[ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.1.23' (ECDSA) to the list of known hosts. 2021/03/22 16:36:21 fuzzer started 2021/03/22 16:36:21 dialing manager at 10.128.0.163:45919 2021/03/22 16:36:21 syscalls: 3557 2021/03/22 16:36:21 code coverage: enabled 2021/03/22 16:36:21 comparison tracing: enabled 2021/03/22 16:36:21 extra coverage: enabled 2021/03/22 16:36:21 setuid sandbox: enabled 2021/03/22 16:36:21 namespace sandbox: enabled 2021/03/22 16:36:21 Android sandbox: /sys/fs/selinux/policy does not exist 2021/03/22 16:36:21 fault injection: enabled 2021/03/22 16:36:21 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2021/03/22 16:36:21 net packet injection: enabled 2021/03/22 16:36:21 net device setup: enabled 2021/03/22 16:36:21 concurrency sanitizer: enabled 2021/03/22 16:36:21 devlink PCI setup: PCI device 0000:00:10.0 is not available 2021/03/22 16:36:21 USB emulation: enabled 2021/03/22 16:36:21 hci packet injection: enabled 2021/03/22 16:36:21 wifi device emulation: enabled 2021/03/22 16:36:21 802.15.4 emulation: enabled 2021/03/22 16:36:22 suppressing KCSAN reports in functions: 'prandom_seed' 'ext4_free_inode' '__xa_clear_mark' 'wbt_done' 'blk_mq_sched_dispatch_requests' '__mark_inode_dirty' 'dd_has_work' '__ext4_new_inode' 'expire_timers' 'complete_signal' 'ext4_mark_iloc_dirty' 'blk_mq_rq_ctx_init' 'n_tty_receive_buf_common' 'alloc_pid' 2021/03/22 16:36:22 fetching corpus: 0, signal 0/2000 (executing program) 2021/03/22 16:36:23 fetching corpus: 50, signal 23097/26692 (executing program) 2021/03/22 16:36:23 fetching corpus: 100, signal 35904/40904 (executing program) 2021/03/22 16:36:23 fetching corpus: 150, signal 47616/53896 (executing program) 2021/03/22 16:36:23 fetching corpus: 200, signal 57868/65318 (executing program) 2021/03/22 16:36:23 fetching corpus: 250, signal 62302/71008 (executing program) 2021/03/22 16:36:23 fetching corpus: 300, signal 67407/77274 (executing program) 2021/03/22 16:36:23 fetching corpus: 349, signal 73839/84656 (executing program) 2021/03/22 16:36:23 fetching corpus: 399, signal 79955/91640 (executing program) 2021/03/22 16:36:23 fetching corpus: 449, signal 85382/97902 (executing program) 2021/03/22 16:36:23 fetching corpus: 499, signal 88197/101715 (executing program) 2021/03/22 16:36:23 fetching corpus: 549, signal 91536/105951 (executing program) 2021/03/22 16:36:23 fetching corpus: 599, signal 97327/112274 (executing program) 2021/03/22 16:36:23 fetching corpus: 648, signal 100505/116269 (executing program) 2021/03/22 16:36:24 fetching corpus: 698, signal 107103/123097 (executing program) 2021/03/22 16:36:24 fetching corpus: 747, signal 109475/126191 (executing program) syzkaller login: [ 31.512266][ T8383] ================================================================== [ 31.520364][ T8383] BUG: KCSAN: data-race in check_kill_permission / futex_wait_queue_me [ 31.528608][ T8383] [ 31.530914][ T8383] write to 0xffff88810271a02c of 4 bytes by task 8401 on cpu 1: [ 31.538575][ T8383] futex_wait_queue_me+0x186/0x250 [ 31.543778][ T8383] futex_wait+0x145/0x400 [ 31.548118][ T8383] do_futex+0x1062/0x1cd0 [ 31.552446][ T8383] __se_sys_futex+0x2a8/0x390 [ 31.557111][ T8383] __x64_sys_futex+0x74/0x80 [ 31.561692][ T8383] do_syscall_64+0x39/0x80 [ 31.566090][ T8383] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 31.571979][ T8383] [ 31.574283][ T8383] read to 0xffff88810271a02c of 4 bytes by task 8383 on cpu 0: [ 31.581799][ T8383] check_kill_permission+0x44/0x2d0 [ 31.586985][ T8383] do_send_specific+0x7f/0x100 [ 31.591743][ T8383] __x64_sys_tgkill+0x108/0x140 [ 31.596571][ T8383] do_syscall_64+0x39/0x80 [ 31.600961][ T8383] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 31.606837][ T8383] 2021/03/22 16:36:24 fetching corpus: 797, signal 112497/129812 (executing program) 2021/03/22 16:36:24 fetching corpus: 847, signal 114658/132625 (executing program) [ 31.609135][ T8383] Reported by Kernel Concurrency Sanitizer on: [ 31.615259][ T8383] CPU: 0 PID: 8383 Comm: syz-fuzzer Not tainted 5.12.0-rc4-syzkaller #0 [ 31.623562][ T8383] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 31.633598][ T8383] ================================================================== 2021/03/22 16:36:24 fetching corpus: 897, signal 117465/136010 (executing program) 2021/03/22 16:36:24 fetching corpus: 947, signal 120878/139804 (executing program) 2021/03/22 16:36:24 fetching corpus: 997, signal 123934/143213 (executing program) 2021/03/22 16:36:24 fetching corpus: 1046, signal 125674/145510 (executing program) 2021/03/22 16:36:24 fetching corpus: 1096, signal 128285/148533 (executing program) 2021/03/22 16:36:24 fetching corpus: 1146, signal 130656/151302 (executing program) 2021/03/22 16:36:24 fetching corpus: 1196, signal 133241/154141 (executing program) 2021/03/22 16:36:25 fetching corpus: 1246, signal 136466/157555 (executing program) 2021/03/22 16:36:25 fetching corpus: 1296, signal 138777/160135 (executing program) 2021/03/22 16:36:25 fetching corpus: 1346, signal 141090/162699 (executing program) 2021/03/22 16:36:25 fetching corpus: 1396, signal 144736/166203 (executing program) 2021/03/22 16:36:25 fetching corpus: 1445, signal 147141/168731 (executing program) 2021/03/22 16:36:25 fetching corpus: 1495, signal 149290/170961 (executing program) 2021/03/22 16:36:25 fetching corpus: 1545, signal 151673/173333 (executing program) 2021/03/22 16:36:25 fetching corpus: 1595, signal 153786/175554 (executing program) 2021/03/22 16:36:25 fetching corpus: 1643, signal 155083/177092 (executing program) 2021/03/22 16:36:25 fetching corpus: 1693, signal 157739/179569 (executing program) 2021/03/22 16:36:25 fetching corpus: 1742, signal 159239/181219 (executing program) 2021/03/22 16:36:25 fetching corpus: 1791, signal 160980/183040 (executing program) 2021/03/22 16:36:25 fetching corpus: 1841, signal 163608/185363 (executing program) 2021/03/22 16:36:25 fetching corpus: 1891, signal 165292/187003 (executing program) 2021/03/22 16:36:26 fetching corpus: 1941, signal 168248/189509 (executing program) 2021/03/22 16:36:26 fetching corpus: 1990, signal 169979/191151 (executing program) 2021/03/22 16:36:26 fetching corpus: 2039, signal 171792/192821 (executing program) 2021/03/22 16:36:26 fetching corpus: 2089, signal 173114/194152 (executing program) 2021/03/22 16:36:26 fetching corpus: 2139, signal 174891/195716 (executing program) 2021/03/22 16:36:26 fetching corpus: 2189, signal 178185/198155 (executing program) 2021/03/22 16:36:26 fetching corpus: 2239, signal 179610/199480 (executing program) 2021/03/22 16:36:26 fetching corpus: 2289, signal 180752/200559 (executing program) 2021/03/22 16:36:26 fetching corpus: 2339, signal 182351/201915 (executing program) 2021/03/22 16:36:26 fetching corpus: 2389, signal 183958/203223 (executing program) 2021/03/22 16:36:26 fetching corpus: 2438, signal 186044/204766 (executing program) 2021/03/22 16:36:26 fetching corpus: 2488, signal 187262/205789 (executing program) 2021/03/22 16:36:27 fetching corpus: 2537, signal 188436/206751 (executing program) 2021/03/22 16:36:27 fetching corpus: 2586, signal 189707/207759 (executing program) 2021/03/22 16:36:27 fetching corpus: 2636, signal 190759/208655 (executing program) 2021/03/22 16:36:27 fetching corpus: 2686, signal 193345/210345 (executing program) 2021/03/22 16:36:27 fetching corpus: 2736, signal 194892/211421 (executing program) 2021/03/22 16:36:27 fetching corpus: 2786, signal 195906/212218 (executing program) 2021/03/22 16:36:27 fetching corpus: 2834, signal 197021/213049 (executing program) 2021/03/22 16:36:27 fetching corpus: 2884, signal 198259/213961 (executing program) 2021/03/22 16:36:27 fetching corpus: 2934, signal 199530/214821 (executing program) 2021/03/22 16:36:27 fetching corpus: 2984, signal 201195/215830 (executing program) 2021/03/22 16:36:27 fetching corpus: 3034, signal 202737/216783 (executing program) 2021/03/22 16:36:27 fetching corpus: 3084, signal 204185/217637 (executing program) 2021/03/22 16:36:27 fetching corpus: 3134, signal 205269/218340 (executing program) 2021/03/22 16:36:27 fetching corpus: 3184, signal 206055/218884 (executing program) 2021/03/22 16:36:27 fetching corpus: 3234, signal 207989/219898 (executing program) 2021/03/22 16:36:28 fetching corpus: 3284, signal 210590/221139 (executing program) 2021/03/22 16:36:28 fetching corpus: 3334, signal 211906/221822 (executing program) 2021/03/22 16:36:28 fetching corpus: 3384, signal 213212/222477 (executing program) 2021/03/22 16:36:28 fetching corpus: 3434, signal 214134/222966 (executing program) 2021/03/22 16:36:28 fetching corpus: 3484, signal 215568/223710 (executing program) 2021/03/22 16:36:28 fetching corpus: 3534, signal 216106/224008 (executing program) 2021/03/22 16:36:28 fetching corpus: 3584, signal 217733/224680 (executing program) 2021/03/22 16:36:28 fetching corpus: 3634, signal 218990/225235 (executing program) 2021/03/22 16:36:28 fetching corpus: 3684, signal 220354/225795 (executing program) 2021/03/22 16:36:28 fetching corpus: 3734, signal 221184/226145 (executing program) 2021/03/22 16:36:28 fetching corpus: 3784, signal 222175/226504 (executing program) 2021/03/22 16:36:28 fetching corpus: 3834, signal 223506/226979 (executing program) 2021/03/22 16:36:29 fetching corpus: 3884, signal 224448/227336 (executing program) 2021/03/22 16:36:29 fetching corpus: 3899, signal 224927/227518 (executing program) 2021/03/22 16:36:29 fetching corpus: 3899, signal 224927/227546 (executing program) 2021/03/22 16:36:29 fetching corpus: 3899, signal 224927/227577 (executing program) 2021/03/22 16:36:29 fetching corpus: 3899, signal 224927/227603 (executing program) 2021/03/22 16:36:29 fetching corpus: 3899, signal 224927/227638 (executing program) 2021/03/22 16:36:29 fetching corpus: 3899, signal 224927/227665 (executing program) 2021/03/22 16:36:29 fetching corpus: 3899, signal 224927/227696 (executing program) 2021/03/22 16:36:29 fetching corpus: 3899, signal 224927/227739 (executing program) 2021/03/22 16:36:29 fetching corpus: 3899, signal 224927/227773 (executing program) 2021/03/22 16:36:29 fetching corpus: 3899, signal 224927/227812 (executing program) 2021/03/22 16:36:29 fetching corpus: 3899, signal 224927/227844 (executing program) 2021/03/22 16:36:29 fetching corpus: 3899, signal 224927/227881 (executing program) 2021/03/22 16:36:29 fetching corpus: 3899, signal 224927/227915 (executing program) 2021/03/22 16:36:29 fetching corpus: 3899, signal 224927/227955 (executing program) 2021/03/22 16:36:29 fetching corpus: 3899, signal 224927/227988 (executing program) 2021/03/22 16:36:29 fetching corpus: 3899, signal 224927/228018 (executing program) 2021/03/22 16:36:29 fetching corpus: 3899, signal 224927/228045 (executing program) 2021/03/22 16:36:29 fetching corpus: 3899, signal 224927/228069 (executing program) 2021/03/22 16:36:29 fetching corpus: 3899, signal 224927/228102 (executing program) 2021/03/22 16:36:29 fetching corpus: 3899, signal 224927/228134 (executing program) 2021/03/22 16:36:29 fetching corpus: 3899, signal 224927/228178 (executing program) 2021/03/22 16:36:29 fetching corpus: 3899, signal 224927/228206 (executing program) 2021/03/22 16:36:29 fetching corpus: 3899, signal 224927/228240 (executing program) 2021/03/22 16:36:29 fetching corpus: 3899, signal 224927/228276 (executing program) 2021/03/22 16:36:29 fetching corpus: 3899, signal 224927/228320 (executing program) 2021/03/22 16:36:29 fetching corpus: 3899, signal 224927/228343 (executing program) 2021/03/22 16:36:29 fetching corpus: 3899, signal 224927/228371 (executing program) 2021/03/22 16:36:29 fetching corpus: 3899, signal 224927/228395 (executing program) 2021/03/22 16:36:29 fetching corpus: 3899, signal 224927/228425 (executing program) 2021/03/22 16:36:29 fetching corpus: 3899, signal 224927/228453 (executing program) 2021/03/22 16:36:29 fetching corpus: 3899, signal 224927/228494 (executing program) 2021/03/22 16:36:29 fetching corpus: 3899, signal 224927/228531 (executing program) 2021/03/22 16:36:29 fetching corpus: 3899, signal 224927/228564 (executing program) 2021/03/22 16:36:29 fetching corpus: 3899, signal 224927/228609 (executing program) 2021/03/22 16:36:29 fetching corpus: 3899, signal 224927/228647 (executing program) 2021/03/22 16:36:29 fetching corpus: 3899, signal 224927/228655 (executing program) 2021/03/22 16:36:29 fetching corpus: 3899, signal 224927/228655 (executing program) 2021/03/22 16:36:30 starting 6 fuzzer processes 16:36:30 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000240)="66530707ae89de108af147a8378f364602812c66538d740f6fe1d001f43f0500", 0x20}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x37) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0) preadv(r1, &(0x7f0000000280), 0x1, 0x0, 0x0) ptrace$cont(0x7, r0, 0x0, 0x0) 16:36:31 executing program 1: r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000080)='/dev/adsp1\x00', 0x1a2201, 0x0) ioctl$SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f0000000000)=0x6) ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f0000000040)) write$dsp(r0, &(0x7f0000001100)="dc93731aa9225574604cc2720fddc8a847f4d7f1e13612738529fcdf63675d0fbada60673c5c9bb5d14279f15f239e7072a592af4bbd413042c82095904cc6ff2eb376150f8c49a1694d5b3ea59a8b5d2f3021eded7ad11503f8d1e0d59f6b0f9dfd8ef06f5db7ed0bf1f4ce3be6e42bf384fc9ea73d673a5f65e8a9acea474bb91f4977461a3fd2c0698af81def5bad44a4a90e94e9d1d1ab90b8fad62d0985140e6fc1db0c132963062cab3971f28cb7849e29a5fbef83833e14c4abb9480fee580dfd1bde5b04d07f6456c953485d89abe151d5720d32805a468d48bdb43c5a4f71e56bd0a05f692c59195a9c5a29eb8ae103962406c2a6ab745ec15a97d92ca1371e2efa8f3d6baeab7dd0d34246729e8d6f1534d82f8ccda7e528856135431e48bcbe3500334c78771d1785e43a0b74fe0eec6b4e7f639f019350eaa76fb0c999e29caf8b2cbc186ecb2d2351da2288863481cd12d012649e12a583423cd27564cc90dbd495437182bb593981aeb185472e0c060478ea6e34c7cdb34dbe6940c730b861bc77eb4530657865d31986a54aad4a7a03769b270c26a2fbf334e1e6f2ba4f59769087acd8438f6dd1eb88905fcc4bdb46506497bd98e6ffe334d34bd06d10fbaae332b07b0b2d916d2fc433ca08951020e0f3400ba5fb02def861142a9c86a13ce5dd990f26a96aefa5db4c285fa52db4ad27f810c0ec3b2fc2869a103c30fae339ad62599f4816bfd80692421abd2b05044b5cc833aedf98458d365a533a44394c16882b1fe9680a6bcb087d9fbf8aa24cb431f72098a48eed4964d23fe4e188d423f5c6d5dd1864f735fd7a3e21a335d01e157a89e164eb2e6e95a23057d742721cd5d6adef6e2b8a31aa664502a34e59be4050e523b7493c8911ec838ba8bcd6ba646094ea6b23bf64fcf013edfa91ff3f0bdbc0b13f6502cdfcba5a3a941c6cc3f665b1c02d59236403d3df34206f7988598cade2fb7c6fe81681ce2a03c951425965f97eca2bd6b9d0e977ab773609491a5a27f675dd264f0eab1022d5e2e04a7d38299456af229c0a22bf865873e7759593e654b2f004b44a0e036cb85717b353a44a32dfc7e64725c3b5371f7d6678c22604589025ad30138f5ef91830d683afb29187f63c21f16e8830c64877b9a65d1573dd9da464bb3ceee86f60ea0c790e4b51bcf3cd79782b676963eba32e7f9854873074f290986c1ba939b1e0a17fca934a5d23aa5dccfb04b7642f06cf40c4bbfe3251a36ea87967257b02d79ad1365d686b07f255b1871fd9efd9271f76bcf8b17f91dbd489fedf8cc379274d17aed608e4031a878a53313c274d642fd161090b34036a2b98c8cf64ba08b6b3eb0b14e6e764aa2ef430448dd52f7bb4c0772033accb8995168000a2d967ee214e797fd28dc98e63cc9abcf68b264b7e0856a3db24888a91098fc47218fce8fa944ed92354269e7995141759dfb209bbaf71ec8a4a15139b321892d3b1e102af17f4cd5495c6bfeae1fa1b256e19f923168f54ae9365ee9e361b0b0fd2022d5453b684bedecc437fb1e39c9315240d110589cf388cecb654138867976347255190d8379c9ef04cf822db87d9d43eb52bfe47fe412af6693894274f3ffc9e7c1d576be3a5673cbd6f77251926b01e4f8bccc957f60df9f53bb984c604ba77ad4a153c92d5cae38910d1033d0030f94a46639137b76dcf31881d2d8388136ac08104a70ff979608d9cd5ff0ed208096275f33bf0379d30a1333fe1b3cf3691053619210c0b9fd08bee910794ee9d6a672d2c29393112f3cb5b5f87f4f68ba7930e746e0864087dabef95dd6ef8938876715320fcbb1fd095878f16e3415ca9034c15156a6b5575eccc6b1b903d4ae7ea4bc9711bc3c972ed0ef98d0b3efb51fa43a04fb8e90443888ba859da926745eaa3eae79dd871cfd1f8cac0e6084b6c3bc064aad4011754d2fe79d73e9eb7e0ad9e13b7dc902cc49d7d0bb23981f2051439dbb1d8853766175aa61c5716877358237a6cdfc0420ca178ac650e88869a2ac89a171a14eadb736e6621ed2aef5ea62ce369c4c349bc74227dedac76b1119ac910f6dc94db182dfd8422e5e8b819390046c0a6414a1dcf36163d2589d5dfa434ab51a45c3f8f8652ba5fbaa3a95db07cf311d28b9d7aa514ed70945767c5b87edb03321e342c7a56af90c31c44f0d664707e793d6873a944b865422901493b617c6807e320c9ff89b7d4a4b871d85dc4c336481637df0a034d6cbe69a5390939c44944a98d58d6b9a9b584966446cf029a442add718fd5921a6ccbf38e4f407ef2c30bf1ff0f48660ce119c6bb5528eb3150341e162af004160babef80b98fc592e10c7156ecae7f7727d8a89bec292bc82f5f6ceb26054e76b12b2a18b5c8abdafe2bbd8d868c525b48f823ac93ab3052694fa700a02f87f7ceb8507114b037041a0662b396b496fd04c781b5663c99100f37068a4450c124d361e1863437916b29650d7e088c465c2f63d5a7246b70fd0248b15634cb3fd78064751a57a8c6b885e69d6f268a76172a70c450b20b1b1013ba9fee65b498843219d7860471db0b7f77f39df50f3f44c6374b3264be2f9d6d9fa514c1fc3e6a6ba4da49760f77e5cf42e7e7c2ce9c0ae15a5bd30c673663fe7a569c59b435409dac0f3ef8554470a3a8325b1d7e6a7089655e7b05c1949fee7f2ac29496d87cef22766fbfa13e009cbb8a9403f75c20a649f5d76a055936aea5d6e443fba80d8366d3f9952fca7a811964af74b1ada7504493700259b39377d79c8d5e7f561242514490e85410db276a67fcd29fa85e356c6f301fb2c4efe0ab32265113c0493785b986ca9f184be9946f6da29ef6de7ceae955de57b1fe4beaa81a1f8038ac6ab7ea6fd2ec05881816328dc9a23260c4ab53d4c0838b2f7d493059e3480864c3a122d5eb7b1c11eda895b81b6238ba691bd1f1c004b89bb2c1c1116d2c25bc69500c2ad7986a8142c9de359a14b69e250e4e37faf20288b85bdf618cd6bb0c9e39c2208c8a4239951daf8217b063c604b9f0ff155cc6c2eae010a5046236d0b3b267a8b7673dfca6d1a0f3c11d4dad20a8934fcd83657448b2f2699f0644c9de0fee2fe1a4caa37a57332ebafda45d911aca1ac898ca0ea45e8af38507cc1a7244d3e3b0814b769e68d6acd5c48b372c080c9ab8d386610f458191ecd7b5b40925ed29c0e445a6fb52011fd5d18be822df20a5aff56847aa55809572f014a80aa7029f1e8a32af2908782ea672dc81a58d647e1b033f6fd8bf17d3bc50990019151c6885f888a635dffcc60e7a460c2b45568812848c2b49f333d908dd870c1c4ba10628526fe100bf3fca9eb48854203ef7319547966dc9f4201300d9eb37029b29a5dfc1ab886f55ca06ec02eee67d6289742ca79b56f3350b1436af3496e0db40f471f1684539de7e06b483a6fc07fee5cb66e704ab9c4be561f0ff88b851faf20a5e444834b73099b5373b1026233ae3fa961707c91ed0f48ce2f03e4109a158c36f0c086db7d7b9a871ef77567fd1c0d8a445203af6c92a6a42ad407b5aa378cc3bf7d4221c99da858849f85bfdfffc572e", 0x9f6) 16:36:31 executing program 2: socketpair(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x89e0, 0x0) 16:36:31 executing program 3: r0 = getpid() write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000380)={0x4, 0x70, 0x6, 0xe, 0x7, 0x4f, 0x0, 0x3, 0x40, 0x5, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x9, 0x1, @perf_config_ext={0x81, 0x10001}, 0xca20, 0x7, 0x4, 0x7, 0x4, 0x9}, r0, 0xd, 0xffffffffffffffff, 0x0) ioctl$TUNSETVNETHDRSZ(0xffffffffffffffff, 0x400454d8, &(0x7f0000000080)) r1 = perf_event_open(0x0, r0, 0xf, 0xffffffffffffffff, 0x8) perf_event_open(&(0x7f0000000200)={0x0, 0x70, 0x3, 0x4, 0x8, 0x7, 0x0, 0x4, 0x40004, 0x8, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, @perf_config_ext={0x52dd, 0x3ff}, 0x4c401, 0x4, 0x1, 0x5, 0x0, 0x400, 0x40}, r0, 0xa, r1, 0x2) r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x203, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001, 0x0, @perf_config_ext={0x0, 0x8000000000000000}, 0x4050, 0x0, 0x0, 0x0, 0x0, 0x0, 0x43}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, &(0x7f00000002c0), 0x10) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000340)='./cgroup/syz1\x00', 0x1ff) ioctl$PERF_EVENT_IOC_REFRESH(r2, 0x2402, 0xe43) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x12, 0x1, &(0x7f0000000ac0)=ANY=[@ANYBLOB="546018002d000000f4a1e911cf6156b85bd7a7b587c1914886197f4e3e041ef1417ff030155a9b2d056a0927e82cb8bb7192e4e2d9d9480beb1f570b567f3aa461f36662f233a2ecb919377bd17bc52f69f0eb0af8eecfc0b0c5a0045e3b63a9bd57f8e87a2430ee343ef36f3d0bb2ce8d8e5b3bc688f5c86984fd3c43f704d1ace3d0c9232099c5c8ada954c0cc8cd0dd00bc48fb034084cea07800d87de04c69bffcbf7247680e34c896811712ee3826081988285114c4deae0aec5fc584e2b5a1b29975982bcdee63787ed1cab899acce28fc25509806bf3c0510fe04dcf2521df3a1503cdb5a244f2ad9bebd2533f0af2e38c1b1a3cf62d729e000ae29471bd8d65ab44c9698a00485e7fb1097cd44c889bc64d6a5672a7b645d516ce2deb649eb8c74c3bddd88af9ae96bb2ca15580ade44290db409918f794daa7d8d8deb775e67c91d6f1ae4f98ec32a6cead00c52be96b2670ec3a97582ac775d28807f33089f272088d03e19b4d2e0782693857ac9faa9f686d36b90e0fb26c04e706583a1e1dde9c6170de2a4c9e48a1b2e31bbf1c5299522b4a4b0a6094769e2d7fb4f36316ef50d20f4dda8a6f9441f336722ce0a8859a76a1d3d0e40ae0002451dd665588fd35e22d7ea154dd0bada707c1c0798802e92712b95499f44"], &(0x7f0000000400)='syzkaller\x00', 0x6, 0x68, &(0x7f0000000440)=""/104, 0x41100, 0x0, [], 0x0, 0x23, 0xffffffffffffffff, 0x8, &(0x7f0000000500)={0x8, 0x5}, 0x8, 0x10, &(0x7f0000000700)={0x4, 0xe, 0x2, 0x480}, 0x10}, 0x78) ioctl$PERF_EVENT_IOC_RESET(r3, 0x2403, 0x1) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000040)='ns/cgroup\x00') r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x200002, 0x0) mkdirat$cgroup(r4, &(0x7f0000000280)='syz0\x00', 0x1ff) perf_event_open(&(0x7f0000000180)={0x7, 0x70, 0x0, 0x9, 0x0, 0x3f, 0x0, 0x48, 0x422, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100), 0xc}, 0x40, 0x81, 0x8, 0x6, 0x244e, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f00000000c0)="2e00000010008188040f80ecdb4cb9cca7480ef43c000000e3bd6efb440e09000e000a001000000002800000121f", 0x2e}, {&(0x7f0000000140)="3d4f40a9c419", 0x6}], 0x2}, 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x40, 0x84, 0x0, 0x0, 0x202, 0x1810, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0x4, 0x4}, 0x1850, 0x0, 0x4, 0x0, 0x0, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair(0xf, 0x2000000003, 0x2, &(0x7f0000000a80)) 16:36:31 executing program 4: r0 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c) listen(r0, 0xc) r1 = socket$inet_dccp(0x2, 0x6, 0x0) connect$inet(r1, &(0x7f0000e5c000)={0x2, 0x4e20, @loopback=0x7f000002}, 0x10) getsockopt$inet_int(r1, 0x10d, 0x9a, &(0x7f0000000080), &(0x7f00000000c0)=0x4) 16:36:31 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='cdg\x00', 0xcb) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, [], 0x1c}, 0xd}, 0x1c) sendto$inet6(r0, &(0x7f0000000080)='N', 0xfffffdef, 0x0, 0x0, 0x5000000) [ 39.430536][ T8409] IPVS: ftp: loaded support on port[0] = 21 [ 39.503395][ T8409] chnl_net:caif_netlink_parms(): no params data found [ 39.529560][ T8409] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.537086][ T8409] bridge0: port 1(bridge_slave_0) entered disabled state [ 39.544950][ T8409] device bridge_slave_0 entered promiscuous mode [ 39.552475][ T8409] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.559705][ T8409] bridge0: port 2(bridge_slave_1) entered disabled state [ 39.567528][ T8409] device bridge_slave_1 entered promiscuous mode [ 39.581116][ T8409] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 39.592740][ T8409] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 39.607120][ T8413] IPVS: ftp: loaded support on port[0] = 21 [ 39.620829][ T8409] team0: Port device team_slave_0 added [ 39.627861][ T8409] team0: Port device team_slave_1 added [ 39.641996][ T8409] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 39.649621][ T8409] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 39.675723][ T8409] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 39.689242][ T8409] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 39.696251][ T8409] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 39.722943][ T8409] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 39.763905][ T8415] IPVS: ftp: loaded support on port[0] = 21 [ 39.788529][ T8413] chnl_net:caif_netlink_parms(): no params data found [ 39.804092][ T8409] device hsr_slave_0 entered promiscuous mode [ 39.810683][ T8409] device hsr_slave_1 entered promiscuous mode [ 39.842927][ T8413] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.850051][ T8413] bridge0: port 1(bridge_slave_0) entered disabled state [ 39.857536][ T8413] device bridge_slave_0 entered promiscuous mode [ 39.887787][ T8413] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.901237][ T8413] bridge0: port 2(bridge_slave_1) entered disabled state [ 39.908919][ T8413] device bridge_slave_1 entered promiscuous mode [ 39.931239][ T8413] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 39.949184][ T8417] IPVS: ftp: loaded support on port[0] = 21 [ 39.965475][ T8413] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 40.001785][ T8413] team0: Port device team_slave_0 added [ 40.009631][ T8413] team0: Port device team_slave_1 added [ 40.057694][ T8413] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 40.065988][ T8413] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 40.092452][ T8413] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 40.127920][ T8413] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 40.135022][ T8413] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 40.161498][ T8413] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 40.172838][ T8415] chnl_net:caif_netlink_parms(): no params data found [ 40.189646][ T8417] chnl_net:caif_netlink_parms(): no params data found [ 40.192135][ T8419] IPVS: ftp: loaded support on port[0] = 21 [ 40.211799][ T8409] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 40.232028][ T8409] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 40.277224][ T8413] device hsr_slave_0 entered promiscuous mode [ 40.288363][ T8413] device hsr_slave_1 entered promiscuous mode [ 40.295102][ T8413] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 40.302629][ T8413] Cannot create hsr debugfs directory [ 40.322016][ T8409] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 40.340851][ T8421] IPVS: ftp: loaded support on port[0] = 21 [ 40.359774][ T8415] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.366890][ T8415] bridge0: port 1(bridge_slave_0) entered disabled state [ 40.374156][ T8415] device bridge_slave_0 entered promiscuous mode [ 40.384129][ T8409] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 40.406899][ T8415] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.414072][ T8415] bridge0: port 2(bridge_slave_1) entered disabled state [ 40.421473][ T8415] device bridge_slave_1 entered promiscuous mode [ 40.460245][ T8409] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.467291][ T8409] bridge0: port 2(bridge_slave_1) entered forwarding state [ 40.474634][ T8409] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.481650][ T8409] bridge0: port 1(bridge_slave_0) entered forwarding state [ 40.495669][ T8415] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 40.538498][ T8415] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 40.547923][ T9160] bridge0: port 1(bridge_slave_0) entered disabled state [ 40.556709][ T9160] bridge0: port 2(bridge_slave_1) entered disabled state [ 40.570055][ T8419] chnl_net:caif_netlink_parms(): no params data found [ 40.585545][ T8417] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.592584][ T8417] bridge0: port 1(bridge_slave_0) entered disabled state [ 40.600945][ T8417] device bridge_slave_0 entered promiscuous mode [ 40.645550][ T8417] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.652593][ T8417] bridge0: port 2(bridge_slave_1) entered disabled state [ 40.660167][ T8417] device bridge_slave_1 entered promiscuous mode [ 40.667287][ T8415] team0: Port device team_slave_0 added [ 40.689602][ T8419] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.696992][ T8419] bridge0: port 1(bridge_slave_0) entered disabled state [ 40.704735][ T8419] device bridge_slave_0 entered promiscuous mode [ 40.711370][ T8421] chnl_net:caif_netlink_parms(): no params data found [ 40.723017][ T8415] team0: Port device team_slave_1 added [ 40.737092][ T8415] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 40.744045][ T8415] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 40.770842][ T8415] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 40.782665][ T8419] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.790207][ T8419] bridge0: port 2(bridge_slave_1) entered disabled state [ 40.797687][ T8419] device bridge_slave_1 entered promiscuous mode [ 40.805452][ T8417] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 40.820312][ T8415] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 40.827358][ T8415] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 40.853334][ T8415] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 40.865333][ T8417] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 40.881851][ T8419] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 40.909789][ T8417] team0: Port device team_slave_0 added [ 40.917942][ T8419] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 40.939348][ T8415] device hsr_slave_0 entered promiscuous mode [ 40.946054][ T8415] device hsr_slave_1 entered promiscuous mode [ 40.952278][ T8415] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 40.960027][ T8415] Cannot create hsr debugfs directory [ 40.966124][ T8417] team0: Port device team_slave_1 added [ 40.975862][ T8413] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 40.991015][ T8419] team0: Port device team_slave_0 added [ 41.000832][ T8413] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 41.013776][ T8421] bridge0: port 1(bridge_slave_0) entered blocking state [ 41.021628][ T8421] bridge0: port 1(bridge_slave_0) entered disabled state [ 41.029529][ T8421] device bridge_slave_0 entered promiscuous mode [ 41.037564][ T8419] team0: Port device team_slave_1 added [ 41.047016][ T8417] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 41.053938][ T8417] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 41.080020][ T8417] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 41.091679][ T8417] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 41.098699][ T8417] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 41.124673][ T8417] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 41.136518][ T8413] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 41.149186][ T8421] bridge0: port 2(bridge_slave_1) entered blocking state [ 41.158594][ T8421] bridge0: port 2(bridge_slave_1) entered disabled state [ 41.166710][ T8421] device bridge_slave_1 entered promiscuous mode [ 41.177465][ T8419] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 41.184627][ T8419] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 41.210685][ T8419] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 41.221636][ T8413] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 41.251630][ T8421] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 41.262561][ T8419] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 41.269622][ T8419] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 41.295569][ T8419] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 41.317726][ T8417] device hsr_slave_0 entered promiscuous mode [ 41.325913][ T8417] device hsr_slave_1 entered promiscuous mode [ 41.332419][ T8417] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 41.340581][ T8417] Cannot create hsr debugfs directory [ 41.348270][ T8421] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 41.388603][ T8419] device hsr_slave_0 entered promiscuous mode [ 41.395373][ T8419] device hsr_slave_1 entered promiscuous mode [ 41.402185][ T8419] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 41.410560][ T8419] Cannot create hsr debugfs directory [ 41.419882][ T8409] 8021q: adding VLAN 0 to HW filter on device bond0 [ 41.434727][ T8421] team0: Port device team_slave_0 added [ 41.461412][ T8421] team0: Port device team_slave_1 added [ 41.474250][ T5] Bluetooth: hci0: command 0x0409 tx timeout [ 41.484093][ T3791] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 41.491597][ T3791] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 41.502952][ T8409] 8021q: adding VLAN 0 to HW filter on device team0