e5a8faced80de8f7fff83f7398d8e806a875a3e157a8b1e66cdd7be27f268d9b5e887a38b53af8dcb41bae03364dd3943d3a8326560e4ad03c071e2ace2b2903d10b894299e864cd47830993652b753161bba95671ca658e1e1715a05146754cbc25212db33218c1e3faa252bb9c4c0812154efc54c34d6ad7e6c8af7e7cb4f243563c62747e943bb34398f42d1dd0a01fa92503ab84d9b82962e22c30be5e9decb3b63f0dda475dc269526c65f18b53f776abb4bd4f01b7d0363b5ed4bbf469c547e26d533efdf84816077edb815c688f7c09ebcbdf98efc492a7534ed06b4bbfaf04d91b3c49c6afcff8aceb63b1d1da4e15cebaa4e027cadcc389e1fda57c5b0c55bada5d253922369bf316604db0f2007551b09126c8f448ce8498e7755c29dc3217029304195b69ca82379a30e2edf10dbaefaef2943b0753b290a4e7b6e3d897e6880ca366f46c3fb747f12606481dc6aa90cb8e6c55a14396ebadb43224dda09a46bc02e419265d9c327369f2b650fcadfeccf97322492b33e2842198a0fab6cb2d35e2566fe528236b12a1530adf446a32bd10b7b5aedcb55010238b2a73b583e006d2246ee703150b8fc9695ba50e4bbfcc1923ad442af5c8a21eaf7190446676e17d69803361c4dcbcbfdc1d02a2cee96eab3bd536e1ca5cdf1b33043d3a2e783cae4f3affd30797c699dffebc95fa3a4ac7b04fc6f47005e35b0962b43c929951a4b00425bf82bbae5da8fc78f537c7e698b5bc36d532362567632ccd0b51a6faaaef44a8984c657a16820d1f3c0c44bb03e888980335a0b4fc04b1724b147debfcb9e76d64722bf520d2d0e0afb9364ee5faf632f0bdf1cac21bbf32ecaeb879c37e548524dc7fd3b45cb7d8bef83308926fb19508ccc2c01ec88b3099a1d8f7a9ad9ec04c6171b6285ec324110cc968161e5d7e0fe65e8426826e8421de42977a584abf3241d0d5519546d3ca374e5594f04b7497646b80cc859e7cc2b17dd89e0d2e4fa6d68204aa30b4c09ca929c45c555058e2e03191af03224965273d8daa5e8f6e2b1ee82d8f2adc2930e5b351f4d7b21d1c13b5e6548683a4fba3c471a88a29a2335a61913742801e78f9e1ab0984f64f74943ea00822f0ded64876c5dee0cbc3b5a0b3929de6df36b8c7214fda7f71ec0be72cc0b5d62101f857489e71b3b88144eea96286d652c730f5b95e13c786bae7567fc1618bef369b8a066b7808318226072e3f7bb41c34849d4fef42b7c72319cdb3e53fde28e9efc18b3721fdd97c274066f3b2fcb998eb7950db8bd4a4e282dd06596d1c376b0aa9196cdf0a7", 0x1000}, {&(0x7f0000002600)}, {&(0x7f0000002640)="a7e90353eb2a9d0f3dff98e562dff95078662f76e10e35139ae16a900d9e7c57372e68b1ac18e674bb0464973896ab39d4b2b7b8bb9df0c1abc3a787c4df2e2e4b9d276b3a7d44e3", 0x48}, {&(0x7f00000026c0)="c138b2f1bb8a9ae91ad20ec957663ceb53227a38f5fa02b91e0ab6feda555de4497fc0c8030b8e2c474ffdb6f0499c868045150fe8c2525939dcfb711f1a417bd8e028fded59224195520f3df8f057f54f393adc6a0a482c6fc22a2104ec18aacf14ad1f47bf99a8f69da576e0e17ed463d92f4cd7a5df4d47e5360af21344f06c46c3c9592a88117863b97face87506f6f7f37da673cfd64f6347c9f2faa95ecb1c80562f8646f04ad59654d8573321964aed2373c4dfcd71440e80f67c53d6b5b3712a99049a18cd3e73c6d5f58551e5ac601a3e1b", 0xd6}, {&(0x7f00000027c0)="f911985b0fb432f75c399f68dfea3703cf3b92814da7082aaf53f8302607", 0x1e}], 0x5, &(0x7f0000002f40)=[@cred={0x20, 0x1, 0x2, r11, r12, r13}, @rights={0x30, 0x1, 0x1, [r1, r0, r1, r1, r0, r0, r1, r0]}, @rights={0x18, 0x1, 0x1, [r0, r1]}, @rights={0x20, 0x1, 0x1, [r0, r1, r1, r0]}, @cred={0x20, 0x1, 0x2, r14, r15, r16}, @cred={0x20, 0x1, 0x2, r17, r18, r19}, @cred={0x20, 0x1, 0x2, r20, r21, r22}, @rights={0x28, 0x1, 0x1, [r1, r1, r1, r1, r0, r0]}], 0x110, 0x20004000}], 0x6, 0x40) bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e20, 0x2, @ipv4={[], [], @multicast1}}, 0x1c) sendto$inet6(r1, &(0x7f0000000a40)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) 19:13:13 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) r1 = memfd_create(&(0x7f0000000000)='@eth1[eth1\x00', 0x4) ioctl$DRM_IOCTL_MODE_GETCRTC(r1, 0xc06864a1, &(0x7f00000000c0)={&(0x7f0000000080)=[0x6, 0xc20, 0x4, 0x0, 0x10000, 0x6, 0x1400, 0x60535795, 0x0], 0x9, 0x9, 0x1dc3, 0x8, 0xb7, 0xffffffffffffff7f, {0xfffffffffffffe01, 0x2, 0x0, 0x2, 0xffff, 0x5, 0x4, 0x7fff, 0x2, 0x2, 0x100, 0x5, 0x6, 0xd5, "e11bcb1367b9d2698e88f36523a2b4cba3a333054fe1bb1742fff7902a549e18"}}) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r2, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcr\x00', 0xfe32) sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000180)={r1, &(0x7f0000000200)="94788a6496df04ecea85f65b68473339974a28f670eb01daef10c3bc7a23bfae32cda1fddbc1c309b5588b8edadfb80d0b13b6fca61d9120e563a6c4d2ac9755d240e6fd7daa931934438af89201a707de32b0c9cf8a5f66fdbaa2b9c5da305b1f51db37a02c38db915afe195f32f776d894e4cd36fa8ba05329a19cfd5deba55c617051aff22be69ec78ba495095cbe08cf57616934843960103f1d4af7b09bd92bf342bca38654a0e7f304a47999804bf947500e3729d51dfca07918dabafdebc75c8e0beb8dd503923dee74f199bea43dcb46b4db4dcdf6c2bc737be8fec6f455a9ff7ac32c9df1fe3ba8cb9ce584da81b80b414d099b387c9477ddab57359647586ebfd531e0ea1f958270da1c61350b6c6daf9bfb3bce5678c719375499956c9d55e8e1fe8de376614f17e43a06b04e64fd1ff1eae8853a0b93db5e6cdcd164da1da7a830adfeabcf5cc755d1d47a77b5084db468887fc2c2a7b3194672e4e9e6120553bd91f736d393897ca24cf80a72d7b3bb69225341cae4fba1778a9502006d930f6627dbc98e6198d8479cac5c135e146f8b86826f77ed5a0ffff6545dd56ec7ed10640dca92bbdd6fe1fba7fd5b2bb9917f19d3490bc1bfd01b359853b06987eb65d086abd7e2201e68bb946ffbc24dc22bb98c48311d5bfc0b64d5bef4598506db441cd0af5de54393d59469fab9497bd0c10ee8bd9f678279a47471f0be5cfdaa0f3f16c7a70f150e5cb99840a8397f5f7b3ab374769e3cee831b0774fbf5a2001fde82211b6a4d3da37a5084df55e07229e1818ea7cd9af2bc0d1c68a4047ad0b035cffe7f84bd0abac3bb162c9a22de5304c1553645ad50654c05dc4ce851a1530d751d2aeee653debc0ddf57fe072dada2bbf24eb7482bd51999084e9976c51f7adfcfa5c4b4ae839d4bffa78a252f4c8a818e600e302e19dd93599109a789bfc90c6809ee0217de290427a4f826540e1eb08358960eca004d8234fb57f26c1073d2636bf4b646f3c97d20e663138cb9fa2747d43f0bc4c51c04c0aab579a8ca8018edc626b7bb14342d1f5d8d0a3f3c545ceefa5496de6c0187abb65dcfcf71a901ec61190002c49dbbc2fef685d3c70cdf90df82ca12f92316264c94c754630e78a2e96838fb92c1e74e29d64370f7e19af69c03681431f92450ffa3817e63271d295a43b31ecc3dc527aaf10d16082cc947db2bdbf3a0021c29d502cb02c8739a44c611610f8670b9728be7e38d6fa9863d37624380e84b5a63c838fd941023040b0a32f24fdb237e972840845f4a598573ab0330907fe77769a64fbbd22ef859de55b6df04a991939ca646723008828cb31b233574fcc70f172df8b6b84c44f2440dd4395bc30ac05ae7b7c114c0513eb65f0c6b40dcf6c9eab4f5ca3a68828889e0ad86a871213063d51940002b3af80647d626ae0f71099be64b9e6f4d06e618cc69359185695cb36447dce9a3bbb4c3ac3235359b184d254aea5c565973e4c1b0feeb85a7691ed8740fbf80e1ab3f95fee6749cd150b640d430b1878cc891f7dcdf973ea99af3de997a74438c4ce4bc90dcbd57933e2e8484a79c1d551ff37157f13937ac3843c4625561473d7ce811e202ffe52b8de5b4682ee8036bf2caa2a8859fe7fb39cf3ab8a9aa267592b2abd9a424ae5df78c229ba21034941a5805f7690eeb543bfea403c92d0ed7ef4e902303074551ae6ddf84f8e7c63e7da0b7a20276143009a766163426635a073740fb55ff0e755d130ef35e7de08ea021e37a13baefde28f67175da2517c5e910e99710dba085047bc26d7da200ca37a202f549ee04d71499ae940d9fad8dfd893faeda3435de089e580a56b4ed5d751f20b8627829fe193934895d77155181bbb901bcc3b1a2ab2ac88eedb88a01fa9906bcb5a188d1fe7013cedf6feddbe9b68b4c73be043f3145a93b6949e5ec8e3946d690df82f54f012d7b097b642a35afd3f32103335bc25f90582aa9c555b51fd17a1bfe91a612dc0f8aab9ee0e405e967a5109ad1e02089cedd39270e4e93bb0def8cc3f1ec221f3613a9b918615d613330d35caeed7065d4a6cfcbf682723414a184128db60a20f9c66885576fc4bad819e5835e5f8b6c709f13c837875e124273eda5db32f3f43b4f77bdc83a1413cde7aba43ad655919dc030ad530f1fc866a07714853119a12108e0adaa8356eabe252bbdeacce62cc6a64ac5ebf280419714e736f7409e628510cc6a743e9c2c7e2c24a3551fc803ee295397df98d90b9b66886434d2d30fffe2ceede3c4f900e0dde363b1fada99575f6c4ebcf3c20182f58104446e9ce4aaf01753eca1a152e5780bc67b9a42744b17d760d5d70ef75fd2dfa7ab9c799bd39f18aa8b71954b1db7eeb8cfe25c52b13f3c332ba876fdc6473d4f436bd3fe2349527cb35b334f4ceaace456301aa7a3deb0c60f3754cfb8246a0b09e73135c829081608736a831717a0693d1b9cbe8927af6bf0493a66625db9cc7e982fc525194a3a3ec93a0aebe6979b02d3be1590dd5fac51e292190b36f596f875d5f99466ee3f85425dafeb6aa7bd65339ff8251af0a6ec28230d8dc09b3feef4744d42facdae20f329c03ced14f6ab5453ad55e48dadf915607fa791e713817d163979c84e6b5dc9a9c3a3ac4228ea394d967c7c85cfb71a67fbf52acbe73bc593892e64fe19dcb97d02b05d29b7e34d0cf4ef00a405b062c0c10a48f134c494d476fda88fedb15692c7f81c95904a57c74229c157a3ab850a9c07d2597789ce52702191af2a0f145f02493905418e74b17d398d92376942947a26ddc92ed9a5314722ad5914f044e728c3da289e66cb46c18ef2d3cd6cbe933cfd3215321050f7ab4935c68f50f633a10c73f78aac9f21fea35f415889d18447fa78aa898725f2f5293a97780daf44c64adf93a48368daa9a06432e5c1f77772516f7c3473705498bf8d9f4715b1e3fb277243fa9f7a61e4ec56c204357f056c332992ef289e498ffccda155e70d292d67523621ead70fb3faa975a27a7c910f631ac0c75903da6f9e5c2a30520e05252021e8b6b422f2592f7929e90b5cfb1516989321f881af9205bb6b19444c8e3eee2eeb47548d98c2a051406f858b612e2d8180c9631e66c625f8ae3a68a486ea79eb360a716367a9cf8ddf6c1ed215e2f7cb3d4aaf2b585b6d51e07fd90a9479f231a345c91b1a7d5ffa0e2eecff3b47fba282d43be0671a60a79c5e3e0209b0f4eceae5146da3a9eb8668f138c6f3f9e849c33bf6809d4547f5dcf5b3bd21d131a75c00b9a2cc96d3d901a6b0627efdebb5ea9c8bb59da2d3a87b3a592c7a8e8af1d9ba4f0f2fddbf6ef990904f184659e03ec293ce3f86fe369000cd6f89f152cbc595c2e6b4da6c5b79f2387a2735635de82e97bfd1a31ae9e9fae5d82b7c790bd726fbf8fcff898f021759751b92e6bc60d7aa286f3553fd2749dc351d37022a8e3e764c2f05769268642fa4cc36d0d5416dc46ac7118befbc9d382e4f04da70a96b02b0b4e243aac76655d0a07c1545d371d004ed950dcea7bb259cd4c64021822197bb1f475c125691e299cc9ec1e46568d99e921725efe7bf857ec634639033cd2b022291dbb84a47e4489e11834d6373b367dec43a9ab1770698c83c32ee8a52afa7fdd7d2da2d4537483747aefbd635a6ebe9ef432deef2ea978b41d813535068d2762c94a775e7f8ec6878c09f24ea0b47ba781286fe4986c4f025ba516aea61b4cce3e53f8f1ad152b7846afd544dbab5dbdd1404d487a27c407214f7016c97716971084cceabf25c4b7cecf63f4b974f91bb8d28d617c83c7142042ab7ff510c0d5c8b15015dc8e2a25161941ab6ddbfdb2cd317e7507258d1348806f72b45d31ec1bb01913719ca3eb21f9b38036fdc1f533f6eda1a745af5c19dfdfc8793c25e1d0e36b8b31821b1ea5ed3437ba2474d2403c82c9ade71d8baccad2bb9f572613369665e6d4be7adf4b6e35a96eb91c947898af3b3ec6a3318fcba57d4d71b10ae511a06cf491c7ac00870393a7d07036a29b35a0650cbc12a7852409f51c06849e9515cdaf126de86e45ae78f30cfedd7d33105b4ea019c5c64ab853858aef1a6ff7b78370f79bdd96e7d8c606afff914d9c13443d7f223e82bc6fd0eef874bafb715aa84e9207a2b27fe938d2135143c1a838627d76cead56ec6b18e5ac62d512a86b86767e082ca2343ed4acd91920b931b16cecd52d4f41c272adc9d919a48884c0a20ca998d359171348eeb167738aaa5fb760f4546b8bdf7c233fc6bdca9e24185348f90eddc7dfdd4a6b003f7b11a368095e93558b315ec12b9c7d24cc4b76b2d5b3faba7a88f0e1af024bd83ec222503969b9aec87655f4f5d479f740df251f148838ce6485ecf2b28d9c4b11e7cf9d52c6b1ee2bae18a91d0f59d4f607d80443ca01c69830edeba1a3ee4d78e38d111e159b85b4117172813915360c9901e78eafd891220a9c71e39a036722b40b0f27ecfd8b6efc8f9cf3b0868d7ccee06076b8b0e39d2e401fca4f9d9768edda508951b7462523f7b4ffb609861a9e38f6b7f143fe5aa7592b0bcd6153f40d729cf3f2b58053d1b8d2e4fff9a74784b2335e72084d63ff17174e492796fae4c5cd4ac9c0b0ba12c93decc00548780847950edd25bc233affd4359838d2769d1b8594e7001d3f10635fd26b2bd6083c71b9348788b86ba482fa3f078a3fe1fdb9fbc9fb411df2fae863a5fc4427e3fedb35c1d60da4d0c239d63be3a66f3b47bcd6b66a2794d83465a56bfeb37e1c05534aced4d1d08408e2406341743c25228a91b22ad78d636303a98b08c9f1741f4963e5cc906ac112572ae13a45a9aea5383d1655430a20fda019cf654b0e4c44547803c9a4a98bf6001334d420bd3007f480d57374d38b22425a14e64622360e03980f9bbfafa47ad270a80cb4d6f34dae9445581b09c4955facb086bc7bb3ebb4f60dfb9e83274baa7ee984ef9ae4d397f660dda446d0105ef80646cdd2827c4f6e0bdcc173633a0c021ff011590a2030ba1275abc3030f9618c9d1fb1df52ef8a1fc12ff3cbf635f380cbb745c9f39fdde9619b4c80a3e1730c408213eb866ce5bf8639414671a1e31525763c7b29e4e92a6c62a7920a03e5d0602a1710d5f60101fbf79055cb811b0107c3e2e8fbf6d5ca9623a6d11e2da1ddcd06640779be55055ace542065444b2abc6d108b3a66f82ddaf7b58e117174d0f5b319678d3c45cb55f13b7900de062975bb06cf61bd1b74ec5a7d047949f1d129ea916b5080c385ad73a0d14791df3fdf323cf05b32f21bd9b1173b125ed53a9bd32c16ff5253d341df94d1451174346b3fddf3fcefaece30b770d8fa6e8ae3f70125c59d5440ebf21b141751030293793de36c05cdcd8bfc322f6975aeefbc819862be74316f8ab5673f67a5c3aa1e62b35ef1b67bbfc94b193530e78363427f652cbd1416d4c40ae5718b721556579eb9f2c238e240915c9245e373057faf1679febcffa234d7fcc724da4108473e53ee5180e28e505071fcca825b017e41b4c42366b0178a1e4221aa601a4ed09256710583e3187af5b96bad84cfec7eabefffec5079eec3168db544c1b1aed5330a5ca6cde35aa7ac6ece3fbfbf5b35c515ac9dc624966a09c10963bd939e5026e96cace494fa9be6322649d702812990cc7f4a7de5f2714ee4e05e2960840de9dff66e176a8324b8287181a3ab47ad6b881c24a238436fea697a4f2f39fba2d72602d42644e66198223f54c63c76a450f8db61", &(0x7f0000000140)="4dc647f62d76179db86f87cf0796995d76c50b660389bda08fb389296e9dad06dc9f82344baaeb8f72fc9178147af7937de29f4f5373916295bac47ce21987", 0x2}, 0x20) 19:13:13 executing program 0: r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) unshare(0x28020400) r1 = socket$netlink(0x10, 0x3, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) getsockopt$netlink(r1, 0x10e, 0x3, &(0x7f0000000200)=""/4, &(0x7f00000001c0)=0x56) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$BINDER_THREAD_EXIT(r0, 0x40046205, 0x0) r3 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhci\x00', 0x404a83, 0x0) ioctl$DRM_IOCTL_ADD_CTX(r3, 0xc0086420, &(0x7f0000000080)={0x0}) ioctl$DRM_IOCTL_RM_CTX(r3, 0xc0086421, &(0x7f00000000c0)={r4, 0x1}) ioctl$KVM_PPC_ALLOCATE_HTAB(r3, 0xc004aea7, &(0x7f0000000040)=0xffffffffffffff01) 19:13:13 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0) epoll_pwait(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000080), 0x8) exit(0x1) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000040)={0x0, 0x0, 0xff, 0x4}) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000540), 0xffffffffffffffff) r1 = syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0xb8d3, 0x1) ioctl$FS_IOC_FSGETXATTR(r1, 0xc0185500, &(0x7f0000000100)={0xa3}) 19:13:13 executing program 2: r0 = socket(0x400020000000014, 0x4, 0x0) syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x1, 0x8000) write(r0, &(0x7f00000000c0)="1f00000056000d6dfcffff05bc0203030701ff2104173f8100000002030039", 0x1f) [ 394.363967] binder: 11277:11278 ioctl 40046205 0 returned -22 [ 394.420488] netlink: 8 bytes leftover after parsing attributes in process `syz-executor3'. [ 394.460695] vhci_hcd: invalid port number 0 19:13:13 executing program 1: r0 = syz_open_dev$sndtimer(&(0x7f0000000000)='/dev/snd/timer\x00', 0x0, 0x103100) fadvise64(r0, 0x0, 0x4, 0x5) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r2, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") ioctl$TUNSETPERSIST(r1, 0x400454cb, 0x7fff) setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) sendto$inet6(r1, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f0000000080)='tls\x00', 0x4) 19:13:13 executing program 2: r0 = socket(0x400020000000010, 0x2, 0x0) write(r0, &(0x7f00000000c0)="1f00000056000d6dfcffff05bc0203030701ff2104173f8100000002030039", 0x1f) r1 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0x4, 0x40000) ioctl$VIDIOC_ENUM_FREQ_BANDS(r1, 0xc0405665, &(0x7f0000000040)={0x5, 0x3, 0x20, 0x20, 0x0, 0x8, 0x8}) ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000080)={0x0, r0, 0xa41f, 0x4, 0x7fffffff, 0x20}) 19:13:13 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r2, &(0x7f0000e33fe0)='X', 0x7d, 0x0, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, [], 0xe}}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) 19:13:13 executing program 0: r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)) r1 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x200) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400202) ioctl$BINDER_THREAD_EXIT(r0, 0x40046205, 0x0) 19:13:14 executing program 2: r0 = socket(0x400020000000010, 0x2, 0x0) write(r0, &(0x7f00000000c0)="1f00000056000d6dfcffff05bc0203030701ff2104173f8100000002030039", 0x1f) getsockopt(r0, 0xfff, 0xe8b, &(0x7f0000000100)=""/200, &(0x7f0000000000)=0xc8) [ 394.954811] binder: 11308:11310 ioctl 40046205 0 returned -22 [ 395.014591] binder: 11308:11312 ioctl 40046205 0 returned -22 19:13:14 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) r2 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x91c4, 0x109d00) getsockopt$inet_sctp_SCTP_EVENTS(r2, 0x84, 0xb, &(0x7f0000000080), &(0x7f00000000c0)=0xb) [ 395.216260] netlink: 8 bytes leftover after parsing attributes in process `syz-executor3'. [ 395.231619] vhci_hcd: invalid port number 0 19:13:14 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r2, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000100)=@nl=@proc, &(0x7f0000000000)=0x80) 19:13:14 executing program 3: r0 = gettid() unshare(0x28020400) r1 = syz_open_dev$vcsa(&(0x7f0000000040)='/dev/vcsa#\x00', 0x0, 0x82000) ioctl$KVM_PPC_GET_PVINFO(r1, 0x4080aea1, &(0x7f0000000100)=""/181) r2 = syz_open_dev$amidi(&(0x7f0000000080)='/dev/amidi#\x00', 0xb381, 0x40000) ioctl$KVM_HYPERV_EVENTFD(r1, 0x4018aebd, &(0x7f00000000c0)={0x4, r2, 0x1}) exit(0x0) syz_open_procfs$namespace(r0, &(0x7f0000000000)='ns/pid_for_children\x00') 19:13:14 executing program 0: r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x782b, 0x803) ioctl$KVM_GET_TSC_KHZ(r2, 0xaea3) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$BINDER_THREAD_EXIT(r0, 0x40046205, 0x0) 19:13:14 executing program 2: r0 = socket(0x400020000000010, 0x2, 0x0) getsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000), 0x10) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x4000, 0x0) ioctl$DRM_IOCTL_MODESET_CTL(r1, 0x40086408, &(0x7f0000000080)={0x20, 0x20}) 19:13:14 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) epoll_pwait(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000080), 0x8) fsetxattr$security_smack_entry(r0, &(0x7f0000000300)="7365638b722467a1edfe2b57000000190000", &(0x7f0000000340)='security.SMACK64IPIN\x00', 0x45277e3a852ac2d6, 0x2) getresuid(&(0x7f00000004c0)=0x0, &(0x7f0000000500), &(0x7f0000000580)) lstat(&(0x7f00000005c0)='./file0/file0\x00', &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) write$FUSE_ENTRY(r0, &(0x7f0000000680)={0x90, 0xfffffffffffffff5, 0x7, {0x1, 0x2, 0x7f, 0x100000001, 0x8, 0x10000, {0x5, 0x3, 0x0, 0x1bac, 0x4, 0x401, 0x2, 0x401, 0x1000, 0xfffffffffffff06b, 0x6, r1, r2, 0x0, 0x6}}}, 0x90) openat$ion(0xffffffffffffff9c, &(0x7f0000000740)='/dev/ion\x00', 0x86840, 0x0) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r0, 0x4010ae68, &(0x7f0000000040)={0x0, 0x110000}) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000540), 0xffffffffffffffff) r3 = syz_open_dev$usb(&(0x7f0000000140)='/dev/bus/usb/00#/00#\x00', 0x18a, 0x1) ioctl$FS_IOC_FSGETXATTR(r3, 0xc0185500, &(0x7f0000000100)={0xa3, 0x2, 0x4}) r4 = getegid() lstat(&(0x7f00000000c0)='./file0/file0\x00', &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fstat(r3, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000280)={0x0, 0x0, 0x0}, &(0x7f00000002c0)=0xc) getgroups(0x6, &(0x7f0000000380)=[0xffffffffffffffff, 0xffffffffffffffff, 0xee00, 0xee01, 0xee01, 0x0]) stat(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) getgroups(0x6, &(0x7f0000000480)=[r4, r5, r6, r7, r8, r9]) 19:13:14 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x7fff, 0x2) getsockopt$packet_int(r2, 0x107, 0xb, &(0x7f0000000080), &(0x7f00000000c0)=0x4) ioctl(r1, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) sendto$inet6(r0, &(0x7f0000000100), 0x0, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x5, @loopback}, 0x1c) [ 395.685166] binder: 11336:11338 ioctl 40046205 0 returned -22 19:13:14 executing program 2: r0 = accept4$vsock_stream(0xffffffffffffffff, &(0x7f0000000000)={0x28, 0x0, 0x2710}, 0x10, 0x800) ioctl$EXT4_IOC_GROUP_EXTEND(r0, 0x40086607, &(0x7f0000000040)=0x7fff) r1 = openat$null(0xffffffffffffff9c, 0xffffffffffffffff, 0x401, 0x0) accept$packet(0xffffffffffffff9c, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000180)=0x14) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000001c0)={'vcan0\x00', r2}) getsockopt$SO_COOKIE(r0, 0x1, 0x39, &(0x7f0000000080), &(0x7f0000000100)=0x8) r3 = socket(0x400020000000010, 0x2, 0x0) write(r3, &(0x7f00000000c0)="1f00000056000d6dfcffff05bc0203030701ff2104173f8100000002030039", 0x1f) [ 395.842618] not chained 50000 origins [ 395.846490] CPU: 0 PID: 11345 Comm: syz-executor1 Not tainted 4.19.0+ #83 [ 395.853431] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 395.862792] Call Trace: [ 395.865408] dump_stack+0x32d/0x480 [ 395.869053] ? save_stack_trace+0xc6/0x110 [ 395.873305] kmsan_internal_chain_origin+0x222/0x240 [ 395.878439] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 395.883823] ? is_bpf_text_address+0x49e/0x4d0 [ 395.888438] ? INIT_INT+0xc/0x30 [ 395.891839] ? __msan_warning+0x76/0xd0 [ 395.895845] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 395.901320] ? __save_stack_trace+0x9f2/0xc60 [ 395.905961] __msan_chain_origin+0x6d/0xd0 [ 395.910219] save_stack_trace+0xfa/0x110 [ 395.914312] kmsan_internal_chain_origin+0x136/0x240 [ 395.919450] ? kmsan_internal_chain_origin+0x136/0x240 [ 395.924741] ? kmsan_memcpy_origins+0x13d/0x1b0 [ 395.929421] ? __msan_memcpy+0x6f/0x80 [ 395.933317] ? skb_copy_bits+0x1d2/0xc90 [ 395.937384] ? skb_copy+0x56c/0xbc0 [ 395.941021] ? tcp_send_synack+0x7a3/0x18f0 [ 395.945353] ? tcp_rcv_state_process+0x29b5/0x6e50 [ 395.950292] ? tcp_v6_do_rcv+0x113f/0x21a0 [ 395.954545] ? __release_sock+0x32d/0x760 [ 395.958704] ? release_sock+0x99/0x2a0 [ 395.962605] ? __inet_stream_connect+0xdff/0x15d0 [ 395.967458] ? tcp_sendmsg_locked+0x6655/0x6c30 [ 395.972138] ? tcp_sendmsg+0xb2/0x100 [ 395.975949] ? inet_sendmsg+0x4e9/0x800 [ 395.979934] ? __sys_sendto+0x97b/0xb80 [ 395.983924] ? __se_sys_sendto+0x107/0x130 [ 395.988170] ? __x64_sys_sendto+0x6e/0x90 [ 395.992329] ? do_syscall_64+0xcf/0x110 [ 395.996316] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 396.001714] ? __msan_get_context_state+0x9/0x30 [ 396.006487] ? INIT_INT+0xc/0x30 [ 396.009879] ? __kmalloc_node_track_caller+0x369/0x14e0 [ 396.015258] ? __msan_get_context_state+0x9/0x30 [ 396.020045] kmsan_memcpy_origins+0x13d/0x1b0 [ 396.024573] __msan_memcpy+0x6f/0x80 [ 396.028304] skb_copy_bits+0x1d2/0xc90 [ 396.032226] skb_copy+0x56c/0xbc0 [ 396.035715] tcp_send_synack+0x7a3/0x18f0 [ 396.039879] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 396.045372] tcp_rcv_state_process+0x29b5/0x6e50 [ 396.050163] tcp_v6_do_rcv+0x113f/0x21a0 [ 396.054251] ? tcp_v6_destroy_sock+0x60/0x60 [ 396.058673] __release_sock+0x32d/0x760 [ 396.062680] release_sock+0x99/0x2a0 [ 396.066415] __inet_stream_connect+0xdff/0x15d0 [ 396.071115] ? wait_woken+0x5b0/0x5b0 [ 396.074939] tcp_sendmsg_locked+0x6655/0x6c30 [ 396.079456] ? kmsan_set_origin+0x83/0x130 [ 396.083723] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 396.089105] ? aa_label_sk_perm+0x8e9/0x960 [ 396.093444] ? futex_wait+0x785/0xa90 [ 396.097281] ? __msan_poison_alloca+0x1e0/0x2b0 [ 396.101979] ? __local_bh_enable_ip+0x46/0x260 [ 396.106585] ? __msan_warning+0xb0/0xd0 [ 396.110602] ? __msan_poison_alloca+0x1e0/0x2b0 [ 396.115311] tcp_sendmsg+0xb2/0x100 [ 396.118962] ? tcp_sendmsg_locked+0x6c30/0x6c30 [ 396.123655] inet_sendmsg+0x4e9/0x800 [ 396.127483] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 396.132871] ? security_socket_sendmsg+0x1bd/0x200 [ 396.137836] ? inet_getname+0x490/0x490 [ 396.141837] __sys_sendto+0x97b/0xb80 [ 396.145685] ? syscall_return_slowpath+0x123/0x8c0 [ 396.150636] ? put_timespec64+0x162/0x220 [ 396.154808] __se_sys_sendto+0x107/0x130 [ 396.158904] __x64_sys_sendto+0x6e/0x90 [ 396.162905] do_syscall_64+0xcf/0x110 [ 396.166731] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 396.171073] binder: 11353:11354 ioctl 40046205 0 returned -22 [ 396.171933] RIP: 0033:0x457569 [ 396.171952] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 396.171963] RSP: 002b:00007f9f4ce76c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 396.171982] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000457569 [ 396.171993] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003 [ 396.172004] RBP: 000000000072bf00 R08: 0000000020b63fe4 R09: 000000000000001c [ 396.172015] R10: 0000000020000004 R11: 0000000000000246 R12: 00007f9f4ce776d4 [ 396.172027] R13: 00000000004c3c1d R14: 00000000004d5e98 R15: 00000000ffffffff 19:13:15 executing program 2: r0 = socket(0x400020000000010, 0x2, 0x0) write(r0, &(0x7f00000000c0)="1f00000056000d6dfcffff05bc0203030701ff2104173f8100000002030039", 0x1f) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f00000001c0)={{{@in=@dev, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@dev}, 0x0, @in=@multicast1}}, &(0x7f00000002c0)=0xe8) r2 = fcntl$dupfd(r0, 0x406, r0) ioctl$LOOP_SET_FD(r2, 0x4c00, r0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000300)={'team0\x00', r1}) 19:13:15 executing program 0: r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0) ioctl$BINDER_THREAD_EXIT(r0, 0x40046205, 0x0) r2 = dup(r1) setsockopt$bt_BT_VOICE(r2, 0x112, 0xb, &(0x7f0000000080)=0x8, 0x2) r3 = syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0x3, 0x2) ioctl$PERF_EVENT_IOC_QUERY_BPF(r3, 0xc008240a, &(0x7f0000000040)={0x9, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) 19:13:15 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback, 0xfffffffffffffffd}, 0x1f7) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r2, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) 19:13:15 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) epoll_pwait(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000080), 0x8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000540), 0xffffffffffffffff) r0 = syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0xb8d3, 0x1) ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0xa6}) [ 396.172049] Uninit was stored to memory at: [ 396.172070] kmsan_internal_chain_origin+0x136/0x240 [ 396.172088] __msan_chain_origin+0x6d/0xd0 [ 396.172104] save_stack_trace+0xfa/0x110 [ 396.172144] kmsan_internal_chain_origin+0x136/0x240 [ 396.267102] kmsan_memcpy_origins+0x13d/0x1b0 [ 396.271616] __msan_memcpy+0x6f/0x80 [ 396.275350] skb_copy_bits+0x1d2/0xc90 [ 396.279255] skb_copy+0x56c/0xbc0 [ 396.282743] tcp_send_synack+0x7a3/0x18f0 [ 396.286915] tcp_rcv_state_process+0x29b5/0x6e50 19:13:15 executing program 0: r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) r1 = syz_open_dev$cec(&(0x7f0000000000)='/dev/cec#\x00', 0x3, 0x2) ioctl$KVM_GET_XCRS(r1, 0x8188aea6, &(0x7f0000000040)={0x9, 0xfffffffffffffff7, [{0xffffffffffffff80, 0x0, 0x4}, {0x6}, {0x4, 0x0, 0x78}, {0x81, 0x0, 0x3}, {0x2, 0x0, 0xee}, {0x1ab, 0x0, 0x40}, {0xa4e, 0x0, 0x7fff}, {0x10001, 0x0, 0x1f}, {0x3, 0x0, 0x100000000}]}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400201) ioctl$BINDER_THREAD_EXIT(r0, 0x40046205, 0x0) [ 396.291687] tcp_v6_do_rcv+0x113f/0x21a0 [ 396.295772] __release_sock+0x32d/0x760 [ 396.299762] release_sock+0x99/0x2a0 [ 396.303493] __inet_stream_connect+0xdff/0x15d0 [ 396.308198] tcp_sendmsg_locked+0x6655/0x6c30 [ 396.312708] tcp_sendmsg+0xb2/0x100 [ 396.316353] inet_sendmsg+0x4e9/0x800 [ 396.320170] __sys_sendto+0x97b/0xb80 [ 396.323985] __se_sys_sendto+0x107/0x130 [ 396.328060] __x64_sys_sendto+0x6e/0x90 [ 396.332053] do_syscall_64+0xcf/0x110 [ 396.335868] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 396.341061] [ 396.342696] Uninit was stored to memory at: [ 396.347037] kmsan_internal_chain_origin+0x136/0x240 [ 396.352158] __msan_chain_origin+0x6d/0xd0 [ 396.356409] __save_stack_trace+0x833/0xc60 [ 396.360748] save_stack_trace+0xc6/0x110 [ 396.364827] kmsan_internal_chain_origin+0x136/0x240 [ 396.369953] kmsan_memcpy_origins+0x13d/0x1b0 [ 396.374464] __msan_memcpy+0x6f/0x80 [ 396.378197] skb_copy_bits+0x1d2/0xc90 [ 396.382183] skb_copy+0x56c/0xbc0 [ 396.385658] tcp_send_synack+0x7a3/0x18f0 [ 396.389828] tcp_rcv_state_process+0x29b5/0x6e50 [ 396.394607] tcp_v6_do_rcv+0x113f/0x21a0 [ 396.398683] __release_sock+0x32d/0x760 [ 396.402669] release_sock+0x99/0x2a0 [ 396.406398] __inet_stream_connect+0xdff/0x15d0 [ 396.411084] tcp_sendmsg_locked+0x6655/0x6c30 [ 396.415598] tcp_sendmsg+0xb2/0x100 [ 396.419253] inet_sendmsg+0x4e9/0x800 [ 396.423071] __sys_sendto+0x97b/0xb80 [ 396.426884] __se_sys_sendto+0x107/0x130 [ 396.430960] __x64_sys_sendto+0x6e/0x90 [ 396.434958] do_syscall_64+0xcf/0x110 [ 396.438782] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 396.443982] [ 396.445616] Uninit was stored to memory at: [ 396.449956] kmsan_internal_chain_origin+0x136/0x240 [ 396.455083] __msan_chain_origin+0x6d/0xd0 [ 396.459334] save_stack_trace+0xfa/0x110 [ 396.463410] kmsan_internal_chain_origin+0x136/0x240 [ 396.468545] kmsan_memcpy_origins+0x13d/0x1b0 [ 396.473056] __msan_memcpy+0x6f/0x80 [ 396.476785] skb_copy_bits+0x1d2/0xc90 [ 396.480687] skb_copy+0x56c/0xbc0 [ 396.484293] tcp_send_synack+0x7a3/0x18f0 [ 396.488459] tcp_rcv_state_process+0x29b5/0x6e50 [ 396.493235] tcp_v6_do_rcv+0x113f/0x21a0 [ 396.497315] __release_sock+0x32d/0x760 [ 396.501308] release_sock+0x99/0x2a0 [ 396.505041] __inet_stream_connect+0xdff/0x15d0 [ 396.509728] tcp_sendmsg_locked+0x6655/0x6c30 [ 396.514242] tcp_sendmsg+0xb2/0x100 [ 396.517882] inet_sendmsg+0x4e9/0x800 [ 396.521693] __sys_sendto+0x97b/0xb80 [ 396.525508] __se_sys_sendto+0x107/0x130 [ 396.529608] __x64_sys_sendto+0x6e/0x90 [ 396.533602] do_syscall_64+0xcf/0x110 [ 396.537416] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 396.542601] [ 396.544232] Uninit was stored to memory at: [ 396.548571] kmsan_internal_chain_origin+0x136/0x240 [ 396.553678] __msan_chain_origin+0x6d/0xd0 [ 396.557916] __save_stack_trace+0x833/0xc60 [ 396.562246] save_stack_trace+0xc6/0x110 [ 396.566313] kmsan_internal_chain_origin+0x136/0x240 [ 396.571414] kmsan_memcpy_origins+0x13d/0x1b0 [ 396.575910] __msan_memcpy+0x6f/0x80 [ 396.579627] skb_copy_bits+0x1d2/0xc90 [ 396.583509] skb_copy+0x56c/0xbc0 [ 396.586972] tcp_send_synack+0x7a3/0x18f0 [ 396.591121] tcp_rcv_state_process+0x29b5/0x6e50 [ 396.595873] tcp_v6_do_rcv+0x113f/0x21a0 [ 396.599933] __release_sock+0x32d/0x760 [ 396.603905] release_sock+0x99/0x2a0 [ 396.607618] __inet_stream_connect+0xdff/0x15d0 [ 396.612291] tcp_sendmsg_locked+0x6655/0x6c30 [ 396.616786] tcp_sendmsg+0xb2/0x100 [ 396.620412] inet_sendmsg+0x4e9/0x800 [ 396.624472] __sys_sendto+0x97b/0xb80 [ 396.628270] __se_sys_sendto+0x107/0x130 [ 396.632329] __x64_sys_sendto+0x6e/0x90 [ 396.636303] do_syscall_64+0xcf/0x110 [ 396.640103] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 396.645372] [ 396.646999] Uninit was stored to memory at: [ 396.651321] kmsan_internal_chain_origin+0x136/0x240 [ 396.656423] __msan_chain_origin+0x6d/0xd0 [ 396.660654] save_stack_trace+0xfa/0x110 [ 396.664715] kmsan_internal_chain_origin+0x136/0x240 [ 396.669817] kmsan_memcpy_origins+0x13d/0x1b0 [ 396.674314] __msan_memcpy+0x6f/0x80 [ 396.678025] skb_copy_bits+0x1d2/0xc90 [ 396.681906] skb_copy+0x56c/0xbc0 [ 396.685355] tcp_send_synack+0x7a3/0x18f0 [ 396.689504] tcp_rcv_state_process+0x29b5/0x6e50 [ 396.694267] tcp_v6_do_rcv+0x113f/0x21a0 [ 396.698329] __release_sock+0x32d/0x760 [ 396.702302] release_sock+0x99/0x2a0 [ 396.706012] __inet_stream_connect+0xdff/0x15d0 [ 396.710677] tcp_sendmsg_locked+0x6655/0x6c30 [ 396.715170] tcp_sendmsg+0xb2/0x100 [ 396.718828] inet_sendmsg+0x4e9/0x800 [ 396.722632] __sys_sendto+0x97b/0xb80 [ 396.726428] __se_sys_sendto+0x107/0x130 [ 396.730483] __x64_sys_sendto+0x6e/0x90 [ 396.734458] do_syscall_64+0xcf/0x110 [ 396.738259] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 396.743437] [ 396.745059] Uninit was stored to memory at: [ 396.749380] kmsan_internal_chain_origin+0x136/0x240 [ 396.754484] __msan_chain_origin+0x6d/0xd0 [ 396.758717] __save_stack_trace+0x833/0xc60 [ 396.763038] save_stack_trace+0xc6/0x110 [ 396.767098] kmsan_internal_chain_origin+0x136/0x240 [ 396.772200] kmsan_memcpy_origins+0x13d/0x1b0 [ 396.776697] __msan_memcpy+0x6f/0x80 [ 396.780408] skb_copy_bits+0x1d2/0xc90 [ 396.784801] skb_copy+0x56c/0xbc0 [ 396.788261] tcp_send_synack+0x7a3/0x18f0 [ 396.792408] tcp_rcv_state_process+0x29b5/0x6e50 [ 396.797161] tcp_v6_do_rcv+0x113f/0x21a0 [ 396.801218] __release_sock+0x32d/0x760 [ 396.805190] release_sock+0x99/0x2a0 [ 396.808901] __inet_stream_connect+0xdff/0x15d0 [ 396.813566] tcp_sendmsg_locked+0x6655/0x6c30 [ 396.818059] tcp_sendmsg+0xb2/0x100 [ 396.821685] inet_sendmsg+0x4e9/0x800 [ 396.825481] __sys_sendto+0x97b/0xb80 [ 396.829277] __se_sys_sendto+0x107/0x130 [ 396.833333] __x64_sys_sendto+0x6e/0x90 [ 396.837308] do_syscall_64+0xcf/0x110 [ 396.841106] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 396.846286] [ 396.847910] Uninit was stored to memory at: [ 396.852241] kmsan_internal_chain_origin+0x136/0x240 [ 396.857350] __msan_chain_origin+0x6d/0xd0 [ 396.861583] save_stack_trace+0xfa/0x110 [ 396.865646] kmsan_internal_chain_origin+0x136/0x240 [ 396.870747] kmsan_memcpy_origins+0x13d/0x1b0 [ 396.875268] __msan_memcpy+0x6f/0x80 [ 396.879008] skb_copy_bits+0x1d2/0xc90 [ 396.882890] skb_copy+0x56c/0xbc0 [ 396.886346] tcp_send_synack+0x7a3/0x18f0 [ 396.890495] tcp_rcv_state_process+0x29b5/0x6e50 [ 396.895261] tcp_v6_do_rcv+0x113f/0x21a0 [ 396.899323] __release_sock+0x32d/0x760 [ 396.903300] release_sock+0x99/0x2a0 [ 396.907011] __inet_stream_connect+0xdff/0x15d0 [ 396.911676] tcp_sendmsg_locked+0x6655/0x6c30 [ 396.916169] tcp_sendmsg+0xb2/0x100 [ 396.919796] inet_sendmsg+0x4e9/0x800 [ 396.923597] __sys_sendto+0x97b/0xb80 [ 396.927400] __se_sys_sendto+0x107/0x130 [ 396.931455] __x64_sys_sendto+0x6e/0x90 [ 396.935428] do_syscall_64+0xcf/0x110 [ 396.939228] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 396.944406] [ 396.946031] Local variable description: ----acpar@ip6t_do_table [ 396.952486] Variable was created at: [ 396.956220] ip6t_do_table+0xb7/0x2c20 [ 396.960103] ip6table_mangle_hook+0x2fe/0x9b0 [ 397.017939] binder: 11361:11364 ioctl 40046205 0 returned -22 19:13:16 executing program 0: r0 = syz_open_dev$amidi(&(0x7f00000001c0)='/dev/amidi#\x00', 0x9, 0x400) ioctl$SNDRV_TIMER_IOCTL_PVERSION(r0, 0x80045400, &(0x7f0000000200)) r1 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0x0, 0x802) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x1, 0x0) ioctl$IOC_PR_REGISTER(r3, 0x401870c8, &(0x7f0000000040)={0xfffffffffffffffa, 0x6, 0x1}) ioctl$BINDER_THREAD_EXIT(r1, 0x40046205, 0x0) sendto$inet6(r3, &(0x7f0000000080)="a7f4e9e90e40486fbd4bbdf0e018949a2f94dbcf59b1fe44f2530ea34f2d73164114f8e3a1e44771c615de313aa488b5a4fbddbca38db76fd21c950d6a1f879c575d3a36d008886a7a0cbfed802452f5a053f3c4db05f25b430e407cbf275782", 0x60, 0x0, &(0x7f0000000140)={0xa, 0x4e20, 0xbad0, @empty, 0x6}, 0x1c) 19:13:16 executing program 3: r0 = gettid() unshare(0x28020400) exit(0x2) syz_open_procfs$namespace(r0, &(0x7f0000000000)='ns/pid_for_children\x00') 19:13:16 executing program 5: r0 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x0, 0x100) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'eql\x00', 0x0}) setsockopt$inet6_mreq(r0, 0x29, 0x15, &(0x7f0000000280)={@local, r1}, 0x14) r2 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040)) epoll_pwait(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000080), 0x8) r3 = request_key(&(0x7f00000002c0)='pkcs7_test\x00', &(0x7f0000000300)={'syz', 0x3}, &(0x7f0000000340)='vboxnet1\x00', 0xffffffffffffffff) r4 = request_key(&(0x7f0000000380)='id_resolver\x00', &(0x7f00000003c0)={'syz', 0x2}, &(0x7f0000000400)='eql\x00', 0xfffffffffffffffb) keyctl$reject(0x13, r3, 0x8, 0x5, r4) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000540), 0xffffffffffffffff) r5 = syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0xb8d3, 0x1) ioctl$FS_IOC_FSGETXATTR(r5, 0xc0185500, &(0x7f0000000100)={0xa1}) write$P9_RRENAMEAT(r5, &(0x7f00000000c0)={0x7, 0x4b, 0x1}, 0x7) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000440)={0x0}, &(0x7f0000000480)=0xc) ptrace$getregs(0xe, r6, 0xcb, &(0x7f00000004c0)) write$FUSE_INIT(r2, &(0x7f00000001c0)={0x50, 0x0, 0x3, {0x7, 0x1c, 0x9, 0x40, 0xfffffffffffffffa, 0x6, 0x4, 0x7}}, 0x50) 19:13:16 executing program 2: r0 = socket(0x400020000000010, 0x2, 0x0) r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x40000, 0x0) getdents(r1, &(0x7f0000000100)=""/196, 0xc4) write(r0, &(0x7f00000000c0)="1f00000056000d6dfcffff05bc0203030701ff2104173f8100000002030039", 0x1f) [ 397.386499] binder: 11374:11377 ioctl 40046205 0 returned -22 19:13:16 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) sendto$inet6(r0, &(0x7f0000000100), 0x0, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @local}, 0x1c) r2 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x3, 0x400000) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000080)={{{@in=@broadcast, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in6=@loopback}}, &(0x7f0000000180)=0xe8) connect$packet(r2, &(0x7f0000000200)={0x11, 0xfb, r3, 0x1, 0x8, 0x6, @broadcast}, 0x14) [ 397.542008] usb usb5: usbfs: process 11385 (syz-executor5) did not claim interface 0 before use 19:13:16 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x3, @remote, 0xfffffffffffffffd}, 0xb5d0054af14d0598) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x9, @remote}, 0x1c) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) keyctl$join(0x1, 0x0) sendto$inet6(r2, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) 19:13:16 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) ioctl$PPPIOCSFLAGS(r0, 0x40047459, &(0x7f0000000040)=0x1001) epoll_pwait(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000080), 0x8) ioctl$VIDIOC_S_OUTPUT(r0, 0xc004562f, &(0x7f00000000c0)=0x10000) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000540), 0xffffffffffffffff) r1 = syz_open_dev$usb(&(0x7f0000000140)='/dev/bus/usb/00#/00#\x00', 0xb8d3, 0x1) ioctl$FS_IOC_FSGETXATTR(r1, 0xc0185500, &(0x7f0000000100)={0xa3}) 19:13:16 executing program 2: r0 = socket(0x400020000000010, 0x2, 0x0) write(r0, &(0x7f0000000340)="1f00400056000d6dfcffff05e50203030701ff2104173f8100000002030039734db15f7229929bd8b8065ea0c07048848d955a30756b5c81189ce3178baabe0c7b21825b1bee7b56ee5827154a0822ba54f9fb6deacbe68bfd0090c36d0866d8219cafe3415886bb23c89d959596bf354197994848a8e11447330d5588d441345611bbb0ec07323553071433826cf3f5c95f8cba286568a9977b914a4ed4f907", 0x3) socketpair$inet_udp(0x2, 0x2, 0x0, &(0x7f0000000440)) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x2000, 0x0) r2 = syz_open_dev$sndpcmp(&(0x7f0000000040)='/dev/snd/pcmC#D#p\x00', 0x80000001, 0x101000) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f0000000100)="f008bcef00900000025ce70065660f38817128c744240008000000c744240277000000c7442406000000000f011c2464660fc773910f01c9b8006000000f23d00f21f835300000040f23f8c4e235b7d9c744240062000000c74424023dc20000c7442406000000000f0114240f09", 0x6e}], 0x1, 0x40, &(0x7f0000000180)=[@vmwrite={0x8, 0x0, 0x100000000, 0x0, 0xd94, 0x0, 0x5, 0x0, 0x8}, @vmwrite={0x8, 0x0, 0x8, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x2}], 0x2) ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f00000001c0)={0x0, r1, 0x7fffffff, 0x2, 0x2, 0x6}) 19:13:16 executing program 0: r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) r1 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000280)={0x5, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="086310405b"], 0x0, 0x0, &(0x7f00000004c0)}) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$BINDER_THREAD_EXIT(r0, 0x40046205, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0) [ 397.852005] vhci_hcd: invalid port number 0 [ 397.867295] binder: 11403:11406 BC_INCREFS_DONE u000000000000005b no match [ 397.875404] binder: 11403:11406 ioctl 40046205 0 returned -22 [ 397.881959] binder: BINDER_SET_CONTEXT_MGR already set [ 397.888005] binder: 11403:11406 ioctl 40046207 0 returned -16 [ 397.900358] binder: BINDER_SET_CONTEXT_MGR already set [ 397.906053] binder: 11403:11410 ioctl 40046207 0 returned -16 [ 397.926945] binder: 11403:11406 BC_INCREFS_DONE u000000000000005b no match [ 397.938837] binder: 11403:11410 ioctl 40046205 0 returned -22 [ 397.938888] binder: BINDER_SET_CONTEXT_MGR already set [ 397.950395] binder: 11403:11411 ioctl 40046207 0 returned -16 19:13:17 executing program 2: r0 = socket(0x400020000000010, 0x2, 0x0) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x0, 0x0) ioctl$DRM_IOCTL_MODE_SETCRTC(r1, 0xc06864a2, &(0x7f0000000140)={&(0x7f0000000040)=[0x7], 0x1, 0x2, 0x8, 0x1, 0x1f, 0x96, {0x3, 0x3, 0x1, 0xfffffffffffffffb, 0x2, 0x5, 0x6, 0x8, 0x1, 0x2867, 0x9, 0x0, 0x9, 0xa861, "b28476e66341a7da496d95eef48b4296c6cbe4267f4d8b83f5115343905638d4"}}) io_setup(0x2, &(0x7f0000000080)=0x0) io_cancel(r2, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x5, 0x400, r1, &(0x7f0000000100)="813f2f83ff330564f7b33f", 0xb, 0x7, 0x0, 0x2, r1}, &(0x7f0000000240)) write(r0, &(0x7f00000000c0)="1f00000056000d6dfcffff05bc0203030701ff2104173f8100000002030039", 0x1f) openat$mixer(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/mixer\x00', 0x101002, 0x0) 19:13:17 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) epoll_pwait(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000080), 0x8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000540), 0xffffffffffffffff) r1 = syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0xb8d3, 0x1) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000040)={0xffffffff, 0x9, 0x20a, 0x5, 0x8, 0xffffffff, 0x401, 0x5, 0x0}, &(0x7f00000000c0)=0x20) getsockopt$inet_sctp_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f0000000140)={r2, 0x5, 0x1c00000000000000, 0x8, 0x8000, 0x200}, &(0x7f00000001c0)=0x14) ioctl$FS_IOC_FSGETXATTR(r1, 0xc0185500, &(0x7f0000000100)={0xa3}) 19:13:17 executing program 0: r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/dlm_plock\x00', 0x0, 0x0) ioctl$TUNSETLINK(r2, 0x400454cd, 0x320) r3 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rfkill\x00', 0x20000, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffff9c, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x2, &(0x7f00000001c0)={0xffffffffffffffff}, 0x2, 0x1009}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(r3, &(0x7f0000000240)={0x3, 0x40, 0xfa00, {{0xa, 0x4e22, 0x5, @remote, 0x2}, {0xa, 0x4e21, 0x9, @mcast2, 0x8}, r4, 0x1000}}, 0x48) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$BINDER_THREAD_EXIT(r0, 0x40046205, 0x0) r5 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x4, 0x80000) getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(0xffffffffffffff9c, 0x84, 0x75, &(0x7f0000000040)={0x0, 0x6}, &(0x7f0000000080)=0x8) setsockopt$inet_sctp_SCTP_PR_SUPPORTED(r5, 0x84, 0x71, &(0x7f00000000c0)={r6, 0xaf}, 0x8) 19:13:17 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000000)) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vcs\x00', 0x101040, 0x0) socketpair$inet6_sctp(0xa, 0x5, 0x84, &(0x7f0000000100)) ioctl$TIOCLINUX6(r2, 0x541c, &(0x7f00000000c0)={0x6, 0x8}) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) [ 398.276817] vhci_hcd: invalid port number 0 [ 398.334283] binder: 11419:11425 ioctl 40046205 0 returned -22 19:13:17 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000540), 0xffffffffffffffff) r0 = syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0xb8d3, 0x1) ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0xa3}) openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/qat_adf_ctl\x00', 0x0, 0x0) 19:13:17 executing program 3: r0 = gettid() unshare(0x28020400) lsetxattr$security_capability(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='security.capability\x00', &(0x7f0000000100)=@v2={0x2000000, [{0x80, 0x9}, {0x7f, 0x2}]}, 0x14, 0x3) openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0) exit(0x827) syz_open_procfs$namespace(r0, &(0x7f0000000000)='ns/pid_for_children\x00') 19:13:17 executing program 2: r0 = socket(0x400020000000010, 0x2, 0x0) r1 = syz_open_dev$vivid(&(0x7f0000000000)='/dev/video#\x00', 0x0, 0x2) ioctl$VIDIOC_SUBDEV_DV_TIMINGS_CAP(r1, 0xc0905664, &(0x7f0000000100)={0x0, 0x315b, [], @raw_data=[0x3, 0x70f, 0xc24e, 0x1372, 0x9, 0x3f, 0x200, 0x2, 0x6, 0xc648, 0x9, 0xefbe, 0x26c, 0x8, 0x10001, 0x2, 0x1, 0x8, 0x7f, 0xa4, 0xebd8, 0x3f, 0x1000, 0x4, 0x2, 0x9, 0x3, 0x0, 0x3, 0x49fe, 0xce, 0x1]}) write(r1, &(0x7f00000001c0)="03e5c2f93b8749c7a3e0c9077faaa5b3c44b4894d76b3a75b60be2df385ef255983328e683e8e2c56ceb9da1a46443c80bed7986132b6ef12dee5252ffa6ac137204261172ddf4868529189f12ef14e4bbb2ca34ff1fcdcc0000000059f5cd", 0xfffffffffffffd7f) write(r0, &(0x7f00000000c0)="1f00000056000d6dfcffff05bc0203030701ff2104173f8100000002030039", 0x1f) 19:13:17 executing program 0: r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) r1 = openat$dlm_control(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dlm-control\x00', 0x0, 0x0) ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffff9c, 0xc0106426, &(0x7f00000001c0)={0x1, &(0x7f0000000140)=[{0x0}]}) ioctl$DRM_IOCTL_SWITCH_CTX(r1, 0x40086424, &(0x7f0000000200)={r2, 0x1}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r3, &(0x7f0000000040), r3, &(0x7f0000000080), 0x8, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) setsockopt$inet_tcp_int(r1, 0x6, 0x1f, &(0x7f0000000240)=0x3ff, 0x4) fcntl$setpipe(r4, 0x407, 0xaa2) ioctl$BINDER_THREAD_EXIT(r0, 0x40046205, 0x0) [ 398.580058] vhci_hcd: invalid port number 0 [ 398.724746] binder: 11445:11446 ioctl 40046205 0 returned -22 19:13:17 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r2, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) r3 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x410000, 0x0) ioctl$SNDRV_CTL_IOCTL_TLV_READ(r3, 0xc008551a, &(0x7f0000000040)={0x9, 0x8, [0x80000000, 0x4]}) 19:13:17 executing program 2: r0 = socket(0x400020000000010, 0x2, 0x0) write(r0, &(0x7f00000000c0)="1f00000056000d6dfcffff05bc0203030701ff2104173f8100000002030039", 0x1f) setsockopt$inet6_MRT6_ADD_MFC_PROXY(r0, 0x29, 0xd2, &(0x7f0000000000)={{0xa, 0x4e20, 0x1, @dev={0xfe, 0x80, [], 0x1b}, 0x4}, {0xa, 0x4e20, 0x70, @local, 0x3f}, 0x800000000000200, [0x6, 0x9, 0x99, 0x307, 0x4, 0x8, 0xe1, 0x1aa]}, 0x5c) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x80000, 0x0) ioctl$EVIOCGID(r1, 0x80084502, &(0x7f0000000100)=""/46) ioctl$LOOP_CHANGE_FD(r1, 0x4c06, r0) 19:13:17 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) epoll_pwait(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000080), 0x8) getsockname$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @remote}, &(0x7f0000000340)=0x10) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000540), 0xffffffffffffffff) r1 = syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0xb8d3, 0x1) getsockopt$inet_tcp_buf(r0, 0x6, 0x1f, &(0x7f00000001c0)=""/155, &(0x7f0000000000)=0x9b) r2 = getgid() ioctl$TUNSETGROUP(r0, 0x400454ce, r2) ioctl$FS_IOC_FSGETXATTR(r1, 0xc0185500, &(0x7f0000000100)={0xa3}) 19:13:18 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) r1 = accept4$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @multicast1}, &(0x7f0000000080)=0x10, 0x80000) getsockopt$inet_sctp_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, &(0x7f00000000c0)={0x0, 0x8000000000000000}, &(0x7f0000000100)=0x8) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000200)={r2, @in6={{0xa, 0x4e22, 0x100000001, @mcast2, 0xffff}}, 0x6e5, 0x99e000000000000}, &(0x7f0000000140)=0x90) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r3, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) 19:13:18 executing program 0: r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) futex(&(0x7f0000004000), 0x400000087, 0x0, &(0x7f0000001ff0)={0x77359400}, &(0x7f0000000180), 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$BINDER_THREAD_EXIT(r0, 0x40046205, 0x0) [ 399.018771] vhci_hcd: invalid port number 0 [ 399.130780] binder: 11463:11465 ioctl 40046205 0 returned -22 19:13:18 executing program 2: r0 = socket(0x400020000000010, 0x2, 0x0) write(r0, &(0x7f00000000c0)="1f00000056000d6dfcffff05bc0203030701ff2104173f8100000002030039", 0x1f) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x600080, 0x0) 19:13:18 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = memfd_create(&(0x7f0000000240)='[%\x00', 0x2) bind$inet(r1, &(0x7f0000000280)={0x2, 0x4e20, @loopback}, 0x10) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x1, 0x3}, 0x1c) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_int(r1, 0x29, 0x0, &(0x7f00000002c0)=0xd6f, 0x4) ioctl(r2, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) sendto$inet6(r1, &(0x7f0000000100), 0x0, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) r3 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snapshot\x00', 0x38000, 0x0) r4 = dup2(r2, r2) ioctl$TUNSETSTEERINGEBPF(r3, 0x800454e0, &(0x7f0000000200)=r4) r5 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x600000, 0x0) ioctl$VIDIOC_S_PARM(r5, 0xc0cc5616, &(0x7f0000000080)={0xf, @raw_data="01895b201f70085f5e42c64255fb5cbd47e923abddb67786cfc355101bca5d7965a8a41367c950b7396e9c031f43ef9e36559a131d81ac8203cdb1b1aee78e3f06d78892c3e2d6b64bb1cb508a0da45a292543e290489d5d17170955affc463e87a5214641bb4d986cd1dd829730d0a1af517aa21b1ce4eeea59eb3527341a02b55d04f4dbdfe377781faa84dc48f4a05ec6fbde3ea8314a20065aa38afccfb92d775e813fb7162379c39faf36acbcf15a249fac76f852a976ac20b3c3312fb8a75bec635a4c2413"}) 19:13:18 executing program 0: r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f00000001c0)=@file={0x0, './file0\x00'}, 0x6e) setxattr$trusted_overlay_origin(&(0x7f0000001740)='./file0\x00', &(0x7f00000000c0)='trusted.overlay.origin\x00', &(0x7f0000000140)='y\x00', 0xfffffffffffffe82, 0x3) r3 = memfd_create(&(0x7f00000014c0)='/dev/binder#\x00', 0x800000000004) write$selinux_attr(r3, &(0x7f0000000080)='system_u:object_r:boot_t:s0\x00', 0x1c) r4 = dup(r0) r5 = creat(&(0x7f0000000040)='./file0\x00', 0x8) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400202) connect$unix(r4, &(0x7f0000001780)=@abs={0x1, 0x0, 0x4e21}, 0x6e) ioctl$BINDER_THREAD_EXIT(r0, 0x40046205, 0x0) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000001440)={0x0, 0xc3, 0x30}, &(0x7f0000001480)=0xc) getsockopt$inet_sctp6_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000001500)={0x0, 0x3, 0x0, 0x4, 0x2, 0x7f}, &(0x7f0000001540)=0x14) getsockopt$inet_sctp6_SCTP_STATUS(r3, 0x84, 0xe, &(0x7f0000001580)={r6, 0xe015, 0x6, 0x3, 0x6, 0x2, 0xffffffffffff7fff, 0x7fc0000000000, {r7, @in={{0x2, 0x4e20}}, 0x7, 0x9, 0xfffffffffffffeff, 0x7fff, 0x9}}, &(0x7f0000001640)=0xb0) setsockopt$inet_mtu(r5, 0x0, 0xa, &(0x7f0000000000)=0x3, 0x4) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000280)={0x0, r4, 0x0, 0x24, &(0x7f0000000240)='}mime_typevboxnet0securitytrusted$:\x00', 0xffffffffffffffff}, 0x30) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r4, 0x84, 0x7c, &(0x7f0000001800)={r6, 0x2, 0x1}, &(0x7f0000001840)=0x8) fchmodat(r4, &(0x7f0000001680)='./file0\x00', 0x0) getsockopt$inet_mreqn(r3, 0x0, 0x23, &(0x7f00000016c0)={@remote, @multicast1}, &(0x7f0000001700)=0xc) ioctl$TIOCGPGRP(r4, 0x540f, &(0x7f00000002c0)=0x0) kcmp$KCMP_EPOLL_TFD(r8, r10, 0x7, r4, &(0x7f0000000300)={r5, r1, 0x7fff}) writev(r9, &(0x7f0000001400)=[{&(0x7f0000000340)="a28ce13a35227a5d52ee4c6384739d80446bf165497165647b8fcebe0fcb919ab1c6b14cfcc03abd407005a0f3f61be7f7815bfc8a43dd0cd0a426544bf9c41bf5c8f27b712deee0b68e378e2be1254a3fc5e8dea83a884b2a73bf099d68d941c62cadc8db1f8831da6c0970522e887a15f3dac3f0a94f4599ac2ede9fb75735b5e9e6b51e153abe5116f8dca9288a6f5dfbd85279ce21fa9cb5f0f3fcf099dac61c08ced0dfaa71fa81c6c516b7b1a1f3eaff3fbf49388929152a2c22660466df989a97d6135813b87d50819743c1adf01226ecd7951e2ee52126a7e0c9a79fe6c7b22f6e5865932e788b819211a1dcc89c09d2b46627b36561f39d7a94f37bae6c5296ba5de188f083bad62a55813fb62f1e381d83d14fd07f66f2cf3122b8a08cd1c36c197ca427194b69df2ba2eb9b1ed96c13fcfc65614fac4d48e5c54a9e11166f854138bc865053808042b839a0a85df7e8cc386b06353d50be23798dfb6cf33b9a49520cb9116dc298ba13969d28c0d4029fa0b065c673df9ec35a455c74b07c86be6cd13f610abd8e7513278727e95d53ddefcd93d4d7192d12a501e2c25441e9339589764e610d994b7b93fe49978bc687f2254cb3d33be315b90d05cecf8a4c56df39c459fd88c5ccbe8ebdd541908621660c48b298e031928a6d35dccd7686012d32a0e3221e7eb60352a4dd1713c999bd5ae3473122c97ded14e40713beb69b6e56f1425b153e00f7e0349b1035afc2120f3b895284292c1666c93b5e95d77298950174e78120f082cdb17c78c54ee3baa578f722288b9d9dd780d35bf4ae4576454ff3dd0ce9e576e76c1a07b0766a3c3cdb7c8f2a322e575bc681e39219632a8b5a5399c2c35ca3bdf8ecd13dac00aecd9c88d07d8d2955c55c4f74bd943d5ce1216a6667d6baab52c6b7713abf64cb3c7566b555b6539008f079a35b8b41bda55cca6302fb525de4c7caa0fc7c727ebffd3658fe76728d41c0ac1173ab4fb8cd91562326696c90ce00df91bf339b9c78e6f2389c3f1c017377a48b60a5c1dfb722408f4209bc01e8690e2e4745a7fccae790d71f0e1890c96facace7f3740bb8dcaa0c48da7a1ee0ffe347d208ee24986b1b6e7d7b4366d678cf33e64807d6cb8c8b0aeac7ebda0778ef27362af5a07eb6281cc74bc890699464abe61eb376e91d0379b5392d7966748aa5105bd5f8dca6429157a0dd602554beb0c10d58f32cc09553ba7fb36d0d8ae4ba0116eab2fa0ac04668f3e615444acab03d5629a4d5e7e7f2b0a83014f1e436bb88b991a2bd30cdb7ae4c9b044a63dd26f77cf821518dc8e736976f8c30b04e708c27c3adc4da991b212675e05850ba063a46ce7f38d16bf8f0b989082a69818014124b001e940436c2e9c4b1ec43b05b187ea06cdcd9f1b0c6125244899b6101de3d948e728cf95abd54aebde4aabd50187ada307218489e706a89ac8f120638726fe699586bafe6f05d938724aece6d9329e728e9f169a434493ad224abba5fb908ae131e7d246c3c7c51590fe34666ae3757274061d9469a7d4e1a3447ab777580db0e5a304e26423226415e6d87485cabc92cea1e0257cf5798bd95c164f4608420672eb512197de6961a3748e9799173af7fb46ff242675976b3c6c0c390fe2011ce1ccc0a107e4d460795c43f2b6ace30d6f1b00edaa194c38370646b8e9d61b835fcce1cf21964eeca52b294e089ef514f0718735cde7eca32d84522f8b33bf49c1bc1a2e886190f4f657add3e15516f2c2188fb6c0c7c951678a3b4eb1b7d4adde1428f46661aa25b34023ebc8d20fb39ea3deffc560fb29284ae4bbacd8bf99a2ea8714714e3f8cb6c3b247ae3c228b42baf8fd6505cee628803408ea12fc55f0edc2a06e3514bad49c8371a057ae866365f0d6675f87e3ac21e128dac5533220fd138f855b20e178ae1f3936be98c93ea043d9600bd51074141b45a504bd06198068d7fd313be6e3664f44a3c675aebf3b9bffce168c09d9227701fa487142d36dc8bb98e2fe9df482a6ca9aeb297faec2045bf49abc7ac7b1f6a4f863fc70c7d3442657b7ef4e8d72f152d9cf554e5f59222d672cdd2fc55376d95f774a24c59c85edc4fc5930e7da2f65f4fdcdfc98303b35291b62e00339b3566f8a7f42c5dee40aab8a880e07a56caac68139e9b6aaa29c6ded6a6d30c8272cbe451cec01484591122cbf00be33fb586009c0a326c99a061009eeb2234edbb398c2fc246482fe552c0140edaa5395f590d419ca139ff8cf1183695d449abca165899095bf330b9cabb23b562e47f6f2b088786a63a586fa963df5e9d2a911966025183e4ff9aeb2df4934575b510af48833873ba5301abc2c90de5e21af0c4ae53eb7b78691826fb7832c1d081d98d1e56fbae548f10222537dc4a1d26f3a2e22a89c0f22a3a4687f26fed251a0367c7fb4f6cb22b7f8c11bd133b89aa3c2375b2bc5d839b07ac9fbd08e709453eb1fe09a7f456bb4b0bc535c6785acf4032f48060abfc958e13329fd8bec3c473c69f34287de5dd6bc9e13e7b2cf144e6e4680d21489a6a869c422acda0f985a063fcbb35a0d6d887e03790edfec850053768c1f43825f30e82277b0fed519d122cd08bfb5be3ce439bf2ce552b877e5a257ad6571e7ee3c946f30bba92cad68867573753d3f499e22d10da6db63a112f3a3cb60222b44fab9f838c5baacbd84f0bfd282a05ae938e703b8ae2f6ce79f69e5077489881967d088f1314bb2faa510bc9283b52b2d8767f9bf4f66d84ef93673a748a1ebd26c80977d746f4d4ff19870dccb61daaf667d1464443762e66ce5db812ccb005b8b9ff5f257b8172ee9e875fdd0ca8503d5a038d077ea57a31b65e55851dd42a33470599f41ea6c1843ceae1a6185a971cdb4d5cdd678439e22ec34ddffb35fb1a1fd0445f336404205a14805e62063d2c8c5d0f10fdcaf631f2355b715d82f99e376330fd23fb7c6b46658745a1bebc28a76113dda91021edd27824777f28b9d20eed549b4f35a6dd49068e8e75f388280d8f25c9b28e9e4d49534ca80514e779f2f450dbca789979c6b53ad8c0348e4def0da021787edeb89489982ceb714dde79e0305099bd9c07d84fac9214e9d181236e20c5a9e804da74686362329745e292413bbfaa5851045ebf70c1fa31581595716c5736e31f651980895f4f9b1c45e295c6da8ab92c3f1616e0f086860307637bc86d0b5e9b63b24cda4b5985126963567cc0c94f2753bed4b5513471643b556c3d753f3cccb4261e156b670a85d262633fccca8c9e3d4af5be9c4cad607aa6318e589bbc0e4044cfc63dbbe5a145d82b1b17f7070f35e2f13e0265b43d45a9fd99f7767dcabc9e3be6e7f09d544a3bd900eb9b6cd594b472ac4df56506249cf02ccfc8407a8cc1b114afd60f5e0fc550baf26aab133eb1460e8148dbed6f5a2a843dda93c99fb12f762f10e6289dcf1788b00fc91bf0e565149388ce3f917a6caf867b203cf62d532503b192cd9bc7167adb5873bf8c42cb9fb7362630280fa21ba975e469813e9a7572e4ae8004b419fdc80101bc6f7016a8b464fe2fabb51d20a9d0583222de668e2988081c810ff38fdc293b08ed6e7b75169d0b5d89e9fe4b732d4d3ebabaf949406ff2972c44cd44836a133ce63c34eacb881101eda4a8a78343f9f36d9a03088b4d5166197905570ad90eaaacc7a3add3e60c22fc48663399bd7138c59337775cd790e7844b43f2b89d370206a77fe2fe4287b92f9898b66770d54f03570151a882f17f25f5e0505f33cc61d4a0420f76b6143cea6cd460b7bd60dc06740cb76c03427a24d38b27a83856fe1005387418eecd0ed0fee3f431c030b7ee680add94bc41a14e7fce07febb22fd85fdbbe19af63abbdb2aece02c69f6c109e08e73a4cc1da0221c5f7ee6220f5e3036797336a772fc7012553b7546dfba51f808439325b2dca88ce66db9676d5f0a728af9a3135a8940f02fb838c52d167d55d2dea7ade2edf0ca24bdf5cb7e519d7a2bbb4371c8072d9db0247a6689785566c5933966a557e3826a83323c703809847bf48e115058ca954273636875715df9a2ef0658f8758653c526fde8e4c4f79a4889acce3bcb3cf188b931f56aec2825bcea4909c7591c92d76481f40f129af9169d9e55e36c25578438eb1b420da5a4677fcb5c5859151687ec57bfcc96bff8b30f1c20418824216c829d2503139c4beb2064b542174aa9ffce909e95c56b601558d3fac2663d3fab9ed03f36aebe37126bb7aa5549812be4df4ad87d357250ee10bc80b98dfa4ca09c5979ebae105fada8831cd010cb879a054a3f62d09fb60d9ccc62654457143c6ce9d9a3648d5e988daa35e1f550566a0b10ab84ba5949f58a14cedd0afd92e6cd33da35009037ef9d9ff2f1cdbc479b78257b23f8e96c0f7af83795510c01a314548a6e92166f13a47d972ed267bd241e9c9e7163e0d96eb88c11b6815e859e38534a279f7ff0e388f89e66670f0a350b23443151285d0f87735b0bb4fdc53a5ba87ae77cad9e02a1ebefbcfde52bae8e12fac6eed549513a65d77f55a27b4a21aac9f89229f7700fe7ac07c6d36713251fd5270aba1c2eea63eb6f72afe360673f66ee991c6cb2bddac479e85b1e8f0ad29da10a4f00478921cce73fb6558b9c9cabb583aa7f075b14fefadd60857449d5af78fcb449d4c596512aa00eaf7ccbc57bf65038aa93a2590e04b4c3251c3b280cd72961483f3384e5f1bc203c369775076c8e9be8bd9a56326e00275d11ccef4238663609aa264512ef62df118211bf053574f1f2afa2a0aa143edef26f5c7bc1ea7905a069b6b7d7206ec297765ce4c9b5eeb9b2b716666fffa74b83439404d29cc419abac27fac1a69305c02fb072adbd87b8eef048ee19b2ee3768486c9718b3f001289291b33b478692289e11f6886b24e7783857935d4d05a867a1470a8e8eef2d72801cde227844b85b20441a8ac1502f770677f32a458b058748e25b4f788893330a5012be309f3fe0577b2614ab46aeb78012e57925fc563e42e35c6941747c5e8e247b56861efecd07126ed8c314489f69387bd968754a0e7d0c6a5b4062b04d02679c1c7441f36fc3ec7a5eba966074b3f7ddd92f72e7041b8170f23ddfde89f8791a0fbf694cc8f96a45dbf148c6e4b22e421622bbe97917cd5121d5d52bfe8f7b0506ef6b531a5e59361f2577d79d2e14ec99cd70c52da3870869840e37ae3dcce44479fd3a3150766e3ad22dfc09494b1aec8e62daa138552b96a6a7f3c768e880846abef0db7c9cf705abc96014cd0f28e20eae43b7463ab067eb4bfd5630c5694adeac8b479ff592312e0ee011fb79ba448a874fed6743894cdbe9ae3efe79d2fedf435140e2f05d43cc262695d5f53fcfbb16caee6e6a75ed02808f00f1e5ea65cfc877a060ecac54fb6b6cec6e75d1821c5a8512f227e796e37d307689cd24ea4b1858ab75bd7258f45dce630bdd2b1504d060827a968a1b690a97a8fdd5c3c519e6c873a1b82d2576e75ee6e50d7715ed20eec111cf1abdd7a5929aaa49806db6316a6545dc4948710e7fbfa0e98909bab2916f5587650e4887c017d0b3f9dd55edadfbc4188e75f71ff6f44994fe5344a15a4bfe40b9a7a00936a72f8e5e094e6d745db3f85b610a979aa26a099395c248b15f38f85de17fb06ac9cb85e64850d046ba142a046555a5feb46c973468f12a2fcedca3c72ff648b98c38f53a60d790477e9edaf046d393d79e87ed9385ed17ab99ac7a081033cd4e", 0x1000}, {&(0x7f0000001340)="3187554e3e690064f2e011eaf8c8578543376b782f19e86a7b3a4428deec094c9849c7d4b6a6570cb1a8e712f437ed7df76a7651a0a08dd10cebe08790d9b31e9b5cb544b0b7fea1aa356218c117bae34fe9c170240a56fd216e9af245ed0a6063fe34ecedf6d37fa7ddd21f45fcd22522e8e20140e872af378aaa225c81263c05fe4bae22555cd0", 0x88}], 0x2) 19:13:18 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) epoll_pwait(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000080), 0x8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000540), 0xffffffffffffffff) r1 = syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0xb8d3, 0x1) getsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040), 0x10) ioctl$FS_IOC_FSGETXATTR(r1, 0xc0185500, &(0x7f0000000100)={0xa3}) [ 399.539248] binder: 11473:11477 ioctl 40046205 0 returned -22 [ 399.587466] binder: 11473:11477 ioctl 540f 200002c0 returned -22 19:13:18 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_ADDRFORM(r0, 0x29, 0x1, &(0x7f0000000000), 0x4) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r2, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) 19:13:18 executing program 3: r0 = gettid() unshare(0x28020400) openat$userio(0xffffffffffffff9c, &(0x7f0000000080)='/dev/userio\x00', 0x0, 0x0) exit(0x0) syz_open_procfs$namespace(r0, &(0x7f0000000000)='ns/pid_for_children\x00') 19:13:18 executing program 2: r0 = socket(0x400020000000010, 0x2, 0x0) write(r0, &(0x7f00000000c0)="1f00000056000d6dfcffff05bc0203030701ff2104173f8100000002030039", 0x1f) r1 = dup3(r0, r0, 0x80000) write$P9_RVERSION(r1, &(0x7f0000000000)={0x15, 0x65, 0xffff, 0x974, 0x8, '9P2000.u'}, 0x169) write$P9_RLINK(r1, &(0x7f0000000040)={0x7, 0x47, 0x1}, 0x7) setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r0, 0x10e, 0x8, 0xffffffffffffffff, 0x150) [ 399.629568] vhci_hcd: invalid port number 0 [ 399.646839] binder: 11473:11483 ioctl 40046205 0 returned -22 [ 399.666054] binder: 11473:11477 ioctl 540f 200002c0 returned -22 19:13:18 executing program 1: r0 = openat$mixer(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/mixer\x00', 0x20000, 0x0) ioctl$SNDRV_TIMER_IOCTL_PAUSE(r0, 0x54a3) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000180)={0xa, 0x2, 0x0, @empty, 0x5}, 0xfeb4) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r2, 0x20000000008912, &(0x7f0000000080)="dbf6848b0340dc65c0ecd1bed2a06822b7166174825b9361e69cd9e1b334272b5e2793700e009840950f961113a224b13d71e7ff600925ac3abd77f7b22113dab7756de7b61cb9a5000100006c074b515f9408077ef05f46849a13d74af53b262fa692d719f48adeef8c0c62ede188f2ce757343f2b15069c8197252618eb83ac132f43d26bc04fd4c3307e1bcd987a4672495e269802cf37a4cb081933aa7d62db85c3cafdab8cd21a0cd0bf1d22f2d8d72ca162419c79e5d7e3e6e3cea0224a249f4aedcaa0c5a221ded61ab35fa490fb776afd605d45accd89b063194a1525b654d968d92c53c847b345d3295") ioctl$SNDRV_RAWMIDI_IOCTL_PVERSION(r1, 0x80045700, &(0x7f0000000000)) setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) sendto$inet6(r1, &(0x7f0000000000), 0x0, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) 19:13:19 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x2000000000000, 0x0) epoll_pwait(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000080), 0x8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000540), 0xffffffffffffffff) r0 = syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0xb8d3, 0x1) set_mempolicy(0x0, &(0x7f0000000040)=0x7fff, 0x0) ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000100)={0xa3, 0x9}) 19:13:19 executing program 0: r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$BINDER_THREAD_EXIT(r0, 0x40046205, 0x0) r3 = accept4(r1, &(0x7f0000000000)=@generic, &(0x7f0000000080)=0x80, 0x80800) setsockopt$inet_MCAST_LEAVE_GROUP(r3, 0x0, 0x2d, &(0x7f0000000300)={0x1, {{0x2, 0x4e23}}}, 0x88) sendmsg$can_raw(r3, &(0x7f0000000480)={&(0x7f00000003c0), 0x10, &(0x7f0000000440)={&(0x7f0000000400)=@can={{0x2, 0x101, 0x7, 0x2}, 0x0, 0x2, 0x0, 0x0, "b0dbab368ce450f2"}, 0x10}, 0x1, 0x0, 0x0, 0x20004044}, 0x4) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffff9c, 0x84, 0x6c, &(0x7f00000001c0)={0x0, 0xad, "a1af98bb107c531ab0a81622832bc4aec1c22ac14c13c49b73d6a993f102b172cfa02567b3189460f7da272c206a34d8e1444569ee59613efd99fb48a660c045ee007a42a5b1e933831454a097aebb703941dcb496e152f9ef723e9646b8f3e8fffb25aa550f6055eccf63fe9d503b844cc06187bfa2dc3987b2d0e8b478523985faae074e7f632f3e951c4e67ec540bdb99bb341734210691a219f573f8a0c7ef60e4ad7dcba126facbadd412"}, &(0x7f00000000c0)=0xb5) setsockopt$inet_sctp_SCTP_ADD_STREAMS(r3, 0x84, 0x79, &(0x7f0000000140)={r4, 0x7, 0x100000000000000}, 0x8) r5 = syz_open_dev$usbmon(&(0x7f0000000280)='/dev/usbmon#\x00', 0x518, 0x0) ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f00000016c0)={0xb8, 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="0463044001000000076304400200000011634840030000000000000003000000000000000000000010000000000000000000000000000000000000004800000000000000", @ANYPTR=&(0x7f00000004c0)=ANY=[], @ANYPTR=&(0x7f0000000500)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x008\x00\x00\x00\x00\x00\x00\x00(\x00\x00\x00\x00\x00\x00\x00x\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00x\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB="040000000000000011634840020000000000000001000000000000000000000000000000000000000000000000000000000000001000000000000000", @ANYPTR=&(0x7f0000000580)=ANY=[], @ANYPTR=&(0x7f0000001700)=ANY=[@ANYBLOB="78000000000000003800000000000000684d715d8e07ed2b8aeb688f97e4e2c3e30ce5fb663304d1c1d5db6fd1b7b2491dfbd2494cba767cb547ebad302b87f1c41e80d96ac30c7dbfeb16376a71d8f8021d7c05890ad369b2f4f8e21c44b6fdc21d0ce6e86438e37db35cafea"], @ANYBLOB="01000000000000000b630000106308400300000000000000"], 0x1000, 0x0, &(0x7f00000006c0)="d3916a5105472bb0351c9f18a6fbc530af23d431cf619e12179921f8c4d12914f83205b8e2d16764cacfdaf5317437c5a5bdc05064025307d7d0149820c595c124e19d202ac9109756e3a09d5c41f5d87e88887f840ca32c677db21a3a351d372d14502c2fc5e735fb7375ac7487990b5bcab0d26ff223361e1f0d896cf362f8d1f7d20e547824255c717c61c8c625308a318768b08f23071fe43141af17cd21a6b5f7d270b4229af66dda81fbefd9928cd94e4ec022a98b487a05acef3bacffc87c354cc8d1978e440ef359132cb0082d5683e3da42306fc4ca805fc16b89911bce6ff5d5d83369e5c23254b265d9710a7598441c67b953534701483be4cfb6b92781e9ad2a2c02ab74e190e1bae9020696ee5d691422cbaf2cca3b50c16fddd7759c2c19b2e91b5039a22686409e0315dce398e872c97300b2302c4f2075ab04076e796592a12fb1b9b5a61491b9ca794649b9e466b2a2f7b9946550e4764f761dd2318679a5dc4346d365f7769adc9b80e55f92c4fd2b6686234d14b988367decb8586679d875a724a6518df7b91361ba12b7a6bda38d977263f70c85a67873157868ea4871a155f4c0b9bd38ac26615791a209fd99728c781db4594421e2f64c84a5ff219735a6d035863f48e73c1ebe3c4d791206dcea3ba2e19dff7179a03ca5d4094866ccfaa6b9523ee298fce33c55f0935b7a00abb703b2f40416fe2a78e3c1fd35719d13474354f43f88a297f68ffd946c0b3d58b44c8af52986b9c64894f70626090498959cfd3ee82f36fe4de64521ec7b5ee7b897fc245e8fde8425d643c099ac1c00504e4e0da6f6efb0211473ac9d8f40feab1c9cd1c1598d5ce4984e001017e8bf97d23a61151426724b4fa292248cbd75643e9836218b920fa039c831f929c7fa417b54c14b7f2df33e3c1d5bb981b045bbbdc61622b8ddf5feda3d81b755fa703810bf38025d2500fb94fc748e74d91e080efbefda70da3bb283c068f03395e50224923cf3507dada61ef4972258b655b459a279a241b934f0cd91c59e37634d669c6ba7c230fcaa27a556642c5086b02be8696a0b043fb1da0fc6a5b5f5716e8639ffa2cd97a2d778c6a3e3a6c0ba1719f4328fa13e501ecc4357ce2cfa4f4c4b0e60b7a531b30f492b6f393695cece19f55d69c7794b046e42bc1e545560201a0c4a62fdd09a531c69f3ab7aedff6301988a33dd5daf17310bc19dd9a03bb5df3bfe57bbc460234a41026322dcc61489d223fcd1f2ec9b0f7768547c3fdcf6188ac4d9d424a06ef239213afa6c297a2b6dcb7536f7833562b7a2affce9326afa62d158d0ed32243fb8bfa3335a4db4049d60a4af51d442d32c1b751a6ab81ff26e067189b70b5a20121685651b9a1b084f384bc42ace6965ff846d7097ffdafb05e79932b6a27346a7734e692bced6b15ea9f04e3ba31123908f9ed5cda67a71e4a6a116326596437c18c43f2881e98c3a9243c3af8dee5b1ec5c57bdb678a4d9f347a77dd5c0f5a19bc6ad508e48aee2dab5f281ed2efb51e34b8a0038f75876c334001c45d875a5fd6179955011823cc004e78fcfa1237dd67291c170046a7558dc9bb7ff4a6a62f9f2ea916f9f0026a3027dd758aa8b84148286d27745cb086100b2b07f13a81559955cfda26948e14ae2368b3a8c64536fabbe7176d79c8797b716b25a7a549d6643f3e3de8de87973493b15d4a16bd8db9cfba1c19e4863fff76b9d5c41f9175bf3f02d7e01c5e8aa427fc1bc6ac93e9430fae2d15db975d1184cbf21d0ca6825b3eef21ddbb98c21b0a5210aba14e83282ba4649c07e67197ab4e733c9fa61f051e13afecae896cd38112f16e181a04e408f7d40d840e1e778694415d330d4fb6e81d31311be4ef18d6bb30114cdcebdf5ba138564b275ad46e9025c9fa940b82600826b3bb5df1d63f454075379620058c0c0bc38851226fcde51ad473d8dbc10de9d72f193bdae52e070b9dc0e9fefdcb29f86244fe6221d6599085d3d3287b7fbe3bf58d510eefd885760b5f7d3d73eeab30fb41a0d876acf30207c53039e174a8e67b6f1253ac58cf1b3cd9b00b733ddf7af3c81985eef05712819458bff1dcab8130a3b6a93cd168a570d397fac93c7fdecef8a72263794c9d8ab9e6b5243e7cd7a7414863d2477b4f2780c348315828218cd81e6a1aebf78434ea590d275c85f118a1a4471546fd23b50fcbc2952089cccfde1c8fde5d381e4b8f2a30894a2491f016d4476a3bb062aac33392bd27801d0c2c20cb884a8c5ea457f4503a4987700f08a9d04b22aa3437ec8b24aa582eaea1259f0492ec72aad6b9b4aee544b48ef44fc3e466327d720930919ea03ce951627cb86f555c0b631bf8daa668d2d40e835172aac249f52b803af208e01c824eb07df9854ff19ce2fe65bf53550c43ad491f0da126eea8ee143ea29762fe8ca82d22c49f1c68d7c3c1e30850391d53d86af5324aadcb65e1ba39d6a1e75e0320dde129c7b568d85ae0f228304f9916a6735c0d5646cc2df563d0efe0700b55e95170bac3d53e6d23f47056288870961000136f52fdcc49429bf17813dde2789fd59ee0a4bdce1cc24247858b0197f769e82d69c1b7db78ffcadf786d3f37773a6d8873e5cc352dce6f50458ed1ac495dd9a5ee3cd5db5b38fff2db1d7cdead2377f57a407c9995e6d3de0c9042be081a5d2a917385a5dde0c3f1bd99b7dd19c113036e3a6bfb74dba617804887be6e1b6c466bd045118d1db0f8e4b9010a0b2b59aaac4618536fbf2615467568e94336090e6ed0c4943112199586c4df611706359b427c6f0c097d61ed1964a54cd5bbc168fda9cd23737584abe1051c6216b61d69585320065ceab58d625220a59af8ae2ff0199f3adfe3ba5d309c1efac911e71434830239cf34ba9309d05418f2d05864c3671ca459aafca57bca6568eb89d819985d4354decad7f4b16aef8963a9428c481d7526748d95d9414fc78176c6629050cd3b047803b8b0949dacbb0f1f7bb6eb462d4784544e339977e7faced535f70f0928cd6090235900027a01d0c5c41c3d90877abc4bf69fa0a2b0cc8ad7f97aba6fd0bdc3296fed2147e3db6f0ad8e74ad8751b5e1e9edaaa3d6f07db7b478d12f41bd16f3174a4481e02887b1a34027bf769c288a6abb13af1cd9798e45ba91201bd373f08cccd446c0993f00c56f87fa9afed7f13adf38cb9a18f9d38377ad75206d9878f6d5f514ad7f07099088f131b9d1632dc25a895436fa3f44b75a8b43f0a3c1cdd4979b185a862a81231f5b55b72ab27e3725d2a6ccee0c11ff31d03e0cff4671b8d04f5b5e7b941557f0a644629a8369904ad9598c9f2a9408b6c53fd854e80547fbe0a91e8dd28e92270e6969a68f9dbd3a79004a801a56190367ac0859a6b79c5a55b21e87d0acee8a5490cd6710ffb829b6cdde4f3a0a564a5c1fa5fa33cff937c2aa23aa8357305633c724b49bd8e08e85b607e5b15dc924bcd170da3e9cd6fe4697beab865b42036cae8cf76096f2350c2c5fdb0acf210ae43f891ffa95b84b8427dafd6b1f60fed1d98a69b1702fa8967fb4922550310c533eba424c8252a2d3b13770faa0a7ea34a1c6393f6378752185354e31cca44b4d62b6e0cd559f26c1dfe2cb2d9fd5ae47879d43c4f3572d03d91e7c068ddad737225677c2889d18cc1d0b8a49c8387f0c7d0034369ecc66f091217fd705ebed85d854d8593ec266600b53e64eb586f7c85f23764313bb2b05a288bb1ef0ffe57f3e9d0699cb46edd78e51d9bd1fec5549d9664de45671e406fc08ad307e3e880028d61b53be6ef33065b66489de231adc23721d330d2d9d4cbf223b06e980456317776c34d753e9c85071c8e7a91927d92fb5f92f83801095b5075b88e9aac2f3ff2b62f072cc823533cc6cd76700f4d3fca724e4aa0fb245af2493aadab70c95ded5669c487f01bd04ad7b82c2deb5b9da906034266ffd56bab1b538af297919766eed3c46bdcd0701bdccffd50ccc0ac3feef6b3810b2c5deb95c59635a66de535b013451b03b63c4625d7ccbfd62d1c2212e68fd57c5e46625f56dcd3fd5f42cda98ad2d74b18b9e102889778eed1f3fa9b8062b994bca96f5932af610024bb902f54417bb46436038a34c42005b3b26694f84d0f12994946c6dfbac41bc9346d8accfad26b14f55679cb2986ee4cc62b35974e3f9485ccd04e1088284e85aa4785a228b090e365b3cf4b9a9108eaedcbdf6f9e201ccfa12e09c2f00ac70c3d1796ca0bbddd5c2b44cd80877640f63b1663c52b89c83400372f6773db15d0489e6eae4dde1c25c7949b7faeb30eac3ca83713f7cd6f4c7c4fa5ed95be79b972ab4cf0d1b24a685055638008ab28627a67ddf842e7bb9e956ecc88c20eff10b83e3e975237394da90dc147bba622c3058bd0c8163fa46ab286697bdbdc850918c046da0cba03b871be720a605b77487ba661a0c25a29646b0ec41f52db2dc5fd610771d95425b1bbd62232300a45799d90cd7e89b44bf2f51dc3f311729377d81ae2bd811f9cd46a02eb626242b5e39a38b0f4b8c04175260d54e929e85e4cd114b1c98475a6953a0a343968f8a4d477e2acb6dddb60eb0cf165bf5b98e8fcd3bd357c240dfe95b5bfc9dbc0b55e65a3a1f6db312afe4d1cb517d4646ff742839dcb9fac1bbccf90677fcc4aa588d80769729f8027b2e717ea440a17b2093f24b26b84883669f45498de207e283c0bb4d13e4429d2bba6b9c60ef21bb4da68543097e4250b0b0eda5c3c42f8d15b3fdb2a8c89374d5c9340f2476ef22c707fb15bf4954f075b75b5893f96a8c73722b21fc488410c8f6e638d11fdfcf8ed0fae6a7a250b9e2b9a8047ddc2701f9bda04eb58baf2e481829c509bb867d6772aae4ea413998d6b88391af590b3e89fb099eb017293fe7de237ca59c73660a1f8b144c283cc04d9fb562996eb6218ba52466d94138218314f05943de49a691c6065a736ed32923f96ee97252ae0604c9b6368b6828c36a747db7b9e849fdc7e93d22d6ef0ad9c3ef4a49680415b52bcbe6eb8351adf41a0889fde7708f5982a33208c0c9b50110a189be736df9b209df60b03220aa5a5060b235d5bce2a453479234a9b4902072ee6ea864796685baa167eb8f6c26ded3f0b460ac3b01d0ea2a4dd49d8da6753732327db72f52200d9ac28e96fec62bf53d7c55b76d4552280aaceff10953b8c75e0c4c70d1aa8255a67768c62bd0dc63cc0094ccfa0d0703054184382aaf22b312b8f5e98575f8a9a7cb57f17ba533ef81d0ea295d16d38f2b870e0c50e2d96b6efa0a9d4ba22ada81d9f12e485def56844091b49e9c790ddb7b44ede6d68a7caed2527c66deedfe2baf13225c0a27e8434b4b28a379c74d725b5452538a1280a114ac7dd01c655c018cb832126b1ef116501f880aa29ba9e8ed21f82b98f85d6db93d318e0019a6da215cc43e976b0fc160a01a79177831d71b440804618a33abccbed381b8489aad71b1925cc7300544b9b025bab065f9e2db34a58a2dd2abdd073c6d70d56a5e7aa0d4fe959011a3b8b0e6ce689a82b40fd5e936ef823ccb4a770a37bf4fc912d347b0c443a67f6322ea7d2b929ce828daf970d7087c818d4171c468fc8712caf0b7ea4cdbaf84fbf711ed6cd8a84cf0a4cd8aa1466c1aeb4ada74e393e98a45ba4d83569071abd04197cb2a6d1b30fbc57871938ef230990e98ce7ddb909636ae2a20c08d052e92a673ec1e02e44650991089546bf4e0d06be4faa423e1f3c247110b7b8b8361f0a"}) setsockopt(r5, 0x100000000, 0x9, &(0x7f0000001780)="139d2ad7d705cb72a63a310a507e1656464196dd1db5ee69218478990b678dd0de7508241a22e0f6acd714d08d55577f340e6b72e64d90ccef8b5d7b32354897762615857a091e228e60184e2aa4e9caa493909ec9e089cc4ff60d7733e3ead646b560ca99365c87ae2a39b7822625b7fafc8315b9c5d6193fb9dfe2bf111f5099fe462b1561e57baf7711f59551d6c5e64fed0eaaebb05db1c10a85ec84", 0x9e) ioctl$VIDIOC_S_SELECTION(r5, 0xc040565f, &(0x7f00000002c0)={0x2, 0x2, 0x2, {0x40, 0xfff, 0x40, 0xf104}}) 19:13:19 executing program 2: r0 = socket(0x400020000000010, 0x2, 0x0) write(r0, &(0x7f0000000040)="1f00000056000d6dfcffff05bc0203030701ff2104173f8100000000030039", 0x1f) vmsplice(r0, &(0x7f0000001100), 0x0, 0xb) vmsplice(r0, &(0x7f0000001240)=[{&(0x7f0000001140)="f989d666ffd16f870cb8cbb7116cbdec6c5bec31773384c30a3b77995adcc3a0e2e40f87be3557d35449f434059937798ba11ebfd59261a51ce2c913449412668bb33a2affcc0780dd33f7bbf20272c543d75903e56ed2cd2baa4317488db2d36b3fb4b618b9", 0x66}, {&(0x7f00000011c0)="aa2c067afded9955243495508d045c09ae25cc56546f5fb539e9e1f44c463f8c2a7e9ae086cd254b97236edfdaafc110314363836a501325ba8cc733dbc10824f765bbbdf6f87bd8b52e0a0245e8cad055eb611124740320d8294d728756", 0x5e}], 0x2, 0x8) 19:13:19 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") ioctl$VIDIOC_SUBDEV_S_CROP(r1, 0xc038563c, &(0x7f0000000000)={0x1, 0x80, {0x80, 0x8, 0x1, 0x4}}) getsockopt$IP6T_SO_GET_REVISION_TARGET(r1, 0x29, 0x45, &(0x7f0000000080)={'icmp\x00'}, 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) [ 400.338653] binder: 11502:11503 ioctl 40046205 0 returned -22 19:13:19 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r2, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x131) 19:13:19 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_open_dev$amidi(&(0x7f0000000040)='/dev/amidi#\x00', 0x7, 0x40000) r1 = syz_open_dev$admmidi(&(0x7f0000000080)='/dev/admmidi#\x00', 0x3, 0x4000) ioctl$BINDER_THREAD_EXIT(r1, 0x40046205, 0x0) r2 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x0, 0x1) ioctl$EVIOCGPHYS(r2, 0x80404507, &(0x7f00000001c0)=""/4096) ioctl$SCSI_IOCTL_BENCHMARK_COMMAND(r2, 0x3) 19:13:19 executing program 2: r0 = socket(0x400020000000010, 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000000)={0x0, 0x0, 0x10001, 0x1}) ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000040)={r1, 0x1}) 19:13:20 executing program 3: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) rt_sigreturn() setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000080)=0x2a, 0x4) r2 = gettid() unshare(0x28020400) setpgid(r2, r2) syz_open_procfs$namespace(r2, &(0x7f0000000000)='ns/pid_for_children\x00') ioctl$sock_inet_SIOCRTMSG(r1, 0x890d, &(0x7f0000000140)={0x43b0, {0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x13}}, {0x2, 0x4e21, @multicast1}, {0x2, 0x4e24, @loopback}, 0x8, 0x400, 0x1, 0x46, 0x3, &(0x7f0000000100)='ip6tnl0\x00', 0x1e7b8000000000, 0x80, 0xffffffff}) ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(r0, 0xc0105303, &(0x7f00000000c0)={0xe3, 0xff, 0x2}) 19:13:20 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/dlm-monitor\x00', 0x100, 0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f0000000080)={0x0, @in6={{0xa, 0x4e22, 0x8, @remote, 0x4}}, 0x6, 0x9, 0x7, 0x1ff, 0x40}, &(0x7f0000000140)=0x98) setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000180)=@assoc_value={r2, 0x2}, 0x8) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x400000, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r3, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) 19:13:20 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) ioctl$sock_SIOCSIFBR(r0, 0x8941, &(0x7f0000000000)=@generic={0x3, 0x45d6cde8, 0x3}) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r2, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) [ 401.150405] PANIC: double fault, error_code: 0x0 [ 401.155313] CPU: 1 PID: 11528 Comm: syz-executor3 Not tainted 4.19.0+ #83 [ 401.162283] ================================================================== [ 401.169669] BUG: KMSAN: uninit-value in irq_work_claim+0x153/0x390 [ 401.176008] CPU: 1 PID: 11528 Comm: syz-executor3 Not tainted 4.19.0+ #83 [ 401.182941] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 401.192304] Call Trace: [ 401.194909] <#DF> [ 401.197086] dump_stack+0x32d/0x480 [ 401.200734] ? irq_work_claim+0x153/0x390 [ 401.204913] kmsan_report+0x19f/0x300 [ 401.208758] kmsan_internal_check_memory+0x35f/0x450 [ 401.213903] ? __msan_poison_alloca+0x1e0/0x2b0 [ 401.218617] kmsan_check_memory+0xd/0x10 [ 401.222711] irq_work_claim+0x153/0x390 [ 401.226723] irq_work_queue+0x44/0x280 [ 401.230640] vprintk_emit+0x693/0x790 [ 401.234483] vprintk_default+0x90/0xa0 [ 401.238412] vprintk_func+0x26b/0x2a0 [ 401.242244] printk+0x1a3/0x1f0 [ 401.245592] dump_stack_print_info+0x2c4/0x3c0 [ 401.250209] show_regs_print_info+0x37/0x40 [ 401.254567] show_regs+0x38/0x170 [ 401.258044] df_debug+0x86/0xb0 [ 401.261357] do_double_fault+0x362/0x480 [ 401.265453] double_fault+0x1e/0x30 [ 401.269105] RIP: 0010:kmsan_get_origin_address+0xa/0x370 [ 401.274577] Code: eb fe 0f 0b 66 90 66 2e 0f 1f 84 00 00 00 00 00 eb fe 0f 1f 40 00 66 2e 0f 1f 84 00 00 00 00 00 55 48 89 e5 41 57 41 56 41 55 <41> 54 53 48 83 ec 10 48 89 75 c8 48 89 fb 49 bc 00 00 00 00 00 78 [ 401.293496] RSP: 0018:fffffe000003d000 EFLAGS: 00010086 [ 401.298896] RAX: 00000000000001a8 RBX: 0000000000000000 RCX: 0000000000000001 [ 401.306177] RDX: 0000000000000001 RSI: 0000000000000088 RDI: fffffe000003d150 [ 401.313459] RBP: fffffe000003d018 R08: 0000000000000000 R09: 0000000000000000 [ 401.320748] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000088 [ 401.328026] R13: fffffe000003d1c0 R14: fffffe000003d1a8 R15: fffffe000003d1a8 [ 401.335319] [ 401.337572] [ 401.340877] kmsan_memmove_origins+0xbd/0x1d0 [ 401.345394] ? kmsan_memmove_shadow+0xad/0xe0 [ 401.349911] __msan_memmove+0x6c/0x80 [ 401.353736] fixup_bad_iret+0x9b/0x130 [ 401.357649] error_entry+0xad/0xc0 [ 401.361197] RIP: 0000: (null) [ 401.365112] Code: Bad RIP value. [ 401.368486] RSP: a3fb7f:00007f80ebaa99c0 EFLAGS: 00000000 ORIG_RAX: 0000000000000000 [ 401.376400] RAX: 0000000000000000 RBX: ffffffff8ae00e58 RCX: 000000000040393c [ 401.383681] RDX: 742032b68d496d00 RSI: 0000000000000000 RDI: 0000000000000000 [ 401.390962] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000072bf08 [ 401.398241] R10: 000000000072bf00 R11: 000000000072bf0c R12: 0000000000000000 [ 401.405528] R13: 000000000072bf08 R14: 000000000072bf00 R15: 000000000072bf0c [ 401.412820] ? general_protection+0x8/0x30 [ 401.417073] ? general_protection+0x8/0x30 [ 401.421336] [ 401.424706] [ 401.426340] Local variable description: ----__ai_ptr@irq_work_claim [ 401.432745] Variable was created at: [ 401.436473] irq_work_claim+0x4b/0x390 [ 401.440373] irq_work_queue+0x44/0x280 [ 401.444262] [ 401.445893] Byte 7 of 8 is uninitialized [ 401.449959] Memory access of size 8 starts at fffffe0000045a38 [ 401.455930] ================================================================== [ 401.463292] Disabling lock debugging due to kernel taint [ 401.468749] Kernel panic - not syncing: panic_on_warn set ... [ 401.468749] [ 401.476132] CPU: 1 PID: 11528 Comm: syz-executor3 Tainted: G B 4.19.0+ #83 [ 401.484461] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 401.493827] Call Trace: [ 401.496417] <#DF> [ 401.498590] dump_stack+0x32d/0x480 19:13:20 executing program 4: r0 = socket$inet6(0xa, 0x6, 0xf3) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r2, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000280)=0x19) [ 401.502240] panic+0x57e/0xb28 [ 401.505480] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 401.510958] kmsan_report+0x300/0x300 [ 401.514786] kmsan_internal_check_memory+0x35f/0x450 [ 401.519906] ? __msan_poison_alloca+0x1e0/0x2b0 [ 401.524601] kmsan_check_memory+0xd/0x10 [ 401.528677] irq_work_claim+0x153/0x390 [ 401.532679] irq_work_queue+0x44/0x280 [ 401.536588] vprintk_emit+0x693/0x790 [ 401.540423] vprintk_default+0x90/0xa0 [ 401.544319] vprintk_func+0x26b/0x2a0 [ 401.548143] printk+0x1a3/0x1f0 [ 401.551463] dump_stack_print_info+0x2c4/0x3c0 [ 401.556071] show_regs_print_info+0x37/0x40 [ 401.560411] show_regs+0x38/0x170 [ 401.563883] df_debug+0x86/0xb0 [ 401.567184] do_double_fault+0x362/0x480 [ 401.571268] double_fault+0x1e/0x30 [ 401.574913] RIP: 0010:kmsan_get_origin_address+0xa/0x370 [ 401.580375] Code: eb fe 0f 0b 66 90 66 2e 0f 1f 84 00 00 00 00 00 eb fe 0f 1f 40 00 66 2e 0f 1f 84 00 00 00 00 00 55 48 89 e5 41 57 41 56 41 55 <41> 54 53 48 83 ec 10 48 89 75 c8 48 89 fb 49 bc 00 00 00 00 00 78 [ 401.599288] RSP: 0018:fffffe000003d000 EFLAGS: 00010086 [ 401.604670] RAX: 00000000000001a8 RBX: 0000000000000000 RCX: 0000000000000001 [ 401.611950] RDX: 0000000000000001 RSI: 0000000000000088 RDI: fffffe000003d150 [ 401.619235] RBP: fffffe000003d018 R08: 0000000000000000 R09: 0000000000000000 [ 401.626529] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000088 [ 401.633809] R13: fffffe000003d1c0 R14: fffffe000003d1a8 R15: fffffe000003d1a8 [ 401.641101] [ 401.643359] [ 401.646659] kmsan_memmove_origins+0xbd/0x1d0 [ 401.651173] ? kmsan_memmove_shadow+0xad/0xe0 [ 401.655687] __msan_memmove+0x6c/0x80 [ 401.659510] fixup_bad_iret+0x9b/0x130 [ 401.663427] error_entry+0xad/0xc0 [ 401.666975] RIP: 0000: (null) [ 401.670884] Code: Bad RIP value. [ 401.674254] RSP: a3fb7f:00007f80ebaa99c0 EFLAGS: 00000000 ORIG_RAX: 0000000000000000 [ 401.682154] RAX: 0000000000000000 RBX: ffffffff8ae00e58 RCX: 000000000040393c [ 401.689434] RDX: 742032b68d496d00 RSI: 0000000000000000 RDI: 0000000000000000 [ 401.696714] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000072bf08 [ 401.703994] R10: 000000000072bf00 R11: 000000000072bf0c R12: 0000000000000000 [ 401.711275] R13: 000000000072bf08 R14: 000000000072bf00 R15: 000000000072bf0c [ 401.718569] ? general_protection+0x8/0x30 [ 401.722826] ? general_protection+0x8/0x30 [ 401.727074] [ 401.731741] Kernel Offset: disabled [ 401.735369] Rebooting in 86400 seconds..