[ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.10.40' (ECDSA) to the list of known hosts. 2020/06/30 08:14:35 fuzzer started 2020/06/30 08:14:35 dialing manager at 10.128.0.105:41857 2020/06/30 08:14:35 syscalls: 3106 2020/06/30 08:14:35 code coverage: enabled 2020/06/30 08:14:35 comparison tracing: enabled 2020/06/30 08:14:35 extra coverage: enabled 2020/06/30 08:14:35 setuid sandbox: enabled 2020/06/30 08:14:35 namespace sandbox: enabled 2020/06/30 08:14:35 Android sandbox: /sys/fs/selinux/policy does not exist 2020/06/30 08:14:35 fault injection: enabled 2020/06/30 08:14:35 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2020/06/30 08:14:35 net packet injection: enabled 2020/06/30 08:14:35 net device setup: enabled 2020/06/30 08:14:35 concurrency sanitizer: enabled 2020/06/30 08:14:35 devlink PCI setup: PCI device 0000:00:10.0 is not available 2020/06/30 08:14:35 USB emulation: enabled 2020/06/30 08:14:35 suppressing KCSAN reports in functions: 'expire_timers' 'ext4_free_inode' 'generic_write_end' '__xa_clear_mark' 08:14:40 executing program 0: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000003c0)=ANY=[@ANYBLOB="b702000006000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000000ef2d30ed9e9ae396fcc43020ed7dbc3b7c3fd06c3aed8a89b7085bd01433b0360341925d090efe0d2369c59c71aad05c6d0fe532bfa2abfab9686ba2050964142a196431429b00c92d1c105cab83a91537753b06f81a7a2ced6159b8161e81fbe6e51068017de70b90825cdc4dae5c5c807bd49093fb976ec196e2b721e03ae0105bedab2ec33a4435ed198f80b82c02d9974adee7743c3924534a1ce29c10751eed6d9c5aeea67b4750af60eff7e99bf4f4f51aafa96b4cb76cc03b59d172cf77ae0cc07331e4e09bdf16e7865ec2bcff59f24a97e1f2658da9dafadc2d7d91a591947d04e5c3d43f6a1c7d6b88ea19ce81fd3609ee714a1155a58d7652f03f6f12b9d2ffd9b1ea7e860f35856ad54c182c773174eb9c2fa209dce42d02aad1011c1effcb5f91f217eb332b44083b18b4844ec29aed06a9c0015d19663875666b3aebba4c4d84c096eb9ea4d1a572f110d0c8a85cddfc07c64dd107d86982feec979db5209c7256d7827820f5c8b17f19b5b2d118c406b4ec84982aed6d15481f100e7b196360be847201ca5b666747f81459fbb22a4964c98812047248cf6802788b2b3f4bf6cf42e276476302d96c63d290ee4e59bde664c5becf971e9214f6bce3513789a7e75ce51bf797e106c76ca85abdbec1c0eaa5659238b14c5c23146321c6b604d4ce89ce87fcf8b64e2d4fc39084dd23504158bccb2709635ef"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0xe, 0x0, &(0x7f0000000380)="b95b03b700030000009e40f086dd", 0x0, 0x0, 0x3000000, 0x0, 0x0, 0x0, 0x0}, 0x40) syzkaller login: [ 34.605839][ T8645] IPVS: ftp: loaded support on port[0] = 21 [ 34.653677][ T8645] chnl_net:caif_netlink_parms(): no params data found [ 34.685275][ T8645] bridge0: port 1(bridge_slave_0) entered blocking state [ 34.692459][ T8645] bridge0: port 1(bridge_slave_0) entered disabled state [ 34.700073][ T8645] device bridge_slave_0 entered promiscuous mode [ 34.707535][ T8645] bridge0: port 2(bridge_slave_1) entered blocking state [ 34.714774][ T8645] bridge0: port 2(bridge_slave_1) entered disabled state [ 34.722520][ T8645] device bridge_slave_1 entered promiscuous mode [ 34.737625][ T8645] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link 08:14:40 executing program 1: r0 = socket$inet6(0xa, 0x2, 0x3) ioctl$SNDCTL_DSP_CHANNELS(0xffffffffffffffff, 0xc0045006, &(0x7f00000001c0)=0x7ff) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000400)=@raw={'raw\x00', 0x3c1, 0x3, 0x298, 0x0, 0x0, 0x0, 0x238, 0x238, 0x310, 0x310, 0x310, 0x310, 0x310, 0x3, 0x0, {[{{@ipv6={@local, @initdev={0xfe, 0x88, [], 0x0, 0x0}, [], [], 'tunl0\x00', 'nr0\x00', {}, {}, 0x84}, 0x0, 0xd0, 0xf0, 0x0, {}, [@inet=@rpfilter={{0x28, 'rpfilter\x00'}}]}, @unspec=@TRACE={0x20, 'TRACE\x00'}}, {{@ipv6={@local, @ipv4, [], [], 'veth1_to_bridge\x00', 'bond_slave_1\x00'}, 0x0, 0xa8, 0xd8}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}], {{[], 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x2f8) prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, 0xffffffffffffffff) open_by_handle_at(0xffffffffffffffff, &(0x7f0000000840)=ANY=[@ANYBLOB], 0x0) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) socket$inet(0x2, 0x80001, 0x84) setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f0000000000), 0x20) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) [ 34.748475][ T8645] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 34.766828][ T8645] team0: Port device team_slave_0 added [ 34.773507][ T8645] team0: Port device team_slave_1 added [ 34.786476][ T8645] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 34.793955][ T8645] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 34.820091][ T8645] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 34.831811][ T8645] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 34.838954][ T8645] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 34.865039][ T8645] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active 08:14:40 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="54000000020601e6a2000000000000000000000010000300686173683a69702c6d61630005000400000000000900020073797a31000000000c00078008000840b06b63f0050005000a0000000500010007"], 0x54}}, 0x0) [ 34.920201][ T8645] device hsr_slave_0 entered promiscuous mode [ 34.959047][ T8645] device hsr_slave_1 entered promiscuous mode [ 35.006534][ T8799] IPVS: ftp: loaded support on port[0] = 21 [ 35.107378][ T8645] netdevsim netdevsim0 netdevsim0: renamed from eth0 08:14:40 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0xdc00}], 0x500, &(0x7f0000000200)=""/20, 0x14}, 0x0) [ 35.164679][ T8861] IPVS: ftp: loaded support on port[0] = 21 [ 35.178625][ T8645] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 35.241263][ T8645] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 35.281434][ T8645] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 35.317182][ T8799] chnl_net:caif_netlink_parms(): no params data found [ 35.329751][ T8955] IPVS: ftp: loaded support on port[0] = 21 [ 35.353285][ T8645] bridge0: port 2(bridge_slave_1) entered blocking state [ 35.360330][ T8645] bridge0: port 2(bridge_slave_1) entered forwarding state [ 35.367572][ T8645] bridge0: port 1(bridge_slave_0) entered blocking state [ 35.374619][ T8645] bridge0: port 1(bridge_slave_0) entered forwarding state [ 35.426887][ T8861] chnl_net:caif_netlink_parms(): no params data found 08:14:41 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x11) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x11) [ 35.498398][ T8799] bridge0: port 1(bridge_slave_0) entered blocking state [ 35.505419][ T8799] bridge0: port 1(bridge_slave_0) entered disabled state [ 35.513978][ T8799] device bridge_slave_0 entered promiscuous mode [ 35.540868][ T8799] bridge0: port 2(bridge_slave_1) entered blocking state [ 35.547895][ T8799] bridge0: port 2(bridge_slave_1) entered disabled state [ 35.559348][ T8799] device bridge_slave_1 entered promiscuous mode [ 35.574061][ T8955] chnl_net:caif_netlink_parms(): no params data found [ 35.591987][ T8861] bridge0: port 1(bridge_slave_0) entered blocking state [ 35.599223][ T8861] bridge0: port 1(bridge_slave_0) entered disabled state [ 35.606637][ T8861] device bridge_slave_0 entered promiscuous mode [ 35.620483][ T8799] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 35.642401][ T8799] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 35.658234][ T8861] bridge0: port 2(bridge_slave_1) entered blocking state [ 35.665248][ T8861] bridge0: port 2(bridge_slave_1) entered disabled state [ 35.675684][ T8861] device bridge_slave_1 entered promiscuous mode [ 35.689715][ T3364] bridge0: port 1(bridge_slave_0) entered disabled state [ 35.703655][ T3364] bridge0: port 2(bridge_slave_1) entered disabled state [ 35.741799][ T9231] IPVS: ftp: loaded support on port[0] = 21 [ 35.756337][ T8645] 8021q: adding VLAN 0 to HW filter on device bond0 [ 35.766408][ T8799] team0: Port device team_slave_0 added [ 35.791023][ T8799] team0: Port device team_slave_1 added [ 35.801625][ T8861] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 35.820352][ T8955] bridge0: port 1(bridge_slave_0) entered blocking state [ 35.827374][ T8955] bridge0: port 1(bridge_slave_0) entered disabled state [ 35.835023][ T8955] device bridge_slave_0 entered promiscuous mode 08:14:41 executing program 5: bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={0xffffffffffffffff, 0x1800000000000060, 0x0, 0x0, &(0x7f0000000100), 0x0, 0x0, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0}, 0x40) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f9, &(0x7f0000000140)='sit0\x00') [ 35.846563][ T8799] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 35.854478][ T8799] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 35.880941][ T8799] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 35.893142][ T8861] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 35.909790][ T8278] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 35.917202][ T8278] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 35.941538][ T8955] bridge0: port 2(bridge_slave_1) entered blocking state [ 35.949974][ T8955] bridge0: port 2(bridge_slave_1) entered disabled state [ 35.958663][ T8955] device bridge_slave_1 entered promiscuous mode [ 35.968939][ T8799] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 35.975857][ T8799] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 36.002272][ T8799] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 36.016766][ T8645] 8021q: adding VLAN 0 to HW filter on device team0 [ 36.047579][ T8861] team0: Port device team_slave_0 added [ 36.059335][ T8861] team0: Port device team_slave_1 added [ 36.065999][ T8955] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 36.099400][ T8799] device hsr_slave_0 entered promiscuous mode [ 36.138156][ T8799] device hsr_slave_1 entered promiscuous mode [ 36.208377][ T8799] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 36.215917][ T8799] Cannot create hsr debugfs directory [ 36.229434][ T8955] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 36.239952][ T9308] IPVS: ftp: loaded support on port[0] = 21 [ 36.240418][ T9231] chnl_net:caif_netlink_parms(): no params data found [ 36.256091][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 36.265506][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 36.274042][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 36.281061][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 36.293277][ T8861] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 36.300910][ T8861] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 36.327487][ T8861] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 36.338994][ T8861] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 36.345912][ T8861] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 36.372418][ T8861] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 36.393169][ T8955] team0: Port device team_slave_0 added [ 36.400551][ T8955] team0: Port device team_slave_1 added [ 36.428323][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 36.436745][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 36.445460][ T17] bridge0: port 2(bridge_slave_1) entered blocking state [ 36.452494][ T17] bridge0: port 2(bridge_slave_1) entered forwarding state [ 36.460293][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 36.469091][ T8955] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 36.476080][ T8955] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 36.502032][ T8955] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 36.579481][ T8861] device hsr_slave_0 entered promiscuous mode [ 36.627934][ T8861] device hsr_slave_1 entered promiscuous mode [ 36.677814][ T8861] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 36.685348][ T8861] Cannot create hsr debugfs directory [ 36.706610][ T8955] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 36.713736][ T8955] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 36.739757][ T8955] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 36.755426][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 36.764002][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 36.772407][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 36.781602][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 36.839061][ T8955] device hsr_slave_0 entered promiscuous mode [ 36.867817][ T8955] device hsr_slave_1 entered promiscuous mode [ 36.927735][ T8955] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 36.935272][ T8955] Cannot create hsr debugfs directory [ 36.952200][ T3364] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 36.960724][ T3364] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 36.976968][ T8799] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 37.069710][ T8799] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 37.109509][ T8799] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 37.148977][ T9231] bridge0: port 1(bridge_slave_0) entered blocking state [ 37.155996][ T9231] bridge0: port 1(bridge_slave_0) entered disabled state [ 37.163646][ T9231] device bridge_slave_0 entered promiscuous mode [ 37.186385][ T4735] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 37.195391][ T4735] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 37.204279][ T8799] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 37.239193][ T9231] bridge0: port 2(bridge_slave_1) entered blocking state [ 37.246258][ T9231] bridge0: port 2(bridge_slave_1) entered disabled state [ 37.254127][ T9231] device bridge_slave_1 entered promiscuous mode [ 37.279361][ T9231] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 37.288947][ T4735] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 37.296997][ T4735] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 37.307407][ T8645] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 37.318574][ T9231] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 37.361667][ T9308] chnl_net:caif_netlink_parms(): no params data found [ 37.372876][ T8861] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 37.431397][ T8955] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 37.481779][ T8955] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 37.520197][ T8955] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 37.570413][ T8955] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 37.618888][ T8861] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 37.660097][ T9231] team0: Port device team_slave_0 added [ 37.679054][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 37.686373][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 37.693806][ T8861] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 37.758961][ T9231] team0: Port device team_slave_1 added [ 37.779763][ T8645] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 37.792802][ T8861] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 37.872496][ T9231] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 37.879459][ T9231] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 37.905760][ T9231] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 37.923710][ T9308] bridge0: port 1(bridge_slave_0) entered blocking state [ 37.931582][ T9308] bridge0: port 1(bridge_slave_0) entered disabled state [ 37.939045][ T9308] device bridge_slave_0 entered promiscuous mode [ 37.946219][ T9308] bridge0: port 2(bridge_slave_1) entered blocking state [ 37.953268][ T9308] bridge0: port 2(bridge_slave_1) entered disabled state [ 37.960807][ T9308] device bridge_slave_1 entered promiscuous mode [ 37.968020][ T9231] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 37.974941][ T9231] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 38.001745][ T9231] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 38.068616][ T9231] device hsr_slave_0 entered promiscuous mode [ 38.117466][ T9231] device hsr_slave_1 entered promiscuous mode [ 38.167239][ T9231] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 38.174782][ T9231] Cannot create hsr debugfs directory [ 38.180707][ T3413] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 38.189371][ T3413] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 38.205920][ T8955] 8021q: adding VLAN 0 to HW filter on device bond0 [ 38.221063][ T9308] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 38.238546][ T9308] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 38.271132][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 38.279986][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 38.289479][ T8799] 8021q: adding VLAN 0 to HW filter on device bond0 [ 38.298777][ T9308] team0: Port device team_slave_0 added [ 38.308902][ T8955] 8021q: adding VLAN 0 to HW filter on device team0 [ 38.318661][ T4735] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 38.326687][ T4735] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 38.339642][ T8645] device veth0_vlan entered promiscuous mode [ 38.350279][ T9308] team0: Port device team_slave_1 added [ 38.361359][ T4735] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 38.369754][ T4735] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 38.386265][ T8645] device veth1_vlan entered promiscuous mode [ 38.395543][ T8861] 8021q: adding VLAN 0 to HW filter on device bond0 [ 38.407117][ T9231] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 38.459117][ T9231] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 38.504246][ T8799] 8021q: adding VLAN 0 to HW filter on device team0 [ 38.512656][ T9308] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 38.520528][ T9308] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 38.547257][ T9308] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 38.558694][ T3413] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 38.566488][ T3413] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 38.574657][ T3413] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 38.582274][ T3413] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 38.589915][ T3413] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 38.598612][ T3413] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 38.606781][ T3413] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.613792][ T3413] bridge0: port 1(bridge_slave_0) entered forwarding state [ 38.621779][ T9231] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 38.686601][ T8645] device veth0_macvtap entered promiscuous mode [ 38.695652][ T8645] device veth1_macvtap entered promiscuous mode [ 38.704684][ T9308] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 38.711742][ T9308] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 38.737848][ T9308] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 38.748671][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 38.756268][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 38.764602][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 38.772778][ T17] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.779811][ T17] bridge0: port 2(bridge_slave_1) entered forwarding state [ 38.787542][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 38.795975][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 38.804201][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 38.812399][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 38.820187][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 38.828806][ T9231] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 38.894904][ T8278] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 38.902839][ T8278] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 38.911421][ T8278] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 38.919959][ T8278] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 38.928629][ T8278] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 38.937265][ T8278] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 38.944764][ T8278] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 38.952761][ T8278] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 38.961315][ T8278] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 38.969708][ T8278] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.976704][ T8278] bridge0: port 1(bridge_slave_0) entered forwarding state [ 38.984695][ T8278] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 38.993283][ T8278] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 39.001700][ T8278] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.008780][ T8278] bridge0: port 2(bridge_slave_1) entered forwarding state [ 39.017086][ T8278] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 39.025024][ T8278] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 39.032688][ T8278] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 39.040883][ T8278] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 39.052288][ T8645] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 39.062867][ T8861] 8021q: adding VLAN 0 to HW filter on device team0 [ 39.118290][ T9308] device hsr_slave_0 entered promiscuous mode [ 39.167034][ T9308] device hsr_slave_1 entered promiscuous mode [ 39.236784][ T9308] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 39.244324][ T9308] Cannot create hsr debugfs directory [ 39.259912][ T8955] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 39.274701][ T8955] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 39.283506][ T3413] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 39.291999][ T3413] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 39.300367][ T3413] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 39.309421][ T3413] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 39.317608][ T3413] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 39.325634][ T3413] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 39.335723][ T8645] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 39.357997][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 39.366953][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 39.375394][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 39.385224][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 39.393943][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 39.402772][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 39.410394][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 39.418981][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 39.427286][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.434277][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 39.442100][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 39.450006][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 39.466945][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 39.475171][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 39.487239][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 39.495333][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 39.508393][ T8955] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 39.581995][ T8799] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 39.594016][ T8799] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 39.617733][ T8278] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 39.625861][ T8278] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 39.634073][ T8278] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 39.642561][ T8278] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 39.650975][ T8278] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.657993][ T8278] bridge0: port 2(bridge_slave_1) entered forwarding state [ 39.665765][ T9308] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 39.718443][ T9308] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 39.766660][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 39.775357][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 39.784669][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 39.793193][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 39.801776][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 39.809306][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 39.817017][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 39.825129][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready 08:14:45 executing program 0: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000003c0)=ANY=[@ANYBLOB="b702000006000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000000ef2d30ed9e9ae396fcc43020ed7dbc3b7c3fd06c3aed8a89b7085bd01433b0360341925d090efe0d2369c59c71aad05c6d0fe532bfa2abfab9686ba2050964142a196431429b00c92d1c105cab83a91537753b06f81a7a2ced6159b8161e81fbe6e51068017de70b90825cdc4dae5c5c807bd49093fb976ec196e2b721e03ae0105bedab2ec33a4435ed198f80b82c02d9974adee7743c3924534a1ce29c10751eed6d9c5aeea67b4750af60eff7e99bf4f4f51aafa96b4cb76cc03b59d172cf77ae0cc07331e4e09bdf16e7865ec2bcff59f24a97e1f2658da9dafadc2d7d91a591947d04e5c3d43f6a1c7d6b88ea19ce81fd3609ee714a1155a58d7652f03f6f12b9d2ffd9b1ea7e860f35856ad54c182c773174eb9c2fa209dce42d02aad1011c1effcb5f91f217eb332b44083b18b4844ec29aed06a9c0015d19663875666b3aebba4c4d84c096eb9ea4d1a572f110d0c8a85cddfc07c64dd107d86982feec979db5209c7256d7827820f5c8b17f19b5b2d118c406b4ec84982aed6d15481f100e7b196360be847201ca5b666747f81459fbb22a4964c98812047248cf6802788b2b3f4bf6cf42e276476302d96c63d290ee4e59bde664c5becf971e9214f6bce3513789a7e75ce51bf797e106c76ca85abdbec1c0eaa5659238b14c5c23146321c6b604d4ce89ce87fcf8b64e2d4fc39084dd23504158bccb2709635ef"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0xe, 0x0, &(0x7f0000000380)="b95b03b700030000009e40f086dd", 0x0, 0x0, 0x3000000, 0x0, 0x0, 0x0, 0x0}, 0x40) [ 39.869309][ T9308] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 39.909418][ T9308] netdevsim netdevsim5 netdevsim3: renamed from eth3 08:14:45 executing program 0: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000003c0)=ANY=[@ANYBLOB="b702000006000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000000ef2d30ed9e9ae396fcc43020ed7dbc3b7c3fd06c3aed8a89b7085bd01433b0360341925d090efe0d2369c59c71aad05c6d0fe532bfa2abfab9686ba2050964142a196431429b00c92d1c105cab83a91537753b06f81a7a2ced6159b8161e81fbe6e51068017de70b90825cdc4dae5c5c807bd49093fb976ec196e2b721e03ae0105bedab2ec33a4435ed198f80b82c02d9974adee7743c3924534a1ce29c10751eed6d9c5aeea67b4750af60eff7e99bf4f4f51aafa96b4cb76cc03b59d172cf77ae0cc07331e4e09bdf16e7865ec2bcff59f24a97e1f2658da9dafadc2d7d91a591947d04e5c3d43f6a1c7d6b88ea19ce81fd3609ee714a1155a58d7652f03f6f12b9d2ffd9b1ea7e860f35856ad54c182c773174eb9c2fa209dce42d02aad1011c1effcb5f91f217eb332b44083b18b4844ec29aed06a9c0015d19663875666b3aebba4c4d84c096eb9ea4d1a572f110d0c8a85cddfc07c64dd107d86982feec979db5209c7256d7827820f5c8b17f19b5b2d118c406b4ec84982aed6d15481f100e7b196360be847201ca5b666747f81459fbb22a4964c98812047248cf6802788b2b3f4bf6cf42e276476302d96c63d290ee4e59bde664c5becf971e9214f6bce3513789a7e75ce51bf797e106c76ca85abdbec1c0eaa5659238b14c5c23146321c6b604d4ce89ce87fcf8b64e2d4fc39084dd23504158bccb2709635ef"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0xe, 0x0, &(0x7f0000000380)="b95b03b700030000009e40f086dd", 0x0, 0x0, 0x3000000, 0x0, 0x0, 0x0, 0x0}, 0x40) [ 39.953186][ T8861] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 39.976662][ T8861] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network 08:14:45 executing program 0: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000003c0)=ANY=[@ANYBLOB="b702000006000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000000ef2d30ed9e9ae396fcc43020ed7dbc3b7c3fd06c3aed8a89b7085bd01433b0360341925d090efe0d2369c59c71aad05c6d0fe532bfa2abfab9686ba2050964142a196431429b00c92d1c105cab83a91537753b06f81a7a2ced6159b8161e81fbe6e51068017de70b90825cdc4dae5c5c807bd49093fb976ec196e2b721e03ae0105bedab2ec33a4435ed198f80b82c02d9974adee7743c3924534a1ce29c10751eed6d9c5aeea67b4750af60eff7e99bf4f4f51aafa96b4cb76cc03b59d172cf77ae0cc07331e4e09bdf16e7865ec2bcff59f24a97e1f2658da9dafadc2d7d91a591947d04e5c3d43f6a1c7d6b88ea19ce81fd3609ee714a1155a58d7652f03f6f12b9d2ffd9b1ea7e860f35856ad54c182c773174eb9c2fa209dce42d02aad1011c1effcb5f91f217eb332b44083b18b4844ec29aed06a9c0015d19663875666b3aebba4c4d84c096eb9ea4d1a572f110d0c8a85cddfc07c64dd107d86982feec979db5209c7256d7827820f5c8b17f19b5b2d118c406b4ec84982aed6d15481f100e7b196360be847201ca5b666747f81459fbb22a4964c98812047248cf6802788b2b3f4bf6cf42e276476302d96c63d290ee4e59bde664c5becf971e9214f6bce3513789a7e75ce51bf797e106c76ca85abdbec1c0eaa5659238b14c5c23146321c6b604d4ce89ce87fcf8b64e2d4fc39084dd23504158bccb2709635ef"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0xe, 0x0, &(0x7f0000000380)="b95b03b700030000009e40f086dd", 0x0, 0x0, 0x3000000, 0x0, 0x0, 0x0, 0x0}, 0x40) [ 39.997959][ T8799] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 40.007079][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 40.015052][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 40.037156][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 40.045369][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready 08:14:45 executing program 0: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000003c0)=ANY=[@ANYBLOB="b702000006000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000000ef2d30ed9e9ae396fcc43020ed7dbc3b7c3fd06c3aed8a89b7085bd01433b0360341925d090efe0d2369c59c71aad05c6d0fe532bfa2abfab9686ba2050964142a196431429b00c92d1c105cab83a91537753b06f81a7a2ced6159b8161e81fbe6e51068017de70b90825cdc4dae5c5c807bd49093fb976ec196e2b721e03ae0105bedab2ec33a4435ed198f80b82c02d9974adee7743c3924534a1ce29c10751eed6d9c5aeea67b4750af60eff7e99bf4f4f51aafa96b4cb76cc03b59d172cf77ae0cc07331e4e09bdf16e7865ec2bcff59f24a97e1f2658da9dafadc2d7d91a591947d04e5c3d43f6a1c7d6b88ea19ce81fd3609ee714a1155a58d7652f03f6f12b9d2ffd9b1ea7e860f35856ad54c182c773174eb9c2fa209dce42d02aad1011c1effcb5f91f217eb332b44083b18b4844ec29aed06a9c0015d19663875666b3aebba4c4d84c096eb9ea4d1a572f110d0c8a85cddfc07c64dd107d86982feec979db5209c7256d7827820f5c8b17f19b5b2d118c406b4ec84982aed6d15481f100e7b196360be847201ca5b666747f81459fbb22a4964c98812047248cf6802788b2b3f4bf6cf42e276476302d96c63d290ee4e59bde664c5becf971e9214f6bce3513789a7e75ce51bf797e106c76ca85abdbec1c0eaa5659238b14c5c23146321c6b604d4ce89ce87fcf8b64e2d4fc39084dd23504158bccb2709635ef"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0xe, 0x0, &(0x7f0000000380)="b95b03b700030000009e40f086dd", 0x0, 0x0, 0x3000000, 0x0, 0x0, 0x0, 0x0}, 0x40) [ 40.056347][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 40.076814][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready 08:14:45 executing program 0: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000003c0)=ANY=[@ANYBLOB="b702000006000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000000ef2d30ed9e9ae396fcc43020ed7dbc3b7c3fd06c3aed8a89b7085bd01433b0360341925d090efe0d2369c59c71aad05c6d0fe532bfa2abfab9686ba2050964142a196431429b00c92d1c105cab83a91537753b06f81a7a2ced6159b8161e81fbe6e51068017de70b90825cdc4dae5c5c807bd49093fb976ec196e2b721e03ae0105bedab2ec33a4435ed198f80b82c02d9974adee7743c3924534a1ce29c10751eed6d9c5aeea67b4750af60eff7e99bf4f4f51aafa96b4cb76cc03b59d172cf77ae0cc07331e4e09bdf16e7865ec2bcff59f24a97e1f2658da9dafadc2d7d91a591947d04e5c3d43f6a1c7d6b88ea19ce81fd3609ee714a1155a58d7652f03f6f12b9d2ffd9b1ea7e860f35856ad54c182c773174eb9c2fa209dce42d02aad1011c1effcb5f91f217eb332b44083b18b4844ec29aed06a9c0015d19663875666b3aebba4c4d84c096eb9ea4d1a572f110d0c8a85cddfc07c64dd107d86982feec979db5209c7256d7827820f5c8b17f19b5b2d118c406b4ec84982aed6d15481f100e7b196360be847201ca5b666747f81459fbb22a4964c98812047248cf6802788b2b3f4bf6cf42e276476302d96c63d290ee4e59bde664c5becf971e9214f6bce3513789a7e75ce51bf797e106c76ca85abdbec1c0eaa5659238b14c5c23146321c6b604d4ce89ce87fcf8b64e2d4fc39084dd23504158bccb2709635ef"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0xe, 0x0, &(0x7f0000000380)="b95b03b700030000009e40f086dd", 0x0, 0x0, 0x3000000, 0x0, 0x0, 0x0, 0x0}, 0x40) 08:14:45 executing program 0: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000003c0)=ANY=[@ANYBLOB="b702000006000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000000ef2d30ed9e9ae396fcc43020ed7dbc3b7c3fd06c3aed8a89b7085bd01433b0360341925d090efe0d2369c59c71aad05c6d0fe532bfa2abfab9686ba2050964142a196431429b00c92d1c105cab83a91537753b06f81a7a2ced6159b8161e81fbe6e51068017de70b90825cdc4dae5c5c807bd49093fb976ec196e2b721e03ae0105bedab2ec33a4435ed198f80b82c02d9974adee7743c3924534a1ce29c10751eed6d9c5aeea67b4750af60eff7e99bf4f4f51aafa96b4cb76cc03b59d172cf77ae0cc07331e4e09bdf16e7865ec2bcff59f24a97e1f2658da9dafadc2d7d91a591947d04e5c3d43f6a1c7d6b88ea19ce81fd3609ee714a1155a58d7652f03f6f12b9d2ffd9b1ea7e860f35856ad54c182c773174eb9c2fa209dce42d02aad1011c1effcb5f91f217eb332b44083b18b4844ec29aed06a9c0015d19663875666b3aebba4c4d84c096eb9ea4d1a572f110d0c8a85cddfc07c64dd107d86982feec979db5209c7256d7827820f5c8b17f19b5b2d118c406b4ec84982aed6d15481f100e7b196360be847201ca5b666747f81459fbb22a4964c98812047248cf6802788b2b3f4bf6cf42e276476302d96c63d290ee4e59bde664c5becf971e9214f6bce3513789a7e75ce51bf797e106c76ca85abdbec1c0eaa5659238b14c5c23146321c6b604d4ce89ce87fcf8b64e2d4fc39084dd23504158bccb2709635ef"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0xe, 0x0, &(0x7f0000000380)="b95b03b700030000009e40f086dd", 0x0, 0x0, 0x3000000, 0x0, 0x0, 0x0, 0x0}, 0x40) [ 40.118276][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 40.136081][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 40.154473][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 40.162415][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 40.174512][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 40.200606][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready 08:14:45 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040)='nl80211\x00') sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="050400000000000000007e000000080005"], 0x1c}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendfile(r3, r1, 0x0, 0x100000001) r4 = socket$inet6(0xa, 0x2, 0x0) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) [ 40.215213][ T8955] device veth0_vlan entered promiscuous mode [ 40.240002][ T9231] 8021q: adding VLAN 0 to HW filter on device bond0 [ 40.250332][ T8861] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 40.258347][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 40.274882][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 40.293138][ T8955] device veth1_vlan entered promiscuous mode [ 40.300325][ T28] audit: type=1804 audit(1593504885.827:2): pid=9927 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir732405869/syzkaller.nbmhHN/7/cgroup.controllers" dev="sda1" ino=15740 res=1 [ 40.332035][ T9231] 8021q: adding VLAN 0 to HW filter on device team0 [ 40.351206][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 40.358927][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 40.366253][ T9925] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 40.366624][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 40.383833][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 40.391401][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 40.398986][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 40.407320][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 40.418967][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 40.426844][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 40.434492][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 40.446401][ T8799] device veth0_vlan entered promiscuous mode [ 40.462544][ T3413] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 40.471102][ T3413] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 40.481205][ T3413] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.488241][ T3413] bridge0: port 1(bridge_slave_0) entered forwarding state [ 40.495937][ T3413] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 40.504392][ T3413] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 40.532107][ T8278] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 40.540335][ T8278] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 40.549718][ T8278] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 40.558317][ T8278] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.565329][ T8278] bridge0: port 2(bridge_slave_1) entered forwarding state [ 40.573324][ T8278] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 40.582114][ T8278] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 40.594293][ T8799] device veth1_vlan entered promiscuous mode [ 40.602770][ T9308] 8021q: adding VLAN 0 to HW filter on device bond0 [ 40.614860][ T8861] device veth0_vlan entered promiscuous mode [ 40.633602][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 40.641609][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 40.649803][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 40.658419][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 40.667094][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 40.675298][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 40.683896][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 40.692589][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 40.701148][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 40.708796][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 40.717429][ T8955] device veth0_macvtap entered promiscuous mode [ 40.737754][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 40.745361][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 40.753689][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 40.762084][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 40.770099][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 40.778439][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 40.787306][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 40.795627][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 40.807495][ T8861] device veth1_vlan entered promiscuous mode [ 40.817703][ T9308] 8021q: adding VLAN 0 to HW filter on device team0 [ 40.826709][ T8799] device veth0_macvtap entered promiscuous mode [ 40.835178][ T8955] device veth1_macvtap entered promiscuous mode [ 40.853105][ T9231] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 40.863602][ T9231] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 40.875987][ T8799] device veth1_macvtap entered promiscuous mode [ 40.893444][ T8278] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 40.901420][ T8278] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 40.909690][ T8278] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 40.917974][ T8278] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 40.925869][ T8278] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 40.933992][ T8278] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 40.942280][ T8278] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 40.950952][ T8278] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 40.959509][ T8278] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 40.967855][ T8278] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 40.976520][ T8278] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 40.984766][ T8278] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.991792][ T8278] bridge0: port 1(bridge_slave_0) entered forwarding state [ 41.017933][ T9231] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 41.028745][ T8955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 41.039478][ T8955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 41.050347][ T8955] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 41.062298][ T28] audit: type=1804 audit(1593504886.587:3): pid=9927 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir732405869/syzkaller.nbmhHN/7/cgroup.controllers" dev="sda1" ino=15740 res=1 [ 41.063408][ T8955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 41.097695][ T8955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 41.108871][ T8955] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 41.119884][ T8278] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 41.127453][ T8278] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 41.135172][ T8278] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 41.147968][ T8278] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 41.156595][ T8278] bridge0: port 2(bridge_slave_1) entered blocking state [ 41.163603][ T8278] bridge0: port 2(bridge_slave_1) entered forwarding state [ 41.172316][ T8278] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 41.181426][ T8278] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 41.190288][ T8278] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 41.197996][ T8278] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 41.205398][ T8278] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 41.213991][ T8278] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 41.222517][ T8278] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 41.231020][ T8278] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 41.239796][ T8278] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 41.248555][ T8278] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 41.266988][ T8799] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 41.277445][ T8799] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 41.288192][ T8799] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 41.298724][ T8799] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 41.309403][ T8799] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 41.319879][ T8799] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 41.330626][ T8799] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 41.340744][ T8799] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 41.351298][ T8799] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 41.362022][ T8799] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 41.371122][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 41.379808][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 41.388552][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 41.397007][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 41.405288][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 41.413820][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 41.422252][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 41.430682][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 41.439151][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 41.447614][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 41.459138][ T8861] device veth0_macvtap entered promiscuous mode [ 41.465768][ T9308] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 41.477188][ T9308] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 41.548289][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 41.556447][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 41.564228][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 41.573530][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 41.584639][ T8861] device veth1_macvtap entered promiscuous mode [ 41.899316][ T8861] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 41.931863][ T8861] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 41.944302][ T8861] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 41.956375][ T8861] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 41.967619][ T8861] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 41.979269][ T8861] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 41.991442][ T8861] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 42.003289][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 42.016298][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 42.024671][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 42.044977][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 42.053004][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 42.062010][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 42.078782][ T9231] device veth0_vlan entered promiscuous mode [ 42.089472][ T9308] 8021q: adding VLAN 0 to HW filter on device batadv0 08:14:47 executing program 1: r0 = socket$inet6(0xa, 0x2, 0x3) ioctl$SNDCTL_DSP_CHANNELS(0xffffffffffffffff, 0xc0045006, &(0x7f00000001c0)=0x7ff) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000400)=@raw={'raw\x00', 0x3c1, 0x3, 0x298, 0x0, 0x0, 0x0, 0x238, 0x238, 0x310, 0x310, 0x310, 0x310, 0x310, 0x3, 0x0, {[{{@ipv6={@local, @initdev={0xfe, 0x88, [], 0x0, 0x0}, [], [], 'tunl0\x00', 'nr0\x00', {}, {}, 0x84}, 0x0, 0xd0, 0xf0, 0x0, {}, [@inet=@rpfilter={{0x28, 'rpfilter\x00'}}]}, @unspec=@TRACE={0x20, 'TRACE\x00'}}, {{@ipv6={@local, @ipv4, [], [], 'veth1_to_bridge\x00', 'bond_slave_1\x00'}, 0x0, 0xa8, 0xd8}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}], {{[], 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x2f8) prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, 0xffffffffffffffff) open_by_handle_at(0xffffffffffffffff, &(0x7f0000000840)=ANY=[@ANYBLOB], 0x0) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) socket$inet(0x2, 0x80001, 0x84) setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f0000000000), 0x20) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) [ 42.107554][ T3364] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 42.126296][ T3364] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 42.138959][ T9231] device veth1_vlan entered promiscuous mode [ 42.150386][ T8861] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 42.164759][ T8861] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.175285][ T8861] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 42.186531][ T8861] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.196860][ T8861] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 42.207516][ T8861] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.218194][ T8861] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 42.234441][ T3364] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 42.242648][ T3364] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 42.250841][ T3364] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 42.258916][ T3364] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 42.267110][ T3364] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 42.275545][ T3364] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 42.399142][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 42.408656][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 42.431279][ T9231] device veth0_macvtap entered promiscuous mode 08:14:47 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="54000000020601e6a2000000000000000000000010000300686173683a69702c6d61630005000400000000000900020073797a31000000000c00078008000840b06b63f0050005000a0000000500010007"], 0x54}}, 0x0) 08:14:47 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040)='nl80211\x00') sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="050400000000000000007e000000080005"], 0x1c}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendfile(r3, r1, 0x0, 0x100000001) r4 = socket$inet6(0xa, 0x2, 0x0) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) [ 42.451324][ T8278] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 42.460800][ T8278] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 42.472946][ T8278] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 42.488330][ T9308] device veth0_vlan entered promiscuous mode [ 42.497818][ T9231] device veth1_macvtap entered promiscuous mode [ 42.509711][ T8278] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 42.528549][ T8278] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 42.538877][ T8278] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 42.555241][ T9231] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 42.568698][ T9231] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.578774][ T9231] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 42.591253][ T9231] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.601220][ T28] audit: type=1804 audit(1593504888.127:4): pid=9973 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir732405869/syzkaller.nbmhHN/8/cgroup.controllers" dev="sda1" ino=15753 res=1 [ 42.628475][ T9973] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 42.629236][ T9231] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 42.648592][ T9231] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.658571][ T9231] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 42.669152][ T9231] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.680589][ T9231] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 42.692013][ T9308] device veth1_vlan entered promiscuous mode [ 42.700154][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 42.708069][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 42.716049][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 42.723900][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 42.732961][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 42.744108][ T9231] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 42.755149][ T9231] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.765031][ T9231] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 42.775482][ T9231] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.785678][ T9231] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 42.796958][ T9231] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.806914][ T9231] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 42.817355][ T9231] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.828143][ T9231] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 42.847338][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 42.855263][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 42.863946][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 42.880546][ T3364] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 42.888991][ T3364] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 42.900641][ T9308] device veth0_macvtap entered promiscuous mode [ 42.948488][ T9308] device veth1_macvtap entered promiscuous mode [ 43.069713][ T9308] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 43.082367][ T9308] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 43.098505][ T9308] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 43.109482][ T9308] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 43.121652][ T9308] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 43.132482][ T9308] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 43.144145][ T9308] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 43.155197][ T9308] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 43.165417][ T9308] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 43.176569][ T9308] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 43.187970][ T9308] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 43.199494][ T9308] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 43.215250][ T9308] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 43.225664][ T9308] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 43.236425][ T9308] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 43.246514][ T9308] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 43.257281][ T9308] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 43.267457][ T9308] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 43.278696][ T9308] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 43.298528][ T9308] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 43.309114][ T9308] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 43.320281][ T9308] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 43.328922][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 43.337419][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 43.345311][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 43.354717][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 43.364015][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 43.372835][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready 08:14:49 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x11) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x11) 08:14:49 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0xdc00}], 0x500, &(0x7f0000000200)=""/20, 0x14}, 0x0) 08:14:49 executing program 1: r0 = socket$inet6(0xa, 0x2, 0x3) ioctl$SNDCTL_DSP_CHANNELS(0xffffffffffffffff, 0xc0045006, &(0x7f00000001c0)=0x7ff) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000400)=@raw={'raw\x00', 0x3c1, 0x3, 0x298, 0x0, 0x0, 0x0, 0x238, 0x238, 0x310, 0x310, 0x310, 0x310, 0x310, 0x3, 0x0, {[{{@ipv6={@local, @initdev={0xfe, 0x88, [], 0x0, 0x0}, [], [], 'tunl0\x00', 'nr0\x00', {}, {}, 0x84}, 0x0, 0xd0, 0xf0, 0x0, {}, [@inet=@rpfilter={{0x28, 'rpfilter\x00'}}]}, @unspec=@TRACE={0x20, 'TRACE\x00'}}, {{@ipv6={@local, @ipv4, [], [], 'veth1_to_bridge\x00', 'bond_slave_1\x00'}, 0x0, 0xa8, 0xd8}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}], {{[], 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x2f8) prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, 0xffffffffffffffff) open_by_handle_at(0xffffffffffffffff, &(0x7f0000000840)=ANY=[@ANYBLOB], 0x0) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) socket$inet(0x2, 0x80001, 0x84) setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f0000000000), 0x20) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) 08:14:49 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="54000000020601e6a2000000000000000000000010000300686173683a69702c6d61630005000400000000000900020073797a31000000000c00078008000840b06b63f0050005000a0000000500010007"], 0x54}}, 0x0) 08:14:49 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040)='nl80211\x00') sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="050400000000000000007e000000080005"], 0x1c}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendfile(r3, r1, 0x0, 0x100000001) r4 = socket$inet6(0xa, 0x2, 0x0) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) 08:14:49 executing program 5: bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={0xffffffffffffffff, 0x1800000000000060, 0x0, 0x0, &(0x7f0000000100), 0x0, 0x0, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0}, 0x40) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f9, &(0x7f0000000140)='sit0\x00') 08:14:49 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="54000000020601e6a2000000000000000000000010000300686173683a69702c6d61630005000400000000000900020073797a31000000000c00078008000840b06b63f0050005000a0000000500010007"], 0x54}}, 0x0) 08:14:49 executing program 5: bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={0xffffffffffffffff, 0x1800000000000060, 0x0, 0x0, &(0x7f0000000100), 0x0, 0x0, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0}, 0x40) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f9, &(0x7f0000000140)='sit0\x00') 08:14:49 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0xdc00}], 0x500, &(0x7f0000000200)=""/20, 0x14}, 0x0) 08:14:49 executing program 1: r0 = socket$inet6(0xa, 0x2, 0x3) ioctl$SNDCTL_DSP_CHANNELS(0xffffffffffffffff, 0xc0045006, &(0x7f00000001c0)=0x7ff) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000400)=@raw={'raw\x00', 0x3c1, 0x3, 0x298, 0x0, 0x0, 0x0, 0x238, 0x238, 0x310, 0x310, 0x310, 0x310, 0x310, 0x3, 0x0, {[{{@ipv6={@local, @initdev={0xfe, 0x88, [], 0x0, 0x0}, [], [], 'tunl0\x00', 'nr0\x00', {}, {}, 0x84}, 0x0, 0xd0, 0xf0, 0x0, {}, [@inet=@rpfilter={{0x28, 'rpfilter\x00'}}]}, @unspec=@TRACE={0x20, 'TRACE\x00'}}, {{@ipv6={@local, @ipv4, [], [], 'veth1_to_bridge\x00', 'bond_slave_1\x00'}, 0x0, 0xa8, 0xd8}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}], {{[], 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x2f8) prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, 0xffffffffffffffff) open_by_handle_at(0xffffffffffffffff, &(0x7f0000000840)=ANY=[@ANYBLOB], 0x0) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) socket$inet(0x2, 0x80001, 0x84) setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f0000000000), 0x20) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) 08:14:49 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x11) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x11) [ 43.723798][ T28] audit: type=1804 audit(1593504889.248:5): pid=10021 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir732405869/syzkaller.nbmhHN/9/cgroup.controllers" dev="sda1" ino=15766 res=1 08:14:49 executing program 3: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0xdc00}], 0x500, &(0x7f0000000200)=""/20, 0x14}, 0x0) [ 43.767975][T10021] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 08:14:49 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x11) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x11) 08:14:49 executing program 5: bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={0xffffffffffffffff, 0x1800000000000060, 0x0, 0x0, &(0x7f0000000100), 0x0, 0x0, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0}, 0x40) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f9, &(0x7f0000000140)='sit0\x00') 08:14:49 executing program 1: bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={0xffffffffffffffff, 0x1800000000000060, 0x0, 0x0, &(0x7f0000000100), 0x0, 0x0, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0}, 0x40) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f9, &(0x7f0000000140)='sit0\x00') 08:14:49 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x3) ioctl$SNDCTL_DSP_CHANNELS(0xffffffffffffffff, 0xc0045006, &(0x7f00000001c0)=0x7ff) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000400)=@raw={'raw\x00', 0x3c1, 0x3, 0x298, 0x0, 0x0, 0x0, 0x238, 0x238, 0x310, 0x310, 0x310, 0x310, 0x310, 0x3, 0x0, {[{{@ipv6={@local, @initdev={0xfe, 0x88, [], 0x0, 0x0}, [], [], 'tunl0\x00', 'nr0\x00', {}, {}, 0x84}, 0x0, 0xd0, 0xf0, 0x0, {}, [@inet=@rpfilter={{0x28, 'rpfilter\x00'}}]}, @unspec=@TRACE={0x20, 'TRACE\x00'}}, {{@ipv6={@local, @ipv4, [], [], 'veth1_to_bridge\x00', 'bond_slave_1\x00'}, 0x0, 0xa8, 0xd8}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}], {{[], 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x2f8) prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, 0xffffffffffffffff) open_by_handle_at(0xffffffffffffffff, &(0x7f0000000840)=ANY=[@ANYBLOB], 0x0) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) socket$inet(0x2, 0x80001, 0x84) setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f0000000000), 0x20) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) [ 43.991389][T10021] Page cache invalidation failure on direct I/O. Possible data corruption due to collision with buffered I/O! [ 44.009497][T10021] File: /root/syzkaller-testdir732405869/syzkaller.nbmhHN/9/cgroup.controllers PID: 10021 Comm: syz-executor.0 08:14:49 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040)='nl80211\x00') sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="050400000000000000007e000000080005"], 0x1c}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendfile(r3, r1, 0x0, 0x100000001) r4 = socket$inet6(0xa, 0x2, 0x0) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) 08:14:49 executing program 1: bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={0xffffffffffffffff, 0x1800000000000060, 0x0, 0x0, &(0x7f0000000100), 0x0, 0x0, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0}, 0x40) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f9, &(0x7f0000000140)='sit0\x00') 08:14:49 executing program 5: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040)='nl80211\x00') sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="050400000000000000007e000000080005"], 0x1c}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendfile(r3, r1, 0x0, 0x100000001) r4 = socket$inet6(0xa, 0x2, 0x0) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) 08:14:49 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x3) ioctl$SNDCTL_DSP_CHANNELS(0xffffffffffffffff, 0xc0045006, &(0x7f00000001c0)=0x7ff) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000400)=@raw={'raw\x00', 0x3c1, 0x3, 0x298, 0x0, 0x0, 0x0, 0x238, 0x238, 0x310, 0x310, 0x310, 0x310, 0x310, 0x3, 0x0, {[{{@ipv6={@local, @initdev={0xfe, 0x88, [], 0x0, 0x0}, [], [], 'tunl0\x00', 'nr0\x00', {}, {}, 0x84}, 0x0, 0xd0, 0xf0, 0x0, {}, [@inet=@rpfilter={{0x28, 'rpfilter\x00'}}]}, @unspec=@TRACE={0x20, 'TRACE\x00'}}, {{@ipv6={@local, @ipv4, [], [], 'veth1_to_bridge\x00', 'bond_slave_1\x00'}, 0x0, 0xa8, 0xd8}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}], {{[], 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x2f8) prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, 0xffffffffffffffff) open_by_handle_at(0xffffffffffffffff, &(0x7f0000000840)=ANY=[@ANYBLOB], 0x0) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) socket$inet(0x2, 0x80001, 0x84) setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f0000000000), 0x20) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) 08:14:49 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x11) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x11) 08:14:49 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x11) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x11) 08:14:49 executing program 1: bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={0xffffffffffffffff, 0x1800000000000060, 0x0, 0x0, &(0x7f0000000100), 0x0, 0x0, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0}, 0x40) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f9, &(0x7f0000000140)='sit0\x00') 08:14:49 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040)='nl80211\x00') sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="050400000000000000007e000000080005"], 0x1c}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendfile(r3, r1, 0x0, 0x100000001) r4 = socket$inet6(0xa, 0x2, 0x0) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) [ 44.236753][ T28] audit: type=1804 audit(1593504889.768:6): pid=10142 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir732405869/syzkaller.nbmhHN/10/cgroup.controllers" dev="sda1" ino=15779 res=1 08:14:49 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x3) ioctl$SNDCTL_DSP_CHANNELS(0xffffffffffffffff, 0xc0045006, &(0x7f00000001c0)=0x7ff) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000400)=@raw={'raw\x00', 0x3c1, 0x3, 0x298, 0x0, 0x0, 0x0, 0x238, 0x238, 0x310, 0x310, 0x310, 0x310, 0x310, 0x3, 0x0, {[{{@ipv6={@local, @initdev={0xfe, 0x88, [], 0x0, 0x0}, [], [], 'tunl0\x00', 'nr0\x00', {}, {}, 0x84}, 0x0, 0xd0, 0xf0, 0x0, {}, [@inet=@rpfilter={{0x28, 'rpfilter\x00'}}]}, @unspec=@TRACE={0x20, 'TRACE\x00'}}, {{@ipv6={@local, @ipv4, [], [], 'veth1_to_bridge\x00', 'bond_slave_1\x00'}, 0x0, 0xa8, 0xd8}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}], {{[], 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x2f8) prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, 0xffffffffffffffff) open_by_handle_at(0xffffffffffffffff, &(0x7f0000000840)=ANY=[@ANYBLOB], 0x0) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) socket$inet(0x2, 0x80001, 0x84) setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f0000000000), 0x20) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) [ 44.281239][T10125] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 44.300525][ T28] audit: type=1804 audit(1593504889.808:7): pid=10122 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir643809363/syzkaller.mQmngg/4/cgroup.controllers" dev="sda1" ino=15775 res=1 08:14:49 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x11) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x11) 08:14:49 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040)='nl80211\x00') sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="050400000000000000007e000000080005"], 0x1c}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendfile(r3, r1, 0x0, 0x100000001) r4 = socket$inet6(0xa, 0x2, 0x0) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) [ 44.332754][T10122] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 44.433318][ T28] audit: type=1804 audit(1593504889.958:8): pid=10162 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir229199450/syzkaller.ZFCoI3/7/cgroup.controllers" dev="sda1" ino=15780 res=1 [ 44.450189][T10162] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 08:14:50 executing program 4: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="2e02020025000535d25a80648c63940d0624fc60080018400dac0f00051a82c137153e6709020f8003001700d1bd", 0x33fe0}], 0x1}, 0x0) [ 44.543170][T10122] Page cache invalidation failure on direct I/O. Possible data corruption due to collision with buffered I/O! [ 44.551884][ T28] audit: type=1804 audit(1593504890.078:9): pid=10179 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir502679952/syzkaller.18qNEC/7/cgroup.controllers" dev="sda1" ino=15781 res=1 [ 44.568087][T10122] File: /root/syzkaller-testdir643809363/syzkaller.mQmngg/4/cgroup.controllers PID: 10122 Comm: syz-executor.5 08:14:50 executing program 0: pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x20, 0x5a, 0xa01, 0x0, 0x0, {}, [@typed={0xc, 0x5, 0x0, 0x0, @u64}]}, 0x20}}, 0x0) write$binfmt_misc(r1, &(0x7f0000000180)=ANY=[], 0xfffffc7b) r2 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000040)={0x4001}, 0x10) splice(r0, 0x0, r2, 0x0, 0x4ffe0, 0x0) [ 44.587007][T10186] netlink: 124938 bytes leftover after parsing attributes in process `syz-executor.4'. [ 44.602545][T10179] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 08:14:50 executing program 4: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="2e02020025000535d25a80648c63940d0624fc60080018400dac0f00051a82c137153e6709020f8003001700d1bd", 0x33fe0}], 0x1}, 0x0) 08:14:50 executing program 5: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040)='nl80211\x00') sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="050400000000000000007e000000080005"], 0x1c}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendfile(r3, r1, 0x0, 0x100000001) r4 = socket$inet6(0xa, 0x2, 0x0) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) 08:14:50 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000000)='wireguard\x00') sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x8c, r1, 0x409, 0x0, 0x0, {}, [@WGDEVICE_A_IFNAME={0x14, 0x2, 'wg1\x00'}, @WGDEVICE_A_PEERS={0x64, 0x8, 0x0, 0x1, [{0x60, 0x0, 0x0, 0x1, [@WGPEER_A_ENDPOINT4={0x14, 0x4, {0x8, 0x0, @multicast1}}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "1f96447b4a837c4ab15a2a3c28c2cd26f5bd353cfe0289cc9e23b61e6967a704"}, @WGPEER_A_PUBLIC_KEY={0x24}]}]}]}, 0x8c}}, 0x0) 08:14:50 executing program 4: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="2e02020025000535d25a80648c63940d0624fc60080018400dac0f00051a82c137153e6709020f8003001700d1bd", 0x33fe0}], 0x1}, 0x0) [ 44.710388][T10194] netlink: 124938 bytes leftover after parsing attributes in process `syz-executor.4'. [ 44.721466][T10162] Page cache invalidation failure on direct I/O. Possible data corruption due to collision with buffered I/O! 08:14:50 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000000)='wireguard\x00') sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x8c, r1, 0x409, 0x0, 0x0, {}, [@WGDEVICE_A_IFNAME={0x14, 0x2, 'wg1\x00'}, @WGDEVICE_A_PEERS={0x64, 0x8, 0x0, 0x1, [{0x60, 0x0, 0x0, 0x1, [@WGPEER_A_ENDPOINT4={0x14, 0x4, {0x8, 0x0, @multicast1}}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "1f96447b4a837c4ab15a2a3c28c2cd26f5bd353cfe0289cc9e23b61e6967a704"}, @WGPEER_A_PUBLIC_KEY={0x24}]}]}]}, 0x8c}}, 0x0) [ 44.754283][T10162] File: /root/syzkaller-testdir229199450/syzkaller.ZFCoI3/7/cgroup.controllers PID: 10162 Comm: syz-executor.1 08:14:50 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040)='nl80211\x00') sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="050400000000000000007e000000080005"], 0x1c}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendfile(r3, r1, 0x0, 0x100000001) r4 = socket$inet6(0xa, 0x2, 0x0) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) [ 44.805408][T10202] netlink: 124938 bytes leftover after parsing attributes in process `syz-executor.4'. 08:14:50 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000000)='wireguard\x00') sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x8c, r1, 0x409, 0x0, 0x0, {}, [@WGDEVICE_A_IFNAME={0x14, 0x2, 'wg1\x00'}, @WGDEVICE_A_PEERS={0x64, 0x8, 0x0, 0x1, [{0x60, 0x0, 0x0, 0x1, [@WGPEER_A_ENDPOINT4={0x14, 0x4, {0x8, 0x0, @multicast1}}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "1f96447b4a837c4ab15a2a3c28c2cd26f5bd353cfe0289cc9e23b61e6967a704"}, @WGPEER_A_PUBLIC_KEY={0x24}]}]}]}, 0x8c}}, 0x0) 08:14:50 executing program 4: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed3, &(0x7f0000000080)=[{&(0x7f0000000040)="2e02020025000535d25a80648c63940d0624fc60080018400dac0f00051a82c137153e6709020f8003001700d1bd", 0x33fe0}], 0x1}, 0x0) [ 44.914653][ T28] audit: type=1804 audit(1593504890.438:10): pid=10201 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir643809363/syzkaller.mQmngg/5/cgroup.controllers" dev="sda1" ino=15749 res=1 [ 44.919527][T10201] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 08:14:50 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000000)='wireguard\x00') sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x8c, r1, 0x409, 0x0, 0x0, {}, [@WGDEVICE_A_IFNAME={0x14, 0x2, 'wg1\x00'}, @WGDEVICE_A_PEERS={0x64, 0x8, 0x0, 0x1, [{0x60, 0x0, 0x0, 0x1, [@WGPEER_A_ENDPOINT4={0x14, 0x4, {0x8, 0x0, @multicast1}}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "1f96447b4a837c4ab15a2a3c28c2cd26f5bd353cfe0289cc9e23b61e6967a704"}, @WGPEER_A_PUBLIC_KEY={0x24}]}]}]}, 0x8c}}, 0x0) [ 44.971418][ T28] audit: type=1804 audit(1593504890.498:11): pid=10208 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir229199450/syzkaller.ZFCoI3/8/cgroup.controllers" dev="sda1" ino=15779 res=1 [ 44.996423][T10179] Page cache invalidation failure on direct I/O. Possible data corruption due to collision with buffered I/O! [ 45.010052][T10214] netlink: 124938 bytes leftover after parsing attributes in process `syz-executor.4'. [ 45.021062][T10208] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 45.045122][T10179] File: /root/syzkaller-testdir502679952/syzkaller.18qNEC/7/cgroup.controllers PID: 10179 Comm: syz-executor.3 08:14:50 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040)='nl80211\x00') sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="050400000000000000007e000000080005"], 0x1c}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendfile(r3, r1, 0x0, 0x100000001) r4 = socket$inet6(0xa, 0x2, 0x0) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) 08:14:50 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000000)='wireguard\x00') sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x8c, r1, 0x409, 0x0, 0x0, {}, [@WGDEVICE_A_IFNAME={0x14, 0x2, 'wg1\x00'}, @WGDEVICE_A_PEERS={0x64, 0x8, 0x0, 0x1, [{0x60, 0x0, 0x0, 0x1, [@WGPEER_A_ENDPOINT4={0x14, 0x4, {0x8, 0x0, @multicast1}}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "1f96447b4a837c4ab15a2a3c28c2cd26f5bd353cfe0289cc9e23b61e6967a704"}, @WGPEER_A_PUBLIC_KEY={0x24}]}]}]}, 0x8c}}, 0x0) [ 45.294122][T10208] Page cache invalidation failure on direct I/O. Possible data corruption due to collision with buffered I/O! [ 45.307538][T10208] File: /root/syzkaller-testdir229199450/syzkaller.ZFCoI3/8/cgroup.controllers PID: 10208 Comm: syz-executor.1 [ 45.319905][T10222] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 08:14:51 executing program 0: pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x20, 0x5a, 0xa01, 0x0, 0x0, {}, [@typed={0xc, 0x5, 0x0, 0x0, @u64}]}, 0x20}}, 0x0) write$binfmt_misc(r1, &(0x7f0000000180)=ANY=[], 0xfffffc7b) r2 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000040)={0x4001}, 0x10) splice(r0, 0x0, r2, 0x0, 0x4ffe0, 0x0) 08:14:51 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000140)='cmdline\x00') r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r1, r0, 0x0, 0x80000002) 08:14:51 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000000)='wireguard\x00') sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x8c, r1, 0x409, 0x0, 0x0, {}, [@WGDEVICE_A_IFNAME={0x14, 0x2, 'wg1\x00'}, @WGDEVICE_A_PEERS={0x64, 0x8, 0x0, 0x1, [{0x60, 0x0, 0x0, 0x1, [@WGPEER_A_ENDPOINT4={0x14, 0x4, {0x8, 0x0, @multicast1}}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "1f96447b4a837c4ab15a2a3c28c2cd26f5bd353cfe0289cc9e23b61e6967a704"}, @WGPEER_A_PUBLIC_KEY={0x24}]}]}]}, 0x8c}}, 0x0) 08:14:51 executing program 5: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040)='nl80211\x00') sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="050400000000000000007e000000080005"], 0x1c}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendfile(r3, r1, 0x0, 0x100000001) r4 = socket$inet6(0xa, 0x2, 0x0) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) 08:14:51 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040)='nl80211\x00') sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="050400000000000000007e000000080005"], 0x1c}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendfile(r3, r1, 0x0, 0x100000001) r4 = socket$inet6(0xa, 0x2, 0x0) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) 08:14:51 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000140)='cmdline\x00') r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r1, r0, 0x0, 0x80000002) 08:14:51 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000000)='wireguard\x00') sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x8c, r1, 0x409, 0x0, 0x0, {}, [@WGDEVICE_A_IFNAME={0x14, 0x2, 'wg1\x00'}, @WGDEVICE_A_PEERS={0x64, 0x8, 0x0, 0x1, [{0x60, 0x0, 0x0, 0x1, [@WGPEER_A_ENDPOINT4={0x14, 0x4, {0x8, 0x0, @multicast1}}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "1f96447b4a837c4ab15a2a3c28c2cd26f5bd353cfe0289cc9e23b61e6967a704"}, @WGPEER_A_PUBLIC_KEY={0x24}]}]}]}, 0x8c}}, 0x0) [ 45.581630][T10222] Page cache invalidation failure on direct I/O. Possible data corruption due to collision with buffered I/O! [ 45.594763][ T28] kauditd_printk_skb: 1 callbacks suppressed [ 45.594775][ T28] audit: type=1804 audit(1593504891.108:13): pid=10238 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir643809363/syzkaller.mQmngg/6/cgroup.controllers" dev="sda1" ino=15798 res=1 08:14:51 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000140)='cmdline\x00') r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r1, r0, 0x0, 0x80000002) [ 45.634795][T10238] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 45.648310][T10222] File: /root/syzkaller-testdir502679952/syzkaller.18qNEC/8/cgroup.controllers PID: 10222 Comm: syz-executor.3 [ 45.654062][ T28] audit: type=1804 audit(1593504891.168:14): pid=10237 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir229199450/syzkaller.ZFCoI3/9/cgroup.controllers" dev="sda1" ino=15790 res=1 08:14:51 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000140)='cmdline\x00') r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r1, r0, 0x0, 0x80000002) [ 45.667950][T10237] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 08:14:51 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040)='nl80211\x00') sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="050400000000000000007e000000080005"], 0x1c}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendfile(r3, r1, 0x0, 0x100000001) r4 = socket$inet6(0xa, 0x2, 0x0) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) 08:14:51 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000140)='cmdline\x00') r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r1, r0, 0x0, 0x80000002) 08:14:51 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000140)='cmdline\x00') r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r1, r0, 0x0, 0x80000002) [ 45.933533][ T28] audit: type=1804 audit(1593504891.448:15): pid=10257 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir502679952/syzkaller.18qNEC/9/cgroup.controllers" dev="sda1" ino=15775 res=1 [ 45.967913][T10257] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 08:14:51 executing program 0: pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x20, 0x5a, 0xa01, 0x0, 0x0, {}, [@typed={0xc, 0x5, 0x0, 0x0, @u64}]}, 0x20}}, 0x0) write$binfmt_misc(r1, &(0x7f0000000180)=ANY=[], 0xfffffc7b) r2 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000040)={0x4001}, 0x10) splice(r0, 0x0, r2, 0x0, 0x4ffe0, 0x0) 08:14:51 executing program 5: pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x20, 0x5a, 0xa01, 0x0, 0x0, {}, [@typed={0xc, 0x5, 0x0, 0x0, @u64}]}, 0x20}}, 0x0) write$binfmt_misc(r1, &(0x7f0000000180)=ANY=[], 0xfffffc7b) r2 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000040)={0x4001}, 0x10) splice(r0, 0x0, r2, 0x0, 0x4ffe0, 0x0) 08:14:51 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000140)='cmdline\x00') r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r1, r0, 0x0, 0x80000002) 08:14:51 executing program 2: ioctl$SIOCX25GCAUSEDIAG(0xffffffffffffffff, 0x89e6, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0xd5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) socket$inet(0x2, 0x4000000000000001, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000100)={{0x2, 0x0, @remote}, {0x0, @local}, 0x0, {0x2, 0x0, @dev}}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) r2 = dup3(0xffffffffffffffff, r1, 0x0) setsockopt$inet_icmp_ICMP_FILTER(r2, 0x1, 0x1, &(0x7f0000000200), 0x4) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x7, 0x4031, 0xffffffffffffffff, 0x0) remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x201608, 0x0, 0x0, 0x0) socket$inet(0x2, 0x4000000000000001, 0x0) 08:14:51 executing program 1: r0 = socket$inet(0x2, 0x6, 0x0) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba7860005cf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x10, 0x0, 0x27) 08:14:51 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000140)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x4, 0x0, 0x40000007, 0xfffffffffffffffc, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='ns\x00') perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12, 0x2, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, @perf_config_ext, 0x48, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 08:14:51 executing program 4: r0 = syz_open_dev$binderN(&(0x7f00000016c0)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$BINDER_WRITE_READ(r0, 0xc018620c, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 08:14:51 executing program 1: r0 = socket$inet(0x2, 0x6, 0x0) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba7860005cf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x10, 0x0, 0x27) [ 46.372428][T10294] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. 08:14:52 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000140)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x4, 0x0, 0x40000007, 0xfffffffffffffffc, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='ns\x00') perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12, 0x2, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, @perf_config_ext, 0x48, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 08:14:52 executing program 4: r0 = syz_open_dev$binderN(&(0x7f00000016c0)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$BINDER_WRITE_READ(r0, 0xc018620c, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) [ 46.433005][T10293] mmap: syz-executor.2 (10293) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst. [ 46.441890][T10307] binder: 10306:10307 ioctl c018620c 20000340 returned -1 08:14:52 executing program 4: r0 = syz_open_dev$binderN(&(0x7f00000016c0)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$BINDER_WRITE_READ(r0, 0xc018620c, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 08:14:52 executing program 1: r0 = socket$inet(0x2, 0x6, 0x0) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba7860005cf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x10, 0x0, 0x27) [ 46.492474][T10311] binder: 10310:10311 ioctl c018620c 20000340 returned -1 [ 46.516589][ C0] hrtimer: interrupt took 27123 ns [ 46.571611][T10313] kvm [10312]: vcpu0, guest rIP: 0x14c Hyper-V unhandled wrmsr: 0x4000004c data 0xfffffffc00000006 [ 46.630426][T10321] binder: 10319:10321 ioctl c018620c 20000340 returned -1 08:14:52 executing program 0: pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x20, 0x5a, 0xa01, 0x0, 0x0, {}, [@typed={0xc, 0x5, 0x0, 0x0, @u64}]}, 0x20}}, 0x0) write$binfmt_misc(r1, &(0x7f0000000180)=ANY=[], 0xfffffc7b) r2 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000040)={0x4001}, 0x10) splice(r0, 0x0, r2, 0x0, 0x4ffe0, 0x0) 08:14:52 executing program 1: r0 = socket$inet(0x2, 0x6, 0x0) sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba7860005cf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x10, 0x0, 0x27) 08:14:52 executing program 4: r0 = syz_open_dev$binderN(&(0x7f00000016c0)='/dev/binder#\x00', 0x0, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$BINDER_WRITE_READ(r0, 0xc018620c, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 08:14:52 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000140)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x4, 0x0, 0x40000007, 0xfffffffffffffffc, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='ns\x00') perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12, 0x2, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, @perf_config_ext, 0x48, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 08:14:52 executing program 2: ioctl$SIOCX25GCAUSEDIAG(0xffffffffffffffff, 0x89e6, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0xd5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) socket$inet(0x2, 0x4000000000000001, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000100)={{0x2, 0x0, @remote}, {0x0, @local}, 0x0, {0x2, 0x0, @dev}}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) r2 = dup3(0xffffffffffffffff, r1, 0x0) setsockopt$inet_icmp_ICMP_FILTER(r2, 0x1, 0x1, &(0x7f0000000200), 0x4) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x7, 0x4031, 0xffffffffffffffff, 0x0) remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x201608, 0x0, 0x0, 0x0) socket$inet(0x2, 0x4000000000000001, 0x0) 08:14:52 executing program 5: pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x20, 0x5a, 0xa01, 0x0, 0x0, {}, [@typed={0xc, 0x5, 0x0, 0x0, @u64}]}, 0x20}}, 0x0) write$binfmt_misc(r1, &(0x7f0000000180)=ANY=[], 0xfffffc7b) r2 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000040)={0x4001}, 0x10) splice(r0, 0x0, r2, 0x0, 0x4ffe0, 0x0) 08:14:52 executing program 1: ioctl$SIOCX25GCAUSEDIAG(0xffffffffffffffff, 0x89e6, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0xd5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) socket$inet(0x2, 0x4000000000000001, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000100)={{0x2, 0x0, @remote}, {0x0, @local}, 0x0, {0x2, 0x0, @dev}}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) r2 = dup3(0xffffffffffffffff, r1, 0x0) setsockopt$inet_icmp_ICMP_FILTER(r2, 0x1, 0x1, &(0x7f0000000200), 0x4) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x7, 0x4031, 0xffffffffffffffff, 0x0) remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x201608, 0x0, 0x0, 0x0) socket$inet(0x2, 0x4000000000000001, 0x0) [ 47.317109][T10389] kvm [10381]: vcpu0, guest rIP: 0x14c Hyper-V unhandled wrmsr: 0x4000004c data 0xfffffffc00000006 [ 47.330761][T10394] binder: 10383:10394 ioctl c018620c 20000340 returned -1 08:14:52 executing program 4: ioctl$SIOCX25GCAUSEDIAG(0xffffffffffffffff, 0x89e6, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0xd5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) socket$inet(0x2, 0x4000000000000001, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000100)={{0x2, 0x0, @remote}, {0x0, @local}, 0x0, {0x2, 0x0, @dev}}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) r2 = dup3(0xffffffffffffffff, r1, 0x0) setsockopt$inet_icmp_ICMP_FILTER(r2, 0x1, 0x1, &(0x7f0000000200), 0x4) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x7, 0x4031, 0xffffffffffffffff, 0x0) remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x201608, 0x0, 0x0, 0x0) socket$inet(0x2, 0x4000000000000001, 0x0) 08:14:53 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000140)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x4, 0x0, 0x40000007, 0xfffffffffffffffc, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='ns\x00') perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12, 0x2, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, @perf_config_ext, 0x48, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 08:14:53 executing program 2: ioctl$SIOCX25GCAUSEDIAG(0xffffffffffffffff, 0x89e6, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0xd5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) socket$inet(0x2, 0x4000000000000001, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000100)={{0x2, 0x0, @remote}, {0x0, @local}, 0x0, {0x2, 0x0, @dev}}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) r2 = dup3(0xffffffffffffffff, r1, 0x0) setsockopt$inet_icmp_ICMP_FILTER(r2, 0x1, 0x1, &(0x7f0000000200), 0x4) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x7, 0x4031, 0xffffffffffffffff, 0x0) remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x201608, 0x0, 0x0, 0x0) socket$inet(0x2, 0x4000000000000001, 0x0) [ 47.676688][T10416] kvm [10415]: vcpu0, guest rIP: 0x14c Hyper-V unhandled wrmsr: 0x4000004c data 0xfffffffc00000006 08:14:53 executing program 3: ioctl$SIOCX25GCAUSEDIAG(0xffffffffffffffff, 0x89e6, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0xd5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) socket$inet(0x2, 0x4000000000000001, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000100)={{0x2, 0x0, @remote}, {0x0, @local}, 0x0, {0x2, 0x0, @dev}}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) r2 = dup3(0xffffffffffffffff, r1, 0x0) setsockopt$inet_icmp_ICMP_FILTER(r2, 0x1, 0x1, &(0x7f0000000200), 0x4) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x7, 0x4031, 0xffffffffffffffff, 0x0) remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x201608, 0x0, 0x0, 0x0) socket$inet(0x2, 0x4000000000000001, 0x0) 08:14:53 executing program 4: ioctl$SIOCX25GCAUSEDIAG(0xffffffffffffffff, 0x89e6, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0xd5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) socket$inet(0x2, 0x4000000000000001, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000100)={{0x2, 0x0, @remote}, {0x0, @local}, 0x0, {0x2, 0x0, @dev}}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) r2 = dup3(0xffffffffffffffff, r1, 0x0) setsockopt$inet_icmp_ICMP_FILTER(r2, 0x1, 0x1, &(0x7f0000000200), 0x4) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x7, 0x4031, 0xffffffffffffffff, 0x0) remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x201608, 0x0, 0x0, 0x0) socket$inet(0x2, 0x4000000000000001, 0x0) 08:14:53 executing program 1: ioctl$SIOCX25GCAUSEDIAG(0xffffffffffffffff, 0x89e6, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0xd5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) socket$inet(0x2, 0x4000000000000001, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000100)={{0x2, 0x0, @remote}, {0x0, @local}, 0x0, {0x2, 0x0, @dev}}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) r2 = dup3(0xffffffffffffffff, r1, 0x0) setsockopt$inet_icmp_ICMP_FILTER(r2, 0x1, 0x1, &(0x7f0000000200), 0x4) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x7, 0x4031, 0xffffffffffffffff, 0x0) remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x201608, 0x0, 0x0, 0x0) socket$inet(0x2, 0x4000000000000001, 0x0) 08:14:53 executing program 0: ioctl$SIOCX25GCAUSEDIAG(0xffffffffffffffff, 0x89e6, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0xd5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) socket$inet(0x2, 0x4000000000000001, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000100)={{0x2, 0x0, @remote}, {0x0, @local}, 0x0, {0x2, 0x0, @dev}}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) r2 = dup3(0xffffffffffffffff, r1, 0x0) setsockopt$inet_icmp_ICMP_FILTER(r2, 0x1, 0x1, &(0x7f0000000200), 0x4) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x7, 0x4031, 0xffffffffffffffff, 0x0) remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x201608, 0x0, 0x0, 0x0) socket$inet(0x2, 0x4000000000000001, 0x0) 08:14:53 executing program 2: ioctl$SIOCX25GCAUSEDIAG(0xffffffffffffffff, 0x89e6, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0xd5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) socket$inet(0x2, 0x4000000000000001, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000100)={{0x2, 0x0, @remote}, {0x0, @local}, 0x0, {0x2, 0x0, @dev}}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) r2 = dup3(0xffffffffffffffff, r1, 0x0) setsockopt$inet_icmp_ICMP_FILTER(r2, 0x1, 0x1, &(0x7f0000000200), 0x4) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x7, 0x4031, 0xffffffffffffffff, 0x0) remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x201608, 0x0, 0x0, 0x0) socket$inet(0x2, 0x4000000000000001, 0x0) 08:14:53 executing program 5: pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x20, 0x5a, 0xa01, 0x0, 0x0, {}, [@typed={0xc, 0x5, 0x0, 0x0, @u64}]}, 0x20}}, 0x0) write$binfmt_misc(r1, &(0x7f0000000180)=ANY=[], 0xfffffc7b) r2 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000040)={0x4001}, 0x10) splice(r0, 0x0, r2, 0x0, 0x4ffe0, 0x0) 08:14:54 executing program 3: ioctl$SIOCX25GCAUSEDIAG(0xffffffffffffffff, 0x89e6, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0xd5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) socket$inet(0x2, 0x4000000000000001, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000100)={{0x2, 0x0, @remote}, {0x0, @local}, 0x0, {0x2, 0x0, @dev}}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) r2 = dup3(0xffffffffffffffff, r1, 0x0) setsockopt$inet_icmp_ICMP_FILTER(r2, 0x1, 0x1, &(0x7f0000000200), 0x4) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x7, 0x4031, 0xffffffffffffffff, 0x0) remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x201608, 0x0, 0x0, 0x0) socket$inet(0x2, 0x4000000000000001, 0x0) 08:14:54 executing program 4: ioctl$SIOCX25GCAUSEDIAG(0xffffffffffffffff, 0x89e6, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0xd5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) socket$inet(0x2, 0x4000000000000001, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000100)={{0x2, 0x0, @remote}, {0x0, @local}, 0x0, {0x2, 0x0, @dev}}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) r2 = dup3(0xffffffffffffffff, r1, 0x0) setsockopt$inet_icmp_ICMP_FILTER(r2, 0x1, 0x1, &(0x7f0000000200), 0x4) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x7, 0x4031, 0xffffffffffffffff, 0x0) remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x201608, 0x0, 0x0, 0x0) socket$inet(0x2, 0x4000000000000001, 0x0) 08:14:54 executing program 2: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000140)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x4, 0x0, 0x40000007, 0xfffffffffffffffc, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='ns\x00') perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12, 0x2, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, @perf_config_ext, 0x48, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 08:14:54 executing program 1: ioctl$SIOCX25GCAUSEDIAG(0xffffffffffffffff, 0x89e6, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0xd5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) socket$inet(0x2, 0x4000000000000001, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000100)={{0x2, 0x0, @remote}, {0x0, @local}, 0x0, {0x2, 0x0, @dev}}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) r2 = dup3(0xffffffffffffffff, r1, 0x0) setsockopt$inet_icmp_ICMP_FILTER(r2, 0x1, 0x1, &(0x7f0000000200), 0x4) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x7, 0x4031, 0xffffffffffffffff, 0x0) remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x201608, 0x0, 0x0, 0x0) socket$inet(0x2, 0x4000000000000001, 0x0) 08:14:54 executing program 0: ioctl$SIOCX25GCAUSEDIAG(0xffffffffffffffff, 0x89e6, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0xd5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) socket$inet(0x2, 0x4000000000000001, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000100)={{0x2, 0x0, @remote}, {0x0, @local}, 0x0, {0x2, 0x0, @dev}}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) r2 = dup3(0xffffffffffffffff, r1, 0x0) setsockopt$inet_icmp_ICMP_FILTER(r2, 0x1, 0x1, &(0x7f0000000200), 0x4) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x7, 0x4031, 0xffffffffffffffff, 0x0) remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x201608, 0x0, 0x0, 0x0) socket$inet(0x2, 0x4000000000000001, 0x0) [ 48.958817][T10479] kvm [10475]: vcpu0, guest rIP: 0x14c Hyper-V unhandled wrmsr: 0x4000004c data 0xfffffffc00000006 08:14:54 executing program 3: ioctl$SIOCX25GCAUSEDIAG(0xffffffffffffffff, 0x89e6, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0xd5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) socket$inet(0x2, 0x4000000000000001, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000100)={{0x2, 0x0, @remote}, {0x0, @local}, 0x0, {0x2, 0x0, @dev}}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) r2 = dup3(0xffffffffffffffff, r1, 0x0) setsockopt$inet_icmp_ICMP_FILTER(r2, 0x1, 0x1, &(0x7f0000000200), 0x4) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x7, 0x4031, 0xffffffffffffffff, 0x0) remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x201608, 0x0, 0x0, 0x0) socket$inet(0x2, 0x4000000000000001, 0x0) 08:14:54 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000240)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cipher_null\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)=[@assoc={0x18}, @iv={0x18}, @op={0x18}], 0x48}], 0x1, 0x0) 08:14:54 executing program 2: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000140)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x4, 0x0, 0x40000007, 0xfffffffffffffffc, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='ns\x00') perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12, 0x2, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, @perf_config_ext, 0x48, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 08:14:54 executing program 4: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3) r1 = dup(r0) setsockopt$bt_rfcomm_RFCOMM_LM(r1, 0x12, 0x3, &(0x7f0000000040)=0x1d, 0x4) 08:14:54 executing program 1: r0 = syz_open_procfs(0xffffffffffffffff, 0xffffffffffffffff) getdents(r0, &(0x7f0000000180)=""/224, 0x18) getdents64(r0, &(0x7f0000000400)=""/244, 0xf4) 08:14:54 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000240)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cipher_null\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)=[@assoc={0x18}, @iv={0x18}, @op={0x18}], 0x48}], 0x1, 0x0) 08:14:54 executing program 4: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3) r1 = dup(r0) setsockopt$bt_rfcomm_RFCOMM_LM(r1, 0x12, 0x3, &(0x7f0000000040)=0x1d, 0x4) [ 49.393658][T10503] kvm [10501]: vcpu0, guest rIP: 0x14c Hyper-V unhandled wrmsr: 0x4000004c data 0xfffffffc00000006 08:14:54 executing program 1: r0 = syz_open_procfs(0xffffffffffffffff, 0xffffffffffffffff) getdents(r0, &(0x7f0000000180)=""/224, 0x18) getdents64(r0, &(0x7f0000000400)=""/244, 0xf4) 08:14:55 executing program 0: ioctl$SIOCX25GCAUSEDIAG(0xffffffffffffffff, 0x89e6, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0xd5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) socket$inet(0x2, 0x4000000000000001, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000100)={{0x2, 0x0, @remote}, {0x0, @local}, 0x0, {0x2, 0x0, @dev}}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) r2 = dup3(0xffffffffffffffff, r1, 0x0) setsockopt$inet_icmp_ICMP_FILTER(r2, 0x1, 0x1, &(0x7f0000000200), 0x4) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x7, 0x4031, 0xffffffffffffffff, 0x0) remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x201608, 0x0, 0x0, 0x0) socket$inet(0x2, 0x4000000000000001, 0x0) 08:14:55 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000240)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cipher_null\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)=[@assoc={0x18}, @iv={0x18}, @op={0x18}], 0x48}], 0x1, 0x0) 08:14:55 executing program 2: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000140)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x4, 0x0, 0x40000007, 0xfffffffffffffffc, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='ns\x00') perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12, 0x2, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, @perf_config_ext, 0x48, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 08:14:55 executing program 1: r0 = syz_open_procfs(0xffffffffffffffff, 0xffffffffffffffff) getdents(r0, &(0x7f0000000180)=""/224, 0x18) getdents64(r0, &(0x7f0000000400)=""/244, 0xf4) 08:14:55 executing program 4: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3) r1 = dup(r0) setsockopt$bt_rfcomm_RFCOMM_LM(r1, 0x12, 0x3, &(0x7f0000000040)=0x1d, 0x4) 08:14:55 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000240)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cipher_null\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)=[@assoc={0x18}, @iv={0x18}, @op={0x18}], 0x48}], 0x1, 0x0) 08:14:55 executing program 3: r0 = syz_open_procfs(0xffffffffffffffff, 0xffffffffffffffff) getdents(r0, &(0x7f0000000180)=""/224, 0x18) getdents64(r0, &(0x7f0000000400)=""/244, 0xf4) 08:14:55 executing program 5: r0 = syz_open_procfs(0xffffffffffffffff, 0xffffffffffffffff) getdents(r0, &(0x7f0000000180)=""/224, 0x18) getdents64(r0, &(0x7f0000000400)=""/244, 0xf4) [ 49.633284][T10527] kvm [10525]: vcpu0, guest rIP: 0x14c Hyper-V unhandled wrmsr: 0x4000004c data 0xfffffffc00000006 [ 49.644146][ T8955] ================================================================== [ 49.652219][ T8955] BUG: KCSAN: data-race in copy_process / copy_process [ 49.659041][ T8955] [ 49.661362][ T8955] write to 0xffffffff8927a410 of 4 bytes by task 25 on cpu 0: [ 49.668807][ T8955] copy_process+0x2e84/0x3300 [ 49.673479][ T8955] _do_fork+0xf1/0x660 [ 49.677535][ T8955] kernel_thread+0x85/0xb0 [ 49.681932][ T8955] call_usermodehelper_exec_work+0x4f/0x1b0 [ 49.687814][ T8955] process_one_work+0x3e1/0x9a0 [ 49.692646][ T8955] worker_thread+0x665/0xbe0 [ 49.697232][ T8955] kthread+0x20d/0x230 [ 49.701305][ T8955] ret_from_fork+0x1f/0x30 [ 49.705697][ T8955] [ 49.708016][ T8955] read to 0xffffffff8927a410 of 4 bytes by task 8955 on cpu 1: [ 49.715539][ T8955] copy_process+0xac4/0x3300 [ 49.720119][ T8955] _do_fork+0xf1/0x660 [ 49.724160][ T8955] __x64_sys_clone+0xfb/0x120 [ 49.728805][ T8955] do_syscall_64+0x51/0xb0 [ 49.733193][ T8955] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 49.739048][ T8955] [ 49.741343][ T8955] Reported by Kernel Concurrency Sanitizer on: [ 49.747464][ T8955] CPU: 1 PID: 8955 Comm: syz-executor.3 Not tainted 5.8.0-rc3-syzkaller #0 [ 49.756033][ T8955] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 49.766141][ T8955] ================================================================== [ 49.774172][ T8955] Kernel panic - not syncing: panic_on_warn set ... [ 49.780727][ T8955] CPU: 1 PID: 8955 Comm: syz-executor.3 Not tainted 5.8.0-rc3-syzkaller #0 [ 49.789275][ T8955] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 49.799307][ T8955] Call Trace: [ 49.802568][ T8955] dump_stack+0x10f/0x19d [ 49.806864][ T8955] panic+0x207/0x64a [ 49.810743][ T8955] ? vprintk_emit+0x44a/0x4f0 [ 49.815388][ T8955] kcsan_report+0x684/0x690 [ 49.819863][ T8955] ? kcsan_setup_watchpoint+0x453/0x4d0 [ 49.825379][ T8955] ? copy_process+0xac4/0x3300 [ 49.830111][ T8955] ? _do_fork+0xf1/0x660 [ 49.834323][ T8955] ? __x64_sys_clone+0xfb/0x120 [ 49.839140][ T8955] ? do_syscall_64+0x51/0xb0 [ 49.843699][ T8955] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 49.849740][ T8955] ? debug_smp_processor_id+0x18/0x20 [ 49.855081][ T8955] ? copy_creds+0x280/0x350 [ 49.859551][ T8955] ? copy_creds+0x280/0x350 [ 49.864023][ T8955] kcsan_setup_watchpoint+0x453/0x4d0 [ 49.869363][ T8955] ? copy_creds+0x280/0x350 [ 49.873836][ T8955] copy_process+0xac4/0x3300 [ 49.878400][ T8955] _do_fork+0xf1/0x660 [ 49.882439][ T8955] ? ktime_get_ts64+0x2d9/0x310 [ 49.887274][ T8955] __x64_sys_clone+0xfb/0x120 [ 49.891932][ T8955] do_syscall_64+0x51/0xb0 [ 49.896320][ T8955] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 49.902179][ T8955] RIP: 0033:0x45b15a [ 49.906050][ T8955] Code: Bad RIP value. [ 49.910082][ T8955] RSP: 002b:00007fffe9c8d0c0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 49.918458][ T8955] RAX: ffffffffffffffda RBX: 00007fffe9c8d0c0 RCX: 000000000045b15a [ 49.926404][ T8955] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 49.934357][ T8955] RBP: 00007fffe9c8d100 R08: 0000000000000001 R09: 00000000024ba940 [ 49.942299][ T8955] R10: 00000000024bac10 R11: 0000000000000246 R12: 0000000000000001 [ 49.950243][ T8955] R13: 0000000000000000 R14: 0000000000000000 R15: 00007fffe9c8d150 [ 49.959356][ T8955] Kernel Offset: disabled [ 49.963660][ T8955] Rebooting in 86400 seconds..