Warning: Permanently added '10.128.0.31' (ECDSA) to the list of known hosts. 2019/09/09 17:30:10 fuzzer started [ 47.898281] audit: type=1400 audit(1568050210.949:36): avc: denied { map } for pid=7499 comm="syz-fuzzer" path="/root/syz-fuzzer" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 2019/09/09 17:30:12 dialing manager at 10.128.0.105:38733 2019/09/09 17:30:12 syscalls: 2482 2019/09/09 17:30:12 code coverage: enabled 2019/09/09 17:30:12 comparison tracing: enabled 2019/09/09 17:30:12 extra coverage: extra coverage is not supported by the kernel 2019/09/09 17:30:12 setuid sandbox: enabled 2019/09/09 17:30:12 namespace sandbox: enabled 2019/09/09 17:30:12 Android sandbox: /sys/fs/selinux/policy does not exist 2019/09/09 17:30:12 fault injection: enabled 2019/09/09 17:30:12 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/09/09 17:30:12 net packet injection: enabled 2019/09/09 17:30:12 net device setup: enabled 17:32:36 executing program 0: syz_emit_ethernet(0x66, &(0x7f0000000000)={@link_local, @local, [], {@ipv6={0x86dd, {0x0, 0x6, "529a57", 0x30, 0x67, 0x0, @initdev={0xfe, 0x88, [], 0x0, 0x0}, @mcast2, {[], @icmpv6=@dest_unreach={0x1, 0x0, 0x0, 0x0, [], {0x0, 0x6, '\x00', 0x0, 0x0, 0x0, @mcast2, @local}}}}}}}, 0x0) [ 193.720177] audit: type=1400 audit(1568050356.769:37): avc: denied { map } for pid=7516 comm="syz-executor.0" path="/sys/kernel/debug/kcov" dev="debugfs" ino=14979 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:debugfs_t:s0 tclass=file permissive=1 [ 193.915132] IPVS: ftp: loaded support on port[0] = 21 17:32:37 executing program 1: setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x50000}]}) setsockopt$inet6_MCAST_MSFILTER(0xffffffffffffffff, 0x29, 0x30, &(0x7f0000000440)=ANY=[], 0x0) [ 194.030956] chnl_net:caif_netlink_parms(): no params data found [ 194.119412] IPVS: ftp: loaded support on port[0] = 21 [ 194.135509] bridge0: port 1(bridge_slave_0) entered blocking state [ 194.144230] bridge0: port 1(bridge_slave_0) entered disabled state [ 194.151977] device bridge_slave_0 entered promiscuous mode [ 194.174514] bridge0: port 2(bridge_slave_1) entered blocking state [ 194.181102] bridge0: port 2(bridge_slave_1) entered disabled state [ 194.188514] device bridge_slave_1 entered promiscuous mode 17:32:37 executing program 2: mlockall(0x3) r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) write$P9_RWALK(r0, &(0x7f00000003c0)=ANY=[@ANYRES64], 0x8) mmap(&(0x7f0000004000/0x4000)=nil, 0x4000, 0x0, 0x28812, r0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) r2 = perf_event_open(&(0x7f0000000180)={0x6, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0) dup2(r1, r2) [ 194.229007] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 194.263255] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 194.318485] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 194.326088] team0: Port device team_slave_0 added [ 194.349938] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 194.357185] team0: Port device team_slave_1 added [ 194.377445] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 194.384559] chnl_net:caif_netlink_parms(): no params data found [ 194.400238] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 194.431256] IPVS: ftp: loaded support on port[0] = 21 17:32:37 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000005, 0x0, 0x0, 0x3, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20048, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000400), 0x1331045151d1a20f}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 194.500516] device hsr_slave_0 entered promiscuous mode [ 194.537589] device hsr_slave_1 entered promiscuous mode [ 194.600417] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 194.607530] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 194.627110] IPVS: ftp: loaded support on port[0] = 21 [ 194.634762] bridge0: port 1(bridge_slave_0) entered blocking state [ 194.645872] bridge0: port 1(bridge_slave_0) entered disabled state [ 194.653339] device bridge_slave_0 entered promiscuous mode [ 194.682282] bridge0: port 2(bridge_slave_1) entered blocking state [ 194.690240] bridge0: port 2(bridge_slave_1) entered disabled state [ 194.697665] device bridge_slave_1 entered promiscuous mode [ 194.705565] bridge0: port 2(bridge_slave_1) entered blocking state [ 194.712083] bridge0: port 2(bridge_slave_1) entered forwarding state [ 194.719078] bridge0: port 1(bridge_slave_0) entered blocking state [ 194.725455] bridge0: port 1(bridge_slave_0) entered forwarding state 17:32:37 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="38f37fdba040c4d5415a871b25bdb10f11098d1da0666e82d9932e8ac05b56c668575b859f"], 0x0, 0x25}, 0x20) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000015000/0x1000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 194.777823] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 194.860471] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 194.954794] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 194.961775] 8021q: adding VLAN 0 to HW filter on device bond0 [ 194.999202] chnl_net:caif_netlink_parms(): no params data found [ 195.008640] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 195.016194] team0: Port device team_slave_0 added [ 195.023667] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 195.036596] IPVS: ftp: loaded support on port[0] = 21 17:32:38 executing program 5: getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0) mlockall(0x3) r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) write$P9_RWALK(r0, &(0x7f00000003c0)=ANY=[@ANYRES64], 0x8) mmap(&(0x7f0000004000/0x4000)=nil, 0x4000, 0x0, 0x28812, r0, 0x0) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) r2 = perf_event_open(&(0x7f0000000180)={0x6, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0) dup2(r1, r2) [ 195.052657] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 195.071898] team0: Port device team_slave_1 added [ 195.080460] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 195.112065] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 195.133307] bridge0: port 1(bridge_slave_0) entered disabled state [ 195.150824] bridge0: port 2(bridge_slave_1) entered disabled state [ 195.160076] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 195.170362] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 195.179930] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 195.186015] 8021q: adding VLAN 0 to HW filter on device team0 [ 195.192543] chnl_net:caif_netlink_parms(): no params data found [ 195.270137] device hsr_slave_0 entered promiscuous mode [ 195.307678] device hsr_slave_1 entered promiscuous mode [ 195.383105] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 195.396418] bridge0: port 1(bridge_slave_0) entered blocking state [ 195.404047] bridge0: port 1(bridge_slave_0) entered disabled state [ 195.411187] device bridge_slave_0 entered promiscuous mode [ 195.428091] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 195.440183] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 195.448373] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 195.455973] bridge0: port 1(bridge_slave_0) entered blocking state [ 195.462463] bridge0: port 1(bridge_slave_0) entered forwarding state [ 195.474474] IPVS: ftp: loaded support on port[0] = 21 [ 195.480409] bridge0: port 2(bridge_slave_1) entered blocking state [ 195.486766] bridge0: port 2(bridge_slave_1) entered disabled state [ 195.498945] device bridge_slave_1 entered promiscuous mode [ 195.511917] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 195.522636] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 195.536434] bridge0: port 1(bridge_slave_0) entered blocking state [ 195.543185] bridge0: port 1(bridge_slave_0) entered disabled state [ 195.550382] device bridge_slave_0 entered promiscuous mode [ 195.572195] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 195.580452] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 195.588483] bridge0: port 2(bridge_slave_1) entered blocking state [ 195.594816] bridge0: port 2(bridge_slave_1) entered forwarding state [ 195.611550] bridge0: port 2(bridge_slave_1) entered blocking state [ 195.618558] bridge0: port 2(bridge_slave_1) entered disabled state [ 195.625463] device bridge_slave_1 entered promiscuous mode [ 195.648556] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 195.661266] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 195.670745] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 195.678912] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 195.706789] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 195.716383] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 195.726117] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 195.746541] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 195.753839] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 195.761955] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 195.769950] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 195.778605] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 195.797030] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 195.804761] team0: Port device team_slave_0 added [ 195.810062] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 195.817453] team0: Port device team_slave_0 added [ 195.822760] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 195.830557] team0: Port device team_slave_1 added [ 195.836712] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 195.847352] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 195.856654] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 195.864942] team0: Port device team_slave_1 added [ 195.870421] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 195.878511] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 195.888415] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 195.896092] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 195.911273] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 195.922930] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 195.932413] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 195.974731] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 195.985574] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 196.003525] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 196.049052] device hsr_slave_0 entered promiscuous mode [ 196.097537] device hsr_slave_1 entered promiscuous mode [ 196.145208] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 196.200206] device hsr_slave_0 entered promiscuous mode [ 196.237642] device hsr_slave_1 entered promiscuous mode [ 196.287865] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 196.302345] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 196.310049] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 196.319693] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 196.325730] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 196.335373] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 196.343855] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 196.377987] chnl_net:caif_netlink_parms(): no params data found [ 196.409183] chnl_net:caif_netlink_parms(): no params data found [ 196.430840] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 196.438286] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 196.445346] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 196.493979] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 196.520132] bridge0: port 1(bridge_slave_0) entered blocking state [ 196.526562] bridge0: port 1(bridge_slave_0) entered disabled state [ 196.534788] device bridge_slave_0 entered promiscuous mode [ 196.541776] bridge0: port 2(bridge_slave_1) entered blocking state [ 196.548300] bridge0: port 2(bridge_slave_1) entered disabled state [ 196.555211] device bridge_slave_1 entered promiscuous mode [ 196.574868] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 196.575013] audit: type=1400 audit(1568050359.619:38): avc: denied { associate } for pid=7517 comm="syz-executor.0" name="syz0" scontext=unconfined_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem permissive=1 [ 196.605215] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 196.632430] bridge0: port 1(bridge_slave_0) entered blocking state [ 196.644411] bridge0: port 1(bridge_slave_0) entered disabled state [ 196.652804] device bridge_slave_0 entered promiscuous mode [ 196.666270] 8021q: adding VLAN 0 to HW filter on device bond0 [ 196.681290] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 196.689117] team0: Port device team_slave_0 added [ 196.694600] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 196.702837] team0: Port device team_slave_1 added [ 196.716550] bridge0: port 2(bridge_slave_1) entered blocking state [ 196.725035] bridge0: port 2(bridge_slave_1) entered disabled state [ 196.739132] device bridge_slave_1 entered promiscuous mode 17:32:39 executing program 0: syz_emit_ethernet(0x66, &(0x7f0000000000)={@link_local, @local, [], {@ipv6={0x86dd, {0x0, 0x6, "529a57", 0x30, 0x67, 0x0, @initdev={0xfe, 0x88, [], 0x0, 0x0}, @mcast2, {[], @icmpv6=@dest_unreach={0x1, 0x0, 0x0, 0x0, [], {0x0, 0x6, '\x00', 0x0, 0x0, 0x0, @mcast2, @local}}}}}}}, 0x0) [ 196.754589] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 196.776440] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 196.795023] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready 17:32:39 executing program 0: syz_emit_ethernet(0x66, &(0x7f0000000000)={@link_local, @local, [], {@ipv6={0x86dd, {0x0, 0x6, "529a57", 0x30, 0x67, 0x0, @initdev={0xfe, 0x88, [], 0x0, 0x0}, @mcast2, {[], @icmpv6=@dest_unreach={0x1, 0x0, 0x0, 0x0, [], {0x0, 0x6, '\x00', 0x0, 0x0, 0x0, @mcast2, @local}}}}}}}, 0x0) [ 196.809979] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 196.817815] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 196.840515] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready 17:32:39 executing program 0: syz_emit_ethernet(0x66, &(0x7f0000000000)={@link_local, @local, [], {@ipv6={0x86dd, {0x0, 0x6, "529a57", 0x30, 0x67, 0x0, @initdev={0xfe, 0x88, [], 0x0, 0x0}, @mcast2, {[], @icmpv6=@dest_unreach={0x1, 0x0, 0x0, 0x0, [], {0x0, 0x6, '\x00', 0x0, 0x0, 0x0, @mcast2, @local}}}}}}}, 0x0) [ 196.855624] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 196.863971] 8021q: adding VLAN 0 to HW filter on device team0 [ 196.874102] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 196.884092] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 196.920493] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 196.940933] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 196.948910] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 196.959500] bridge0: port 1(bridge_slave_0) entered blocking state 17:32:40 executing program 0: syz_emit_ethernet(0x0, 0x0, 0x0) 17:32:40 executing program 0: syz_emit_ethernet(0x0, 0x0, 0x0) [ 196.965892] bridge0: port 1(bridge_slave_0) entered forwarding state [ 196.976206] 8021q: adding VLAN 0 to HW filter on device bond0 [ 197.009917] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready 17:32:40 executing program 0: syz_emit_ethernet(0x0, 0x0, 0x0) 17:32:40 executing program 0: syz_emit_ethernet(0x66, &(0x7f0000000000)={@link_local, @local, [], {@ipv6={0x86dd, {0x0, 0x6, "529a57", 0x30, 0x0, 0x0, @initdev={0xfe, 0x88, [], 0x0, 0x0}, @mcast2, {[], @icmpv6=@dest_unreach={0x1, 0x0, 0x0, 0x0, [], {0x0, 0x6, '\x00', 0x0, 0x0, 0x0, @mcast2, @local}}}}}}}, 0x0) [ 197.050525] device hsr_slave_0 entered promiscuous mode [ 197.090175] device hsr_slave_1 entered promiscuous mode [ 197.133641] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 197.141015] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 197.151997] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 197.159796] bridge0: port 2(bridge_slave_1) entered blocking state [ 197.166123] bridge0: port 2(bridge_slave_1) entered forwarding state [ 197.175858] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 197.184951] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 197.192315] team0: Port device team_slave_0 added [ 197.201208] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 197.209434] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 197.224301] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 197.231580] team0: Port device team_slave_1 added [ 197.238557] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 197.246919] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 197.258419] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 197.268539] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 197.275024] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 197.282685] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 197.294110] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 197.302016] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 197.310021] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 197.316887] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 197.325980] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 197.335655] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 197.350197] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 197.356279] 8021q: adding VLAN 0 to HW filter on device team0 [ 197.367625] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 197.375364] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 197.383805] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 197.391756] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 197.400199] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 197.409433] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 197.424462] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 197.436820] 8021q: adding VLAN 0 to HW filter on device bond0 [ 197.445346] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 197.457492] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 197.465041] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 197.472886] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 197.481302] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 197.489913] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 197.498009] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 197.505535] bridge0: port 1(bridge_slave_0) entered blocking state [ 197.511923] bridge0: port 1(bridge_slave_0) entered forwarding state [ 197.561197] device hsr_slave_0 entered promiscuous mode [ 197.597609] device hsr_slave_1 entered promiscuous mode [ 197.647998] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 197.656606] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 197.662848] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 197.676470] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 197.683866] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 197.691100] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 197.698872] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 197.706372] bridge0: port 2(bridge_slave_1) entered blocking state [ 197.712754] bridge0: port 2(bridge_slave_1) entered forwarding state [ 197.720413] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 197.736464] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 197.750611] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 197.759206] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 197.773075] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 197.783230] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 197.790753] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 197.804510] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 197.813288] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 197.820896] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 197.830031] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 197.838255] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 197.845852] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 197.853546] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 197.863138] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 197.869273] 8021q: adding VLAN 0 to HW filter on device team0 [ 197.877042] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 197.892887] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 197.903012] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 197.914066] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 197.925981] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 197.934510] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 197.942631] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 197.951146] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 197.959020] bridge0: port 1(bridge_slave_0) entered blocking state [ 197.965359] bridge0: port 1(bridge_slave_0) entered forwarding state [ 197.974845] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 198.000083] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 198.026641] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 198.043735] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 198.052882] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 198.068831] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 198.084629] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 198.093516] bridge0: port 2(bridge_slave_1) entered blocking state [ 198.099917] bridge0: port 2(bridge_slave_1) entered forwarding state [ 198.116117] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready 17:32:41 executing program 0: syz_emit_ethernet(0x66, &(0x7f0000000000)={@link_local, @local, [], {@ipv6={0x86dd, {0x0, 0x6, "529a57", 0x30, 0x0, 0x0, @initdev={0xfe, 0x88, [], 0x0, 0x0}, @mcast2, {[], @icmpv6=@dest_unreach={0x1, 0x0, 0x0, 0x0, [], {0x0, 0x6, '\x00', 0x0, 0x0, 0x0, @mcast2, @local}}}}}}}, 0x0) [ 198.144134] 8021q: adding VLAN 0 to HW filter on device bond0 [ 198.154756] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 198.172001] 8021q: adding VLAN 0 to HW filter on device bond0 [ 198.179361] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 198.196160] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 198.204447] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 198.214651] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 198.222110] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 198.235891] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 198.249884] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 198.263434] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 198.274336] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 198.290611] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 198.299265] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 198.308547] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 198.315392] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 198.322582] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 198.332491] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 198.340659] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 198.350348] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 198.360696] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 198.371637] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 198.378566] 8021q: adding VLAN 0 to HW filter on device team0 [ 198.386009] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 198.396241] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 198.402933] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 198.410906] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 198.418636] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 198.425446] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 198.434832] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 198.445292] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 198.454239] 8021q: adding VLAN 0 to HW filter on device team0 [ 198.462220] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 198.470575] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 198.480619] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 198.490653] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 198.498386] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 198.506886] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 198.518547] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 198.526921] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 198.533247] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 198.541279] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 198.557409] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 198.565243] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 198.586161] bridge0: port 1(bridge_slave_0) entered blocking state [ 198.592629] bridge0: port 1(bridge_slave_0) entered forwarding state [ 198.602005] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 198.610105] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 198.615769] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 198.617891] bridge0: port 2(bridge_slave_1) entered blocking state [ 198.639108] bridge0: port 2(bridge_slave_1) entered forwarding state [ 198.646716] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 198.654808] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 198.662589] bridge0: port 1(bridge_slave_0) entered blocking state [ 198.669015] bridge0: port 1(bridge_slave_0) entered forwarding state [ 198.678897] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 198.694985] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 198.703183] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 198.711121] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 198.719145] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 198.726893] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 198.734715] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 198.742565] bridge0: port 2(bridge_slave_1) entered blocking state [ 198.748964] bridge0: port 2(bridge_slave_1) entered forwarding state [ 198.758157] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 198.776336] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 198.779411] kvm [7573]: vcpu0, guest rIP: 0xa5 Hyper-V unhandled rdmsr: 0x4000000a [ 198.785466] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 198.806185] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 198.813307] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 198.822104] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 198.832489] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 198.844095] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 198.851824] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 198.867138] kvm [7573]: vcpu0, guest rIP: 0xa5 Hyper-V unhandled rdmsr: 0x40000005 [ 198.870863] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 198.875742] kvm [7573]: vcpu0, guest rIP: 0xc5 Hyper-V unhandled rdmsr: 0x40000005 [ 198.888124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 198.890130] kvm [7573]: vcpu0, guest rIP: 0xc5 Hyper-V unhandled rdmsr: 0x40000005 [ 198.903615] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 198.931291] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 198.951508] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 198.964353] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 198.977174] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 198.988937] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 199.008047] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 199.016114] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 199.029952] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 199.039780] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 199.047502] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 199.055417] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 199.064361] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 199.072707] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 199.082460] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 199.092604] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 199.100679] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 199.109169] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 199.116749] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 199.124843] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 199.135643] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 199.145091] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 199.152190] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 199.160488] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 199.169065] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 199.178647] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 199.184698] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 199.210507] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 199.216732] audit: type=1804 audit(1568050362.259:39): pid=7579 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir713514963/syzkaller.f4ASRz/0/bus" dev="sda1" ino=16528 res=1 [ 199.222374] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 199.261313] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 199.285507] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 199.409772] hrtimer: interrupt took 26610 ns [ 199.425028] audit: type=1804 audit(1568050362.469:40): pid=7587 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir713514963/syzkaller.f4ASRz/0/bus" dev="sda1" ino=16528 res=1 [ 199.530897] audit: type=1804 audit(1568050362.579:41): pid=7584 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir507142526/syzkaller.EzYFPj/0/bus" dev="sda1" ino=16537 res=1 17:32:42 executing program 2: r0 = syz_open_dev$sndctrl(&(0x7f0000000080)='/dev/snd/controlC#\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r0, 0x40405514, &(0x7f00000000c0)={0xa}) syz_genetlink_get_family_id$tipc(0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r0, 0x40405515, &(0x7f0000000580)={0xa, 0x0, 0x0, 0x0, 'syz0\x00'}) 17:32:42 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) perf_event_open(&(0x7f00000004c0)={0x2, 0x70, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$FIDEDUPERANGE(0xffffffffffffffff, 0xc0189436, 0x0) ioctl$sock_ifreq(r0, 0x89f2, &(0x7f0000000080)={'sit0\x00', @ifru_addrs=@can}) [ 199.683879] audit: type=1400 audit(1568050362.729:42): avc: denied { create } for pid=7591 comm="syz-executor.2" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 199.746270] audit: type=1400 audit(1568050362.759:43): avc: denied { write } for pid=7591 comm="syz-executor.2" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 199.778984] audit: type=1400 audit(1568050362.769:44): avc: denied { read } for pid=7591 comm="syz-executor.2" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 199.822496] audit: type=1804 audit(1568050362.869:45): pid=7588 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir507142526/syzkaller.EzYFPj/0/bus" dev="sda1" ino=16537 res=1 17:32:43 executing program 4: r0 = socket$inet6_sctp(0xa, 0x801, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000000)={0x0, @in={{0x2, 0x0, @multicast1}}, 0x0, 0x0, 0x0, 0x0, 0xed}, 0x98) 17:32:43 executing program 0: syz_emit_ethernet(0x66, &(0x7f0000000000)={@link_local, @local, [], {@ipv6={0x86dd, {0x0, 0x6, "529a57", 0x30, 0x0, 0x0, @initdev={0xfe, 0x88, [], 0x0, 0x0}, @mcast2, {[], @icmpv6=@dest_unreach={0x1, 0x0, 0x0, 0x0, [], {0x0, 0x6, '\x00', 0x0, 0x0, 0x0, @mcast2, @local}}}}}}}, 0x0) 17:32:43 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x44) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000000c0)}], 0x1}, 0x0) openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x2400, 0x0) gettid() bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r1, 0x0, 0x1, 0x0, 0x0}, 0x20) openat$cgroup_ro(r0, 0x0, 0x0, 0x0) ioctl$TUNGETFEATURES(0xffffffffffffffff, 0x800454cf, &(0x7f00000002c0)) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000080)=@nl=@unspec, 0x80, &(0x7f0000000100)=[{&(0x7f0000000180)}], 0x1}, 0x0) r2 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000200)="2e0000001c008105e00f80ecdb4cb9f207c804a01a000000880367fb0a000200030ada1b40d805000300c50083b8", 0x2e}], 0x1}, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, 0x0}, 0x24000001) 17:32:43 executing program 2: r0 = syz_open_dev$sndctrl(&(0x7f0000000080)='/dev/snd/controlC#\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r0, 0x40405514, &(0x7f00000000c0)={0xa}) syz_genetlink_get_family_id$tipc(0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r0, 0x40405515, &(0x7f0000000580)={0xa, 0x0, 0x0, 0x0, 'syz0\x00'}) 17:32:43 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000160001020000000000000000020300000000000000b28d177e6f8ebbda5d8cad8b08b38efa0e6ff3f52b387a50595d354dafa3679c6da9a2f5e35170dae1fb3302852f11ebf53e51061ba672aba8e139c4e2375d95c47e4d010362d0caa8478c1b67cc2b1cb671c8a501690624b80ead571ae0009d1b91b30cfd7fbe92977cbe4953224dcb73005d49616902d6d281588f84bd281681ac5c828c8da137c857e4ed0cac57cd0000000000000010962f67aaa251220d2770fac9abda3ec2f12e0f1449b1dd749559da5fbf6b2c7a6ebb268d081509a4ca66260154679ba3890f3b293404e3ce9100b514d2d8151d7ec9af2ae7acd5b645f4f0eb269fb9d90421995df7638f36cae35391ba45faf361020a10da0378b7b9cf3bc4126d98b3184381e3d042a574e1a6ffc7470bf2e18f381d7a4c3a6b5f721264d7eac1c132521aa356568bfb1d8933bfe333097717774b8e07e41884e83dbe77cadba829c79cde33322cc1200f63c5598dbeecc0d32f1986c394d561e30175"], 0x14}}, 0x0) 17:32:43 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_open_dev$sndctrl(&(0x7f0000000080)='/dev/snd/controlC#\x00', 0x0, 0x0) syz_open_dev$midi(0x0, 0x0, 0x4001) syz_genetlink_get_family_id$tipc(&(0x7f0000000200)='TIPC\x00') 17:32:43 executing program 5: sendmsg$IPVS_CMD_NEW_SERVICE(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x80}, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000040)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010001000404000001007d60b7030000010000006a0a00fe00000000850000000d000000b700000001000000950000000000000075cdc4b57b0c65752a3ad50000000000000000639100000000000000000000000001"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000100), 0x2c}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0xe, 0x0, &(0x7f0000001b40)="9f44948721919580684010a49e26339d8860c3fc2f04883d8f9d8a232981b007de9019a0f7bf49a9807bda6adf2ffce83a4cf375cb3f9daaaa44226709bf81d8d00923e8", 0x0, 0x7ff}, 0x37) [ 200.275145] netlink: 6 bytes leftover after parsing attributes in process `syz-executor.3'. 17:32:43 executing program 1: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xee68, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000801, 0x0) sendto$inet(r0, 0x0, 0x0, 0x200007ff, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10) sendto$inet(r0, 0x0, 0x2d9, 0x0, 0x0, 0x24d) clock_gettime(0x0, &(0x7f0000001240)={0x0, 0x0}) recvmmsg(r0, &(0x7f0000000240), 0x45483d5a560d7693, 0x0, &(0x7f0000002a80)={0x0, r1+30000000}) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) 17:32:43 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="38f37fdba040c4d5415a871b25bdb10f1109"], 0x0, 0x12}, 0x20) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 17:32:43 executing program 2: r0 = syz_open_dev$sndctrl(&(0x7f0000000080)='/dev/snd/controlC#\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r0, 0x40405514, &(0x7f00000000c0)={0xa}) syz_genetlink_get_family_id$tipc(0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r0, 0x40405515, &(0x7f0000000580)={0xa, 0x0, 0x0, 0x0, 'syz0\x00'}) 17:32:43 executing program 4: perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xee6a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x1) r1 = open(&(0x7f0000000340)='./file0/file0\x00', 0x8040, 0x32) ioctl$KDSKBMETA(r0, 0x4b63, &(0x7f0000000300)=0x41b) r2 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xed}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) rmdir(&(0x7f0000000040)='./bus\x00') r3 = socket$inet6(0xa, 0xffffffffffffffff, 0x1) r4 = fcntl$getown(r3, 0x9) ptrace$pokeuser(0x6, r4, 0x7fe, 0x2) ioctl(r1, 0x8912, &(0x7f00000008c0)="f59e131e79f154a7d8171700400892ac23a823df9a188cde74d4a3379c26e9b94a664c6d4b7c7f2f7c807f5604e9f25fa7138c150b99b2eee500086426593d107ca2923a9447ac9bbe11e112c02106e636c510c7cd19c23efc691bb6b74fd01ce3d482cc82596cb35afd36aab53f0becccd9467d6ed52e1f46871defe59a2bb2bd838b39bb55dc87db8add86369a9880766feed61cb6083493927e964c7e7ed0e3570d76e4752b53c92d6888ac12f003402ce08acab246541c36622e935c58d9b8cffb1735c98505cb6e1896445a7d74") remap_file_pages(&(0x7f0000fee000/0xf000)=nil, 0xf000, 0x1, 0x74f, 0x1000) creat(&(0x7f00000002c0)='./bus\x00', 0x4) rmdir(&(0x7f0000000240)='./bus\x00') write$binfmt_elf64(r3, &(0x7f00000007c0)=ANY=[], 0x0) mkdir(&(0x7f0000000100)='./bus\x00', 0x21) setsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f0000000440)={0xfffffffffffffffe, 0xfffffffffffffffb}, 0x8) ioctl$PIO_UNISCRNMAP(r2, 0x4b6a, &(0x7f0000000540)="31d96da88b0cce5062747ce237ca24f05b05df66b34814c1cdb2db3642a7c880224c03d6cffd67b36c7f1a51ae9aeaa3892b040ba2105d77d4e4579d745ad601f19c26d1260bcd5435ae4ad35d123f7e809a7b0576431fde9f78c3260a3837b52ef6437c404147add96892a9d3a67dcf93c198c3b7727cd266c20c5e584c28ae0843064b8f7f199db8641f71a407775e0090bbedee63a4640e1f012e5ca95bd14b5aa0da642b552ae4aa2b869458dec283c16f25c67068fc528a793f75c81acac8ee6596d79c449ade5eeee332c460ebc0d46c076e871b6426d521c571a95d0fa800de30a110e719ffde8f103773daaaec8c313aa3be0bdaa6e7e796df3975a8e37aee6d10579f8afe6552f187c242c731375f5d64cd40ab8904400f00000000000000000000000000000058b4721949da012002cb7f4ac8fe195c1388861be8cd45020083b0089b23f86603321faf83e794bea1ece8051e9996306347bd562aa2437fa6bdb57086302926b8af069b8d331ebf5c0e1a7f163e6d711af330efdfae413fafef9acf1d53e6aaf4f2dec9ddfb4ca321583e35a14a92e82bdbea3c127a033b32059fbadce23a3e87957f8238886aa9380000000018888c4c20ba104342e8c9d85a9dcf06abbb7a2905d37839bff6f8641ebce172c60a8d368cd4a94af484749dc4ccdd380bbf5d501302d50e79d3536eab5a12abdd347dac985c4349ec712661df947315514e45a515417e6b00000000000000002bdacdb2631c83a90dbca3aa7e5936f8aa413a75c7780309e1c178bce65ed205154ab4f55241cd2b6e83b29fc6cefe050d7d662360718e25bbdb2d34264d6a741cbbed50422f5d") r5 = socket$inet6(0xa, 0x3, 0x6) setsockopt$inet6_int(r1, 0x29, 0xcf, &(0x7f0000000840)=0x1, 0x4) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r5, 0x29, 0x20, &(0x7f0000000880)={@remote, 0x800, 0x0, 0x3, 0x1, 0x0, 0x10001}, 0x20) fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x2, r4}) setsockopt$inet_sctp6_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, &(0x7f0000000140)={0x3, [0x2, 0x1, 0x7]}, 0xa) shutdown(r2, 0x0) fsetxattr$trusted_overlay_redirect(r3, &(0x7f00000007c0)='trusted.overlay.redirect\x00', &(0x7f0000000400)='./bus\x00', 0x6, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r5, 0x29, 0x20, &(0x7f0000000200)={@local, 0x0, 0x2, 0xfe, 0x3}, 0x20) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r5, 0x29, 0x20, &(0x7f0000000040)={@dev={0xfe, 0x80, [], 0x28}, 0x0, 0x1000000000, 0x1, 0x3, 0x3b9}, 0x20) socket$inet6(0xa, 0xa, 0x400) connect$inet6(r5, &(0x7f0000000500)={0xa, 0x0, 0x40f7, @mcast2, 0x7ff}, 0x9) r6 = syz_open_procfs(r4, &(0x7f00000009c0)='net/ip6_flowlabel\x00n\xc01\x14\x894X\xed\xc1\xc9\xd0\xdcK\r\x8d\xae\x98&@\xd0\xe6\xbbQ\xd7\xffYn\x1c\x92\xde\x0e\xaa1\x91\x98\xe9\x1f\nMCi|+\xcdw\xf0\x176Z\xf1`\xac\xf3;\xd6d2\xeb\xe5\f\x0e\x8b\xda\xf7\xfc9\xfe\xff4\xef\'\xa19q\x93\"\x7fG3\xc1E\xe6e6\xc6\xc2u\x11% \xe7+0\x97\x84;\\\xda\xc4\x80\xc3\xb18N\xbfY%\x05\xf8\x85\x89\xfc\xd2\xd7\x95\xaeV\x0f\x9e\xed\x13\xc6H\v\xb7\xd0g!`\x18\x0f\x99\xadD-\xc8{\xbc\xb2\xb9Y\xe2P\x9b\xec\x1e_\xb4\x01\xf1\x1e\xa8\xf8\xdf?#p-\xbd3\"L\xe5\x7f\nC\x00}\x0eb\xbc\xa4}\x93\x9a\t\xf4\xfa\xbew D\x00\xb0Z\xc0\x1a\xf9\x924\a\x1c4\xfa\xe4\xe2\x8e\xe8\x19\x00\x05\xb7\xd51)\b\xf2#[-\xbf\x7f\x10\x14vy\x86\x85\xa4W\r\xe8i\x95\xc9\xe6\xf8\a\xd8\xe2\xdf\xc8\x97\xa2\b{b\xca\x95u:\v\x97\b\r@g\x80\x8d_\x18y\xd1\x8d\xc1)U`\xb9\xe2\xd7\x88\xc2\xaf\xdc\xc1\xda\xcc\xca\x9a\v\xact8Z\x1c\x06\x1b\xdf\xb5\xc1\"\x05,Yw\vP\xcc\xfa\xf9\x9f<\xbd\x1c\x1a\xcb*\x06\xb7\xcd\x7f\xba\xadr\xbb/\"2p\xf8\b\x1e\x04\xac*\x88\xb0\xa7\xc6\xb4M\x97n\xdck\xd1\\\x9f\x9d\x1a4 Y\xac\xcb\xf9f\xcf>qd\vn:\x12\xc0\xdca\xfd\x8d\x9dL\x92\x17\x8fe\xd1\xaa$\x12\x02R\x96t?\x9a\x1a') sendfile(r5, r6, &(0x7f00000000c0)=0x202, 0x8) [ 200.401585] audit: type=1400 audit(1568050363.449:46): avc: denied { prog_load } for pid=7622 comm="syz-executor.5" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=bpf permissive=1 17:32:43 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x44) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000000c0)}], 0x1}, 0x0) openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x2400, 0x0) gettid() bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r1, 0x0, 0x1, 0x0, 0x0}, 0x20) openat$cgroup_ro(r0, 0x0, 0x0, 0x0) ioctl$TUNGETFEATURES(0xffffffffffffffff, 0x800454cf, &(0x7f00000002c0)) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000080)=@nl=@unspec, 0x80, &(0x7f0000000100)=[{&(0x7f0000000180)}], 0x1}, 0x0) r2 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000200)="2e0000001c008105e00f80ecdb4cb9f207c804a01a000000880367fb0a000200030ada1b40d805000300c50083b8", 0x2e}], 0x1}, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, 0x0}, 0x24000001) 17:32:43 executing program 5: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x44) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000000c0)}], 0x1}, 0x0) openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x2400, 0x0) gettid() bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r1, 0x0, 0x1, 0x0, 0x0}, 0x20) openat$cgroup_ro(r0, 0x0, 0x0, 0x0) ioctl$TUNGETFEATURES(0xffffffffffffffff, 0x800454cf, &(0x7f00000002c0)) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000080)=@nl=@unspec, 0x80, &(0x7f0000000100)=[{&(0x7f0000000180)}], 0x1}, 0x0) r2 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000200)="2e0000001c008105e00f80ecdb4cb9f207c804a01a000000880367fb0a000200030ada1b40d805000300c50083b8", 0x2e}], 0x1}, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, 0x0}, 0x24000001) [ 200.531928] audit: type=1400 audit(1568050363.499:47): avc: denied { prog_run } for pid=7622 comm="syz-executor.5" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=bpf permissive=1 [ 200.532209] mmap: syz-executor.4 (7640) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst. 17:32:43 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0) r0 = getpid() syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x40000fffffc, 0x0) fcntl$dupfd(0xffffffffffffffff, 0x203, 0xffffffffffffffff) sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r1, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) openat$sequencer2(0xffffffffffffff9c, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x44000102, 0x0) sendto$inet6(r1, 0x0, 0x0, 0x0, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @mcast1}, 0x18) pipe(&(0x7f0000000700)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) clock_gettime(0x0, &(0x7f0000000100)) socketpair(0x8000000000001e, 0x5, 0x0, &(0x7f000000dff8)) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1b8}, 0x0, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) 17:32:43 executing program 2: r0 = syz_open_dev$sndctrl(&(0x7f0000000080)='/dev/snd/controlC#\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r0, 0x40405514, &(0x7f00000000c0)={0xa}) syz_genetlink_get_family_id$tipc(0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r0, 0x40405515, &(0x7f0000000580)={0xa, 0x0, 0x0, 0x0, 'syz0\x00'}) [ 200.644996] netlink: 6 bytes leftover after parsing attributes in process `syz-executor.3'. 17:32:43 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f0000000200)=[{0x6, 0x0, 0x0, 0x50000}]}) getsockname(0xffffffffffffffff, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff}}, 0x0) ioctl$KDSETKEYCODE(r0, 0x4b4d, 0x0) [ 200.720962] netlink: 6 bytes leftover after parsing attributes in process `syz-executor.5'. [ 200.792062] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. 17:32:43 executing program 5: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='memory.current\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x44) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000000c0)}], 0x1}, 0x0) openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x2400, 0x0) gettid() bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r1, 0x0, 0x1, 0x0, 0x0}, 0x20) openat$cgroup_ro(r0, 0x0, 0x0, 0x0) ioctl$TUNGETFEATURES(0xffffffffffffffff, 0x800454cf, &(0x7f00000002c0)) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000080)=@nl=@unspec, 0x80, &(0x7f0000000100)=[{&(0x7f0000000180)}], 0x1}, 0x0) r2 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000200)="2e0000001c008105e00f80ecdb4cb9f207c804a01a000000880367fb0a000200030ada1b40d805000300c50083b8", 0x2e}], 0x1}, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, 0x0}, 0x24000001) 17:32:43 executing program 4: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f00000003c0)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff4070000000000000400000000000000095000000000000002ba728041598d6fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f26fb0b71d0e6adfefc41d86bd917487960717142fa9ea4318123741c0a0e168c1886d0d4d94f2f4e345c652fbc1626e3a2a2ad35806150ae0209e62f51ee988e6e0dc8ce974a22a550d6fd70800c86ae3b3e05df3ceb9fc474c2a100c788b277beee1cbf9b0a4def23d410f6296b32a8343881dcc7b1b85f3c3d44aeaccd3641110bec4e90a6341965c39e4b3449abe802f5ab3e89cf6c662ed4048d3b3e22278d00031e5388ee5c867ddd58211d6ececb0cd2b6d357b8580218ce740068725837074e468ee23fd2f73902ebcfcf49822775985bf31b715f5888b2"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000100)={r0, 0x0, 0xe, 0x0, &(0x7f0000000240)="7bc329aa40cfbb1ae24b71fc7693", 0x0}, 0x28) 17:32:44 executing program 2: r0 = syz_open_dev$sndctrl(&(0x7f0000000080)='/dev/snd/controlC#\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r0, 0x40405514, &(0x7f00000000c0)={0xa}) ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r0, 0x40405515, &(0x7f0000000580)={0xa, 0x0, 0x0, 0x0, 'syz0\x00'}) 17:32:44 executing program 3: fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xee68, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000801, 0x0) sendto$inet(r0, 0x0, 0x0, 0x200007ff, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10) sendto$inet(r0, 0x0, 0x2d9, 0x0, 0x0, 0x24d) clock_gettime(0x0, &(0x7f0000001240)={0x0, 0x0}) recvmmsg(r0, &(0x7f0000000240), 0x45483d5a560d7693, 0x0, &(0x7f0000002a80)={0x0, r1+30000000}) 17:32:44 executing program 1: r0 = socket(0x1e, 0x2, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000080)=@req={0x3fc}, 0x10) r1 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc}, 0x10) sendmmsg(r1, &(0x7f00000028c0)=[{{0x0, 0x0, 0x0}}, {{&(0x7f00000003c0)=@tipc=@nameseq={0x1e, 0x300}, 0x80, 0x0}}], 0x2, 0x0) [ 201.115614] netlink: 6 bytes leftover after parsing attributes in process `syz-executor.5'. 17:32:44 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'batadv0\x00', 0x0}) bind$packet(r2, &(0x7f0000000640)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @link_local}, 0x14) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000140)=0x14) sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000006c0)=@newqdisc={0x24, 0x24, 0x507, 0x0, 0x0, {0x0, r4, {}, {0x0, 0xffff}}}, 0x24}}, 0x0) 17:32:44 executing program 2: r0 = syz_open_dev$sndctrl(&(0x7f0000000080)='/dev/snd/controlC#\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r0, 0x40405515, &(0x7f0000000580)={0xa, 0x0, 0x0, 0x0, 'syz0\x00'}) 17:32:44 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x0, 0x1000, 0x2000, &(0x7f0000000000/0x2000)=nil}) 17:32:44 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x173, &(0x7f0000000100)={&(0x7f0000000280)=ANY=[@ANYBLOB="240000002300470800000000000000000400000005000b0022ac0f006d655f7479706500aafd2ff8872dfd635a5f55bf86af672eb630c9da077fb50e3eb17cb5289603f614f418053855ef50ecf5e90fe20f098a6eb54d60012f147d17bbb01ece239233dbd5b40e858a9a823122c81f5b30ac9f3741c194e8c0d5338331b7185914085543a7b34d2a47c20413ab216115ad7a2d636b9a0004000000000000ea45da0a09b1b50a255972280fb8c43da71bb7f8602d55b321742fe1b3ef"], 0x269}}, 0x0) 17:32:44 executing program 0: seccomp(0x1, 0x0, &(0x7f0000000100)={0x1, &(0x7f00000000c0)=[{0x4000020006, 0x0, 0x0, 0xfffffffffffffffe}]}) r0 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, 0x0) mq_timedreceive(r0, &(0x7f0000000000)=""/4096, 0xfffffeeb, 0x0, &(0x7f0000001000)={0x77359400}) 17:32:44 executing program 2: r0 = syz_open_dev$sndctrl(&(0x7f0000000080)='/dev/snd/controlC#\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r0, 0x40405515, &(0x7f0000000580)={0xa, 0x0, 0x0, 0x0, 'syz0\x00'}) 17:32:44 executing program 1: perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x9e, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0x0, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x1) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x0, 0x40031, 0xffffffffffffffff, 0x0) inotify_add_watch(0xffffffffffffffff, &(0x7f0000000200)='./file0\x00', 0xa400295c) open(0x0, 0x0, 0x0) 17:32:44 executing program 5: perf_event_open(&(0x7f0000000140)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x0, @perf_config_ext, 0x8000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) unshare(0x20000) r0 = syz_open_procfs$namespace(0x0, &(0x7f00000000c0)='ns/mnt\x00') setns(r0, 0x0) clone(0x34004102, 0x0, 0x0, 0x0, 0x0) 17:32:44 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb9, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x8001}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'hash\x00', 0x0, 0x0, 'ghash\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000100)="0a0775b0d5e383e5b3c06639d476a0bf", 0x10) r2 = syz_open_procfs(0x0, &(0x7f00000004c0)='net/dev\x00') sendfile(r1, r2, 0x0, 0x6f0a77bd) 17:32:44 executing program 2: r0 = syz_open_dev$sndctrl(&(0x7f0000000080)='/dev/snd/controlC#\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r0, 0x40405515, &(0x7f0000000580)={0xa, 0x0, 0x0, 0x0, 'syz0\x00'}) [ 201.734309] audit: type=1400 audit(1568050364.779:48): avc: denied { map } for pid=7707 comm="syz-executor.1" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=28034 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:hugetlbfs_t:s0 tclass=file permissive=1 17:32:44 executing program 5: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nullb0\x00', 0x0, 0x0) lseek(r0, 0x0, 0x0) 17:32:44 executing program 1: r0 = socket(0x1e, 0x2, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000080)=@req={0x3fc}, 0x10) r1 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc, 0xfffffffffffffffc}, 0x10) sendmmsg(r1, &(0x7f00000028c0)=[{{0x0, 0x0, 0x0}}, {{&(0x7f00000003c0)=@tipc=@nameseq={0x1e, 0x1, 0x0, {0x0, 0x4}}, 0x80, 0x0}}], 0x2, 0x0) 17:32:44 executing program 3: r0 = creat(&(0x7f0000000080)='./file0\x00', 0x0) lseek(r0, 0xfffffffffffffffe, 0x4) 17:32:44 executing program 2: ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(0xffffffffffffffff, 0x40405514, &(0x7f00000000c0)={0xa}) ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(0xffffffffffffffff, 0x40405515, &(0x7f0000000580)={0xa, 0x0, 0x0, 0x0, 'syz0\x00'}) 17:32:45 executing program 5: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xee68, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000801, 0x0) sendto$inet(r0, 0x0, 0x0, 0x200007ff, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10) sendto$inet(r0, 0x0, 0x2d9, 0x0, 0x0, 0x24d) clock_gettime(0x0, &(0x7f0000001240)={0x0, 0x0}) recvmmsg(r0, &(0x7f0000000240), 0x45483d5a560d7693, 0x0, &(0x7f0000002a80)={0x0, r1+30000000}) getsockopt$SO_COOKIE(0xffffffffffffffff, 0x1, 0x39, 0x0, 0x0) 17:32:45 executing program 2: ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(0xffffffffffffffff, 0x40405514, &(0x7f00000000c0)={0xa}) ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(0xffffffffffffffff, 0x40405515, &(0x7f0000000580)={0xa, 0x0, 0x0, 0x0, 'syz0\x00'}) 17:32:45 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = socket(0x10, 0x80002, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'syz_tun\x00', 0x0}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x1f2, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="7400000064000101000100000000dbe88b0aff00", @ANYRES32=r2, @ANYRES64], 0x74}}, 0x10000) sendmmsg$alg(r1, &(0x7f0000000180)=[{0x3, 0x300000000000000, &(0x7f0000000080), 0x0, &(0x7f0000000100)}], 0x492492492492642, 0x0) 17:32:45 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000140)=[{0x2000000006, 0x0, 0x0, 0x50000}]}) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) openat$cgroup_subtree(r0, 0x0, 0x2, 0x0) 17:32:45 executing program 1: r0 = socket(0x1e, 0x2, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000080)=@req={0x3fc}, 0x10) r1 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc, 0xfffffffffffffffc}, 0x10) sendmmsg(r1, &(0x7f00000028c0)=[{{0x0, 0x0, 0x0}}, {{&(0x7f00000003c0)=@tipc=@nameseq={0x1e, 0x1, 0x0, {0x0, 0x4}}, 0x80, 0x0}}], 0x2, 0x0) 17:32:45 executing program 3: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)={0xa, 0x100000003, 0x3ff, 0x1}, 0x1f) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000080)={r0, &(0x7f0000000000), &(0x7f0000000040), 0x2}, 0x20) 17:32:45 executing program 2: ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(0xffffffffffffffff, 0x40405514, &(0x7f00000000c0)={0xa}) ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(0xffffffffffffffff, 0x40405515, &(0x7f0000000580)={0xa, 0x0, 0x0, 0x0, 'syz0\x00'}) 17:32:45 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl(r0, 0x1000008912, &(0x7f0000001c00)="11dca5055e0bcfe47bf070") request_key(&(0x7f00000000c0)='asymmetric\x00', &(0x7f0000001ffb)={'\x00\x00\x06', 0xffffffffffffffff, 0x6c00}, &(0x7f0000001fee)='R\trusB\xe3cusgrVex:1e', 0x0) 17:32:45 executing program 3: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000600)={'bridge_slave_1\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=@newqdisc={0x24, 0x24, 0x1, 0x0, 0x0, {0x0, r3, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0) 17:32:45 executing program 2: r0 = syz_open_dev$sndctrl(0x0, 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r0, 0x40405514, &(0x7f00000000c0)={0xa}) ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r0, 0x40405515, &(0x7f0000000580)={0xa, 0x0, 0x0, 0x0, 'syz0\x00'}) 17:32:45 executing program 0: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xee68, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000801, 0x0) sendto$inet(r0, 0x0, 0x0, 0x200007ff, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10) sendto$inet(r0, 0x0, 0x2d9, 0x0, 0x0, 0x24d) clock_gettime(0x0, &(0x7f0000001240)={0x0, 0x0}) recvmmsg(r0, &(0x7f0000000240), 0x45483d5a560d7693, 0x0, &(0x7f0000002a80)={0x0, r1+30000000}) 17:32:45 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb9, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'hash\x00', 0x0, 0x0, 'ghash\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000100)="0a0775b0d5e383e5b3c06639d476a0bf", 0x10) r2 = syz_open_procfs(0x0, &(0x7f00000004c0)='net/dev\x00') sendfile(r1, r2, 0x0, 0x6f0a77bd) 17:32:45 executing program 1: r0 = socket(0x1e, 0x2, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000080)=@req={0x3fc}, 0x10) r1 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc, 0xfffffffffffffffc}, 0x10) sendmmsg(r1, &(0x7f00000028c0)=[{{0x0, 0x0, 0x0}}, {{&(0x7f00000003c0)=@tipc=@nameseq={0x1e, 0x1, 0x0, {0x0, 0x4}}, 0x80, 0x0}}], 0x2, 0x0) 17:32:45 executing program 2: r0 = syz_open_dev$sndctrl(0x0, 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r0, 0x40405514, &(0x7f00000000c0)={0xa}) ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r0, 0x40405515, &(0x7f0000000580)={0xa, 0x0, 0x0, 0x0, 'syz0\x00'}) 17:32:45 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/loop-control\x00', 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f00000004c0)={0x2, 0x70, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 17:32:45 executing program 3: r0 = perf_event_open(&(0x7f0000000280)={0x2000000001, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) perf_event_open$cgroup(&(0x7f0000000140)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x1}}, 0xffffffffffffffff, 0x0, r0, 0x0) perf_event_open(&(0x7f00000000c0)={0x8, 0x70, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, r0, 0x0) 17:32:46 executing program 1: r0 = socket(0x1e, 0x2, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000080)=@req={0x3fc}, 0x10) r1 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc, 0xfffffffffffffffc}, 0x10) sendmmsg(r1, &(0x7f00000028c0)=[{{0x0, 0x0, 0x0}}, {{&(0x7f00000003c0)=@tipc=@nameseq={0x1e, 0x1, 0x0, {0x0, 0x4}}, 0x80, 0x0}}], 0x2, 0x0) 17:32:46 executing program 2: r0 = syz_open_dev$sndctrl(0x0, 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r0, 0x40405514, &(0x7f00000000c0)={0xa}) ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r0, 0x40405515, &(0x7f0000000580)={0xa, 0x0, 0x0, 0x0, 'syz0\x00'}) 17:32:46 executing program 2: r0 = syz_open_dev$sndctrl(&(0x7f0000000080)='/dev/snd/controlC#\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(0xffffffffffffffff, 0x40405514, &(0x7f00000000c0)={0xa}) ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r0, 0x40405515, &(0x7f0000000580)={0xa, 0x0, 0x0, 0x0, 'syz0\x00'}) [ 203.098433] WARNING: CPU: 0 PID: 7484 at kernel/events/core.c:1833 perf_group_attach+0x3f6/0x4c0 [ 203.107779] Kernel panic - not syncing: panic_on_warn set ... [ 203.107779] [ 203.115227] CPU: 0 PID: 7484 Comm: udevd Not tainted 4.19.71 #0 [ 203.121272] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 203.130609] Call Trace: [ 203.133192] [ 203.135355] dump_stack+0x172/0x1f0 [ 203.138987] panic+0x263/0x507 [ 203.142166] ? __warn_printk+0xf3/0xf3 [ 203.146062] ? perf_group_attach+0x3f6/0x4c0 [ 203.150475] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 203.156000] ? __warn.cold+0x5/0x4a [ 203.159613] ? __warn+0xe8/0x1d0 [ 203.162969] ? perf_group_attach+0x3f6/0x4c0 [ 203.167364] __warn.cold+0x20/0x4a [ 203.170894] ? perf_group_attach+0x3f6/0x4c0 [ 203.175297] report_bug+0x263/0x2b0 [ 203.178913] do_error_trap+0x204/0x360 [ 203.182791] ? math_error+0x340/0x340 [ 203.186581] ? mark_held_locks+0x100/0x100 [ 203.190805] ? error_entry+0x7c/0xe0 [ 203.194507] ? trace_hardirqs_off_caller+0x65/0x220 [ 203.199515] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 203.204345] do_invalid_op+0x1b/0x20 [ 203.208057] invalid_op+0x14/0x20 [ 203.211505] RIP: 0010:perf_group_attach+0x3f6/0x4c0 [ 203.216512] Code: ff 48 8d 7b 10 48 89 f8 48 c1 e8 03 42 80 3c 28 00 75 57 48 8b 5b 10 48 83 eb 10 49 39 dc 75 d4 e9 27 ff ff ff e8 ea 36 ec ff <0f> 0b e9 5c fd ff ff e8 3e ca 22 00 e9 b9 fc ff ff 48 c7 c7 20 fd [ 203.235429] RSP: 0018:ffff8880ae807ea8 EFLAGS: 00010006 [ 203.240786] RAX: ffff888094742400 RBX: ffff88808f52f100 RCX: ffffffff817f2c88 [ 203.248059] RDX: 0000000000010000 RSI: ffffffff817f2fa6 RDI: ffff88808f52f318 [ 203.255326] RBP: ffff8880ae807ed8 R08: ffff888094742400 R09: ffffed1015d064c2 [ 203.262583] R10: ffffed1015d064c1 R11: ffff8880ae83260b R12: ffff8880a11c2640 [ 203.269840] R13: ffffe8ffffc143d0 R14: 0000000000000000 R15: ffff8880ae832608 [ 203.277116] ? perf_group_attach+0xd8/0x4c0 [ 203.281426] ? perf_group_attach+0x3f6/0x4c0 [ 203.285824] ? perf_group_attach+0x3f6/0x4c0 [ 203.290224] __perf_install_in_context+0x4b5/0x960 [ 203.295142] ? kvm_clock_read+0x18/0x30 [ 203.299107] ? __perf_event_enable+0x910/0x910 [ 203.303678] remote_function+0x129/0x1a0 [ 203.307732] flush_smp_call_function_queue+0x147/0x4e0 [ 203.312999] ? perf_duration_warn+0x40/0x40 [ 203.317338] generic_smp_call_function_single_interrupt+0x13/0x2b [ 203.323577] smp_call_function_single_interrupt+0x9d/0x450 [ 203.329192] call_function_single_interrupt+0xf/0x20 [ 203.334277] [ 203.336505] RIP: 0010:get_page+0xbd/0x100 [ 203.340645] Code: 00 00 00 41 83 c5 7f 44 89 ee e8 de 22 d7 ff 41 83 fd 7f 76 1c e8 53 21 d7 ff be 04 00 00 00 48 89 df e8 d6 a3 0d 00 f0 ff 03 <5b> 41 5c 41 5d 5d c3 e8 37 21 d7 ff 48 c7 c6 40 b5 53 87 4c 89 e7 [ 203.359543] RSP: 0018:ffff88808434f9c0 EFLAGS: 00000202 ORIG_RAX: ffffffffffffff04 [ 203.367266] RAX: fffff94000491c67 RBX: ffffea000248e334 RCX: ffffffff8194454a [ 203.374534] RDX: 0000000000000001 RSI: 0000000000000004 RDI: ffffea000248e334 [ 203.381948] RBP: ffff88808434f9d8 R08: 1ffffd4000491c66 R09: fffff94000491c67 [ 203.389216] R10: fffff94000491c66 R11: ffffea000248e337 R12: ffffea000248e300 [ 203.396495] R13: 0000000000000080 R14: 0000000000000008 R15: 0000000000000020 [ 203.403773] ? get_page+0xba/0x100 [ 203.407341] copy_page_range+0xc95/0x1f90 [ 203.411479] ? anon_vma_fork+0x371/0x4a0 [ 203.415542] ? pmd_alloc+0x180/0x180 [ 203.419247] ? __vma_link_rb+0x279/0x370 [ 203.423299] copy_process.part.0+0x543d/0x7a30 [ 203.427886] ? __cleanup_sighand+0x70/0x70 [ 203.432133] ? find_held_lock+0x35/0x130 [ 203.436188] ? lock_downgrade+0x810/0x810 [ 203.440325] _do_fork+0x257/0xfd0 [ 203.443770] ? fork_idle+0x1d0/0x1d0 [ 203.447474] ? fd_install+0x4d/0x60 [ 203.451100] ? do_pipe2+0x9a/0x160 [ 203.454631] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 203.459376] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 203.464117] ? do_syscall_64+0x26/0x620 [ 203.468084] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 203.473435] ? do_syscall_64+0x26/0x620 [ 203.477397] __x64_sys_clone+0xbf/0x150 [ 203.481360] do_syscall_64+0xfd/0x620 [ 203.485149] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 203.490328] RIP: 0033:0x7f20d5c10f46 [ 203.494049] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 14 25 10 00 00 00 31 d2 49 81 c2 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 31 01 00 00 85 c0 41 89 c4 0f 85 3b 01 00 [ 203.512949] RSP: 002b:00007fffd9a08230 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 203.520644] RAX: ffffffffffffffda RBX: 00007fffd9a08230 RCX: 00007f20d5c10f46 [ 203.527904] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 203.535159] RBP: 00007fffd9a08290 R08: 0000000000001d3c R09: 0000000000001d3c [ 203.542428] R10: 00007f20d652da70 R11: 0000000000000246 R12: 0000000000000000 [ 203.549685] R13: 00007fffd9a08250 R14: 0000000000000005 R15: 0000000000000005 [ 203.558221] Kernel Offset: disabled [ 203.562030] Rebooting in 86400 seconds..