[ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.1.24' (ECDSA) to the list of known hosts. 2020/05/20 17:26:55 fuzzer started 2020/05/20 17:26:55 dialing manager at 10.128.0.26:35439 2020/05/20 17:26:55 syscalls: 3005 2020/05/20 17:26:55 code coverage: enabled 2020/05/20 17:26:55 comparison tracing: enabled 2020/05/20 17:26:55 extra coverage: enabled 2020/05/20 17:26:55 setuid sandbox: enabled 2020/05/20 17:26:55 namespace sandbox: enabled 2020/05/20 17:26:55 Android sandbox: /sys/fs/selinux/policy does not exist 2020/05/20 17:26:55 fault injection: enabled 2020/05/20 17:26:55 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2020/05/20 17:26:55 net packet injection: enabled 2020/05/20 17:26:55 net device setup: enabled 2020/05/20 17:26:55 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2020/05/20 17:26:55 devlink PCI setup: PCI device 0000:00:10.0 is not available 2020/05/20 17:26:55 USB emulation: /dev/raw-gadget does not exist 17:29:06 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000200)="6653070000053c27bc3376003639405cb4aed12f0000001500ae47a825d868000000805acf4f8f364602344324adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf8b0b16d6f2c59957ab364884b3c5d05692e664ebf68effaa53367f05f4ad61421349f2f11e931e7d62ead037cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa0c4ecc7aeeb72e0d050feace34b52d9e5f755563698c7e24ab61f0866f15da7f480c00b10000008e00050000be5d2dd15b6210d53eed19bca008388e736e518b98d91c22def1115d7b1e821039a85ad8b91ceaf3", 0xdf}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) syzkaller login: [ 194.640643][ T7103] IPVS: ftp: loaded support on port[0] = 21 [ 194.761895][ T7103] chnl_net:caif_netlink_parms(): no params data found 17:29:06 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = dup2(r0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f0000000040)='hfsplus\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={[{@nls={'nls', 0x3d, 'cp936'}}, {@umask={'umask'}}, {@session={'session'}}]}) [ 194.838999][ T7103] bridge0: port 1(bridge_slave_0) entered blocking state [ 194.847746][ T7103] bridge0: port 1(bridge_slave_0) entered disabled state [ 194.856055][ T7103] device bridge_slave_0 entered promiscuous mode [ 194.866320][ T7103] bridge0: port 2(bridge_slave_1) entered blocking state [ 194.873578][ T7103] bridge0: port 2(bridge_slave_1) entered disabled state [ 194.881838][ T7103] device bridge_slave_1 entered promiscuous mode [ 194.909502][ T7103] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 194.921445][ T7103] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 194.949733][ T7103] team0: Port device team_slave_0 added [ 194.958796][ T7103] team0: Port device team_slave_1 added [ 194.981776][ T7103] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 194.989797][ T7103] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 195.016407][ T7103] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 195.030014][ T7103] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 195.037303][ T7103] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 195.064327][ T7103] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 195.150591][ T7103] device hsr_slave_0 entered promiscuous mode 17:29:06 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000005c000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8dd65660f382201c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d6830f01caed", 0x14}], 0x1, 0x0, 0x0, 0x25a) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x40000000000004, 0x80000000000000}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000049000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0xffffffffffffff11) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 195.227211][ T7103] device hsr_slave_1 entered promiscuous mode [ 195.329028][ T7263] IPVS: ftp: loaded support on port[0] = 21 [ 195.412493][ T7281] IPVS: ftp: loaded support on port[0] = 21 17:29:07 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = dup2(r0, r0) setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000800)=@raw={'raw\x00', 0x9, 0x3, 0x2c0, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x1f0, 0xffffffff, 0xffffffff, 0x1f0, 0xffffffff, 0x3, 0x0, {[{{@uncond, 0x0, 0xa8, 0xd8}, @common=@inet=@SET2={0x30, 'SET\x00', 0x2, {{0xffffffffffffffff}, {0xffffffffffffffff}}}}, {{@uncond, 0x0, 0xd0, 0x118, 0x0, {}, [@inet=@rpfilter={{0x28, 'rpfilter\x00'}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@private1, 'syzkaller1\x00'}}}], {{[], 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x320) [ 195.809738][ T7263] chnl_net:caif_netlink_parms(): no params data found [ 195.829659][ T7103] netdevsim netdevsim0 netdevsim0: renamed from eth0 17:29:07 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000003c0)=""/102400, 0x19000}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x33) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0xc7, &(0x7f0000000140)="f7f258480aa4cefd3b79e76a3676cc03592a16c9f7b7e632a56f7259e480249950f34c82a1cef20d94de765aa586d65abd7f022e4c53eeffffffff1334699798134f5af37114f1bdd705c398eef68310b97759d9a4d932859f5fc392372222ed0ebfe14d3b2572aa518bb82e2203c5c21dbe992e6ff45added903c414b885e1d75cbcf349e62b507bf9724582101e813be10018870fedf989f018ed60e0300000000000000560197a0c06de84a20fd1d1db01b738f6489a1a3089b37bc9b268482dd98a4580729"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 195.944184][ T7436] IPVS: ftp: loaded support on port[0] = 21 [ 195.958706][ T7103] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 196.020997][ T7103] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 196.087818][ T7103] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 196.131823][ T7281] chnl_net:caif_netlink_parms(): no params data found 17:29:08 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x6) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = dup2(r0, r1) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$TCFLSH(r2, 0x8910, 0x73a000) [ 196.335801][ T7552] IPVS: ftp: loaded support on port[0] = 21 [ 196.361698][ T7263] bridge0: port 1(bridge_slave_0) entered blocking state [ 196.376261][ T7263] bridge0: port 1(bridge_slave_0) entered disabled state [ 196.386428][ T7263] device bridge_slave_0 entered promiscuous mode [ 196.476088][ T7263] bridge0: port 2(bridge_slave_1) entered blocking state [ 196.488309][ T7263] bridge0: port 2(bridge_slave_1) entered disabled state [ 196.501094][ T7263] device bridge_slave_1 entered promiscuous mode [ 196.521688][ T7281] bridge0: port 1(bridge_slave_0) entered blocking state [ 196.530946][ T7281] bridge0: port 1(bridge_slave_0) entered disabled state [ 196.540459][ T7281] device bridge_slave_0 entered promiscuous mode [ 196.589195][ T7281] bridge0: port 2(bridge_slave_1) entered blocking state [ 196.596277][ T7281] bridge0: port 2(bridge_slave_1) entered disabled state [ 196.608944][ T7281] device bridge_slave_1 entered promiscuous mode [ 196.646333][ T7436] chnl_net:caif_netlink_parms(): no params data found [ 196.673623][ T7263] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 196.689097][ T7263] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 196.695292][ T7639] IPVS: ftp: loaded support on port[0] = 21 [ 196.747128][ T7281] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 196.772118][ T7263] team0: Port device team_slave_0 added [ 196.794085][ T7281] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 196.816026][ T7263] team0: Port device team_slave_1 added [ 196.895613][ T7281] team0: Port device team_slave_0 added [ 196.905354][ T7281] team0: Port device team_slave_1 added [ 196.914926][ T7263] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 196.922375][ T7263] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 196.949492][ T7263] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 196.972791][ T7103] 8021q: adding VLAN 0 to HW filter on device bond0 [ 197.006218][ T7263] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 197.017226][ T7263] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 197.046229][ T7263] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 197.122862][ T7436] bridge0: port 1(bridge_slave_0) entered blocking state [ 197.131048][ T7436] bridge0: port 1(bridge_slave_0) entered disabled state [ 197.140268][ T7436] device bridge_slave_0 entered promiscuous mode [ 197.150759][ T7436] bridge0: port 2(bridge_slave_1) entered blocking state [ 197.160102][ T7436] bridge0: port 2(bridge_slave_1) entered disabled state [ 197.169874][ T7436] device bridge_slave_1 entered promiscuous mode [ 197.183864][ T7103] 8021q: adding VLAN 0 to HW filter on device team0 [ 197.192925][ T7281] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 197.201029][ T7281] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 197.227694][ T7281] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 197.242340][ T7281] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 197.249576][ T7281] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 197.276286][ T7281] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 197.293817][ T2990] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 197.302787][ T2990] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 197.356425][ T7552] chnl_net:caif_netlink_parms(): no params data found [ 197.372276][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 197.387052][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 197.395641][ T2980] bridge0: port 1(bridge_slave_0) entered blocking state [ 197.402927][ T2980] bridge0: port 1(bridge_slave_0) entered forwarding state [ 197.412040][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 197.421575][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 197.430752][ T2980] bridge0: port 2(bridge_slave_1) entered blocking state [ 197.437877][ T2980] bridge0: port 2(bridge_slave_1) entered forwarding state [ 197.480499][ T7263] device hsr_slave_0 entered promiscuous mode [ 197.516888][ T7263] device hsr_slave_1 entered promiscuous mode [ 197.547233][ T7263] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 197.555249][ T7263] Cannot create hsr debugfs directory [ 197.598686][ T7436] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 197.609067][ T2824] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 197.620304][ T2824] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 197.690626][ T7436] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 197.754267][ T7281] device hsr_slave_0 entered promiscuous mode [ 197.796897][ T7281] device hsr_slave_1 entered promiscuous mode [ 197.846704][ T7281] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 197.854294][ T7281] Cannot create hsr debugfs directory [ 197.895055][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 197.957518][ T7639] chnl_net:caif_netlink_parms(): no params data found [ 197.986385][ T7436] team0: Port device team_slave_0 added [ 197.995547][ T7436] team0: Port device team_slave_1 added [ 198.004626][ T7552] bridge0: port 1(bridge_slave_0) entered blocking state [ 198.012631][ T7552] bridge0: port 1(bridge_slave_0) entered disabled state [ 198.020785][ T7552] device bridge_slave_0 entered promiscuous mode [ 198.054205][ T2990] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 198.063725][ T2990] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 198.073291][ T7552] bridge0: port 2(bridge_slave_1) entered blocking state [ 198.084567][ T7552] bridge0: port 2(bridge_slave_1) entered disabled state [ 198.093012][ T7552] device bridge_slave_1 entered promiscuous mode [ 198.136776][ T2959] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 198.191252][ T7436] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 198.202307][ T7436] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 198.233655][ T7436] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 198.252311][ T7436] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 198.260847][ T7436] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 198.287543][ T7436] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 198.305215][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 198.319827][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 198.331090][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 198.341759][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 198.353069][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 198.363617][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 198.402228][ T7552] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 198.434170][ T7103] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 198.478189][ T7552] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 198.570550][ T7436] device hsr_slave_0 entered promiscuous mode [ 198.647185][ T7436] device hsr_slave_1 entered promiscuous mode [ 198.706728][ T7436] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 198.714407][ T7436] Cannot create hsr debugfs directory [ 198.721051][ T7639] bridge0: port 1(bridge_slave_0) entered blocking state [ 198.729014][ T7639] bridge0: port 1(bridge_slave_0) entered disabled state [ 198.737493][ T7639] device bridge_slave_0 entered promiscuous mode [ 198.765513][ T7552] team0: Port device team_slave_0 added [ 198.774874][ T7552] team0: Port device team_slave_1 added [ 198.782707][ T7639] bridge0: port 2(bridge_slave_1) entered blocking state [ 198.790088][ T7639] bridge0: port 2(bridge_slave_1) entered disabled state [ 198.798602][ T7639] device bridge_slave_1 entered promiscuous mode [ 198.852699][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 198.861424][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 198.883232][ T7552] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 198.894024][ T7552] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 198.922463][ T7552] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 198.940114][ T7639] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 198.953386][ T7639] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 198.979768][ T7552] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 198.988095][ T7552] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 199.015314][ T7552] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 199.054379][ T7103] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 199.062739][ T7263] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 199.110313][ T7263] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 199.203627][ T7639] team0: Port device team_slave_0 added [ 199.220019][ T7263] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 199.282419][ T7639] team0: Port device team_slave_1 added [ 199.302682][ T7263] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 199.380473][ T7552] device hsr_slave_0 entered promiscuous mode [ 199.437017][ T7552] device hsr_slave_1 entered promiscuous mode [ 199.486752][ T7552] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 199.494344][ T7552] Cannot create hsr debugfs directory [ 199.531152][ T7639] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 199.538332][ T7639] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 199.565567][ T7639] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 199.584388][ T7639] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 199.591757][ T7639] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 199.619140][ T7639] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 199.686622][ T7281] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 199.729500][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 199.739488][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 199.789794][ T7281] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 199.866333][ T7103] device veth0_vlan entered promiscuous mode [ 199.939439][ T7639] device hsr_slave_0 entered promiscuous mode [ 199.987009][ T7639] device hsr_slave_1 entered promiscuous mode [ 200.046889][ T7639] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 200.054651][ T7639] Cannot create hsr debugfs directory [ 200.062220][ T7281] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 200.125259][ T7281] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 200.179344][ T2959] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 200.187942][ T2959] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 200.196978][ T2959] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 200.204876][ T2959] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 200.250331][ T7103] device veth1_vlan entered promiscuous mode [ 200.281728][ T7436] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 200.400231][ T7436] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 200.443787][ T7436] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 200.488961][ T7436] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 200.662221][ T7103] device veth0_macvtap entered promiscuous mode [ 200.689371][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 200.703822][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 200.731040][ T7103] device veth1_macvtap entered promiscuous mode [ 200.743064][ T7552] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 200.770304][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 200.778750][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 200.793865][ T7263] 8021q: adding VLAN 0 to HW filter on device bond0 [ 200.811918][ T7552] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 200.872818][ T7552] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 200.959864][ T7639] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 200.989672][ T7552] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 201.064924][ T7103] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 201.078557][ T7639] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 201.109017][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 201.119085][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 201.128440][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 201.138109][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 201.151020][ T7263] 8021q: adding VLAN 0 to HW filter on device team0 [ 201.169403][ T7103] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 201.178536][ T7639] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 201.231766][ T7639] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 201.297566][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 201.309632][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 201.359168][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 201.370066][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 201.380539][ T2980] bridge0: port 1(bridge_slave_0) entered blocking state [ 201.387872][ T2980] bridge0: port 1(bridge_slave_0) entered forwarding state [ 201.470576][ T7281] 8021q: adding VLAN 0 to HW filter on device bond0 [ 201.483111][ T2824] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 201.495797][ T2824] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 201.506181][ T2824] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 201.515087][ T2824] bridge0: port 2(bridge_slave_1) entered blocking state [ 201.526320][ T2824] bridge0: port 2(bridge_slave_1) entered forwarding state [ 201.534719][ T2824] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 201.673318][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 201.689824][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 201.703659][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 201.724599][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 201.747320][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 201.763421][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 201.777287][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 201.786754][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 201.794709][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 201.812629][ T7263] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 201.832385][ T7263] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 201.873818][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 201.883710][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 201.893674][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 201.911001][ T7281] 8021q: adding VLAN 0 to HW filter on device team0 [ 201.925103][ T7436] 8021q: adding VLAN 0 to HW filter on device bond0 [ 201.965581][ T2990] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 201.978758][ T2990] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 201.988765][ T2990] bridge0: port 1(bridge_slave_0) entered blocking state [ 201.996503][ T2990] bridge0: port 1(bridge_slave_0) entered forwarding state [ 202.014466][ T7263] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 202.058293][ T2990] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 202.067590][ T2990] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 202.075342][ T2990] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 202.085253][ T2990] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 202.094058][ T2990] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 202.102743][ T2990] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 202.112143][ T2990] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 202.121035][ T2990] bridge0: port 2(bridge_slave_1) entered blocking state [ 202.128217][ T2990] bridge0: port 2(bridge_slave_1) entered forwarding state [ 202.136133][ T2990] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 202.145758][ T2990] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 202.159060][ T7436] 8021q: adding VLAN 0 to HW filter on device team0 [ 202.186952][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 202.201232][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 202.249335][ T7552] 8021q: adding VLAN 0 to HW filter on device bond0 [ 202.263557][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 202.277774][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 202.290857][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 202.301204][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 202.316853][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 202.326276][ T2980] bridge0: port 1(bridge_slave_0) entered blocking state [ 202.334439][ T2980] bridge0: port 1(bridge_slave_0) entered forwarding state [ 202.344127][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 202.354064][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 202.392402][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 202.404816][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 202.415306][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 202.430332][ T26] bridge0: port 2(bridge_slave_1) entered blocking state [ 202.437462][ T26] bridge0: port 2(bridge_slave_1) entered forwarding state [ 202.445942][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 202.456061][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 202.465067][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 202.476275][ T7639] 8021q: adding VLAN 0 to HW filter on device bond0 [ 202.505462][ T7281] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 202.517686][ T7281] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 202.548319][ T2990] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 202.558235][ T2990] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 202.567595][ T2990] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 202.577476][ T2990] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 202.585335][ T2990] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 202.599409][ T7263] device veth0_vlan entered promiscuous mode [ 202.618725][ T7639] 8021q: adding VLAN 0 to HW filter on device team0 [ 202.642695][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 202.653783][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 202.663081][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 202.672345][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 202.681605][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 202.691461][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 202.700712][ T26] bridge0: port 1(bridge_slave_0) entered blocking state [ 202.707845][ T26] bridge0: port 1(bridge_slave_0) entered forwarding state [ 202.715609][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 202.723717][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 202.731885][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 202.740554][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 202.749475][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 202.758558][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 202.785339][ T7552] 8021q: adding VLAN 0 to HW filter on device team0 [ 202.799404][ T2993] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 202.811841][ T2993] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 202.822239][ T2993] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 202.831567][ T2993] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 202.840933][ T2993] bridge0: port 2(bridge_slave_1) entered blocking state [ 202.848091][ T2993] bridge0: port 2(bridge_slave_1) entered forwarding state [ 202.856015][ T2993] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 202.864773][ T2993] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 202.876704][ T7263] device veth1_vlan entered promiscuous mode [ 202.922439][ T2824] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 202.931761][ T2824] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 202.941189][ T2824] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 202.951157][ T2824] bridge0: port 1(bridge_slave_0) entered blocking state [ 202.958318][ T2824] bridge0: port 1(bridge_slave_0) entered forwarding state [ 202.967098][ T2824] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 202.975716][ T2824] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 202.984996][ T2824] bridge0: port 2(bridge_slave_1) entered blocking state [ 202.992126][ T2824] bridge0: port 2(bridge_slave_1) entered forwarding state [ 203.000908][ T2824] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 203.011643][ T2824] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 203.019509][ T2824] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 203.027170][ T2824] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 203.035784][ T2824] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 203.044998][ T2824] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 203.054078][ T2824] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 203.063227][ T2824] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 203.073359][ T2824] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 203.085520][ T7436] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 203.125863][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 203.135341][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 203.147080][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 203.155559][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 203.165224][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 203.174911][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 203.184177][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 203.193539][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 203.202604][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 203.212290][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 203.224057][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 203.241030][ T7281] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 203.267072][ T2824] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 203.275648][ T2824] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 203.285495][ T2824] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 203.294568][ T2824] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 203.303454][ T2824] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 203.313948][ T2824] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 203.330373][ T7639] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 203.342605][ T7639] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 203.362778][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 203.377265][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 203.385682][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 203.418414][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 203.427089][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 203.434555][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 203.443965][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 203.461443][ T7263] device veth0_macvtap entered promiscuous mode [ 203.474582][ T7263] device veth1_macvtap entered promiscuous mode [ 203.519605][ T7639] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 203.533208][ T7436] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 203.557542][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 203.568725][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 203.587069][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 203.594780][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 203.605577][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 203.615502][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 203.624700][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 203.632357][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 203.653185][ T7552] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 203.711274][ T7263] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 203.733841][ T7263] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 203.750836][ T7263] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 203.776688][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 203.785870][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 203.799275][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 203.809921][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 203.821888][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 203.830714][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 203.857657][ T7263] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 203.870363][ T7263] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 203.883470][ T7263] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 203.897119][ T7281] device veth0_vlan entered promiscuous mode [ 203.916279][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 203.925290][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 203.934703][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 203.945445][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 203.954990][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 203.964713][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 204.068922][ T7281] device veth1_vlan entered promiscuous mode [ 204.139480][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 204.149970][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 204.162511][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 204.172070][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 204.181651][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 204.193030][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 204.202333][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 204.212261][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 204.221374][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 204.302681][ T7436] device veth0_vlan entered promiscuous mode [ 204.323389][ T7639] device veth0_vlan entered promiscuous mode [ 204.366005][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 204.378527][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 204.407411][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 204.412429][ T8378] hfsplus: invalid session number or type of track [ 204.435813][ T8378] hfsplus: unable to find HFS+ superblock [ 204.441058][ T7639] device veth1_vlan entered promiscuous mode [ 204.482520][ T2959] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 204.498450][ T2959] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 204.534416][ T7436] device veth1_vlan entered promiscuous mode [ 204.571061][ T7552] device veth0_vlan entered promiscuous mode 17:29:16 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = dup2(r0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f0000000040)='hfsplus\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={[{@nls={'nls', 0x3d, 'cp936'}}, {@umask={'umask'}}, {@session={'session'}}]}) [ 204.584597][ T2959] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 204.600320][ T2959] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 204.637632][ T2959] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 204.649149][ T2959] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 204.665010][ T7281] device veth0_macvtap entered promiscuous mode 17:29:16 executing program 0: r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote, 0x6}, 0x1c) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000bfff0)={&(0x7f0000006440)=ANY=[@ANYBLOB="b800000019000100000006005b000000ff010000000000000000000000000001e000000100000000800000000000000000000000000000000a0001000000002e", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000cede6299eb6284070000000000fd85d16e791a2daa2586f6fded0000000005000000000000000000d94bfeadbfce0d4ed61c01bb3c42000000ea000000002655356f5400fbfa0000000000000500000000000000000000000000000000000000ee0100000001"], 0xb8}}, 0x0) sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0) [ 204.724748][ T7281] device veth1_macvtap entered promiscuous mode [ 204.744604][ T8387] hfsplus: invalid session number or type of track [ 204.751702][ T8387] hfsplus: unable to find HFS+ superblock [ 204.765900][ T7552] device veth1_vlan entered promiscuous mode 17:29:16 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = dup2(r0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$hfsplus(&(0x7f0000000040)='hfsplus\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={[{@nls={'nls', 0x3d, 'cp936'}}, {@umask={'umask'}}, {@session={'session'}}]}) [ 204.858003][ T7281] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 204.887719][ T7281] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 204.922598][ T7281] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 204.956208][ T7281] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 204.990125][ T7281] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 205.012383][ T2990] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 205.028483][ T2990] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 205.040030][ T8397] hfsplus: invalid session number or type of track [ 205.057397][ T2990] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 205.065730][ T2990] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 205.073614][ T8397] hfsplus: unable to find HFS+ superblock 17:29:16 executing program 0: [ 205.107063][ T2990] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 205.117604][ T2990] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 205.126936][ T2990] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 205.135736][ T2990] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 205.150496][ T7436] device veth0_macvtap entered promiscuous mode [ 205.167854][ T7639] device veth0_macvtap entered promiscuous mode [ 205.184760][ T7639] device veth1_macvtap entered promiscuous mode 17:29:16 executing program 1: [ 205.233693][ T2990] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 205.255381][ T2990] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready 17:29:17 executing program 0: [ 205.285221][ T2990] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 205.304349][ T2990] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 205.325628][ T7436] device veth1_macvtap entered promiscuous mode 17:29:17 executing program 1: [ 205.355904][ T7281] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 17:29:17 executing program 0: [ 205.407016][ T7281] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 205.456103][ T7281] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 205.486636][ T7281] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 205.500978][ T7281] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 205.522373][ T2993] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 205.533274][ T2993] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 205.542820][ T2993] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 205.552733][ T2993] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 205.585939][ T7552] device veth0_macvtap entered promiscuous mode [ 205.635023][ T2959] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 205.658372][ T2959] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 205.671653][ T2959] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 205.719103][ T7639] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 205.747228][ T7639] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 205.773054][ T7639] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 205.798363][ T7639] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 205.809290][ T7639] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 205.822229][ T7639] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 205.835648][ T7639] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 205.855088][ T7552] device veth1_macvtap entered promiscuous mode [ 205.908049][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 205.918029][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 205.927005][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 205.944239][ T7639] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 205.955829][ T7639] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 205.966430][ T7639] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 205.976937][ T7639] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 205.986866][ T7639] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 205.997326][ T7639] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 206.009293][ T7639] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 206.091292][ T7436] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 206.102119][ T7436] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 206.112493][ T7436] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 206.123261][ T7436] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 206.133821][ T7436] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 206.144435][ T7436] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 206.154342][ T7436] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 206.164828][ T7436] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 206.178969][ T7436] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 206.186507][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 206.195147][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 206.204964][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 206.214646][ T2980] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 206.234988][ T7552] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 206.249739][ T7552] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 206.261549][ T7552] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 206.272608][ T7552] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 206.283023][ T7552] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 206.294606][ T7552] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 206.305104][ T7552] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 206.316399][ T7552] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 206.328900][ T7552] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 206.339999][ T7552] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 206.352758][ T7552] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 206.404584][ T7436] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 206.415433][ T7436] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 206.432798][ T7436] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 206.458757][ T7436] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 206.469888][ T7436] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 206.477110][ T8412] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 206.480696][ T7436] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 206.526752][ T7436] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 206.546383][ T7436] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 206.596270][ T7436] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 206.631397][ T2993] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 206.652568][ T2993] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 206.669025][ T2993] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 206.683219][ T2993] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 206.704741][ T7552] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 206.725495][ T7552] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 206.743444][ T7552] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 17:29:18 executing program 2: [ 206.776171][ T7552] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 206.787157][ T7552] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 206.798014][ T7552] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 206.836053][ T7552] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 206.853270][ T7552] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 206.876048][ T7552] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 206.893745][ T7552] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 206.906724][ T7552] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 206.947324][ T2824] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 206.962431][ T2824] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 207.499456][ T8443] x_tables: duplicate underflow at hook 3 [ 207.523592][ T8444] x_tables: duplicate underflow at hook 3 17:29:19 executing program 3: 17:29:22 executing program 4: 17:29:22 executing program 1: 17:29:22 executing program 0: 17:29:22 executing program 2: 17:29:22 executing program 5: 17:29:22 executing program 3: 17:29:22 executing program 5: 17:29:22 executing program 2: 17:29:22 executing program 0: 17:29:22 executing program 3: 17:29:22 executing program 1: 17:29:22 executing program 4: 17:29:22 executing program 5: 17:29:22 executing program 0: 17:29:22 executing program 3: 17:29:22 executing program 2: 17:29:22 executing program 1: 17:29:22 executing program 5: r0 = syz_open_dev$video(&(0x7f0000000240)='/dev/video#\x00', 0x0, 0x200000) flistxattr(r0, 0x0, 0x0) 17:29:22 executing program 4: open(&(0x7f0000000140)='./bus\x00', 0x141042, 0x0) syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/seq\x00', 0x2) write$sndseq(r0, 0x0, 0x0) pipe(&(0x7f0000000200)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0) 17:29:22 executing program 2: 17:29:22 executing program 3: 17:29:22 executing program 1: 17:29:22 executing program 0: 17:29:22 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0) ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x402c5828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x4000fff}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[], 0x0, 0x23c1}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 17:29:22 executing program 2: r0 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x100082) r1 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/bluetooth/6lowpan_enable\x00', 0x2, 0x0) sendfile(r0, r1, 0x0, 0x40fdf) 17:29:22 executing program 0: mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x2000007, 0x6031, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mremap(&(0x7f0000a1f000/0x3000)=nil, 0x3000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) 17:29:22 executing program 3: r0 = socket(0x11, 0x800000003, 0x0) bind(r0, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r0, &(0x7f00000003c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000000)=0x14) r2 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000180)=@newqdisc={0x3c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9, 0x1, 'cake\x00'}, {0xc, 0x2, [@TCA_CAKE_WASH={0x8}]}}]}, 0x3c}}, 0x0) 17:29:22 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000000c0)={0xe0003}) 17:29:23 executing program 2: r0 = perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) readv(r0, &(0x7f0000001740)=[{0x0}, {&(0x7f0000000640)=""/103, 0x67}], 0x2) 17:29:23 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @ipv4={[], [], @loopback}}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @empty}, 0x1c) recvmmsg(r0, &(0x7f0000004880)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x44000102, 0x0) [ 211.516338][ T8522] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. 17:29:23 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="580000000206010800000000000000000000000005000400000000000900020073797a31000000050500010006000000050005000a0000000c000780080012407f7cfffe12000300686173683a6e65742c706f7274"], 0x58}}, 0x0) 17:29:23 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/kcm\x00') preadv(r0, &(0x7f0000000780)=[{&(0x7f00000003c0)=""/124, 0x7c}], 0x1, 0x7a200) 17:29:23 executing program 5: r0 = syz_open_dev$video(&(0x7f0000000000)='/dev/video#\x00', 0x3, 0x0) ioctl$VIDIOC_SUBSCRIBE_EVENT(r0, 0x4020565a, &(0x7f0000000100)={0x3, 0x98f904, 0x1, [0x100000000000000]}) r1 = socket$unix(0x1, 0x2, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) dup2(r2, r0) 17:29:23 executing program 2: syz_mount_image$jfs(&(0x7f0000000140)='jfs\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001840)={[{@discard_size={'discard'}}, {@gid={'gid'}}]}) 17:29:23 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, &(0x7f00000012c0)="20048a927f1f6588b967481241ba7860f46ef65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95c25a3a07e758044ab4ea6f7ae55d88fecf9221a750fbf746bec66ba", 0xfe6a, 0xe, 0x0, 0xfffffffffffffe2b) [ 211.949041][ T8544] JFS: discard option not supported on device [ 211.964997][ T8549] syz-executor.4: vmalloc: allocation failure: 17179869208 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 211.980851][ T8549] CPU: 0 PID: 8549 Comm: syz-executor.4 Not tainted 5.7.0-rc1-next-20200415-syzkaller #0 [ 211.990768][ T8549] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 212.000950][ T8549] Call Trace: [ 212.004291][ T8549] dump_stack+0x188/0x20d [ 212.008645][ T8549] warn_alloc.cold+0x87/0x164 [ 212.013346][ T8549] ? zone_watermark_ok_safe+0x260/0x260 [ 212.018936][ T8549] __vmalloc_node_range+0x452/0x7a0 [ 212.024156][ T8549] ? kmem_cache_alloc_trace+0x390/0x7d0 [ 212.029720][ T8549] ? ip_set_alloc+0x48/0x57 [ 212.034413][ T8549] vzalloc+0x67/0x80 [ 212.038321][ T8549] ? ip_set_alloc+0x48/0x57 [ 212.042840][ T8549] ip_set_alloc+0x48/0x57 [ 212.047212][ T8549] hash_netport_create+0x406/0xd60 [ 212.052881][ T8549] ? hash_netport6_uref+0x400/0x400 [ 212.058095][ T8549] ip_set_create+0x6ad/0x13b0 [ 212.062787][ T8549] ? ip_set_destroy+0xb00/0xb00 [ 212.067668][ T8549] ? nla_memcpy+0xa0/0xa0 [ 212.072027][ T8549] ? ip_set_destroy+0xb00/0xb00 [ 212.076888][ T8549] nfnetlink_rcv_msg+0xc83/0xf30 [ 212.081849][ T8549] ? nfnetlink_bind+0x2b0/0x2b0 [ 212.087063][ T8549] ? consume_skb+0xfb/0x400 [ 212.091578][ T8549] ? lock_downgrade+0x840/0x840 17:29:23 executing program 0: r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0) ftruncate(r0, 0x88001) write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7) r1 = socket(0x11, 0x3, 0x0) setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4) bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0) r3 = open(&(0x7f0000000400)='./bus\x00', 0x14103e, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x11, r3, 0x0) pipe2$9p(0x0, 0x0) read(r3, &(0x7f0000000180)=""/19, 0xfffffe47) perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendfile(r1, r2, 0x0, 0xffffffff010) 17:29:23 executing program 1: socket$netlink(0x10, 0x3, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x4a}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0xa) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="4800000010000507000000000000000000000002", @ANYRES32=r3, @ANYBLOB="0000400000000002280012000c00010076657468"], 0x48}}, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=@ipv4_newaddr={0x20, 0x14, 0x121, 0x0, 0x0, {0x2, 0x1, 0x0, 0x0, r3}, [@IFA_LOCAL={0x8, 0x2, @local}]}, 0x20}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=@ipv4_newaddr={0x20, 0x14, 0x121, 0x0, 0x0, {0x2, 0x1, 0x0, 0x0, r3}, [@IFA_LOCAL={0x8, 0x2, @multicast2}]}, 0x20}}, 0x0) 17:29:23 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000000)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0) r1 = syz_open_dev$binderN(0x0, 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000200)={0x1, 0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="04630440"], 0x0, 0x0, 0x0}) r2 = dup2(r1, r0) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000000c0)={0x4, 0x0, &(0x7f0000000080)=[@register_looper], 0x1, 0x0, &(0x7f0000000140)="0e"}) mmap$binder(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1, 0x11, r1, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000280)={0xd, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="05630440000000000063404001"], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000540)={0x4c, 0x0, &(0x7f0000000340)=[@reply_sg={0x40486312, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x58, 0x18, &(0x7f0000000180)={@flat=@binder={0x73622a85, 0x0, 0x1}, @fd, @ptr={0x70742a85, 0x0, 0x0}}, &(0x7f0000000240)={0x0, 0x18, 0x30}}}], 0x0, 0x73a000, 0x0}) [ 212.096435][ T8549] ? nlmon_xmit+0x9d/0xd0 [ 212.100782][ T8549] ? __local_bh_enable_ip+0x159/0x270 [ 212.106162][ T8549] ? lockdep_hardirqs_on+0x463/0x620 [ 212.111452][ T8549] ? __dev_queue_xmit+0x174a/0x3070 [ 212.116654][ T8549] ? __local_bh_enable_ip+0x159/0x270 [ 212.122038][ T8549] ? __dev_queue_xmit+0xbf2/0x3070 [ 212.131077][ T8549] netlink_rcv_skb+0x15a/0x410 [ 212.135876][ T8549] ? nfnetlink_bind+0x2b0/0x2b0 [ 212.140728][ T8549] ? netlink_ack+0xa10/0xa10 [ 212.145337][ T8549] ? ns_capable_common+0xe2/0x100 [ 212.150377][ T8549] nfnetlink_rcv+0x1ac/0x420 [ 212.154972][ T8549] ? nfnetlink_rcv_batch+0x1610/0x1610 [ 212.160441][ T8549] netlink_unicast+0x537/0x740 [ 212.165216][ T8549] ? netlink_attachskb+0x810/0x810 [ 212.170416][ T8549] ? _copy_from_iter_full+0x25c/0x870 [ 212.175820][ T8549] ? __phys_addr_symbol+0x2c/0x70 [ 212.180857][ T8549] ? __check_object_size+0x171/0x437 [ 212.186152][ T8549] netlink_sendmsg+0x882/0xe10 [ 212.191197][ T8549] ? aa_af_perm+0x260/0x260 [ 212.195803][ T8549] ? netlink_unicast+0x740/0x740 [ 212.200774][ T8549] ? netlink_unicast+0x740/0x740 [ 212.205816][ T8549] sock_sendmsg+0xcf/0x120 [ 212.210243][ T8549] ____sys_sendmsg+0x6bf/0x7e0 [ 212.215093][ T8549] ? kernel_sendmsg+0x50/0x50 [ 212.219792][ T8549] ___sys_sendmsg+0x100/0x170 [ 212.224757][ T8549] ? sendmsg_copy_msghdr+0x70/0x70 [ 212.229878][ T8549] ? __fget_files+0x32f/0x500 [ 212.235282][ T8549] ? do_dup2+0x520/0x520 [ 212.239535][ T8549] ? __fget_light+0x20e/0x270 [ 212.244212][ T8549] __sys_sendmsg+0xec/0x1b0 [ 212.248699][ T8549] ? __sys_sendmsg_sock+0xb0/0xb0 [ 212.253717][ T8549] ? __x64_sys_futex+0x380/0x4f0 [ 212.258663][ T8549] ? trace_hardirqs_off_caller+0x55/0x230 [ 212.264645][ T8549] ? do_syscall_64+0x21/0x7d0 [ 212.269318][ T8549] do_syscall_64+0xf6/0x7d0 [ 212.273817][ T8549] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 212.279698][ T8549] RIP: 0033:0x45ca29 [ 212.283584][ T8549] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 212.303888][ T8549] RSP: 002b:00007f635b197c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 212.313339][ T8549] RAX: ffffffffffffffda RBX: 00000000004fd8c0 RCX: 000000000045ca29 [ 212.321306][ T8549] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 212.329283][ T8549] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 212.337341][ T8549] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 212.345324][ T8549] R13: 000000000000092a R14: 00000000004cbe77 R15: 00007f635b1986d4 17:29:24 executing program 5: r0 = add_key$user(&(0x7f00000000c0)='user\x00', &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000340)='X\\', 0x2, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f0000000300)='user\x00', &(0x7f0000000180)={'syz', 0x2}, &(0x7f0000000500)='\x00', 0x1, 0xfffffffffffffffd) r2 = add_key$user(&(0x7f0000000280)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='\x00', 0x1, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000000200)={r1, r0, r2}, 0x0, 0x0, 0x0) [ 212.398857][ T8549] Mem-Info: [ 212.402366][ T8549] active_anon:109260 inactive_anon:4127 isolated_anon:0 [ 212.402366][ T8549] active_file:6173 inactive_file:43475 isolated_file:0 [ 212.402366][ T8549] unevictable:0 dirty:161 writeback:0 unstable:0 [ 212.402366][ T8549] slab_reclaimable:19076 slab_unreclaimable:102381 [ 212.402366][ T8549] mapped:59684 shmem:4364 pagetables:988 bounce:0 [ 212.402366][ T8549] free:1224944 free_pcp:640 free_cma:0 [ 212.446672][ T8544] JFS: discard option not supported on device [ 212.479088][ T8549] Node 0 active_anon:439260kB inactive_anon:16508kB active_file:24556kB inactive_file:173900kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:238836kB dirty:636kB writeback:0kB shmem:17456kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 374784kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no 17:29:24 executing program 2: syz_mount_image$jfs(&(0x7f0000000140)='jfs\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001840)={[{@discard_size={'discard'}}, {@gid={'gid'}}]}) [ 212.496280][ T27] audit: type=1804 audit(1589995764.193:2): pid=8561 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir212023365/syzkaller.AhXBXu/10/bus" dev="sda1" ino=15779 res=1 [ 212.537938][ T8563] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. [ 212.570384][ T27] audit: type=1804 audit(1589995764.263:3): pid=8556 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir212023365/syzkaller.AhXBXu/10/bus" dev="sda1" ino=15779 res=1 [ 212.605706][ C0] hrtimer: interrupt took 44705 ns [ 212.641570][ T8549] Node 1 active_anon:0kB inactive_anon:0kB active_file:136kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:8kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 212.657952][ T8564] binder: BINDER_SET_CONTEXT_MGR already set [ 212.674504][ T8566] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. 17:29:24 executing program 5: r0 = add_key$user(&(0x7f00000000c0)='user\x00', &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000340)='X\\', 0x2, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f0000000300)='user\x00', &(0x7f0000000180)={'syz', 0x2}, &(0x7f0000000500)='\x00', 0x1, 0xfffffffffffffffd) r2 = add_key$user(&(0x7f0000000280)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='\x00', 0x1, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000000200)={r1, r0, r2}, 0x0, 0x0, 0x0) [ 212.708210][ T8570] JFS: discard option not supported on device [ 212.752586][ T27] audit: type=1804 audit(1589995764.263:4): pid=8556 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir212023365/syzkaller.AhXBXu/10/bus" dev="sda1" ino=15779 res=1 [ 212.781831][ T8549] Node 0 DMA free:15908kB min:220kB low:272kB high:324kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 212.790291][ T8569] binder: BINDER_SET_CONTEXT_MGR already set [ 212.812352][ T8549] lowmem_reserve[]: 0 2517 2517 2517 2517 [ 212.820982][ T8564] binder: 8559:8564 ioctl 40046207 0 returned -16 [ 212.823092][ T8549] Node 0 DMA32 free:1114816kB min:35932kB low:44912kB high:53892kB reserved_highatomic:0KB active_anon:439332kB inactive_anon:16508kB active_file:25076kB inactive_file:173956kB unevictable:0kB writepending:1284kB present:3129332kB managed:2580292kB mlocked:0kB kernel_stack:9372kB pagetables:4316kB bounce:0kB free_pcp:2140kB local_pcp:488kB free_cma:0kB [ 212.865094][ T8549] lowmem_reserve[]: 0 0 0 0 0 [ 212.870285][ T8549] Node 0 Normal free:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB 17:29:24 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f00000000c0)=ANY=[@ANYBLOB="000000000010000002"]) [ 212.903890][ T8549] lowmem_reserve[]: 0 0 0 0 0 [ 212.908848][ T8549] Node 1 Normal free:3765492kB min:53952kB low:67440kB high:80928kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:136kB inactive_file:0kB unevictable:0kB writepending:8kB present:3932160kB managed:3870200kB mlocked:0kB kernel_stack:16kB pagetables:4kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 212.942897][ T8549] lowmem_reserve[]: 0 0 0 0 0 [ 212.948360][ T8549] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB [ 212.963473][ T8549] Node 0 DMA32: 10712*4kB (UME) 104*8kB (UME) 52*16kB (UM) 35*32kB (UME) 30*64kB (UME) 16*128kB (UME) 11*256kB (UME) 3*512kB (M) 3*1024kB (UME) 3*2048kB (UM) 257*4096kB (M) = 1115840kB [ 212.983726][ T8549] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 212.996897][ T8569] binder: 8559:8569 ioctl 40046207 0 returned -16 [ 213.001388][ T8549] Node 1 Normal: 95*4kB (UME) 233*8kB (UME) 169*16kB (UME) 81*32kB (UME) 36*64kB (UME) 23*128kB (UM) 7*256kB (U) 4*512kB (UE) 3*1024kB (UME) 3*2048kB (UME) 913*4096kB (M) = 3765492kB [ 213.003664][ T27] audit: type=1804 audit(1589995764.643:5): pid=8556 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir212023365/syzkaller.AhXBXu/10/bus" dev="sda1" ino=15779 res=1 [ 213.083325][ T8549] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 213.120951][ T8549] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 213.144089][ T8549] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 213.181792][ T27] audit: type=1804 audit(1589995764.643:6): pid=8556 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir212023365/syzkaller.AhXBXu/10/bus" dev="sda1" ino=15779 res=1 [ 213.182404][ T8549] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 213.236958][ T8549] 49182 total pagecache pages [ 213.241753][ T8549] 0 pages in swap cache [ 213.252892][ T8549] Swap cache stats: add 0, delete 0, find 0/0 [ 213.259951][ T8549] Free swap = 0kB [ 213.263770][ T8549] Total swap = 0kB [ 213.279887][ T8549] 1965979 pages RAM [ 213.293249][ T8549] 0 pages HighMem/MovableOnly [ 213.305744][ T8549] 349379 pages reserved [ 213.314465][ T8549] 0 pages cma reserved 17:29:25 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="580000000206010800000000000000000000000005000400000000000900020073797a31000000050500010006000000050005000a0000000c000780080012407f7cfffe12000300686173683a6e65742c706f7274"], 0x58}}, 0x0) 17:29:25 executing program 5: r0 = add_key$user(&(0x7f00000000c0)='user\x00', &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000340)='X\\', 0x2, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f0000000300)='user\x00', &(0x7f0000000180)={'syz', 0x2}, &(0x7f0000000500)='\x00', 0x1, 0xfffffffffffffffd) r2 = add_key$user(&(0x7f0000000280)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='\x00', 0x1, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000000200)={r1, r0, r2}, 0x0, 0x0, 0x0) 17:29:25 executing program 1: ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000b44000/0x2000)=nil}) madvise(&(0x7f000092d000/0x400000)=nil, 0x400000, 0x10200000008) mlock2(&(0x7f0000a4f000/0x4000)=nil, 0x4000, 0x0) 17:29:25 executing program 2: syz_mount_image$jfs(&(0x7f0000000140)='jfs\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001840)={[{@discard_size={'discard'}}, {@gid={'gid'}}]}) 17:29:25 executing program 0: r0 = open(&(0x7f0000000080)='./bus\x00', 0x1410c2, 0x0) ftruncate(r0, 0x88001) write$P9_RXATTRCREATE(r0, &(0x7f0000000040)={0x3ba}, 0x7) r1 = socket(0x11, 0x3, 0x0) setsockopt$packet_buf(r1, 0x107, 0xf, &(0x7f0000000280)="a933fb23", 0x4) bind(r1, &(0x7f0000000180)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0) r3 = open(&(0x7f0000000400)='./bus\x00', 0x14103e, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x11, r3, 0x0) pipe2$9p(0x0, 0x0) read(r3, &(0x7f0000000180)=""/19, 0xfffffe47) perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendfile(r1, r2, 0x0, 0xffffffff010) 17:29:25 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000080), &(0x7f0000000100)=0xc) syz_read_part_table(0x0, 0x6, &(0x7f0000000040)=[{&(0x7f00000000c0)="0201a5ffffff0a100000ff45ac0000ffffff8200080000000000000002400000000063000000e10000008877007200300700a6ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 213.428064][ T8591] JFS: discard option not supported on device 17:29:25 executing program 5: r0 = add_key$user(&(0x7f00000000c0)='user\x00', &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000340)='X\\', 0x2, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f0000000300)='user\x00', &(0x7f0000000180)={'syz', 0x2}, &(0x7f0000000500)='\x00', 0x1, 0xfffffffffffffffd) r2 = add_key$user(&(0x7f0000000280)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='\x00', 0x1, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000000200)={r1, r0, r2}, 0x0, 0x0, 0x0) 17:29:25 executing program 1: r0 = perf_event_open(&(0x7f000025c000)={0x400000001, 0x70, 0x2005, 0x0, 0x0, 0x0, 0x0, 0x1, 0x824b0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xff7fffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r1) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r2, 0x0, 0xfffffffffffffef2, 0x2004076e, &(0x7f0000000100)={0x2, 0x10004e23, @dev={0xac, 0x14, 0x14, 0xa}}, 0x10) sendto$inet(r2, &(0x7f0000d7cfcb), 0xffffffffffffffef, 0x0, 0x0, 0x53) [ 213.509834][ T27] audit: type=1804 audit(1589995765.223:7): pid=8598 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir212023365/syzkaller.AhXBXu/11/bus" dev="sda1" ino=15804 res=1 17:29:25 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="580000000206010800000000000000000000000005000400000000000900020073797a31000000050500010006000000050005000a0000000c000780080012407f7cfffe12000300686173683a6e65742c706f7274"], 0x58}}, 0x0) 17:29:25 executing program 2: syz_mount_image$jfs(&(0x7f0000000140)='jfs\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001840)={[{@discard_size={'discard'}}, {@gid={'gid'}}]}) [ 213.582686][ T27] audit: type=1804 audit(1589995765.273:8): pid=8604 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir212023365/syzkaller.AhXBXu/11/bus" dev="sda1" ino=15804 res=1 17:29:25 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="580000000206010800000000000000000000000005000400000000000900020073797a31000000050500010006000000050005000a0000000c000780080012407f7cfffe12000300686173683a6e65742c706f7274"], 0x58}}, 0x0) [ 213.645034][ T8595] loop3: p2 p3 p4 [ 213.650640][ T8595] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 213.660686][ T27] audit: type=1804 audit(1589995765.273:9): pid=8598 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir212023365/syzkaller.AhXBXu/11/bus" dev="sda1" ino=15804 res=1 [ 213.681371][ T8610] JFS: discard option not supported on device 17:29:25 executing program 4: sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="580000000206010800000000000000000000000005000400000000000900020073797a31000000050500010006000000050005000a0000000c000780080012407f7cfffe12000300686173683a6e65742c706f7274"], 0x58}}, 0x0) [ 213.748681][ T8595] loop3: p3 size 1912633224 extends beyond EOD, truncated 17:29:25 executing program 5: r0 = add_key$user(&(0x7f00000000c0)='user\x00', &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000340)='X\\', 0x2, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f0000000300)='user\x00', &(0x7f0000000180)={'syz', 0x2}, &(0x7f0000000500)='\x00', 0x1, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000200)={r1, r0}, 0x0, 0x0, 0x0) 17:29:25 executing program 2: syz_mount_image$jfs(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001840)={[{@discard_size={'discard'}}, {@gid={'gid'}}]}) [ 213.800405][ T8595] loop3: p4 size 3657465856 extends beyond EOD, truncated 17:29:25 executing program 4: sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="580000000206010800000000000000000000000005000400000000000900020073797a31000000050500010006000000050005000a0000000c000780080012407f7cfffe12000300686173683a6e65742c706f7274"], 0x58}}, 0x0) 17:29:25 executing program 0: r0 = socket(0x40000000002, 0x3, 0x80000000002) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='bridge_slave_0\x00', 0x10) setsockopt$inet_int(r0, 0x0, 0x7, &(0x7f0000000240)=0x3, 0x4) setsockopt$inet_int(r0, 0x0, 0x4, &(0x7f00000000c0), 0x1) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000180)=@abs={0x0, 0x0, 0x10000e0}, 0x33) recvfrom$rxrpc(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 17:29:25 executing program 5: r0 = add_key$user(&(0x7f00000000c0)='user\x00', &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000340)='X\\', 0x2, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f0000000300)='user\x00', &(0x7f0000000180)={'syz', 0x2}, &(0x7f0000000500)='\x00', 0x1, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000200)={r1, r0}, 0x0, 0x0, 0x0) [ 214.047714][ T8632] loop3: p2 p3 p4 [ 214.057555][ T8632] loop3: p2 size 1073872896 extends beyond EOD, truncated [ 214.087261][ T8643] raw_sendmsg: syz-executor.0 forgot to set AF_INET. Fix it! [ 214.130602][ T8632] loop3: p3 size 1912633224 extends beyond EOD, truncated [ 214.140206][ T8632] loop3: p4 size 3657465856 extends beyond EOD, truncated 17:29:25 executing program 3: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000300)='sysfs\x00', 0x0, 0x0) llistxattr(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) 17:29:25 executing program 0: r0 = socket(0x40000000002, 0x3, 0x80000000002) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='bridge_slave_0\x00', 0x10) setsockopt$inet_int(r0, 0x0, 0x7, &(0x7f0000000240)=0x3, 0x4) setsockopt$inet_int(r0, 0x0, 0x4, &(0x7f00000000c0), 0x1) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000180)=@abs={0x0, 0x0, 0x10000e0}, 0x33) recvfrom$rxrpc(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 17:29:26 executing program 1: r0 = perf_event_open(&(0x7f000025c000)={0x400000001, 0x70, 0x2005, 0x0, 0x0, 0x0, 0x0, 0x1, 0x824b0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xff7fffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r1) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r2, 0x0, 0xfffffffffffffef2, 0x2004076e, &(0x7f0000000100)={0x2, 0x10004e23, @dev={0xac, 0x14, 0x14, 0xa}}, 0x10) sendto$inet(r2, &(0x7f0000d7cfcb), 0xffffffffffffffef, 0x0, 0x0, 0x53) 17:29:26 executing program 2: syz_mount_image$jfs(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001840)={[{@discard_size={'discard'}}, {@gid={'gid'}}]}) 17:29:26 executing program 4: sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="580000000206010800000000000000000000000005000400000000000900020073797a31000000050500010006000000050005000a0000000c000780080012407f7cfffe12000300686173683a6e65742c706f7274"], 0x58}}, 0x0) 17:29:26 executing program 0: r0 = socket(0x40000000002, 0x3, 0x80000000002) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='bridge_slave_0\x00', 0x10) setsockopt$inet_int(r0, 0x0, 0x7, &(0x7f0000000240)=0x3, 0x4) setsockopt$inet_int(r0, 0x0, 0x4, &(0x7f00000000c0), 0x1) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000180)=@abs={0x0, 0x0, 0x10000e0}, 0x33) recvfrom$rxrpc(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 17:29:26 executing program 5: r0 = add_key$user(&(0x7f00000000c0)='user\x00', &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000340)='X\\', 0x2, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f0000000300)='user\x00', &(0x7f0000000180)={'syz', 0x2}, &(0x7f0000000500)='\x00', 0x1, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000200)={r1, r0}, 0x0, 0x0, 0x0) 17:29:26 executing program 3: fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000580)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b75fb3488fd8015bba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377aba09e7b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b5365c5dc26ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10000174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde318ead4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d41f6b21224b57f530d0000c1ff53bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28b774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a800655d127de6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c84f7cff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d8191643"}) ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0x4400ae8f, &(0x7f0000000080)) 17:29:26 executing program 0: r0 = socket(0x40000000002, 0x3, 0x80000000002) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='bridge_slave_0\x00', 0x10) setsockopt$inet_int(r0, 0x0, 0x7, &(0x7f0000000240)=0x3, 0x4) setsockopt$inet_int(r0, 0x0, 0x4, &(0x7f00000000c0), 0x1) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000180)=@abs={0x0, 0x0, 0x10000e0}, 0x33) recvfrom$rxrpc(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 17:29:26 executing program 0: r0 = socket(0x40000000002, 0x3, 0x80000000002) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='bridge_slave_0\x00', 0x10) setsockopt$inet_int(r0, 0x0, 0x7, &(0x7f0000000240)=0x3, 0x4) setsockopt$inet_int(r0, 0x0, 0x4, &(0x7f00000000c0), 0x1) recvfrom$rxrpc(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 17:29:26 executing program 5: r0 = add_key$user(&(0x7f00000000c0)='user\x00', &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000340)='X\\', 0x2, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f0000000280)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='\x00', 0x1, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000000200)={0x0, r0, r1}, 0x0, 0x0, 0x0) 17:29:26 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="580000000206010800000000000000000000000005000400000000000900020073797a31000000050500010006000000050005000a0000000c000780080012407f7cfffe12000300686173683a6e65742c706f7274"], 0x58}}, 0x0) 17:29:26 executing program 2: syz_mount_image$jfs(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001840)={[{@discard_size={'discard'}}, {@gid={'gid'}}]}) 17:29:26 executing program 3: r0 = syz_open_dev$sndctrl(&(0x7f0000000080)='/dev/snd/controlC#\x00', 0x1, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(r0, 0x40405515, &(0x7f0000000140)={0x0, 0x3, 0x0, 0x0, 'syz1\x00'}) 17:29:27 executing program 1: r0 = perf_event_open(&(0x7f000025c000)={0x400000001, 0x70, 0x2005, 0x0, 0x0, 0x0, 0x0, 0x1, 0x824b0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xff7fffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r1) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r2, 0x0, 0xfffffffffffffef2, 0x2004076e, &(0x7f0000000100)={0x2, 0x10004e23, @dev={0xac, 0x14, 0x14, 0xa}}, 0x10) sendto$inet(r2, &(0x7f0000d7cfcb), 0xffffffffffffffef, 0x0, 0x0, 0x53) 17:29:27 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="580000000206010800000000000000000000000005000400000000000900020073797a31000000050500010006000000050005000a0000000c000780080012407f7cfffe12000300686173683a6e65742c706f7274"], 0x58}}, 0x0) 17:29:27 executing program 5: r0 = add_key$user(&(0x7f00000000c0)='user\x00', &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000340)='X\\', 0x2, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f0000000280)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='\x00', 0x1, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000000200)={0x0, r0, r1}, 0x0, 0x0, 0x0) 17:29:27 executing program 3: r0 = syz_open_dev$sndctrl(&(0x7f0000000080)='/dev/snd/controlC#\x00', 0x1, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(r0, 0x40405515, &(0x7f0000000140)={0x0, 0x3, 0x0, 0x0, 'syz1\x00'}) 17:29:27 executing program 2: syz_mount_image$jfs(&(0x7f0000000140)='jfs\x00', 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001840)={[{@discard_size={'discard'}}, {@gid={'gid'}}]}) 17:29:27 executing program 0: r0 = socket(0x40000000002, 0x3, 0x80000000002) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='bridge_slave_0\x00', 0x10) setsockopt$inet_int(r0, 0x0, 0x7, &(0x7f0000000240)=0x3, 0x4) setsockopt$inet_int(r0, 0x0, 0x4, &(0x7f00000000c0), 0x1) recvfrom$rxrpc(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 17:29:27 executing program 5: r0 = add_key$user(&(0x7f00000000c0)='user\x00', &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000340)='X\\', 0x2, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f0000000280)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='\x00', 0x1, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000000200)={0x0, r0, r1}, 0x0, 0x0, 0x0) 17:29:27 executing program 3: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000280)='/dev/nullb0\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000040)=[{&(0x7f0000000400)=""/4096, 0xffc00}], 0x1, 0x0) 17:29:27 executing program 4: socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="580000000206010800000000000000000000000005000400000000000900020073797a31000000050500010006000000050005000a0000000c000780080012407f7cfffe12000300686173683a6e65742c706f7274"], 0x58}}, 0x0) 17:29:27 executing program 2: syz_mount_image$jfs(&(0x7f0000000140)='jfs\x00', 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001840)={[{@discard_size={'discard'}}, {@gid={'gid'}}]}) 17:29:27 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, 0x0, 0x0) 17:29:27 executing program 5: r0 = add_key$user(&(0x7f0000000300)='user\x00', &(0x7f0000000180)={'syz', 0x2}, &(0x7f0000000500)='\x00', 0x1, 0xfffffffffffffffd) r1 = add_key$user(&(0x7f0000000280)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='\x00', 0x1, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000000200)={r0, 0x0, r1}, 0x0, 0x0, 0x0) 17:29:27 executing program 1: r0 = perf_event_open(&(0x7f000025c000)={0x400000001, 0x70, 0x2005, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xff7fffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r1) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r2, 0x0, 0x10b, 0x200007fe, &(0x7f0000000100)={0x2, 0x10004e23, @dev={0xac, 0x14, 0x14, 0xa}}, 0x10) sendto$inet(r2, &(0x7f0000d7cfcb), 0xffffffffffffffef, 0x0, 0x0, 0x53) 17:29:27 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000480)=ANY=[@ANYBLOB="73656375726974790000000000000000000000000000000000000000000000000e00000004000000480300000000ffe9d4000000e401000000000000e4010000b4020000b4020000b4020000b4020000b4020000040000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000b000d40000000000000000000000000000000000000000004000636f6e6e6c696d697400000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000002400434f4e4e5345434d41524b0000000000000000000000000000000000000001000000ac1e0001ac1e000100000000ffffffff6970365f76746930000000000000000076657468315f6d61637674617000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ec001001000087000000000000000000000000000000000050006f736600000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000002c00616464727479706500000000000000000000000000000000000000000000000000000000000000000000240053594e50524f58590000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000d0000000000000000000000000000000000000000000600053455400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000940000000000000000000000000000000000000000002400000000000000000000000000000000000000000000000000000000000000feffff"], 0x3a4) 17:29:27 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, 0x0, 0x0) 17:29:27 executing program 2: syz_mount_image$jfs(&(0x7f0000000140)='jfs\x00', 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001840)={[{@discard_size={'discard'}}, {@gid={'gid'}}]}) 17:29:27 executing program 5: r0 = add_key$user(&(0x7f0000000300)='user\x00', &(0x7f0000000180)={'syz', 0x2}, &(0x7f0000000500)='\x00', 0x1, 0xfffffffffffffffd) r1 = add_key$user(&(0x7f0000000280)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='\x00', 0x1, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000000200)={r0, 0x0, r1}, 0x0, 0x0, 0x0) 17:29:28 executing program 0: r0 = socket(0x40000000002, 0x3, 0x80000000002) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='bridge_slave_0\x00', 0x10) setsockopt$inet_int(r0, 0x0, 0x7, &(0x7f0000000240)=0x3, 0x4) setsockopt$inet_int(r0, 0x0, 0x4, &(0x7f00000000c0), 0x1) recvfrom$rxrpc(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 17:29:28 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, 0x0, 0x0) 17:29:28 executing program 3: r0 = syz_open_dev$cec(&(0x7f0000000140)='/dev/cec#\x00', 0x3, 0x2) r1 = syz_open_dev$cec(0x0, 0x3, 0x2) r2 = dup3(r1, r0, 0x0) ioctl$IOC_PR_PREEMPT(r2, 0x40046109, &(0x7f0000000000)={0x1080000000021}) 17:29:28 executing program 5: r0 = add_key$user(&(0x7f0000000300)='user\x00', &(0x7f0000000180)={'syz', 0x2}, &(0x7f0000000500)='\x00', 0x1, 0xfffffffffffffffd) r1 = add_key$user(&(0x7f0000000280)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='\x00', 0x1, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000000200)={r0, 0x0, r1}, 0x0, 0x0, 0x0) 17:29:28 executing program 2: syz_mount_image$jfs(&(0x7f0000000140)='jfs\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 17:29:28 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0) 17:29:28 executing program 2: syz_mount_image$jfs(&(0x7f0000000140)='jfs\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 17:29:28 executing program 1: r0 = perf_event_open(&(0x7f000025c000)={0x400000001, 0x70, 0x2005, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xff7fffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r1) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r2, 0x0, 0x10b, 0x200007fe, &(0x7f0000000100)={0x2, 0x10004e23, @dev={0xac, 0x14, 0x14, 0xa}}, 0x10) sendto$inet(r2, &(0x7f0000d7cfcb), 0xffffffffffffffef, 0x0, 0x0, 0x53) 17:29:28 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0) 17:29:28 executing program 2: syz_mount_image$jfs(&(0x7f0000000140)='jfs\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 17:29:28 executing program 5: r0 = add_key$user(0x0, &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000340)='X\\', 0x2, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f0000000300)='user\x00', &(0x7f0000000180)={'syz', 0x2}, &(0x7f0000000500)='\x00', 0x1, 0xfffffffffffffffd) r2 = add_key$user(&(0x7f0000000280)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='\x00', 0x1, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000000200)={r1, r0, r2}, 0x0, 0x0, 0x0) 17:29:28 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e20, @multicast2}, 0x10) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000000)=0x1, 0x1039c) sendto$inet(r0, 0x0, 0xffffffffffffff12, 0x20000000, &(0x7f0000000080)={0x2, 0x4e20}, 0x10) socket$packet(0x11, 0x3, 0x300) sendto$inet(r0, &(0x7f0000000140)="7c0d111317b1ff8ec8f29f81319ec5b10d0d003f00efd9448dbef1ffb4e3a6af87131512da528f6235fe35d3053b5cb4877c1b89bbf83f6d749d5b00679601a3abdc204cf1ad797252bb0c7b43e3e9763221cb2c8d76f824f4bea338f53aa75703f465e50e434e2193900c39ab79d37cc0ce7a", 0xffffffffffffffd0, 0x401c005, 0x0, 0xffffffffffffff36) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) 17:29:29 executing program 0: r0 = socket(0x40000000002, 0x3, 0x80000000002) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='bridge_slave_0\x00', 0x10) setsockopt$inet_int(r0, 0x0, 0x7, &(0x7f0000000240)=0x3, 0x4) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000180)=@abs={0x0, 0x0, 0x10000e0}, 0x33) recvfrom$rxrpc(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 17:29:29 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0) 17:29:29 executing program 5: r0 = add_key$user(0x0, &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000340)='X\\', 0x2, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f0000000300)='user\x00', &(0x7f0000000180)={'syz', 0x2}, &(0x7f0000000500)='\x00', 0x1, 0xfffffffffffffffd) r2 = add_key$user(&(0x7f0000000280)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='\x00', 0x1, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000000200)={r1, r0, r2}, 0x0, 0x0, 0x0) 17:29:29 executing program 2: syz_mount_image$jfs(&(0x7f0000000140)='jfs\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001840)={[{@discard_size={'discard'}}]}) 17:29:29 executing program 1: r0 = perf_event_open(&(0x7f000025c000)={0x400000001, 0x70, 0x2005, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xff7fffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r1) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r2, 0x0, 0x10b, 0x200007fe, &(0x7f0000000100)={0x2, 0x10004e23, @dev={0xac, 0x14, 0x14, 0xa}}, 0x10) sendto$inet(r2, &(0x7f0000d7cfcb), 0xffffffffffffffef, 0x0, 0x0, 0x53) 17:29:29 executing program 5: r0 = add_key$user(0x0, &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000340)='X\\', 0x2, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f0000000300)='user\x00', &(0x7f0000000180)={'syz', 0x2}, &(0x7f0000000500)='\x00', 0x1, 0xfffffffffffffffd) r2 = add_key$user(&(0x7f0000000280)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='\x00', 0x1, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000000200)={r1, r0, r2}, 0x0, 0x0, 0x0) [ 217.416007][ T8811] JFS: discard option not supported on device 17:29:29 executing program 5: r0 = add_key$user(&(0x7f00000000c0)='user\x00', 0x0, &(0x7f0000000340)='X\\', 0x2, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f0000000300)='user\x00', &(0x7f0000000180)={'syz', 0x2}, &(0x7f0000000500)='\x00', 0x1, 0xfffffffffffffffd) r2 = add_key$user(&(0x7f0000000280)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='\x00', 0x1, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000000200)={r1, r0, r2}, 0x0, 0x0, 0x0) 17:29:29 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x58}}, 0x0) 17:29:29 executing program 2: syz_mount_image$jfs(&(0x7f0000000140)='jfs\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001840)={[{@discard_size={'discard'}}]}) 17:29:29 executing program 0: r0 = socket(0x40000000002, 0x3, 0x80000000002) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='bridge_slave_0\x00', 0x10) setsockopt$inet_int(r0, 0x0, 0x7, &(0x7f0000000240)=0x3, 0x4) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000180)=@abs={0x0, 0x0, 0x10000e0}, 0x33) recvfrom$rxrpc(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 17:29:29 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x58}}, 0x0) [ 217.666652][ T8828] JFS: discard option not supported on device 17:29:29 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000002c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x10030}) 17:29:29 executing program 5: r0 = add_key$user(&(0x7f00000000c0)='user\x00', 0x0, &(0x7f0000000340)='X\\', 0x2, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f0000000300)='user\x00', &(0x7f0000000180)={'syz', 0x2}, &(0x7f0000000500)='\x00', 0x1, 0xfffffffffffffffd) r2 = add_key$user(&(0x7f0000000280)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='\x00', 0x1, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000000200)={r1, r0, r2}, 0x0, 0x0, 0x0) 17:29:29 executing program 0: r0 = socket(0x40000000002, 0x3, 0x80000000002) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='bridge_slave_0\x00', 0x10) setsockopt$inet_int(r0, 0x0, 0x7, &(0x7f0000000240)=0x3, 0x4) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000180)=@abs={0x0, 0x0, 0x10000e0}, 0x33) recvfrom$rxrpc(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 17:29:29 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x58}}, 0x0) 17:29:29 executing program 2: syz_mount_image$jfs(&(0x7f0000000140)='jfs\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001840)={[{@discard_size={'discard'}}]}) [ 218.023715][ T8846] JFS: discard option not supported on device 17:29:29 executing program 1: timer_create(0x0, &(0x7f0000000040)={0x0, 0x0, 0x0, @thr={&(0x7f0000001300)="6bdb4e931f7a743d2bce9be3ca1cef9873c9b04a097626ab63773bf8eff723f69cac06fb9c539516377b7196956b63c1a50d484c78c604e6e16e21e496284ee8f3ef6878773e00ac76fd1c32e87ec6014de3ae11189d4c0cea3d255a6f182425662b713847f163018b391dfb13edb72dd4ebcc8b2183076dd909abf356f39b241e68a058eb395a71f2e380cc5c509b4ec19bdc172678b42c3d87c92541dfee62e4c0d28c26859b367b2653dbaf728db3fbb37ed33fc8dd30c752b14151f0c61d253be9652935871c0af5fc", 0x0}}, 0x0) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000380)=[{&(0x7f0000000100)="eb3c906d6b66732e666174000204010002000270fff8", 0xffdf}], 0x0, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') getdents64(r0, &(0x7f0000000280)=""/4096, 0x1000) 17:29:29 executing program 5: r0 = add_key$user(&(0x7f00000000c0)='user\x00', 0x0, &(0x7f0000000340)='X\\', 0x2, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f0000000300)='user\x00', &(0x7f0000000180)={'syz', 0x2}, &(0x7f0000000500)='\x00', 0x1, 0xfffffffffffffffd) r2 = add_key$user(&(0x7f0000000280)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='\x00', 0x1, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000000200)={r1, r0, r2}, 0x0, 0x0, 0x0) 17:29:29 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[], 0x58}}, 0x0) 17:29:29 executing program 0: r0 = socket(0x40000000002, 0x3, 0x80000000002) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='bridge_slave_0\x00', 0x10) setsockopt$inet_int(r0, 0x0, 0x4, &(0x7f00000000c0), 0x1) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000180)=@abs={0x0, 0x0, 0x10000e0}, 0x33) recvfrom$rxrpc(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 17:29:29 executing program 2: syz_mount_image$jfs(&(0x7f0000000140)='jfs\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001840)={[{@gid={'gid'}}]}) 17:29:29 executing program 5: r0 = add_key$user(&(0x7f00000000c0)='user\x00', &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f0000000300)='user\x00', &(0x7f0000000180)={'syz', 0x2}, &(0x7f0000000500)='\x00', 0x1, 0xfffffffffffffffd) r2 = add_key$user(&(0x7f0000000280)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='\x00', 0x1, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000000200)={r1, r0, r2}, 0x0, 0x0, 0x0) 17:29:29 executing program 0: r0 = socket(0x40000000002, 0x3, 0x80000000002) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='bridge_slave_0\x00', 0x10) setsockopt$inet_int(r0, 0x0, 0x4, &(0x7f00000000c0), 0x1) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000180)=@abs={0x0, 0x0, 0x10000e0}, 0x33) recvfrom$rxrpc(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 17:29:30 executing program 3: r0 = syz_open_dev$binderN(&(0x7f0000000000)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0) r1 = syz_open_dev$binderN(0x0, 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000200)={0x1, 0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="04630440"], 0x0, 0x0, 0x0}) r2 = dup2(r1, r0) mmap$binder(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1, 0x11, r1, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000280)={0xd, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="05630440"], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000540)={0x4c, 0x0, &(0x7f00000002c0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000080)={@flat, @flat=@weak_binder, @fd}, &(0x7f0000000100)={0x0, 0x18, 0x30}}}], 0x0, 0x2, 0x0}) 17:29:30 executing program 5: r0 = add_key$user(&(0x7f00000000c0)='user\x00', &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f0000000300)='user\x00', &(0x7f0000000180)={'syz', 0x2}, &(0x7f0000000500)='\x00', 0x1, 0xfffffffffffffffd) r2 = add_key$user(&(0x7f0000000280)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='\x00', 0x1, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000000200)={r1, r0, r2}, 0x0, 0x0, 0x0) 17:29:30 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[], 0x58}}, 0x0) 17:29:30 executing program 5: r0 = add_key$user(&(0x7f00000000c0)='user\x00', &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f0000000300)='user\x00', &(0x7f0000000180)={'syz', 0x2}, &(0x7f0000000500)='\x00', 0x1, 0xfffffffffffffffd) r2 = add_key$user(&(0x7f0000000280)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='\x00', 0x1, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000000200)={r1, r0, r2}, 0x0, 0x0, 0x0) 17:29:30 executing program 2: syz_mount_image$jfs(&(0x7f0000000140)='jfs\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001840)={[{@gid={'gid'}}]}) 17:29:30 executing program 1: timer_create(0x0, &(0x7f0000000040)={0x0, 0x0, 0x0, @thr={&(0x7f0000001300)="6bdb4e931f7a743d2bce9be3ca1cef9873c9b04a097626ab63773bf8eff723f69cac06fb9c539516377b7196956b63c1a50d484c78c604e6e16e21e496284ee8f3ef6878773e00ac76fd1c32e87ec6014de3ae11189d4c0cea3d255a6f182425662b713847f163018b391dfb13edb72dd4ebcc8b2183076dd909abf356f39b241e68a058eb395a71f2e380cc5c509b4ec19bdc172678b42c3d87c92541dfee62e4c0d28c26859b367b2653dbaf728db3fbb37ed33fc8dd30c752b14151f0c61d253be9652935871c0af5fc", 0x0}}, 0x0) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000380)=[{&(0x7f0000000100)="eb3c906d6b66732e666174000204010002000270fff8", 0xffdf}], 0x0, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') getdents64(r0, &(0x7f0000000280)=""/4096, 0x1000) 17:29:30 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[], 0x58}}, 0x0) [ 218.426474][ T8882] binder: 8880:8882 unknown command 0 [ 218.453870][ T8882] binder: 8880:8882 ioctl c0306201 20000280 returned -22 17:29:30 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB], 0x58}}, 0x0) 17:29:30 executing program 0: r0 = socket(0x40000000002, 0x3, 0x80000000002) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='bridge_slave_0\x00', 0x10) setsockopt$inet_int(r0, 0x0, 0x4, &(0x7f00000000c0), 0x1) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000180)=@abs={0x0, 0x0, 0x10000e0}, 0x33) recvfrom$rxrpc(r0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 218.483124][ T8882] binder: BINDER_SET_CONTEXT_MGR already set [ 218.500001][ T8882] binder: 8880:8882 ioctl 40046207 0 returned -16 [ 218.508780][ T8894] binder: BINDER_SET_CONTEXT_MGR already set 17:29:30 executing program 2: syz_mount_image$jfs(&(0x7f0000000140)='jfs\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001840)={[{@gid={'gid'}}]}) [ 218.538514][ T8894] binder: 8880:8894 ioctl 40046207 0 returned -16 17:29:30 executing program 5: r0 = add_key$user(&(0x7f00000000c0)='user\x00', &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000340), 0x0, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f0000000300)='user\x00', &(0x7f0000000180)={'syz', 0x2}, &(0x7f0000000500)='\x00', 0x1, 0xfffffffffffffffd) r2 = add_key$user(&(0x7f0000000280)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='\x00', 0x1, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000000200)={r1, r0, r2}, 0x0, 0x0, 0x0) 17:29:30 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000140)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x4, 0x0, 0x40000007, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='ns\x00') perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x2, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 17:29:30 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB], 0x58}}, 0x0) 17:29:30 executing program 0: r0 = socket(0x40000000002, 0x3, 0x80000000002) setsockopt$inet_int(r0, 0x0, 0x7, &(0x7f0000000240)=0x3, 0x4) setsockopt$inet_int(r0, 0x0, 0x4, &(0x7f00000000c0), 0x1) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000180)=@abs={0x0, 0x0, 0x10000e0}, 0x33) recvfrom$rxrpc(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 17:29:30 executing program 5: r0 = add_key$user(&(0x7f00000000c0)='user\x00', &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000340), 0x0, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f0000000300)='user\x00', &(0x7f0000000180)={'syz', 0x2}, &(0x7f0000000500)='\x00', 0x1, 0xfffffffffffffffd) r2 = add_key$user(&(0x7f0000000280)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='\x00', 0x1, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000000200)={r1, r0, r2}, 0x0, 0x0, 0x0) 17:29:30 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="0400000000000000024d564b0000000003"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 218.853701][ T8911] kvm [8908]: vcpu0, guest rIP: 0x13c Hyper-V unhandled wrmsr: 0x40000024 data 0x6 [ 218.890230][ T8911] kvm [8908]: vcpu0, guest rIP: 0x14c Hyper-V unhandled wrmsr: 0x40000078 data 0xdf [ 218.923801][ T8911] kvm [8908]: vcpu0, guest rIP: 0x14c Hyper-V unhandled wrmsr: 0x40000007 data 0x79 17:29:30 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB], 0x58}}, 0x0) 17:29:30 executing program 5: r0 = add_key$user(&(0x7f00000000c0)='user\x00', &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000340), 0x0, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f0000000300)='user\x00', &(0x7f0000000180)={'syz', 0x2}, &(0x7f0000000500)='\x00', 0x1, 0xfffffffffffffffd) r2 = add_key$user(&(0x7f0000000280)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='\x00', 0x1, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000000200)={r1, r0, r2}, 0x0, 0x0, 0x0) 17:29:30 executing program 2: pipe(&(0x7f0000000200)) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000000100)) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000240)) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0) [ 218.973573][ T8911] kvm [8908]: vcpu0, guest rIP: 0x14c Hyper-V unhandled wrmsr: 0x4000004c data 0x6 [ 219.009316][ T8911] kvm [8908]: vcpu0, guest rIP: 0x14c Hyper-V unhandled wrmsr: 0x4000003b data 0xf6 17:29:30 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="580000000206010800000000000000000000000005000400000000000900020073797a3100000005050001"], 0x58}}, 0x0) [ 219.065649][ T8911] kvm [8908]: vcpu0, guest rIP: 0x14c Hyper-V unhandled wrmsr: 0x40000034 data 0x98 [ 219.117942][ T8911] kvm [8908]: vcpu0, guest rIP: 0x14c Hyper-V unhandled wrmsr: 0x40000026 data 0x35 [ 219.146862][ T8911] kvm [8908]: vcpu0, guest rIP: 0x14c Hyper-V unhandled wrmsr: 0x4000003b data 0x27 17:29:30 executing program 5: r0 = add_key$user(&(0x7f00000000c0)='user\x00', &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000340)='X', 0x1, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f0000000300)='user\x00', &(0x7f0000000180)={'syz', 0x2}, &(0x7f0000000500)='\x00', 0x1, 0xfffffffffffffffd) r2 = add_key$user(&(0x7f0000000280)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='\x00', 0x1, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000000200)={r1, r0, r2}, 0x0, 0x0, 0x0) 17:29:30 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="0400000000000000024d564b0000000003"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 219.175012][ T8911] kvm [8908]: vcpu0, guest rIP: 0x14c Hyper-V unhandled wrmsr: 0x40000027 data 0x3a [ 219.200864][ T8944] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.4'. [ 219.205827][ T8911] kvm [8908]: vcpu0, guest rIP: 0x14c Hyper-V unhandled wrmsr: 0x4000006a data 0xe3 17:29:31 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="580000000206010800000000000000000000000005000400000000000900020073797a3100000005050001"], 0x58}}, 0x0) 17:29:31 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="0400000000000000024d564b0000000003"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 17:29:31 executing program 5: r0 = add_key$user(&(0x7f00000000c0)='user\x00', &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000340), 0x0, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f0000000300)='user\x00', &(0x7f0000000180)={'syz', 0x2}, &(0x7f0000000500)='\x00', 0x1, 0xfffffffffffffffd) r2 = add_key$user(&(0x7f0000000280)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='\x00', 0x1, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000000200)={r1, r0, r2}, 0x0, 0x0, 0x0) [ 219.437192][ T8961] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.4'. 17:29:31 executing program 0: r0 = socket(0x40000000002, 0x3, 0x80000000002) setsockopt$inet_int(r0, 0x0, 0x7, &(0x7f0000000240)=0x3, 0x4) setsockopt$inet_int(r0, 0x0, 0x4, &(0x7f00000000c0), 0x1) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000180)=@abs={0x0, 0x0, 0x10000e0}, 0x33) recvfrom$rxrpc(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 17:29:31 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="0400000000000000024d564b0000000003"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 17:29:31 executing program 5: r0 = add_key$user(&(0x7f00000000c0)='user\x00', &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000340), 0x0, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f0000000300)='user\x00', &(0x7f0000000180)={'syz', 0x2}, &(0x7f0000000500)='\x00', 0x1, 0xfffffffffffffffd) r2 = add_key$user(&(0x7f0000000280)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='\x00', 0x1, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000000200)={r1, r0, r2}, 0x0, 0x0, 0x0) 17:29:31 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="580000000206010800000000000000000000000005000400000000000900020073797a3100000005050001"], 0x58}}, 0x0) 17:29:31 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) poll(&(0x7f0000000000)=[{r0}], 0x1, 0x0) [ 219.786940][ T8979] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.4'. 17:29:31 executing program 2: r0 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'bond0\x00', 0x0}) bind$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @local}, 0x14) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x1, 0x803, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f00000000c0), 0x4) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x8f03, &(0x7f0000000000)={&(0x7f0000000300)=@newlink={0x58, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @macvlan={{0xc, 0x1, 'macvlan\x00'}, {0x18, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MODE={0x8, 0x1, 0x8}, @IFLA_MACVLAN_MACADDR_DATA={0x4}, @IFLA_MACVLAN_FLAGS={0x6, 0x2, 0x1}]}}}, @IFLA_LINK={0x8, 0x5, r4}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x58}}, 0x800) 17:29:31 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="580000000206010800000000000000000000000005000400000000000900020073797a31000000050500010006000000050005000a0000000c00078008001240"], 0x58}}, 0x0) 17:29:31 executing program 5: r0 = add_key$user(&(0x7f00000000c0)='user\x00', &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000340), 0x0, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f0000000300)='user\x00', &(0x7f0000000180)={'syz', 0x2}, &(0x7f0000000500)='\x00', 0x1, 0xfffffffffffffffd) r2 = add_key$user(&(0x7f0000000280)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='\x00', 0x1, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000000200)={r1, r0, r2}, 0x0, 0x0, 0x0) 17:29:31 executing program 3: r0 = perf_event_open(&(0x7f000025c000)={0x400000001, 0x70, 0x2005, 0x0, 0x0, 0x0, 0x0, 0x1, 0x824b0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xff7fffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r1) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r2, 0x0, 0x10b, 0x200007fe, &(0x7f0000000100)={0x2, 0x10004e23, @dev={0xac, 0x14, 0x14, 0xa}}, 0x10) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0) sendto$inet(r2, &(0x7f0000d7cfcb), 0xffffffffffffffef, 0x0, 0x0, 0x53) 17:29:31 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="0400000000000000024d564b0000000003"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 220.000218][ T8996] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'. 17:29:31 executing program 5: r0 = add_key$user(&(0x7f00000000c0)='user\x00', &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000340)='X', 0x1, 0xfffffffffffffffe) r1 = add_key$user(0x0, &(0x7f0000000180)={'syz', 0x2}, &(0x7f0000000500)='\x00', 0x1, 0xfffffffffffffffd) r2 = add_key$user(&(0x7f0000000280)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='\x00', 0x1, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000000200)={r1, r0, r2}, 0x0, 0x0, 0x0) 17:29:31 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="580000000206010800000000000000000000000005000400000000000900020073797a31000000050500010006000000050005000a0000000c00078008001240"], 0x58}}, 0x0) [ 220.110551][ T9000] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 220.236923][ T9010] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'. 17:29:32 executing program 0: r0 = socket(0x40000000002, 0x3, 0x80000000002) setsockopt$inet_int(r0, 0x0, 0x7, &(0x7f0000000240)=0x3, 0x4) setsockopt$inet_int(r0, 0x0, 0x4, &(0x7f00000000c0), 0x1) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000180)=@abs={0x0, 0x0, 0x10000e0}, 0x33) recvfrom$rxrpc(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 17:29:32 executing program 5: r0 = add_key$user(&(0x7f00000000c0)='user\x00', &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000340)='X', 0x1, 0xfffffffffffffffe) r1 = add_key$user(0x0, &(0x7f0000000180)={'syz', 0x2}, &(0x7f0000000500)='\x00', 0x1, 0xfffffffffffffffd) r2 = add_key$user(&(0x7f0000000280)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='\x00', 0x1, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000000200)={r1, r0, r2}, 0x0, 0x0, 0x0) 17:29:32 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="0400000000000000024d564b0000000003"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 17:29:32 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="580000000206010800000000000000000000000005000400000000000900020073797a31000000050500010006000000050005000a0000000c00078008001240"], 0x58}}, 0x0) 17:29:32 executing program 3: r0 = perf_event_open(&(0x7f000025c000)={0x400000001, 0x70, 0x2005, 0x0, 0x0, 0x0, 0x0, 0x1, 0x824b0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xff7fffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r1) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r2, 0x0, 0x10b, 0x200007fe, &(0x7f0000000100)={0x2, 0x10004e23, @dev={0xac, 0x14, 0x14, 0xa}}, 0x10) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0) sendto$inet(r2, &(0x7f0000d7cfcb), 0xffffffffffffffef, 0x0, 0x0, 0x53) [ 220.731057][ T9022] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'. [ 220.894279][ T9000] 8021q: adding VLAN 0 to HW filter on device macvlan2 17:29:33 executing program 2: r0 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'bond0\x00', 0x0}) bind$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @local}, 0x14) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x1, 0x803, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f00000000c0), 0x4) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x8f03, &(0x7f0000000000)={&(0x7f0000000300)=@newlink={0x58, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @macvlan={{0xc, 0x1, 'macvlan\x00'}, {0x18, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MODE={0x8, 0x1, 0x8}, @IFLA_MACVLAN_MACADDR_DATA={0x4}, @IFLA_MACVLAN_FLAGS={0x6, 0x2, 0x1}]}}}, @IFLA_LINK={0x8, 0x5, r4}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x58}}, 0x800) 17:29:33 executing program 5: r0 = add_key$user(&(0x7f00000000c0)='user\x00', &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000340)='X', 0x1, 0xfffffffffffffffe) r1 = add_key$user(0x0, &(0x7f0000000180)={'syz', 0x2}, &(0x7f0000000500)='\x00', 0x1, 0xfffffffffffffffd) r2 = add_key$user(&(0x7f0000000280)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='\x00', 0x1, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000000200)={r1, r0, r2}, 0x0, 0x0, 0x0) 17:29:33 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="0400000000000000024d564b0000000003"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 17:29:33 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="580000000206010800000000000000000000000005000400000000000900020073797a31000000050500010006000000050005000a0000000c000780080012407f7cfffe12000300686173"], 0x58}}, 0x0) 17:29:33 executing program 3: r0 = perf_event_open(&(0x7f000025c000)={0x400000001, 0x70, 0x2005, 0x0, 0x0, 0x0, 0x0, 0x1, 0x824b0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xff7fffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r1) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r2, 0x0, 0x10b, 0x200007fe, &(0x7f0000000100)={0x2, 0x10004e23, @dev={0xac, 0x14, 0x14, 0xa}}, 0x10) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0) sendto$inet(r2, &(0x7f0000d7cfcb), 0xffffffffffffffef, 0x0, 0x0, 0x53) 17:29:33 executing program 5: r0 = add_key$user(&(0x7f00000000c0)='user\x00', &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000340)='X', 0x1, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f0000000300)='user\x00', 0x0, &(0x7f0000000500)='\x00', 0x1, 0xfffffffffffffffd) r2 = add_key$user(&(0x7f0000000280)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='\x00', 0x1, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000000200)={r1, r0, r2}, 0x0, 0x0, 0x0) 17:29:33 executing program 0: setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000080)='bridge_slave_0\x00', 0x10) setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000240)=0x3, 0x4) setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x4, &(0x7f00000000c0), 0x1) sendto$unix(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000180)=@abs={0x0, 0x0, 0x10000e0}, 0x33) recvfrom$rxrpc(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) 17:29:33 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="580000000206010800000000000000000000000005000400000000000900020073797a31000000050500010006000000050005000a0000000c000780080012407f7cfffe12000300686173"], 0x58}}, 0x0) 17:29:33 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="0400000000000000024d564b0000000003"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 221.703396][ T9057] 8021q: adding VLAN 0 to HW filter on device macvlan2 17:29:33 executing program 5: r0 = add_key$user(&(0x7f00000000c0)='user\x00', &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000340)='X', 0x1, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f0000000300)='user\x00', 0x0, &(0x7f0000000500)='\x00', 0x1, 0xfffffffffffffffd) r2 = add_key$user(&(0x7f0000000280)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='\x00', 0x1, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000000200)={r1, r0, r2}, 0x0, 0x0, 0x0) 17:29:33 executing program 0: setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000080)='bridge_slave_0\x00', 0x10) setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000240)=0x3, 0x4) setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x4, &(0x7f00000000c0), 0x1) sendto$unix(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000180)=@abs={0x0, 0x0, 0x10000e0}, 0x33) recvfrom$rxrpc(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) 17:29:33 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 17:29:34 executing program 2: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) r1 = dup(r0) ioctl$KVM_SET_DEBUGREGS(r1, 0x4080aea2, &(0x7f0000000000)={[0x4000]}) 17:29:34 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="580000000206010800000000000000000000000005000400000000000900020073797a31000000050500010006000000050005000a0000000c000780080012407f7cfffe12000300686173"], 0x58}}, 0x0) 17:29:34 executing program 0: setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000080)='bridge_slave_0\x00', 0x10) setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000240)=0x3, 0x4) setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x4, &(0x7f00000000c0), 0x1) sendto$unix(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000180)=@abs={0x0, 0x0, 0x10000e0}, 0x33) recvfrom$rxrpc(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) 17:29:34 executing program 5: r0 = add_key$user(&(0x7f00000000c0)='user\x00', &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000340)='X', 0x1, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f0000000300)='user\x00', 0x0, &(0x7f0000000500)='\x00', 0x1, 0xfffffffffffffffd) r2 = add_key$user(&(0x7f0000000280)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='\x00', 0x1, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000000200)={r1, r0, r2}, 0x0, 0x0, 0x0) 17:29:34 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 17:29:34 executing program 3: r0 = perf_event_open(&(0x7f000025c000)={0x400000001, 0x70, 0x2005, 0x0, 0x0, 0x0, 0x0, 0x1, 0x824b0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xff7fffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r1) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r2, 0x0, 0x10b, 0x200007fe, &(0x7f0000000100)={0x2, 0x10004e23, @dev={0xac, 0x14, 0x14, 0xa}}, 0x10) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0) sendto$inet(r2, &(0x7f0000d7cfcb), 0xffffffffffffffef, 0x0, 0x0, 0x53) 17:29:34 executing program 0: r0 = socket(0x0, 0x3, 0x80000000002) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='bridge_slave_0\x00', 0x10) setsockopt$inet_int(r0, 0x0, 0x7, &(0x7f0000000240)=0x3, 0x4) setsockopt$inet_int(r0, 0x0, 0x4, &(0x7f00000000c0), 0x1) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000180)=@abs={0x0, 0x0, 0x10000e0}, 0x33) recvfrom$rxrpc(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 17:29:34 executing program 5: r0 = add_key$user(&(0x7f00000000c0)='user\x00', &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000340)='X', 0x1, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f0000000300)='user\x00', &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd) r2 = add_key$user(&(0x7f0000000280)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='\x00', 0x1, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000000200)={r1, r0, r2}, 0x0, 0x0, 0x0) 17:29:34 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="580000000206010800000000000000000000000005000400000000000900020073797a31000000050500010006000000050005000a0000000c000780080012407f7cfffe12000300686173683a6e6574"], 0x58}}, 0x0) 17:29:34 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 222.891439][ T9112] warn_alloc: 3 callbacks suppressed [ 222.891461][ T9112] syz-executor.4: vmalloc: allocation failure: 17179869208 bytes, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 17:29:34 executing program 2: preadv(0xffffffffffffffff, &(0x7f0000001b00)=[{&(0x7f0000000680)=""/86, 0x56}], 0x1, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/snmp6\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0) [ 223.050673][ T9112] CPU: 0 PID: 9112 Comm: syz-executor.4 Not tainted 5.7.0-rc1-next-20200415-syzkaller #0 [ 223.060939][ T9112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 223.071002][ T9112] Call Trace: [ 223.074302][ T9112] dump_stack+0x188/0x20d [ 223.078649][ T9112] warn_alloc.cold+0x87/0x164 [ 223.083348][ T9112] ? zone_watermark_ok_safe+0x260/0x260 [ 223.088943][ T9112] __vmalloc_node_range+0x452/0x7a0 [ 223.095107][ T9112] ? kmem_cache_alloc_trace+0x390/0x7d0 [ 223.100743][ T9112] ? ip_set_alloc+0x48/0x57 [ 223.105687][ T9112] vzalloc+0x67/0x80 [ 223.109592][ T9112] ? ip_set_alloc+0x48/0x57 [ 223.114103][ T9112] ip_set_alloc+0x48/0x57 [ 223.118448][ T9112] hash_net_create+0x406/0xd60 [ 223.123236][ T9112] ? hash_net4_uref+0x400/0x400 [ 223.128100][ T9112] ip_set_create+0x6ad/0x13b0 [ 223.133142][ T9112] ? ip_set_destroy+0xb00/0xb00 [ 223.138024][ T9112] ? nla_memcpy+0xa0/0xa0 [ 223.142458][ T9112] ? ip_set_destroy+0xb00/0xb00 [ 223.147344][ T9112] nfnetlink_rcv_msg+0xc83/0xf30 [ 223.152315][ T9112] ? nfnetlink_bind+0x2b0/0x2b0 [ 223.157217][ T9112] ? preempt_schedule_common+0x5e/0xc0 [ 223.162951][ T9112] ? preempt_schedule_thunk+0x16/0x18 [ 223.168596][ T9112] ? find_held_lock+0x2d/0x110 [ 223.173373][ T9112] ? rcu_preempt_deferred_qs_irqrestore+0x672/0xb60 [ 223.179978][ T9112] ? lock_release+0x800/0x800 [ 223.184699][ T9112] netlink_rcv_skb+0x15a/0x410 [ 223.189560][ T9112] ? nfnetlink_bind+0x2b0/0x2b0 [ 223.194417][ T9112] ? netlink_ack+0xa10/0xa10 [ 223.199028][ T9112] ? ns_capable_common+0xe2/0x100 [ 223.204068][ T9112] nfnetlink_rcv+0x1ac/0x420 [ 223.208669][ T9112] ? nfnetlink_rcv_batch+0x1610/0x1610 [ 223.217287][ T9112] netlink_unicast+0x537/0x740 [ 223.222092][ T9112] ? netlink_attachskb+0x810/0x810 [ 223.227216][ T9112] ? _copy_from_iter_full+0x25c/0x870 [ 223.232701][ T9112] ? __phys_addr_symbol+0x2c/0x70 [ 223.237906][ T9112] ? __check_object_size+0x171/0x437 [ 223.243308][ T9112] netlink_sendmsg+0x882/0xe10 [ 223.248089][ T9112] ? aa_af_perm+0x260/0x260 [ 223.252600][ T9112] ? netlink_unicast+0x740/0x740 [ 223.257555][ T9112] ? netlink_unicast+0x740/0x740 [ 223.262508][ T9112] sock_sendmsg+0xcf/0x120 [ 223.266937][ T9112] ____sys_sendmsg+0x6bf/0x7e0 [ 223.271716][ T9112] ? kernel_sendmsg+0x50/0x50 [ 223.276448][ T9112] ___sys_sendmsg+0x100/0x170 [ 223.281679][ T9112] ? sendmsg_copy_msghdr+0x70/0x70 [ 223.286919][ T9112] ? __fget_files+0x32f/0x500 [ 223.291624][ T9112] ? do_dup2+0x520/0x520 [ 223.295928][ T9112] ? __fget_light+0x20e/0x270 [ 223.300660][ T9112] __sys_sendmsg+0xec/0x1b0 [ 223.305171][ T9112] ? __sys_sendmsg_sock+0xb0/0xb0 [ 223.310206][ T9112] ? __x64_sys_futex+0x380/0x4f0 [ 223.315170][ T9112] ? trace_hardirqs_off_caller+0x55/0x230 [ 223.320903][ T9112] ? do_syscall_64+0x21/0x7d0 [ 223.325643][ T9112] do_syscall_64+0xf6/0x7d0 [ 223.330421][ T9112] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 223.336344][ T9112] RIP: 0033:0x45ca29 [ 223.340315][ T9112] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 223.360194][ T9112] RSP: 002b:00007f635b197c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 223.368622][ T9112] RAX: ffffffffffffffda RBX: 00000000004fd8c0 RCX: 000000000045ca29 [ 223.377079][ T9112] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 223.385164][ T9112] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 223.393153][ T9112] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff 17:29:35 executing program 5: r0 = add_key$user(&(0x7f00000000c0)='user\x00', &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000340)='X', 0x1, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f0000000300)='user\x00', &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd) r2 = add_key$user(&(0x7f0000000280)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='\x00', 0x1, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000000200)={r1, r0, r2}, 0x0, 0x0, 0x0) 17:29:35 executing program 2: r0 = memfd_create(&(0x7f0000000540)='\x97&\x89\\\xd0\xe7\xca\x16ZO\x94:\xe1\x01\xe5`iq@Nse;\xa8Fpj\x0e\x04!\xd5\xc5YBz\x94\xaf\x13\xe9\xd2\x0f\xc2G\x86Xe\xf1/V\x8cvS\xa6K&u\x9dX\xcc\r\x12\x11\x99\xe7\xce\xaeA\xb8-E\xa1\xf8\xe4~IS\xc1\x04\xf78\xf1\'\xdfv\x90\xbc\xd1\xda\x88j>\x8c\xa1\x03\xf3\xaf\xfd\xf4&a?\xcaG\n\xe5j\x9b}\xc6G\x86\xb2\xdeY\x17yX $\xfcU\x9d\x80dX\xcc\xab\x84\xd1\x01_\x7f\xf4tW.\x81\n\xf3\v\x8d\x12pa\x91\x9b\x8cxd\x06\xa7k\n\x86\xc3\xb6\x910\xf2L\xf0\xaf\xe1jd\xda\x1f\x8bVrd\xa4\xb34\xfcUj\x1ad:#\x96\xf9\xd3\x1c]ImZlU\".\x18)\xcf\x1am\xd5\xe0\xdb\xdc\xd7\x8e\xe0\xa3\x82\xec\x9b\xfb\xc9\x81\x9c\xdc\xb7\x0f\xdd\xd3\xd7\xbe\x89\x7f3\x1d\x1c@\x8eu\x85\xces\x89\x95&3FX\xb1\xaf\xa6\x96\xa2\x13\x1f-\b\xcf\x00\x00', 0x0) fcntl$setlease(r0, 0x400, 0x0) ftruncate(r0, 0x0) 17:29:35 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="0400000000000000024d564b0000000003"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 17:29:35 executing program 0: r0 = socket(0x0, 0x3, 0x80000000002) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='bridge_slave_0\x00', 0x10) setsockopt$inet_int(r0, 0x0, 0x7, &(0x7f0000000240)=0x3, 0x4) setsockopt$inet_int(r0, 0x0, 0x4, &(0x7f00000000c0), 0x1) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000180)=@abs={0x0, 0x0, 0x10000e0}, 0x33) recvfrom$rxrpc(r0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 223.401135][ T9112] R13: 000000000000092a R14: 00000000004cbe77 R15: 00007f635b1986d4 [ 223.516108][ T9132] ================================================================== [ 223.524552][ T9132] BUG: KASAN: slab-out-of-bounds in __kvm_gfn_to_hva_cache_init+0x5fb/0x670 [ 223.533269][ T9132] Read of size 8 at addr ffff8880a19bf468 by task syz-executor.1/9132 [ 223.541509][ T9132] [ 223.543857][ T9132] CPU: 0 PID: 9132 Comm: syz-executor.1 Not tainted 5.7.0-rc1-next-20200415-syzkaller #0 [ 223.553792][ T9132] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 223.563883][ T9132] Call Trace: [ 223.567191][ T9132] dump_stack+0x188/0x20d [ 223.571544][ T9132] print_address_description.constprop.0.cold+0xd3/0x315 [ 223.578581][ T9132] ? __kvm_gfn_to_hva_cache_init+0x5fb/0x670 [ 223.584576][ T9132] __kasan_report.cold+0x35/0x4d [ 223.589533][ T9132] ? __kvm_gfn_to_hva_cache_init+0x5fb/0x670 [ 223.595528][ T9132] ? __kvm_gfn_to_hva_cache_init+0x5fb/0x670 [ 223.601517][ T9132] kasan_report+0x33/0x50 [ 223.605863][ T9132] __kvm_gfn_to_hva_cache_init+0x5fb/0x670 [ 223.611693][ T9132] ? __kvm_write_guest_page+0x170/0x170 [ 223.617270][ T9132] kvm_set_msr_common+0x1187/0x27c0 [ 223.622484][ T9132] ? get_kvmclock_ns+0x370/0x370 [ 223.627471][ T9132] vmx_set_msr+0xa83/0x26a0 [ 223.632081][ T9132] ? pt_update_intercept_for_msr+0x960/0x960 [ 223.638504][ T9132] ? lock_downgrade+0x840/0x840 [ 223.643381][ T9132] __kvm_set_msr+0x15f/0x2d0 [ 223.647990][ T9132] ? kvm_enable_efer_bits+0x20/0x20 [ 223.653197][ T9132] ? __might_fault+0x190/0x1d0 [ 223.657972][ T9132] ? _copy_from_user+0x13c/0x1a0 [ 223.662926][ T9132] ? do_get_msr+0x100/0x100 [ 223.667536][ T9132] msr_io+0x173/0x290 [ 223.671536][ T9132] ? emulator_write_std+0xb0/0xb0 [ 223.676612][ T9132] ? save_stack+0x32/0x40 [ 223.680956][ T9132] ? __kasan_slab_free+0xf7/0x140 [ 223.685997][ T9132] kvm_arch_vcpu_ioctl+0x1004/0x2c00 [ 223.691320][ T9132] ? kvm_arch_vcpu_ioctl+0xfb5/0x2c00 [ 223.696712][ T9132] ? kvm_arch_vcpu_put+0x530/0x530 [ 223.701849][ T9132] ? lock_acquire+0x1f2/0x8f0 [ 223.706637][ T9132] ? kvm_vcpu_ioctl+0x175/0xe60 [ 223.711502][ T9132] ? lock_release+0x800/0x800 [ 223.716191][ T9132] ? find_held_lock+0x2d/0x110 [ 223.720978][ T9132] ? __mutex_lock+0x458/0x13c0 [ 223.725748][ T9132] ? kfree+0x1eb/0x2b0 [ 223.729878][ T9132] ? kvm_vcpu_ioctl+0x175/0xe60 [ 223.735381][ T9132] ? mutex_trylock+0x2c0/0x2c0 [ 223.740156][ T9132] ? tomoyo_execute_permission+0x470/0x470 [ 223.745991][ T9132] ? __fget_files+0x30d/0x500 [ 223.750682][ T9132] kvm_vcpu_ioctl+0x866/0xe60 [ 223.755370][ T9132] ? kvm_get_dirty_log_protect.isra.0+0x670/0x670 [ 223.761807][ T9132] ? ioctl_file_clone+0x180/0x180 [ 223.766863][ T9132] ? __fget_files+0x32f/0x500 [ 223.771561][ T9132] ? do_dup2+0x520/0x520 [ 223.775821][ T9132] ? __sched_text_start+0x8/0x8 [ 223.780703][ T9132] ? kvm_get_dirty_log_protect.isra.0+0x670/0x670 [ 223.787221][ T9132] ksys_ioctl+0x11a/0x180 [ 223.791601][ T9132] __x64_sys_ioctl+0x6f/0xb0 [ 223.796213][ T9132] ? lockdep_hardirqs_on+0x463/0x620 [ 223.802862][ T9132] do_syscall_64+0xf6/0x7d0 [ 223.807382][ T9132] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 223.813552][ T9132] RIP: 0033:0x45ca29 [ 223.817455][ T9132] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 223.837174][ T9132] RSP: 002b:00007fd48baabc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 223.845598][ T9132] RAX: ffffffffffffffda RBX: 00000000004e8440 RCX: 000000000045ca29 [ 223.853579][ T9132] RDX: 00000000200000c0 RSI: 000000004008ae89 RDI: 0000000000000005 [ 223.861566][ T9132] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 223.869550][ T9132] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 223.877530][ T9132] R13: 00000000000003d8 R14: 00000000004c688a R15: 00007fd48baac6d4 [ 223.885539][ T9132] [ 223.887971][ T9132] Allocated by task 9132: [ 223.892433][ T9132] save_stack+0x1b/0x40 [ 223.896611][ T9132] __kasan_kmalloc.constprop.0+0xbf/0xd0 [ 223.902262][ T9132] kvmalloc_node+0x61/0xf0 [ 223.906955][ T9132] kvm_set_memslot+0x115/0x1530 [ 223.911820][ T9132] __kvm_set_memory_region+0xcf7/0x1320 [ 223.917390][ T9132] __x86_set_memory_region+0x2a3/0x5a0 [ 223.922866][ T9132] vmx_create_vcpu+0x2107/0x2b40 [ 223.927825][ T9132] kvm_arch_vcpu_create+0x6ef/0xb80 [ 223.933046][ T9132] kvm_vm_ioctl+0x1614/0x2400 [ 223.937765][ T9132] ksys_ioctl+0x11a/0x180 [ 223.942206][ T9132] __x64_sys_ioctl+0x6f/0xb0 [ 223.946897][ T9132] do_syscall_64+0xf6/0x7d0 [ 223.951424][ T9132] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 223.957316][ T9132] [ 223.959651][ T9132] Freed by task 2710: [ 223.963724][ T9132] save_stack+0x1b/0x40 [ 223.967890][ T9132] __kasan_slab_free+0xf7/0x140 [ 223.972747][ T9132] kfree+0x109/0x2b0 [ 223.976653][ T9132] device_release+0x71/0x200 [ 223.981245][ T9132] kobject_put+0x1e7/0x2e0 [ 223.985667][ T9132] put_device+0x1b/0x30 [ 223.989826][ T9132] process_one_work+0x965/0x16a0 [ 223.994768][ T9132] worker_thread+0x96/0xe20 [ 223.999273][ T9132] kthread+0x388/0x470 [ 224.003433][ T9132] ret_from_fork+0x24/0x30 [ 224.007857][ T9132] [ 224.010199][ T9132] The buggy address belongs to the object at ffff8880a19bf000 [ 224.010199][ T9132] which belongs to the cache kmalloc-2k of size 2048 [ 224.024439][ T9132] The buggy address is located 1128 bytes inside of [ 224.024439][ T9132] 2048-byte region [ffff8880a19bf000, ffff8880a19bf800) [ 224.037881][ T9132] The buggy address belongs to the page: [ 224.043613][ T9132] page:ffffea0002866fc0 refcount:1 mapcount:0 mapping:00000000b15cd9ff index:0x0 [ 224.052721][ T9132] flags: 0xfffe0000000200(slab) [ 224.057589][ T9132] raw: 00fffe0000000200 ffffea000238d588 ffffea00026f0b48 ffff8880aa000e00 [ 224.067234][ T9132] raw: 0000000000000000 ffff8880a19bf000 0000000100000001 0000000000000000 [ 224.075832][ T9132] page dumped because: kasan: bad access detected [ 224.082243][ T9132] [ 224.084571][ T9132] Memory state around the buggy address: [ 224.090213][ T9132] ffff8880a19bf300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 224.098372][ T9132] ffff8880a19bf380: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 224.106537][ T9132] >ffff8880a19bf400: 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc fc 17:29:35 executing program 2: setsockopt$IP_VS_SO_SET_EDITDEST(0xffffffffffffffff, 0x0, 0x489, &(0x7f0000000080)={{0x0, @rand_addr, 0x0, 0x0, 'ovf\x00', 0x0, 0x3ff}, {@empty}}, 0x44) syz_mount_image$vfat(&(0x7f0000000280)='vfat\x00', &(0x7f0000000240)='./file0\x00', 0x1000000, 0x1, &(0x7f0000000000)=[{&(0x7f0000000080)="eb3c906d6b66732e666174000204010002000270fff8", 0x186}], 0x0, 0x0) syz_genetlink_get_family_id$ipvs(0x0) mkdir(&(0x7f00000001c0)='./file0/file0\x00', 0x0) mount$fuse(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x2824c2f, 0x0) chdir(&(0x7f0000000180)='./file0/file0\x00') 17:29:35 executing program 5: r0 = add_key$user(&(0x7f00000000c0)='user\x00', &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000340)='X', 0x1, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f0000000300)='user\x00', &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd) r2 = add_key$user(&(0x7f0000000280)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='\x00', 0x1, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000000200)={r1, r0, r2}, 0x0, 0x0, 0x0) 17:29:35 executing program 3: mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x100) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff) mount$fuse(0x20000000, &(0x7f00000004c0)='./file0\x00', 0x0, 0x7a04, 0x0) chdir(&(0x7f0000000240)='./file0\x00') r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x5) write$binfmt_misc(r0, &(0x7f0000000340)=ANY=[@ANYBLOB="5300000044a6aeabc81e1520000000000000001000fff64017db9820000000000000d403ffff633b27e59aa146175dd106736d173f0fc7ec6e26560000000049d2e181baf9459c5c52fc99a7c2de6c37742817a9a4276a2f3365f1714474f24f4d14ba8b2f93df19496b0eeb3deaf68a23e010fb5c01ba80f9694d1d0bbc13cd7249e325dfb7"], 0xb4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) r1 = creat(&(0x7f0000000300)='./bus\x00', 0x0) io_setup(0x81, &(0x7f0000000040)=0x0) io_submit(r2, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000000), 0x200a00}]) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f0000000440)=ANY=[@ANYBLOB="00000000000000000800000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000baf9f06a560b0300"/85]) [ 224.114602][ T9132] ^ [ 224.122064][ T9132] ffff8880a19bf480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 224.130134][ T9132] ffff8880a19bf500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 224.138715][ T9132] ================================================================== [ 224.146785][ T9132] Disabling lock debugging due to kernel taint 17:29:35 executing program 0: r0 = socket(0x0, 0x3, 0x80000000002) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='bridge_slave_0\x00', 0x10) setsockopt$inet_int(r0, 0x0, 0x7, &(0x7f0000000240)=0x3, 0x4) setsockopt$inet_int(r0, 0x0, 0x4, &(0x7f00000000c0), 0x1) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000180)=@abs={0x0, 0x0, 0x10000e0}, 0x33) recvfrom$rxrpc(r0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 224.190943][ T9112] Mem-Info: [ 224.196869][ T9112] active_anon:110881 inactive_anon:4131 isolated_anon:0 [ 224.196869][ T9112] active_file:6263 inactive_file:43417 isolated_file:0 [ 224.196869][ T9112] unevictable:0 dirty:278 writeback:0 unstable:0 [ 224.196869][ T9112] slab_reclaimable:19534 slab_unreclaimable:104270 [ 224.196869][ T9112] mapped:59860 shmem:4358 pagetables:1177 bounce:0 [ 224.196869][ T9112] free:1219747 free_pcp:369 free_cma:0 [ 224.248525][ T9147] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) [ 224.261369][ C0] sd 0:0:1:0: [sg0] tag#34 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s [ 224.271613][ C0] sd 0:0:1:0: [sg0] tag#34 CDB: Test Unit Ready [ 224.277939][ C0] sd 0:0:1:0: [sg0] tag#34 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 224.287737][ C0] sd 0:0:1:0: [sg0] tag#34 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 224.297261][ C0] sd 0:0:1:0: [sg0] tag#34 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 224.306699][ C0] sd 0:0:1:0: [sg0] tag#34 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 224.316119][ C0] sd 0:0:1:0: [sg0] tag#34 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 224.325540][ C0] sd 0:0:1:0: [sg0] tag#34 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 224.337145][ C0] sd 0:0:1:0: [sg0] tag#34 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 224.346572][ C0] sd 0:0:1:0: [sg0] tag#34 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 224.356774][ C0] sd 0:0:1:0: [sg0] tag#34 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 224.366396][ C0] sd 0:0:1:0: [sg0] tag#34 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 224.375817][ C0] sd 0:0:1:0: [sg0] tag#34 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 224.385235][ C0] sd 0:0:1:0: [sg0] tag#34 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 224.394633][ C0] sd 0:0:1:0: [sg0] tag#34 CDB[c0]: 00 00 00 00 00 00 00 00 [ 224.433104][ T391] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1) 17:29:36 executing program 5: r0 = add_key$user(&(0x7f00000000c0)='user\x00', &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000340)='X', 0x1, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f0000000300)='user\x00', &(0x7f0000000180)={'syz', 0x2}, &(0x7f0000000500), 0x0, 0xfffffffffffffffd) r2 = add_key$user(&(0x7f0000000280)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000380)='\x00', 0x1, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000000200)={r1, r0, r2}, 0x0, 0x0, 0x0) [ 224.544658][ T9112] Node 0 active_anon:441664kB inactive_anon:16524kB active_file:24916kB inactive_file:175668kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:239440kB dirty:1004kB writeback:0kB shmem:17432kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 376832kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 224.588502][ C0] sd 0:0:1:0: [sg0] tag#43 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK cmd_age=0s [ 224.598743][ C0] sd 0:0:1:0: [sg0] tag#43 CDB: Test Unit Ready [ 224.605104][ C0] sd 0:0:1:0: [sg0] tag#43 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 224.614540][ C0] sd 0:0:1:0: [sg0] tag#43 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 224.624156][ C0] sd 0:0:1:0: [sg0] tag#43 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 224.629324][ T9112] Node 1 active_anon:0kB inactive_anon:0kB active_file:136kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:8kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 224.633570][ C0] sd 0:0:1:0: [sg0] tag#43 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 224.669542][ C0] sd 0:0:1:0: [sg0] tag#43 CDB[40]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 224.678971][ C0] sd 0:0:1:0: [sg0] tag#43 CDB[50]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 224.688417][ C0] sd 0:0:1:0: [sg0] tag#43 CDB[60]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 224.688900][ T9112] Node 0 DMA free:15908kB min:220kB low:272kB high:324kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 224.697860][ C0] sd 0:0:1:0: [sg0] tag#43 CDB[70]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 224.697887][ C0] sd 0:0:1:0: [sg0] tag#43 CDB[80]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 224.697919][ C0] sd 0:0:1:0: [sg0] tag#43 CDB[90]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 224.729663][ T9112] lowmem_reserve[]: 0 2517 2517 2517 2517 [ 224.736770][ C0] sd 0:0:1:0: [sg0] tag#43 CDB[a0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 224.736796][ C0] sd 0:0:1:0: [sg0] tag#43 CDB[b0]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 224.765267][ T9112] Node 0 DMA32 free:1092888kB min:35932kB low:44912kB high:53892kB reserved_highatomic:0KB active_anon:441588kB inactive_anon:16524kB active_file:24912kB inactive_file:175668kB unevictable:0kB writepending:1056kB present:3129332kB managed:2580292kB mlocked:0kB kernel_stack:9304kB pagetables:4492kB bounce:0kB free_pcp:2400kB local_pcp:1104kB free_cma:0kB [ 224.771214][ C0] sd 0:0:1:0: [sg0] tag#43 CDB[c0]: 00 00 00 00 00 00 00 00 [ 224.803071][ T9112] lowmem_reserve[]: 0 0 0 0 0 [ 224.829890][ T9132] Kernel panic - not syncing: panic_on_warn set ... [ 224.836518][ T9132] CPU: 0 PID: 9132 Comm: syz-executor.1 Tainted: G B 5.7.0-rc1-next-20200415-syzkaller #0 [ 224.847793][ T9132] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 224.857835][ T9132] Call Trace: [ 224.861158][ T9132] dump_stack+0x188/0x20d [ 224.865470][ T9132] panic+0x2e3/0x75c [ 224.869342][ T9132] ? add_taint.cold+0x16/0x16 [ 224.874001][ T9132] ? preempt_schedule_common+0x5e/0xc0 [ 224.879442][ T9132] ? __kvm_gfn_to_hva_cache_init+0x5fb/0x670 [ 224.885402][ T9132] ? preempt_schedule_thunk+0x16/0x18 [ 224.890840][ T9132] ? trace_hardirqs_on+0x55/0x220 [ 224.895844][ T9132] ? __kvm_gfn_to_hva_cache_init+0x5fb/0x670 [ 224.901806][ T9132] end_report+0x4d/0x53 [ 224.906116][ T9132] __kasan_report.cold+0xd/0x4d [ 224.910957][ T9132] ? __kvm_gfn_to_hva_cache_init+0x5fb/0x670 [ 224.916916][ T9132] ? __kvm_gfn_to_hva_cache_init+0x5fb/0x670 [ 224.922884][ T9132] kasan_report+0x33/0x50 [ 224.927193][ T9132] __kvm_gfn_to_hva_cache_init+0x5fb/0x670 [ 224.932980][ T9132] ? __kvm_write_guest_page+0x170/0x170 [ 224.938510][ T9132] kvm_set_msr_common+0x1187/0x27c0 [ 224.943706][ T9132] ? get_kvmclock_ns+0x370/0x370 [ 224.948627][ T9132] vmx_set_msr+0xa83/0x26a0 [ 224.953135][ T9132] ? pt_update_intercept_for_msr+0x960/0x960 [ 224.959187][ T9132] ? lock_downgrade+0x840/0x840 [ 224.964033][ T9132] __kvm_set_msr+0x15f/0x2d0 [ 224.968775][ T9132] ? kvm_enable_efer_bits+0x20/0x20 [ 224.973949][ T9132] ? __might_fault+0x190/0x1d0 [ 224.979130][ T9132] ? _copy_from_user+0x13c/0x1a0 [ 224.984046][ T9132] ? do_get_msr+0x100/0x100 [ 224.988533][ T9132] msr_io+0x173/0x290 [ 224.992514][ T9132] ? emulator_write_std+0xb0/0xb0 [ 224.997517][ T9132] ? save_stack+0x32/0x40 [ 225.001824][ T9132] ? __kasan_slab_free+0xf7/0x140 [ 225.006830][ T9132] kvm_arch_vcpu_ioctl+0x1004/0x2c00 [ 225.012096][ T9132] ? kvm_arch_vcpu_ioctl+0xfb5/0x2c00 [ 225.017449][ T9132] ? kvm_arch_vcpu_put+0x530/0x530 [ 225.022538][ T9132] ? lock_acquire+0x1f2/0x8f0 [ 225.027193][ T9132] ? kvm_vcpu_ioctl+0x175/0xe60 [ 225.032109][ T9132] ? lock_release+0x800/0x800 [ 225.036810][ T9132] ? find_held_lock+0x2d/0x110 [ 225.041566][ T9132] ? __mutex_lock+0x458/0x13c0 [ 225.046569][ T9132] ? kfree+0x1eb/0x2b0 [ 225.050628][ T9132] ? kvm_vcpu_ioctl+0x175/0xe60 [ 225.055545][ T9132] ? mutex_trylock+0x2c0/0x2c0 [ 225.060548][ T9132] ? tomoyo_execute_permission+0x470/0x470 [ 225.066336][ T9132] ? __fget_files+0x30d/0x500 [ 225.070996][ T9132] kvm_vcpu_ioctl+0x866/0xe60 [ 225.075656][ T9132] ? kvm_get_dirty_log_protect.isra.0+0x670/0x670 [ 225.082054][ T9132] ? ioctl_file_clone+0x180/0x180 [ 225.087060][ T9132] ? __fget_files+0x32f/0x500 [ 225.091718][ T9132] ? do_dup2+0x520/0x520 [ 225.095942][ T9132] ? __sched_text_start+0x8/0x8 [ 225.100773][ T9132] ? kvm_get_dirty_log_protect.isra.0+0x670/0x670 [ 225.107164][ T9132] ksys_ioctl+0x11a/0x180 [ 225.111511][ T9132] __x64_sys_ioctl+0x6f/0xb0 [ 225.116104][ T9132] ? lockdep_hardirqs_on+0x463/0x620 [ 225.121387][ T9132] do_syscall_64+0xf6/0x7d0 [ 225.125967][ T9132] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 225.131839][ T9132] RIP: 0033:0x45ca29 [ 225.135716][ T9132] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 225.155298][ T9132] RSP: 002b:00007fd48baabc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 225.163690][ T9132] RAX: ffffffffffffffda RBX: 00000000004e8440 RCX: 000000000045ca29 [ 225.171655][ T9132] RDX: 00000000200000c0 RSI: 000000004008ae89 RDI: 0000000000000005 [ 225.179617][ T9132] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 225.187565][ T9132] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 225.195626][ T9132] R13: 00000000000003d8 R14: 00000000004c688a R15: 00007fd48baac6d4 [ 225.205083][ T9132] Kernel Offset: disabled [ 225.209424][ T9132] Rebooting in 86400 seconds..