Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.61' (ECDSA) to the list of known hosts. 2020/06/26 21:36:59 fuzzer started 2020/06/26 21:37:00 dialing manager at 10.128.0.26:45395 2020/06/26 21:37:00 syscalls: 3118 2020/06/26 21:37:00 code coverage: enabled 2020/06/26 21:37:00 comparison tracing: enabled 2020/06/26 21:37:00 extra coverage: enabled 2020/06/26 21:37:00 setuid sandbox: enabled 2020/06/26 21:37:00 namespace sandbox: enabled 2020/06/26 21:37:00 Android sandbox: /sys/fs/selinux/policy does not exist 2020/06/26 21:37:00 fault injection: enabled 2020/06/26 21:37:00 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2020/06/26 21:37:00 net packet injection: enabled 2020/06/26 21:37:00 net device setup: enabled 2020/06/26 21:37:00 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2020/06/26 21:37:00 devlink PCI setup: PCI device 0000:00:10.0 is not available 2020/06/26 21:37:00 USB emulation: enabled 21:38:43 executing program 0: r0 = socket(0xa, 0x2, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IP_VS_SO_SET_FLUSH(r0, 0x0, 0x10, 0x0, 0x0) syzkaller login: [ 162.042143][ T6803] IPVS: ftp: loaded support on port[0] = 21 21:38:44 executing program 1: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000780)=ANY=[@ANYBLOB="b702000014000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe000000b1850000000d000000b7000000001c00009500000000000000e3a333a0daf2f73451c0e17a606fe530cb7d7f933eda02ba18ad181867514fe60077d4dd90123d3ee7cf43548ee858e07dfbdfd433070400a4ce6be614c2c7aef72ebf5fe31789471702c9c2d5a9db90ee3731bac8c48258f8dbe82e16cf8db95f5b068a9e00000000000000000000000000000000c693fbd000000000000000000000000000000018287ba7d8807c0ee93ea1bb7f00a15deb269d0a91985602763e4d70d404da006a3d6eef8f"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000740)={r1, 0x8001a0, 0x1c, 0x5ac484bb51fa106a, &(0x7f0000000380)="4d50b441e692763513ef874588a8ffffffff00000004122e25d30806", 0x0, 0x403, 0x0, 0x22d}, 0x28) fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, &(0x7f0000000040)='trusted.overlay.redirect\x00', 0x0, 0x0, 0x1) [ 162.192989][ T6803] chnl_net:caif_netlink_parms(): no params data found [ 162.298507][ T6803] bridge0: port 1(bridge_slave_0) entered blocking state [ 162.321663][ T6803] bridge0: port 1(bridge_slave_0) entered disabled state [ 162.330145][ T6803] device bridge_slave_0 entered promiscuous mode [ 162.355634][ T6803] bridge0: port 2(bridge_slave_1) entered blocking state [ 162.371677][ T6803] bridge0: port 2(bridge_slave_1) entered disabled state [ 162.379611][ T6803] device bridge_slave_1 entered promiscuous mode [ 162.415037][ T6933] IPVS: ftp: loaded support on port[0] = 21 [ 162.439307][ T6803] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 162.475521][ T6803] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 162.536636][ T6803] team0: Port device team_slave_0 added [ 162.554228][ T6803] team0: Port device team_slave_1 added 21:38:44 executing program 2: r0 = openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/exec\x00', 0x2, 0x0) io_setup(0x0, 0x0) write$apparmor_exec(r0, &(0x7f0000000000)=ANY=[@ANYBLOB='exec u'], 0x7) [ 162.626330][ T6803] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 162.636749][ T6803] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 162.663795][ T6803] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 162.702016][ T6803] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 162.708994][ T6803] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 162.737201][ T6803] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 162.757327][ T6933] chnl_net:caif_netlink_parms(): no params data found [ 162.837064][ T6803] device hsr_slave_0 entered promiscuous mode 21:38:44 executing program 3: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet(0x10, 0x80002, 0x0) sendmsg(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000002c0)="240000001a0007041dfffd946f610500020000e8fe02080100010800080003000400ff7e", 0x24}], 0x1}, 0x0) [ 162.912042][ T6803] device hsr_slave_1 entered promiscuous mode [ 163.017830][ T7075] IPVS: ftp: loaded support on port[0] = 21 [ 163.156487][ T6933] bridge0: port 1(bridge_slave_0) entered blocking state [ 163.164643][ T6933] bridge0: port 1(bridge_slave_0) entered disabled state [ 163.183069][ T6933] device bridge_slave_0 entered promiscuous mode [ 163.206336][ T6933] bridge0: port 2(bridge_slave_1) entered blocking state [ 163.213633][ T6933] bridge0: port 2(bridge_slave_1) entered disabled state [ 163.225172][ T6933] device bridge_slave_1 entered promiscuous mode [ 163.309229][ T6933] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 163.335184][ T6933] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 163.339705][ T7130] IPVS: ftp: loaded support on port[0] = 21 21:38:45 executing program 4: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0xc, &(0x7f0000000080), 0x8) [ 163.428982][ T6933] team0: Port device team_slave_0 added [ 163.518011][ T6933] team0: Port device team_slave_1 added [ 163.653835][ T6803] netdevsim netdevsim0 netdevsim0: renamed from eth0 21:38:45 executing program 5: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) r1 = dup(r0) getsockopt$bt_rfcomm_RFCOMM_LM(r1, 0x12, 0x2, 0x0, &(0x7f0000000b00)) [ 163.832979][ T6803] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 163.888609][ T6933] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 163.894114][ T7250] IPVS: ftp: loaded support on port[0] = 21 [ 163.912404][ T6933] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 163.947338][ T6933] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 163.964221][ T6803] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 164.007195][ T6803] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 164.071073][ T6933] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 164.078573][ T6933] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 164.106695][ T6933] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 164.144453][ T7075] chnl_net:caif_netlink_parms(): no params data found [ 164.165956][ T7288] IPVS: ftp: loaded support on port[0] = 21 [ 164.185411][ T6933] device hsr_slave_0 entered promiscuous mode [ 164.252082][ T6933] device hsr_slave_1 entered promiscuous mode [ 164.311652][ T6933] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 164.319503][ T6933] Cannot create hsr debugfs directory [ 164.547317][ T7130] chnl_net:caif_netlink_parms(): no params data found [ 164.609772][ T7075] bridge0: port 1(bridge_slave_0) entered blocking state [ 164.619730][ T7075] bridge0: port 1(bridge_slave_0) entered disabled state [ 164.633101][ T7075] device bridge_slave_0 entered promiscuous mode [ 164.684400][ T7075] bridge0: port 2(bridge_slave_1) entered blocking state [ 164.703205][ T7075] bridge0: port 2(bridge_slave_1) entered disabled state [ 164.711779][ T7075] device bridge_slave_1 entered promiscuous mode [ 164.744277][ T7075] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 164.784866][ T7075] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 164.804006][ T7250] chnl_net:caif_netlink_parms(): no params data found [ 164.894001][ T7075] team0: Port device team_slave_0 added [ 164.924875][ T7075] team0: Port device team_slave_1 added [ 164.940876][ T6933] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 164.988450][ T6933] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 165.058931][ T6933] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 165.182718][ T6933] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 165.248377][ T7075] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 165.255630][ T7075] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 165.255661][ T7075] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 165.276623][ T7130] bridge0: port 1(bridge_slave_0) entered blocking state [ 165.306217][ T7130] bridge0: port 1(bridge_slave_0) entered disabled state [ 165.314826][ T7130] device bridge_slave_0 entered promiscuous mode [ 165.356767][ T7075] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 165.367136][ T7075] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 165.395126][ T7075] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 165.417238][ T7130] bridge0: port 2(bridge_slave_1) entered blocking state [ 165.429334][ T7130] bridge0: port 2(bridge_slave_1) entered disabled state [ 165.438547][ T7130] device bridge_slave_1 entered promiscuous mode [ 165.466628][ T7288] chnl_net:caif_netlink_parms(): no params data found [ 165.534547][ T7075] device hsr_slave_0 entered promiscuous mode [ 165.583213][ T7075] device hsr_slave_1 entered promiscuous mode [ 165.632331][ T7075] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 165.639919][ T7075] Cannot create hsr debugfs directory [ 165.646438][ T7250] bridge0: port 1(bridge_slave_0) entered blocking state [ 165.655002][ T7250] bridge0: port 1(bridge_slave_0) entered disabled state [ 165.663635][ T7250] device bridge_slave_0 entered promiscuous mode [ 165.675631][ T7250] bridge0: port 2(bridge_slave_1) entered blocking state [ 165.682801][ T7250] bridge0: port 2(bridge_slave_1) entered disabled state [ 165.692204][ T7250] device bridge_slave_1 entered promiscuous mode [ 165.757934][ T6803] 8021q: adding VLAN 0 to HW filter on device bond0 [ 165.784743][ T7130] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 165.806867][ T7250] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 165.826384][ T7130] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 165.849691][ T7250] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 165.878832][ T2473] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 165.887929][ T2473] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 165.902263][ T6803] 8021q: adding VLAN 0 to HW filter on device team0 [ 165.938461][ T7250] team0: Port device team_slave_0 added [ 165.956249][ T7130] team0: Port device team_slave_0 added [ 165.988117][ T2485] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 165.998496][ T2485] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 166.010277][ T2485] bridge0: port 1(bridge_slave_0) entered blocking state [ 166.018137][ T2485] bridge0: port 1(bridge_slave_0) entered forwarding state [ 166.035636][ T7250] team0: Port device team_slave_1 added [ 166.050110][ T7130] team0: Port device team_slave_1 added [ 166.066772][ T2629] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 166.076970][ T2629] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 166.087423][ T2629] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 166.096852][ T2629] bridge0: port 2(bridge_slave_1) entered blocking state [ 166.104069][ T2629] bridge0: port 2(bridge_slave_1) entered forwarding state [ 166.113270][ T2629] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 166.146365][ T7250] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 166.153787][ T7250] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 166.180056][ T7250] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 166.193897][ T7288] bridge0: port 1(bridge_slave_0) entered blocking state [ 166.200991][ T7288] bridge0: port 1(bridge_slave_0) entered disabled state [ 166.210300][ T7288] device bridge_slave_0 entered promiscuous mode [ 166.252114][ T7130] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 166.259095][ T7130] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 166.290421][ T7130] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 166.303612][ T7250] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 166.310750][ T7250] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 166.338967][ T7250] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 166.351063][ T7288] bridge0: port 2(bridge_slave_1) entered blocking state [ 166.359029][ T7288] bridge0: port 2(bridge_slave_1) entered disabled state [ 166.367914][ T7288] device bridge_slave_1 entered promiscuous mode [ 166.392222][ T2649] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 166.408857][ T7130] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 166.418752][ T7130] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 166.448745][ T7130] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 166.490190][ T7288] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 166.501522][ T2473] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 166.510757][ T2473] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 166.589254][ T7130] device hsr_slave_0 entered promiscuous mode [ 166.642089][ T7130] device hsr_slave_1 entered promiscuous mode [ 166.681416][ T7130] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 166.689166][ T7130] Cannot create hsr debugfs directory [ 166.758427][ T7250] device hsr_slave_0 entered promiscuous mode [ 166.811702][ T7250] device hsr_slave_1 entered promiscuous mode [ 166.861480][ T7250] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 166.869061][ T7250] Cannot create hsr debugfs directory [ 166.877567][ T7288] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 166.897694][ T2649] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 166.905576][ T2649] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 166.916727][ T2649] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 166.979808][ T2473] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 166.988993][ T2473] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 167.019197][ T7288] team0: Port device team_slave_0 added [ 167.028760][ T7288] team0: Port device team_slave_1 added [ 167.039770][ T6803] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 167.052229][ T6803] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 167.102378][ T2629] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 167.110801][ T2629] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 167.136828][ T7288] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 167.144082][ T7288] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 167.172560][ T7288] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 167.202363][ T7075] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 167.246303][ T7075] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 167.304035][ T7288] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 167.311014][ T7288] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 167.338812][ T7288] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 167.389759][ T6933] 8021q: adding VLAN 0 to HW filter on device bond0 [ 167.399072][ T7075] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 167.445369][ T7075] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 167.575353][ T7288] device hsr_slave_0 entered promiscuous mode [ 167.632938][ T7288] device hsr_slave_1 entered promiscuous mode [ 167.681518][ T7288] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 167.689113][ T7288] Cannot create hsr debugfs directory [ 167.827352][ T2473] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 167.835544][ T2473] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 167.843916][ T2473] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 167.852037][ T2473] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 167.863186][ T6933] 8021q: adding VLAN 0 to HW filter on device team0 [ 167.915720][ T6803] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 167.948122][ T2515] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 167.960158][ T2515] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 167.970253][ T2515] bridge0: port 1(bridge_slave_0) entered blocking state [ 167.977540][ T2515] bridge0: port 1(bridge_slave_0) entered forwarding state [ 167.991967][ T2515] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 168.041443][ T2649] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 168.050158][ T2649] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 168.061153][ T2649] bridge0: port 2(bridge_slave_1) entered blocking state [ 168.068307][ T2649] bridge0: port 2(bridge_slave_1) entered forwarding state [ 168.076560][ T2649] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 168.107548][ T2485] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 168.120692][ T2485] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 168.138619][ T2485] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 168.165068][ T7130] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 168.221636][ T2649] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 168.230547][ T2649] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 168.248292][ T7130] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 168.284824][ T7130] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 168.344965][ T7130] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 168.406578][ T2473] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 168.441639][ T6803] device veth0_vlan entered promiscuous mode [ 168.456066][ T2485] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 168.476701][ T2485] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 168.491016][ T2485] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 168.500646][ T2485] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 168.510586][ T2485] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 168.520416][ T2485] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 168.539894][ T6933] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 168.552586][ T6933] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 168.572326][ T7250] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 168.603889][ T7250] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 168.673746][ T2485] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 168.682164][ T2485] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 168.689886][ T2485] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 168.698923][ T2485] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 168.714655][ T7075] 8021q: adding VLAN 0 to HW filter on device bond0 [ 168.743578][ T7250] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 168.775923][ T7250] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 168.839807][ T6803] device veth1_vlan entered promiscuous mode [ 168.883326][ T2515] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 168.891166][ T2515] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 168.920369][ T2473] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 168.928494][ T2473] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 168.942147][ T7075] 8021q: adding VLAN 0 to HW filter on device team0 [ 168.949015][ T7288] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 169.006831][ T6933] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 169.034780][ T7288] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 169.076087][ T7288] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 169.123924][ T7288] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 169.163301][ T2473] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 169.173891][ T2473] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 169.182886][ T2473] bridge0: port 1(bridge_slave_0) entered blocking state [ 169.189933][ T2473] bridge0: port 1(bridge_slave_0) entered forwarding state [ 169.198370][ T2473] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 169.233526][ T2485] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 169.243749][ T2485] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 169.254417][ T2485] bridge0: port 2(bridge_slave_1) entered blocking state [ 169.261574][ T2485] bridge0: port 2(bridge_slave_1) entered forwarding state [ 169.275670][ T6803] device veth0_macvtap entered promiscuous mode [ 169.318774][ T6803] device veth1_macvtap entered promiscuous mode [ 169.335697][ T2649] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 169.348497][ T2649] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 169.357773][ T2649] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 169.366385][ T2649] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 169.375193][ T2649] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 169.384290][ T2649] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 169.393209][ T2649] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 169.422666][ T2485] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 169.432978][ T2485] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 169.443419][ T2485] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 169.452666][ T2485] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 169.462032][ T2485] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 169.472179][ T2485] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 169.486880][ T7130] 8021q: adding VLAN 0 to HW filter on device bond0 [ 169.510616][ T6933] device veth0_vlan entered promiscuous mode [ 169.539679][ T2515] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 169.554236][ T2515] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 169.565394][ T2515] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 169.576638][ T2515] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 169.585941][ T2515] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 169.595132][ T2515] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 169.620689][ T7075] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 169.641887][ T2515] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 169.650541][ T2515] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 169.660415][ T2515] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 169.669312][ T2515] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 169.679416][ T6803] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 169.689108][ T7130] 8021q: adding VLAN 0 to HW filter on device team0 [ 169.724765][ T6933] device veth1_vlan entered promiscuous mode [ 169.739577][ T2515] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 169.750435][ T2515] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 169.761365][ T2515] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 169.775099][ T6803] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 169.819688][ T2649] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 169.830759][ T2649] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 169.841611][ T2649] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 169.849614][ T2649] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 169.890726][ T2515] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 169.900337][ T2515] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 169.915742][ T2515] bridge0: port 1(bridge_slave_0) entered blocking state [ 169.923627][ T2515] bridge0: port 1(bridge_slave_0) entered forwarding state [ 169.946314][ T7075] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 170.016476][ T2629] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 170.024766][ T2629] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 170.034273][ T2629] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 170.043470][ T2629] bridge0: port 2(bridge_slave_1) entered blocking state [ 170.050714][ T2629] bridge0: port 2(bridge_slave_1) entered forwarding state [ 170.059976][ T2629] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 170.095410][ T7288] 8021q: adding VLAN 0 to HW filter on device bond0 [ 170.138418][ T2485] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 170.147414][ T2485] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 170.156756][ T2485] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 170.166201][ T8057] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 170.204715][ T7250] 8021q: adding VLAN 0 to HW filter on device bond0 [ 170.272182][ T2473] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 170.281806][ T2473] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 170.294692][ T2473] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 170.319187][ T2473] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 170.342059][ T2473] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 170.350909][ T2473] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 170.372612][ T2473] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 170.380428][ T2473] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 170.408087][ T6933] device veth0_macvtap entered promiscuous mode 21:38:52 executing program 0: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x42, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x12, r0, 0x0) syz_read_part_table(0x0, 0xb784, &(0x7f0000000040)=[{&(0x7f0000000000)="0201a6ffffff0a000000ff45ac00000000006300e931190000000000000680ffffffa5000000e100e2ff877700720030070081ffffff00000000008000da55aa", 0x40, 0x1c0}]) [ 170.438374][ T7130] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 170.460106][ T7288] 8021q: adding VLAN 0 to HW filter on device team0 [ 170.492194][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 170.507158][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 170.524614][ T6933] device veth1_macvtap entered promiscuous mode [ 170.588447][ T8057] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 170.606187][ T8057] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 170.620874][ T8057] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 170.640185][ T8057] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 170.650794][ T8057] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 170.667464][ T8057] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 170.677554][ T8057] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 170.697134][ T8057] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 170.706801][ T8057] bridge0: port 1(bridge_slave_0) entered blocking state [ 170.713955][ T8057] bridge0: port 1(bridge_slave_0) entered forwarding state [ 170.742941][ T8057] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 170.764500][ T7250] 8021q: adding VLAN 0 to HW filter on device team0 [ 170.790903][ T7075] device veth0_vlan entered promiscuous mode [ 170.852308][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 170.874960][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 170.892503][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 170.911278][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 170.919804][ T5] bridge0: port 2(bridge_slave_1) entered blocking state [ 170.927160][ T5] bridge0: port 2(bridge_slave_1) entered forwarding state [ 170.937894][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 170.948049][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 170.958572][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 170.969663][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 170.978830][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 170.989136][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 170.999137][ T5] bridge0: port 1(bridge_slave_0) entered blocking state [ 171.006303][ T5] bridge0: port 1(bridge_slave_0) entered forwarding state [ 171.057295][ T7130] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 171.077022][ T6933] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 171.090355][ T6933] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 171.103054][ T6933] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 171.110660][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 171.131962][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 171.139699][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 171.161856][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 171.170619][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 171.193765][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 171.215137][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 171.225544][ T7075] device veth1_vlan entered promiscuous mode [ 171.263700][ T6933] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 171.291155][ T6933] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 171.324051][ T6933] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 171.332250][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 171.340389][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 171.372425][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 171.391446][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 171.400078][ T5] bridge0: port 2(bridge_slave_1) entered blocking state [ 171.407269][ T5] bridge0: port 2(bridge_slave_1) entered forwarding state [ 171.420457][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 171.439322][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 171.450842][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready 21:38:53 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_setup(0x20000000001005, &(0x7f0000000880)=0x0) io_pgetevents(r0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 171.466629][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 171.476545][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 171.493767][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 171.522019][ T7288] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 171.534292][ T7288] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 171.563132][ T2473] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 171.582536][ T2473] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 171.598983][ T2473] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready 21:38:53 executing program 0: socket$pppoe(0x18, 0x1, 0x0) openat$vcsa(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vcsa\x00', 0x202400, 0x0) r0 = getpid() sched_setscheduler(r0, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000780)=ANY=[@ANYBLOB="b702000014000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe000000b1850000000d000000b7000000001c00009500000000000000e3a333a0daf2f73451c0e17a606fe530cb7d7f933eda02ba18ad181867514fe60077d4dd90123d3ee7cf43548ee858e07dfbdfd433070400a4ce6be614c2c7aef72ebf5fe31789471702c9c2d5a9db90ee3731bac8c48258f8dbe82e16cf8db95f5b068a9e00000000000000000000000000000000c693fbd000000000000000000000000000000018287ba7d8807c0ee93ea1bb7f00a15deb269d0a91985602763e4d70d404da006a3d6eef8f"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000740)={r1, 0x8001a0, 0x1c, 0x5ac484bb51fa106a, &(0x7f0000000380)="4d50b441e692763513ef874588a80000000100000004122e25d386dd", 0x0, 0x403, 0x0, 0x22d}, 0x28) socket$inet6_tcp(0xa, 0x1, 0x0) write$RDMA_USER_CM_CMD_MIGRATE_ID(0xffffffffffffffff, &(0x7f0000000040)={0x12, 0x10, 0xfa00, {0x0}}, 0x18) [ 171.737255][ T2473] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 171.746227][ T2473] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 171.756290][ T2473] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 171.766030][ T2473] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 171.879971][ T8057] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 171.910475][ T8057] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 171.918778][ T8057] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready 21:38:53 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000940)={0x26, 'hash\x00', 0x0, 0x0, 'vmac64(aes-generic)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000440)="cb56b6cc0407008b65d8b4ac2ca35c66", 0x10) r1 = accept4(r0, 0x0, 0x0, 0x0) write$binfmt_script(r1, &(0x7f00000005c0)=ANY=[@ANYBLOB="4d2b1cc04255303985c94e2dae99a0ce1228b49becc7fefe3dd18e7d5604e4d1b7615b5fb0a76c7f865315c1b619ac9bf8b6524c7ebc93f8352b96930c079539c948a84e4be57c838f9ef8af9ba4b79a614fcbd57699a57245182c484efa24ac5d190a7178a149b735c6e2031faa8cffaa2c712bbdca67605f19842864e71af1dc0ac11634f21ae9b1c7ab2ce51bf432c96b7dbcd49cd1f09f20751e335237bc49682054f866f6aa70a0f8ba8daae497fc3a73bbcdf9c1a9e5736247dc6d8f91fcf27bc11fbca86cf9a8ff9ae15147", @ANYBLOB="621d4f7b4348019a290bd6e668c942070000007536a955149cf729b724cac0ec3ac6a8aa6bc3f855d45cedd5d59a1be9c0ac628c08789a35769c43423c45235a2f389a213dbbb4b6"], 0xfea7) [ 171.952252][ T8057] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 171.960923][ T8057] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 171.973368][ T8057] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 171.984203][ T8057] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 172.022145][ T8057] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 172.030630][ T8057] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 172.062644][ T8057] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 172.070968][ T8057] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 172.091507][ T8057] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 172.107439][ T7288] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 172.117652][ T7130] device veth0_vlan entered promiscuous mode [ 172.147183][ T7075] device veth0_macvtap entered promiscuous mode 21:38:54 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'pcbc(fcrypt)\x00'}, 0x58) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = dup2(r1, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000412ff8)="3665a1ab415b7ac7", 0x8) r3 = accept(r0, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000000740)=[{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f00000001c0)="564004c6852da7a299e4c397614090d1a6e12edf1767f157", 0xfcdc}], 0x1, &(0x7f0000000300)=[@assoc], 0xf}], 0x1, 0x0) [ 172.158004][ T8057] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 172.167642][ T8057] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 172.185073][ T8057] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 172.196458][ T8057] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 172.207552][ T8057] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 172.225057][ T8057] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 172.290031][ T7130] device veth1_vlan entered promiscuous mode 21:38:54 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000000)={0xffffffffffffffff}, 0x106}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(r2, &(0x7f0000000300)={0x3, 0x40, 0xfa00, {{0x6000000, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, {0x2, 0x0, 0x0, @dev}, r3}}, 0x48) [ 172.356146][ T7075] device veth1_macvtap entered promiscuous mode [ 172.357055][ C0] hrtimer: interrupt took 65778 ns [ 172.383999][ T7250] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 172.530286][ T7130] device veth0_macvtap entered promiscuous mode [ 172.560163][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 172.577192][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 172.590932][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 172.608920][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 172.620060][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 172.660313][ T7250] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 172.700968][ T7075] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 172.756837][ T7075] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 172.810290][ T7075] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 172.821330][ T7075] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 172.833399][ T7075] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 172.845642][ T7130] device veth1_macvtap entered promiscuous mode 21:38:54 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = dup2(r0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-control\x00', 0x0, 0x0) close(r2) [ 172.859815][ T8057] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 172.884783][ T8057] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 172.910886][ T8057] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 172.971432][ T8057] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 172.978943][ T8057] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 173.023404][ T8057] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 173.060298][ T7075] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 173.072702][ T7075] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 173.084167][ T7075] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 173.096114][ T7075] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 173.108860][ T7075] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 173.142202][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 173.154467][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 173.172475][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready 21:38:55 executing program 1: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000780)=ANY=[@ANYBLOB="b702000014000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe000000b1850000000d000000b7000000001c00009500000000000000e3a333a0daf2f73451c0e17a606fe530cb7d7f933eda02ba18ad181867514fe60077d4dd90123d3ee7cf43548ee858e07dfbdfd433070400a4ce6be614c2c7aef72ebf5fe31789471702c9c2d5a9db90ee3731bac8c48258f8dbe82e16cf8db95f5b068a9e00000000000000000000000000000000c693fbd000000000000000000000000000000018287ba7d8807c0ee93ea1bb7f00a15deb269d0a91985602763e4d70d404da006a3d6eef8f"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000740)={r1, 0x8001a0, 0x1c, 0x5ac484bb51fa106a, &(0x7f0000000380)="4d50b441e692763513ef874588a8ffffffff00000004122e25d30806", 0x0, 0x403, 0x0, 0x22d}, 0x28) fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, &(0x7f0000000040)='trusted.overlay.redirect\x00', 0x0, 0x0, 0x1) [ 173.208552][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 173.238403][ T7130] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 173.268257][ T7130] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 173.306089][ T7130] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 173.318651][ T7130] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 173.338770][ T7130] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 173.350751][ T7130] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 173.368676][ T7130] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 173.411860][ T8057] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 173.420785][ T8057] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 173.435276][ T7130] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 173.469915][ T7130] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 173.488756][ T7130] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 173.513869][ T7130] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 173.530985][ T7130] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 173.549488][ T7130] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 173.569305][ T7130] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 173.590397][ T7288] device veth0_vlan entered promiscuous mode [ 173.615278][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 173.628561][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 173.645899][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 173.671995][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 173.823624][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 173.839387][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 173.847920][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 173.866330][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 173.934316][ T7288] device veth1_vlan entered promiscuous mode [ 174.065355][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready 21:38:56 executing program 2: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) r1 = dup(r0) setsockopt$packet_int(r1, 0x107, 0x10000000000f, &(0x7f0000006ffc)=0x40000008, 0x4) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r3 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_int(r3, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4) setsockopt$packet_tx_ring(r3, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000200)={'vlan0\x00', 0x0}) bind$packet(r0, &(0x7f0000000640)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @link_local}, 0x14) sendto$inet6(r0, &(0x7f0000000300)="0503d03204023e0400a00000c513f7c25975e697b02f08066b2b2ff0dac8897c6b11876d886b143a301817ccd51cc5471d130a6632a88161b6fd8f24286a57c3fe257c3314a3974bb654697f", 0xfdfa, 0xe803, 0x0, 0x0) [ 174.268394][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 174.279402][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 174.303317][ T7288] device veth0_macvtap entered promiscuous mode [ 174.427074][ T8057] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 174.435964][ T8057] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 174.445842][ T8057] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 174.459568][ T8057] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 174.470398][ T7250] device veth0_vlan entered promiscuous mode 21:38:56 executing program 3: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$fou(&(0x7f0000000080)='fou\x00') sendmsg$FOU_CMD_ADD(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)={0x24, r3, 0x209, 0x0, 0x0, {}, [@FOU_ATTR_PEER_PORT={0x6}, @FOU_ATTR_PEER_V4={0x8, 0x8, @multicast1}]}, 0x24}}, 0x0) [ 174.487775][ T7288] device veth1_macvtap entered promiscuous mode [ 174.503155][ T2485] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 174.513396][ T2485] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 174.545458][ T7250] device veth1_vlan entered promiscuous mode [ 174.566361][ T7288] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 174.578444][ T7288] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 174.599834][ T7288] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 174.629231][ T7288] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 174.672523][ T7288] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 174.699716][ T7288] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 174.718391][ T7288] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 174.729840][ T7288] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 174.745313][ T7288] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 174.766930][ T2485] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 174.777421][ T2485] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 174.787183][ T2485] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 174.812664][ T2485] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 174.833009][ T7288] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 174.846850][ T7288] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 174.861383][ T7288] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 174.873338][ T7288] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 174.884041][ T7288] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 174.895113][ T7288] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 174.906020][ T7288] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 174.917095][ T7288] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 174.929942][ T7288] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 174.956651][ T8057] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 174.967017][ T8057] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 174.977378][ T8057] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 174.995869][ T8057] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 175.018077][ T7250] device veth0_macvtap entered promiscuous mode [ 175.064566][ T7250] device veth1_macvtap entered promiscuous mode [ 175.082322][ T2485] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 175.097258][ T2485] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 175.156580][ T7250] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 175.168144][ T7250] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 175.179773][ T7250] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 175.192209][ T7250] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 175.202536][ T7250] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 175.213884][ T7250] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 175.224779][ T7250] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 175.235964][ T7250] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 175.246626][ T7250] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 175.258686][ T7250] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 175.272459][ T7250] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 175.283063][ T2649] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 175.292705][ T2649] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 175.360792][ T7250] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 175.371884][ T7250] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 175.383670][ T7250] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 175.397561][ T7250] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 175.408344][ T7250] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 175.420053][ T7250] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 175.430337][ T7250] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 175.440890][ T7250] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 175.450892][ T7250] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 175.462052][ T7250] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 175.474167][ T7250] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 175.485373][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 175.501852][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready 21:38:57 executing program 4: mkdir(&(0x7f0000000200)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000400)='overlay\x00', 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./file0']) chdir(&(0x7f0000000140)='./bus\x00') r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r1 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0) dup3(r1, r0, 0x0) 21:38:57 executing program 0: r0 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0)='ethtool\x00') r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$ETHTOOL_MSG_LINKMODES_SET(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000800)={0x18, r0, 0x427, 0x0, 0x0, {0x3}, [@ETHTOOL_A_LINKMODES_OURS={0x4}]}, 0x18}}, 0x0) 21:38:57 executing program 1: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000780)=ANY=[@ANYBLOB="b702000014000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe000000b1850000000d000000b7000000001c00009500000000000000e3a333a0daf2f73451c0e17a606fe530cb7d7f933eda02ba18ad181867514fe60077d4dd90123d3ee7cf43548ee858e07dfbdfd433070400a4ce6be614c2c7aef72ebf5fe31789471702c9c2d5a9db90ee3731bac8c48258f8dbe82e16cf8db95f5b068a9e00000000000000000000000000000000c693fbd000000000000000000000000000000018287ba7d8807c0ee93ea1bb7f00a15deb269d0a91985602763e4d70d404da006a3d6eef8f"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000740)={r1, 0x8001a0, 0x1c, 0x5ac484bb51fa106a, &(0x7f0000000380)="4d50b441e692763513ef874588a8ffffffff00000004122e25d30806", 0x0, 0x403, 0x0, 0x22d}, 0x28) fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, &(0x7f0000000040)='trusted.overlay.redirect\x00', 0x0, 0x0, 0x1) 21:38:57 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, "00000000000000000000000000ddc1517600"}) r1 = syz_open_pts(r0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000200)=0x1) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) dup3(r1, r0, 0x0) 21:38:57 executing program 2: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) r1 = dup(r0) setsockopt$packet_int(r1, 0x107, 0x10000000000f, &(0x7f0000006ffc)=0x40000008, 0x4) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r3 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_int(r3, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4) setsockopt$packet_tx_ring(r3, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000200)={'vlan0\x00', 0x0}) bind$packet(r0, &(0x7f0000000640)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @link_local}, 0x14) sendto$inet6(r0, &(0x7f0000000300)="0503d03204023e0400a00000c513f7c25975e697b02f08066b2b2ff0dac8897c6b11876d886b143a301817ccd51cc5471d130a6632a88161b6fd8f24286a57c3fe257c3314a3974bb654697f", 0xfdfa, 0xe803, 0x0, 0x0) 21:38:57 executing program 5: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) r1 = dup(r0) getsockopt$bt_rfcomm_RFCOMM_LM(r1, 0x12, 0x2, 0x0, &(0x7f0000000b00)) 21:38:57 executing program 5: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) r1 = dup(r0) getsockopt$bt_rfcomm_RFCOMM_LM(r1, 0x12, 0x2, 0x0, &(0x7f0000000b00)) [ 175.886991][ T8171] netlink: 'syz-executor.0': attribute type 3 has an invalid length. [ 175.986077][ T8180] netlink: 'syz-executor.0': attribute type 3 has an invalid length. [ 176.034690][ T28] audit: type=1804 audit(1593207537.925:2): pid=8175 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir638301391/syzkaller.N3Mx2n/1/bus/bus" dev="overlay" ino=15783 res=1 21:38:58 executing program 0: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) r1 = dup(r0) setsockopt$packet_int(r1, 0x107, 0x10000000000f, &(0x7f0000006ffc)=0x40000008, 0x4) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r3 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_int(r3, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4) setsockopt$packet_tx_ring(r3, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000200)={'vlan0\x00', 0x0}) bind$packet(r0, &(0x7f0000000640)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @link_local}, 0x14) sendto$inet6(r0, &(0x7f0000000300)="0503d03206023e0400a00006c513f7c25975e697b02f08066b2b2ff0dac8897c6b11876d886b143a301817ccd51cc5471d130a6632a88161b6fd8f24286a57c3fe257c3314a3974bb654697f", 0xfdfa, 0xe803, 0x0, 0x0) 21:38:58 executing program 5: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) r1 = dup(r0) getsockopt$bt_rfcomm_RFCOMM_LM(r1, 0x12, 0x2, 0x0, &(0x7f0000000b00)) [ 176.076145][ T8182] overlayfs: filesystem on './file0' not supported as upperdir [ 176.119305][ T28] audit: type=1804 audit(1593207537.985:3): pid=8185 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir638301391/syzkaller.N3Mx2n/1/bus/bus" dev="overlay" ino=15783 res=1 21:38:58 executing program 2: clone(0x200, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = memfd_create(&(0x7f0000000640)='\x97&\x89\\\xd0\xe7\xca\x16ZO\x94:\xe1\x01\xe5`iq@Nse;\xa8Fpj\x0e\x04!\xd5\xc5YBz\x94\xaf\x13\xe9\xd2\x0f\xc2G\x86\x06\x00\xf1/V\x8cvS\xa6K&u\x9dX\xcc\r\x12\x11\x99\xe7\xce\xaeA\xb8-E\xa1\xf8\xe4~IS\xc1\x04\xf78\xf1\'\xdfv\x90\xbc\xd1\xda\x88j\x16\xeb>\x8c\xa1\x03\xf3\xaf\xfd\xf4&a?\xcaG\n\x02j\x9b}\xc6G\x86\xb2\xdeY\x17yX $\xfcU\x9d\x02\x00\x00\x00\x00\x00\x00\x00_\x7f\xf4tW.\x81\n\xf3\v\x8d\x12pa\x91\x9b\x8cxd\x06\xa7k\n\x86\xc3\xb6\x910\xf2\x03\x00\xaf\xe1jd\xda\x1f\x8bVrd\xa4\xb34\xfcUj\x1ad:#\x96\xf9\xd3\x1c]ImZlU=.\x18)\xcf\x1am\xd5\xe0\xdb\xdc\xd7\x8e\xe0\xa3\x82\xec\x9b\xfb\xc9\x81\x9c\xdc\xb7\x0f\xdd\xd3\xd7\xbe\x89\x7f3\x1d\x1c@\x8eu\x85\xces\x89\x95&3FX\xb1\xaf\xa6\x96\xa2\x13\x1f-\b\xcf1J\xd9\x13Q\x94R/\xdf\x1e\x9e\xe57\xda{\xe1D\x00\x00\x00\x00H\xe6\x0f\xe0]\xef\x8b\xcdk\xfe\xf6\xcc+rp\xd5\b~\xf6\xa2\x87\xed<\xc2bO\x88\x03n% ', 0x0) execveat(r2, &(0x7f0000000500)='\x00', 0x0, 0x0, 0x1000) clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc04, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x190c1}, 0x0, 0x0, 0xffffffffffffffff, 0x0) dup(0xffffffffffffffff) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0) 21:38:58 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000e68000)={0x2, 0xfff8, @local}, 0x10) 21:38:58 executing program 5: syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) getsockopt$bt_rfcomm_RFCOMM_LM(0xffffffffffffffff, 0x12, 0x2, 0x0, &(0x7f0000000b00)) [ 176.414209][ T8205] ERROR: Domain ' /sbin/init /usr/sbin/sshd /usr/sbin/sshd /bin/bash /root/syz-fuzzer /root/syz-executor.2 proc:/self/fd/6' not defined. 21:38:58 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, "00000000000000000000000000ddc1517600"}) r1 = syz_open_pts(r0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000200)=0x1) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) dup3(r1, r0, 0x0) 21:38:58 executing program 5: syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) getsockopt$bt_rfcomm_RFCOMM_LM(0xffffffffffffffff, 0x12, 0x2, 0x0, &(0x7f0000000b00)) 21:38:59 executing program 1: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000780)=ANY=[@ANYBLOB="b702000014000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe000000b1850000000d000000b7000000001c00009500000000000000e3a333a0daf2f73451c0e17a606fe530cb7d7f933eda02ba18ad181867514fe60077d4dd90123d3ee7cf43548ee858e07dfbdfd433070400a4ce6be614c2c7aef72ebf5fe31789471702c9c2d5a9db90ee3731bac8c48258f8dbe82e16cf8db95f5b068a9e00000000000000000000000000000000c693fbd000000000000000000000000000000018287ba7d8807c0ee93ea1bb7f00a15deb269d0a91985602763e4d70d404da006a3d6eef8f"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000740)={r1, 0x8001a0, 0x1c, 0x5ac484bb51fa106a, &(0x7f0000000380)="4d50b441e692763513ef874588a8ffffffff00000004122e25d30806", 0x0, 0x403, 0x0, 0x22d}, 0x28) fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, &(0x7f0000000040)='trusted.overlay.redirect\x00', 0x0, 0x0, 0x1) 21:38:59 executing program 2: perf_event_open(&(0x7f0000000000)={0x1000000002, 0x70, 0x800000000000013, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e26, 0x0, @ipv4={[], [], @dev}}, 0x1c) r1 = syz_open_procfs(0x0, &(0x7f0000000000)='pagemap\x00') sendfile(r0, r1, 0x0, 0xedc0) 21:38:59 executing program 0: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) r1 = dup(r0) setsockopt$packet_int(r1, 0x107, 0x10000000000f, &(0x7f0000006ffc)=0x40000008, 0x4) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r3 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_int(r3, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4) setsockopt$packet_tx_ring(r3, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000200)={'vlan0\x00', 0x0}) bind$packet(r0, &(0x7f0000000640)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @link_local}, 0x14) sendto$inet6(r0, &(0x7f0000000300)="0503d03206023e0400a00006c513f7c25975e697b02f08066b2b2ff0dac8897c6b11876d886b143a301817ccd51cc5471d130a6632a88161b6fd8f24286a57c3fe257c3314a3974bb654697f", 0xfdfa, 0xe803, 0x0, 0x0) 21:38:59 executing program 4: clone(0x3a3dd4008400af01, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0xf402000000000000, 0x40, &(0x7f0000000680)=@raw={'raw\x00', 0x2, 0x3, 0x228, 0x0, 0xf8, 0x0, 0x0, 0xf8, 0x190, 0x190, 0x190, 0x190, 0x190, 0x5, 0x0, {[{{@uncond=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6], 0x0, 0xd0, 0xf8, 0x0, {}, [@common=@unspec=@state={{0x28, 'state\x00'}}, @common=@unspec=@quota={{0x38, 'quota\x00'}}]}, @common=@inet=@SYNPROXY={0x28, 'SYNPROXY\x00'}}, {{@ip={@local, @remote, 0x0, 0x0, 'vlan0\x00', 'nr0\x00'}, 0x0, 0x70, 0x98}, @common=@inet=@SYNPROXY={0x28, 'SYNPROXY\x00'}}], {{[], 0x0, 0x70, 0x98}, {0x28}}}}, 0x288) r1 = memfd_create(&(0x7f0000000300)='sY\xa4\remem0md5sum$\x00\xca\x9b\x8c\x9f\xcd\x89\x8f\xef\\\xfb\x8fI\x851\xa0\xe9rN\x1e8\x0eg\xe0\xca\xaa\xe3?P\x01\x00\x00\x00\x00\x00\x00\x00\xe8\xa3\xdc\x04c\xb6\xcf\x12N\xdc\x18\xabd\x82$>\xe1i\xe6=\"\x81;|1\xc3N\xc4\xe3\xc1\xe9\x93)\f\xfc\xd9\xc0/i#\x95\x03\x15\xe4\x01$\x11sI\xb54\x90\xb8hR{/\xc0cX\x84\xc8\\\xc4:\x15\x94\xeb9no]\x14\xe2zwP,Y(\x98\aa`\x0e@wT;\xa0\xb3\xe8\x02\x89b\xb8\xb0\xbd.\x8ei\xca0\xbdJ\xc1=\xb4jc\xc4\xd5\xe0Wb\x16X6\'\xd5\xce\xfb\"\xfb\xe8\xec\x92\xfe\x1c\x15\x17\xb2\x8d@9vT\xf9gT\xba\xe2\xc2\x90\x0f\xc6\xc7IJPy\xed\xd9\xca\x17\x04g[\x87\xe5l\x04}D\xca\xb2\xe2.\xe8\xbeP\xe4\xcam}Z&[\xc8\x84\v7\xe0\xa6O\xd0\t\xf93\xd52\xb8HM\xf5F\xfa\xfd\xf6\x199\xa6\xa8\xbcq[\xf4\x00\x1dD\xa0\xd3\xc1\xce\x00\x00\x00\x00\x10\x00\x00\x00\rH\xb5Z!\x05\xec\xcd\xa0\x9f\x85\x1c\x94\x1dx\xf0\x05\x1b\xc2G\xf5-H\'\x8d~\xc5\xdb\x96B\x90\'\t\x1d\xff\xd2s\r\x18% \xd9N\xc4\xf7^\x1a\xa2(s\x1d \tz\x98\x9d\xba\x91Z\xacE\xa7\xf5\xfcI\xed\xd4R\xbfq\xe7\x03\xfa0\xa6p', 0x1) mmap(&(0x7f0000000000/0xaa2000)=nil, 0xaa2000, 0x3000004, 0x11, r1, 0x0) rt_sigaction(0x7, &(0x7f0000b4a000)={0x0, 0x0, 0x0}, 0x0, 0x8, &(0x7f0000000000)) prctl$PR_SET_DUMPABLE(0x4, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/icmp6\x00') 21:38:59 executing program 5: syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) getsockopt$bt_rfcomm_RFCOMM_LM(0xffffffffffffffff, 0x12, 0x2, 0x0, &(0x7f0000000b00)) 21:38:59 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, "00000000000000000000000000ddc1517600"}) r1 = syz_open_pts(r0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000200)=0x1) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) dup3(r1, r0, 0x0) 21:38:59 executing program 4: pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = fcntl$dupfd(r3, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = socket$inet_udp(0x2, 0x2, 0x0) close(r5) socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=ANY=[@ANYBLOB="7400000000011905000000000000000000000000240001041400010008000100ac1414aa08000200e00000000c0002000500010000000000240002000c0002000500010000000000140001"], 0x1}}, 0x0) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0xfd53) splice(r0, 0x0, r5, 0x0, 0x400000, 0x0) 21:38:59 executing program 5: r0 = dup(0xffffffffffffffff) getsockopt$bt_rfcomm_RFCOMM_LM(r0, 0x12, 0x2, 0x0, &(0x7f0000000b00)) [ 177.236628][ T8255] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'. [ 177.269260][ T8255] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.4'. 21:38:59 executing program 5: r0 = dup(0xffffffffffffffff) getsockopt$bt_rfcomm_RFCOMM_LM(r0, 0x12, 0x2, 0x0, &(0x7f0000000b00)) 21:38:59 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000440)='pagemap\x00') connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev, 0x6}, 0x1c) r2 = socket$inet6_udp(0xa, 0x2, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000180)=ANY=[@ANYBLOB="66696c746572000000000000acc0fb38000000000000000000000000000000000e00000004000000d80300001802000000000000000000000000000000000000080300000803000008030000080300000803000004000000000000000000000000000000000000000000ffffac1414aa00000000000000000000ffffe00000010000000000000000000000000000000000000000000000000000000000000000697064647030000000000000000000007369743000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f1ff00000001480100000000000000000000000000000000000000000000000030007265616c6d0000000000000000000000000000000000000000000000000000000000000000000000000000000000280061646472747970650000000000000000000000000000000000000000000102008000000000004800544545000000000000000000000000000000000000000000000000000001fe8000000000000000000000000000bb69703665727370616e30000000000000000000000000000000000000000000000000000000000000000000000000000000000000001bde5b2ce443e91f21000000000080000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000ed0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a800d000000000000000000000000000000000000000000000000000280052454a4543540000000000000000f200000000000000000000be000000000000000000000000ff020000000000000000000000000001fe88000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000006c61706230000000000000000000000076786361000000000000df00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a800f000000000001060550000000000000000000000000000000000480054454500000000000000000000000000000000000000000000e7ffffff01ac1e00010000000000000000000000000000001600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a800d0000000000000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000000feffffff"], 0x1) sendfile(r0, r1, 0x0, 0xac08) [ 177.359338][ T8255] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.4'. [ 177.396870][ T8265] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'. 21:38:59 executing program 5: r0 = dup(0xffffffffffffffff) getsockopt$bt_rfcomm_RFCOMM_LM(r0, 0x12, 0x2, 0x0, &(0x7f0000000b00)) [ 177.439647][ T8265] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.4'. 21:38:59 executing program 0: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) r1 = dup(r0) setsockopt$packet_int(r1, 0x107, 0x10000000000f, &(0x7f0000006ffc)=0x40000008, 0x4) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r3 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_int(r3, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4) setsockopt$packet_tx_ring(r3, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000200)={'vlan0\x00', 0x0}) bind$packet(r0, &(0x7f0000000640)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @link_local}, 0x14) sendto$inet6(r0, &(0x7f0000000300)="0503d03206023e0400a00006c513f7c25975e697b02f08066b2b2ff0dac8897c6b11876d886b143a301817ccd51cc5471d130a6632a88161b6fd8f24286a57c3fe257c3314a3974bb654697f", 0xfdfa, 0xe803, 0x0, 0x0) [ 177.485188][ T8265] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.4'. [ 177.517990][ T8268] x_tables: duplicate underflow at hook 2 [ 177.617364][ T8268] x_tables: duplicate underflow at hook 2 21:39:00 executing program 1: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000780)=ANY=[@ANYBLOB="b702000014000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe000000b1850000000d000000b7000000001c00009500000000000000e3a333a0daf2f73451c0e17a606fe530cb7d7f933eda02ba18ad181867514fe60077d4dd90123d3ee7cf43548ee858e07dfbdfd433070400a4ce6be614c2c7aef72ebf5fe31789471702c9c2d5a9db90ee3731bac8c48258f8dbe82e16cf8db95f5b068a9e00000000000000000000000000000000c693fbd000000000000000000000000000000018287ba7d8807c0ee93ea1bb7f00a15deb269d0a91985602763e4d70d404da006a3d6eef8f"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000740)={r1, 0x8001a0, 0x1c, 0x5ac484bb51fa106a, &(0x7f0000000380)="4d50b441e692763513ef874588a8ffffffff00000004122e25d30806", 0x0, 0x403, 0x0, 0x22d}, 0x28) 21:39:00 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, "00000000000000000000000000ddc1517600"}) r1 = syz_open_pts(r0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000200)=0x1) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) dup3(r1, r0, 0x0) 21:39:00 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='comm\x00') perf_event_open(&(0x7f0000000000)={0x1000000002, 0x70, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) epoll_create1(0x0) pread64(r0, 0x0, 0x0, 0x0) 21:39:00 executing program 5: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x3) r1 = dup(r0) getsockopt$bt_rfcomm_RFCOMM_LM(r1, 0x12, 0x2, 0x0, &(0x7f0000000b00)) 21:39:00 executing program 2: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/consoles\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000300)=[{&(0x7f0000000100)=""/83, 0x20000153}], 0x1, 0x0) 21:39:00 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000100)='net/raw6\x00') perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r1, r0, 0x0, 0x200) 21:39:00 executing program 5: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x3) r1 = dup(r0) getsockopt$bt_rfcomm_RFCOMM_LM(r1, 0x12, 0x2, 0x0, &(0x7f0000000b00)) 21:39:00 executing program 2: perf_event_open(&(0x7f0000000000)={0x1000000002, 0x70, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001e40)='/dev/ttyS3\x00', 0x0, 0x0) ioctl$TIOCMIWAIT(r0, 0x545c, 0x0) syz_open_dev$rtc(0x0, 0x0, 0x0) openat$uinput(0xffffffffffffff9c, &(0x7f0000000e00)='/dev/uinput\x00', 0x0, 0x0) sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0) 21:39:00 executing program 4: io_setup(0xd532, &(0x7f0000000ac0)=0x0) io_destroy(r0) 21:39:00 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, 0x0, 0x0, 0x20000009, &(0x7f0000b63fe4), 0x1c) 21:39:00 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, "00000000000000000000000000ddc1517600"}) r1 = syz_open_pts(r0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000200)=0x1) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) dup(r2) dup3(r1, r0, 0x0) 21:39:00 executing program 5: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x3) r1 = dup(r0) getsockopt$bt_rfcomm_RFCOMM_LM(r1, 0x12, 0x2, 0x0, &(0x7f0000000b00)) 21:39:00 executing program 1: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000780)=ANY=[@ANYBLOB="b702000014000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe000000b1850000000d000000b7000000001c00009500000000000000e3a333a0daf2f73451c0e17a606fe530cb7d7f933eda02ba18ad181867514fe60077d4dd90123d3ee7cf43548ee858e07dfbdfd433070400a4ce6be614c2c7aef72ebf5fe31789471702c9c2d5a9db90ee3731bac8c48258f8dbe82e16cf8db95f5b068a9e00000000000000000000000000000000c693fbd000000000000000000000000000000018287ba7d8807c0ee93ea1bb7f00a15deb269d0a91985602763e4d70d404da006a3d6eef8f"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000740)={r1, 0x8001a0, 0x1c, 0x5ac484bb51fa106a, &(0x7f0000000380)="4d50b441e692763513ef874588a8ffffffff00000004122e25d30806", 0x0, 0x403, 0x0, 0x22d}, 0x28) 21:39:00 executing program 0: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f00000005c0)=@filter={'filter\x00', 0xe, 0x4, 0x2f8, 0x0, 0x98, 0x190, 0x0, 0x98, 0x238, 0x260, 0x260, 0x260, 0x238, 0x4, 0x0, {[{{@uncond, 0x0, 0x70, 0x98}, @REJECT={0x28, 'REJECT\x00'}}, {{@ip={@rand_addr, @empty, 0x0, 0x0, 'gre0\x00', 'erspan0\x00'}, 0x0, 0x98, 0xf8, 0x0, {}, [@common=@unspec=@state={{0x28, 'state\x00'}}]}, @common=@inet=@HMARK={0x60, 'HMARK\x00', 0x0, {@ipv6=@private1, [], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}}}, {{@uncond, 0x0, 0xa8, 0xd0, 0x0, {}, [@common=@unspec=@connbytes={{0x38, 'connbytes\x00'}}]}, @REJECT={0x28, 'REJECT\x00'}}], {{[], 0x0, 0x70, 0x98}, {0x28}}}}, 0x358) 21:39:00 executing program 5: syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) r0 = dup(0xffffffffffffffff) getsockopt$bt_rfcomm_RFCOMM_LM(r0, 0x12, 0x2, 0x0, &(0x7f0000000b00)) 21:39:00 executing program 4: perf_event_open(&(0x7f0000000000)={0x1000000002, 0x70, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000e00)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000080)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000500)={{}, 'syz1\x00'}) 21:39:00 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, "00000000000000000000000000ddc1517600"}) r1 = syz_open_pts(r0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000200)=0x1) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) dup(r2) dup3(r1, r0, 0x0) [ 179.112744][ T8334] x_tables: duplicate underflow at hook 2 21:39:01 executing program 4: r0 = socket(0x10, 0x3, 0x0) r1 = socket$inet(0x2, 0x3, 0x5) setsockopt$inet_msfilter(r1, 0x0, 0x8, &(0x7f0000000000)=ANY=[@ANYBLOB='{'], 0x1) getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000140)={0x0, @local, @local}, &(0x7f00000000c0)=0xa) sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001c40)={&(0x7f0000000200)=@newqdisc={0x30, 0x24, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8, 0x8, 'tbf\x00'}, {0x4}}]}, 0x30}}, 0x0) 21:39:01 executing program 5: syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) r0 = dup(0xffffffffffffffff) getsockopt$bt_rfcomm_RFCOMM_LM(r0, 0x12, 0x2, 0x0, &(0x7f0000000b00)) 21:39:01 executing program 2: r0 = syz_open_dev$loop(&(0x7f0000000080)='/dev/loop#\x00', 0x0, 0x10d082) r1 = memfd_create(&(0x7f0000000040)='\xbb\x02\xb1\xed\x96\xdb\xb1,\x116\xe0\x89]\xad\x01\xc3r%;\x99\xbck\xe7=\xfa\xe8HB\x00\x00\xd7h\xa4\x06jt\xea\xf9l\x00\x00\x00\x00!\xf8\xac\xdc\x00\x00\x00', 0x0) pwritev(r1, &(0x7f00000001c0)=[{&(0x7f0000000200)="c5", 0x1}], 0x1, 0x2000201) r2 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000004c0)=@security={'security\x00', 0xe, 0x4, 0x348, 0xffffffff, 0x0, 0x0, 0x2b0, 0xffffffff, 0xffffffff, 0x2b0, 0x2b0, 0x2b0, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x0, 0x98, 0xf8, 0x0, {}, [@common=@inet=@set1={{0x28, 'set\x00'}, {{0x0, 0xfc}}}]}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00'}}, {{@uncond, 0x0, 0xc0, 0xe8, 0x0, {}, [@common=@icmp={{0x28, 'icmp\x00'}, {0x0, "12d2"}}, @common=@icmp={{0x28, 'icmp\x00'}, {0x0, "ae8a"}}]}, @common=@unspec=@NFQUEUE1={0x28, 'NFQUEUE\x00'}}, {{@ip={@rand_addr, @rand_addr, 0x0, 0x0, 'veth0_to_bridge\x00', 'team_slave_1\x00'}, 0x0, 0x70, 0xd0}, @common=@SET={0x60, 'SET\x00'}}], {{[], 0x0, 0x70, 0x98}, {0x28}}}}, 0x3a8) getsockopt$ARPT_SO_GET_INFO(r2, 0x0, 0x60, &(0x7f00000000c0)={'filter\x00'}, &(0x7f0000000000)=0x44) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='rdma.current\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x28011, r3, 0x0) write(r0, &(0x7f0000000000), 0x52698b21) 21:39:01 executing program 0: r0 = memfd_create(&(0x7f0000000500)='#\x00h\xac\x93\xafog/\xca\x80|\xdcg\xa1J\x03C\x1f|e`\xc8\x8c\x17\xcd\xb6\xb2@Yt\xec\xd4j\xe6\xb9\x1b\xf2E\xf2\xdc\x14\xb5\x11\xe0\xa1\xc1l9_\xcc\xf5\xa1\x04\x02\xe6\xc2\xb6\xdb@\xcbb\xd3\xb7.\xdd\\PTH\xfaL\x83\xb3\xb8\xe7\xfd\xd4\tWIv\x10S\x87w\x9f\xdd\x01b\x9a~b}\xad;\x9bD\xc3\xd5\x91\xbe\x1dF\xefW\xcb\x94\x1e\x93F\x81\xfb\xca\x1c=\x8d\x93\xe8[\x1d\x05~\x9b\x9cJ\xc9\xea\x99N\xd0jaJl\x1b\xaeY\xbe\xce\x8f\x03\x00\xb1q\xc9+G\xbc\x17s\x8e\nf\xb3\f8{A[\x03p\xf8\n\x99~\xd4\x8a\xdd^\x03\x02\xda;\xbc\xe3\xa6p\x85\x82\xae227\x87?a\xebK-\xc9\x0e\x9f\xdc_\xcb.<%\x19\xeat\x11\xd5Y\xc0\x8bL\xba\xbf\xe8\x95\xfc\xcd#n\x94\xc4k\x9c\xc7\xf3h1WI\xe0\xc7[\xbf\xa6`C\n\xc8E\xcb\xa2\xc2\x94\xff\xb9@\'\xbbq\xa3\x9fW*\f\xfb;|UKC\x8e\xe5N\x8c\xb3\x00\xde\x1cjs\xf0\xb1@N\x16\a\xa1\xbd7\xd1\x10\x1b\xc5\xb6\xce\xa9g\x97\xaf\x8eQ\xd1\xfeh\xde\x83\x13\xcf\xb9\xe8x\x03^\xab\xa2\xf0\x9d\x9c\xce}\xdb\xcb\xc3\x10\xa2\xf4\x80\xb4\x88\x10Kz\xa5o\x90j\xdd\xae\x03\x1f\f\x9a\xf9\x95\f\xc0\x19\x88z\x00kE\xe3\x1b\xdf\n\xeb\b\xd7k\xb2\xf6<\xeaE\x00', 0x0) write(r0, &(0x7f0000000000)="06", 0x1) r1 = socket$unix(0x1, 0x1, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) sendfile(r0, r0, &(0x7f0000001000), 0xffff) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x80000000004, 0x11, r0, 0x0) rt_sigaction(0x0, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0, 0x8, &(0x7f0000000380)) r4 = socket$inet6(0xa, 0x1000000000002, 0x0) getsockopt$IP_VS_SO_GET_DAEMON(r4, 0x0, 0x487, &(0x7f0000000080), &(0x7f00000000c0)=0x30) 21:39:01 executing program 5: syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) r0 = dup(0xffffffffffffffff) getsockopt$bt_rfcomm_RFCOMM_LM(r0, 0x12, 0x2, 0x0, &(0x7f0000000b00)) 21:39:01 executing program 4: pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet(0x10, 0x2, 0x0) r3 = socket(0x100000000011, 0x2, 0x0) bind(r3, &(0x7f0000000140)=@generic={0x11, "00000100000000000800449420eba71a4976e252922cb18f6e000100032e0b2936005404b0e0305feee875f2e3ff5f163ee340b77362b0ab0000000000000101013c58ecce66fd792bbf885bf5ff1b080000040025ad8e5ecc322d3a09ffc2c65400000000000000000000d0b2e400"}, 0x80) getsockname$packet(r3, &(0x7f0000000080)={0x11, 0x0, 0x0}, &(0x7f0000000340)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="240000002e0019034643db6ff4c79079bfa070c9", @ANYRES32=r4], 0x2}}, 0x0) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0xffffffff, 0x0) 21:39:01 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, "00000000000000000000000000ddc1517600"}) r1 = syz_open_pts(r0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000200)=0x1) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) dup(r2) dup3(r1, r0, 0x0) [ 179.675858][ T8376] x_tables: duplicate underflow at hook 2 21:39:01 executing program 1: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000740)={0xffffffffffffffff, 0x8001a0, 0x1c, 0x5ac484bb51fa106a, &(0x7f0000000380)="4d50b441e692763513ef874588a8ffffffff00000004122e25d30806", 0x0, 0x403, 0x0, 0x22d}, 0x28) 21:39:01 executing program 5: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) dup(r0) getsockopt$bt_rfcomm_RFCOMM_LM(0xffffffffffffffff, 0x12, 0x2, 0x0, &(0x7f0000000b00)) 21:39:01 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, "00000000000000000000000000ddc1517600"}) r1 = syz_open_pts(r0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000200)=0x1) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) dup3(r1, r0, 0x0) 21:39:01 executing program 2: creat(&(0x7f0000000080)='./bus\x00', 0x0) r0 = open(&(0x7f0000000400)='./bus\x00', 0x14103e, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffffe, 0x11, r0, 0x0) 21:39:01 executing program 5: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) dup(r0) getsockopt$bt_rfcomm_RFCOMM_LM(0xffffffffffffffff, 0x12, 0x2, 0x0, &(0x7f0000000b00)) 21:39:01 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/fib_triestat\x00') gettid() sendfile(r0, r0, 0x0, 0x1) 21:39:02 executing program 5: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) dup(r0) getsockopt$bt_rfcomm_RFCOMM_LM(0xffffffffffffffff, 0x12, 0x2, 0x0, &(0x7f0000000b00)) 21:39:02 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, "00000000000000000000000000ddc1517600"}) r1 = syz_open_pts(r0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000200)=0x1) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) dup3(r1, r0, 0x0) 21:39:02 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) creat(&(0x7f0000000540)='./file0/bus\x00', 0x0) syz_open_procfs(0x0, &(0x7f0000000100)='fd/3\x00') 21:39:02 executing program 2: r0 = memfd_create(&(0x7f0000000100)='#\'%nodev\x00', 0x0) sendfile(r0, r0, 0x0, 0x0) sendfile(r0, r0, 0x0, 0x0) 21:39:02 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000140)='bridge0\x00', 0xf6) connect$inet(r0, &(0x7f0000000180)={0x2, 0x0, @multicast1}, 0x10) sendmmsg$inet(r0, &(0x7f0000000580)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @broadcast, @loopback}}}], 0x20}}], 0x2, 0x0) 21:39:02 executing program 1: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000740)={0xffffffffffffffff, 0x8001a0, 0x1c, 0x5ac484bb51fa106a, &(0x7f0000000380)="4d50b441e692763513ef874588a8ffffffff00000004122e25d30806", 0x0, 0x403, 0x0, 0x22d}, 0x28) 21:39:02 executing program 5: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) r1 = dup(r0) getsockopt$bt_rfcomm_RFCOMM_LM(r1, 0x12, 0x2, 0x0, 0x0) 21:39:02 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, "00000000000000000000000000ddc1517600"}) r1 = syz_open_pts(r0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000200)=0x1) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) dup3(r1, r0, 0x0) 21:39:02 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0x1}) r3 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFADDR(r3, 0x8916, &(0x7f0000000180)={'syzkaller1\x00', {0x2, 0x0, @remote}}) r4 = socket$inet(0x2, 0x4000000000000001, 0x0) ioctl$sock_inet_SIOCSIFADDR(r4, 0x891c, &(0x7f0000000180)={'syzkaller1\x00', {0x2, 0x0, @rand_addr=0xfe000000}}) 21:39:02 executing program 5: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) r1 = dup(r0) getsockopt$bt_rfcomm_RFCOMM_LM(r1, 0x12, 0x2, 0x0, 0x0) 21:39:02 executing program 0: r0 = socket$inet(0x10, 0x80002, 0x0) sendmsg(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000002c0)="24000000120007041dfffd946f610500020000e8fe02080100010800080004000400ff7e", 0x24}], 0x1}, 0x0) 21:39:02 executing program 4: r0 = add_key$user(&(0x7f0000000200)='user\x00', &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000180)="f5b90fbf8569fd74ed", 0x9, 0xfffffffffffffffe) eventfd2(0x0, 0x0) r1 = open(&(0x7f0000000000)='./bus\x00', 0x44c42, 0x0) ioctl$VHOST_SET_VRING_CALL(0xffffffffffffffff, 0x4008af21, &(0x7f0000000180)={0x0, r1}) r2 = add_key$user(&(0x7f00000003c0)='user\x00', &(0x7f0000000440)={'syz'}, &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r2, r0}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0) 21:39:02 executing program 4: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0x4bc) r1 = inotify_init() inotify_add_watch(r1, &(0x7f0000000000)='.\x00', 0x80000000) 21:39:02 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, "00000000000000000000000000ddc1517600"}) r1 = syz_open_pts(r0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000200)=0x1) r2 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) dup3(r1, r0, 0x0) [ 180.671730][ T28] audit: type=1800 audit(1593207542.566:4): pid=8445 uid=0 auid=0 ses=4 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=15829 res=0 21:39:02 executing program 5: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) r1 = dup(r0) getsockopt$bt_rfcomm_RFCOMM_LM(r1, 0x12, 0x2, 0x0, 0x0) [ 180.748604][ T28] audit: type=1800 audit(1593207542.566:5): pid=8446 uid=0 auid=0 ses=4 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=15829 res=0 21:39:02 executing program 4: futex(0x0, 0x9, 0x0, 0x0, 0x0, 0xffffffff) 21:39:02 executing program 5: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000080)='./bus\x00', 0x0) r0 = open(&(0x7f0000000400)='./bus\x00', 0x14103e, 0x0) write$FUSE_NOTIFY_POLL(r0, &(0x7f0000000000)={0x18}, 0x18) 21:39:03 executing program 1: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000740)={0xffffffffffffffff, 0x8001a0, 0x1c, 0x5ac484bb51fa106a, &(0x7f0000000380)="4d50b441e692763513ef874588a8ffffffff00000004122e25d30806", 0x0, 0x403, 0x0, 0x22d}, 0x28) 21:39:03 executing program 4: prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000000)={&(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000002000/0x3000)=nil, &(0x7f0000003000/0x2000)=nil, &(0x7f0000007000/0x3000)=nil, &(0x7f0000008000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000000/0x1000)=nil, &(0x7f0000009000/0x3000)=nil, &(0x7f0000009000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0}, 0x68) 21:39:03 executing program 0: r0 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_tcp_TCP_QUEUE_SEQ(r0, 0x6, 0x15, &(0x7f0000000000), 0x4) 21:39:03 executing program 2: r0 = inotify_init() inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0x4bc) r1 = inotify_init() r2 = inotify_add_watch(r1, &(0x7f0000000000)='.\x00', 0x80000000) inotify_rm_watch(r0, r2) 21:39:03 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, "00000000000000000000000000ddc1517600"}) r1 = syz_open_pts(r0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000200)=0x1) r2 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) dup3(r1, r0, 0x0) 21:39:03 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x7) 21:39:03 executing program 4: socket$kcm(0x11, 0x2, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) r1 = socket$kcm(0x2, 0x1000000000000002, 0x0) setsockopt$sock_attach_bpf(r1, 0x1, 0x3e, &(0x7f00000002c0)=r0, 0x161) sendmsg$kcm(r1, &(0x7f0000000540)={&(0x7f0000000380)=@in={0x2, 0x4e21, @rand_addr=0x7fffffff}, 0x80, 0x0}, 0xfd00) 21:39:03 executing program 0: syz_emit_ethernet(0x76, &(0x7f0000000080)={@local, @dev, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x68, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0x15, 0x0, 0x0, 0x0, 0x0, {[@nop, @sack_perm={0x4, 0x2}, @fastopen={0x22, 0x12, "802ba9635cddb909df864f8f65da2622"}, @mss={0x2, 0x4}, @exp_smc={0xfe, 0x6}, @fastopen={0x22, 0x6, "b8aad8ba"}, @sack={0x5, 0x6, [0x0]}, @md5sig={0x13, 0x12, "36af3495f46b3b600ae88cfb408c21c5"}]}}}}}}}, 0x0) 21:39:03 executing program 4: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="020300090a0000000000000000000000030006000000000002000000e0000009000000000000000002000100000000000000000200000000030005000000000002000000e0"], 0x50}}, 0x0) [ 181.450261][ T8495] sp0: Synchronizing with TNC 21:39:03 executing program 2: socket$kcm(0x2b, 0x0, 0x0) 21:39:03 executing program 0: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setgroups(0x0, 0x0) 21:39:03 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, "00000000000000000000000000ddc1517600"}) r1 = syz_open_pts(r0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000200)=0x1) r2 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) dup3(r1, r0, 0x0) 21:39:03 executing program 1: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000780)=ANY=[@ANYBLOB="b702000014000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe000000b1850000000d000000b7000000001c00009500000000000000e3a333a0daf2f73451c0e17a606fe530cb7d7f933eda02ba18ad181867514fe60077d4dd90123d3ee7cf43548ee858e07dfbdfd433070400a4ce6be614c2c7aef72ebf5fe31789471702c9c2d5a9db90ee3731bac8c48258f8dbe82e16cf8db95f5b068a9e00000000000000000000000000000000c693fbd000000000000000000000000000000018287ba7d8807c0ee93ea1bb7f00a15deb269d0a91985602763e4d70d404da006a3d6eef8f"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000740)={r1, 0x8001a0, 0x1c, 0x5ac484bb51fa106a, &(0x7f0000000380)="4d50b441e692763513ef874588a8ffffffff00000004122e25d30806", 0x0, 0x403, 0x0, 0x22d}, 0x28) 21:39:03 executing program 5: socket$packet(0x11, 0x2, 0x300) r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20, @multicast2}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x20001733, &(0x7f00000003c0)={0x2, 0x4e20, @loopback}, 0x10) 21:39:03 executing program 2: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000200)='mqueue\x00', 0x0, 0x0) r0 = creat(&(0x7f0000000540)='./file0/bus\x00', 0x0) mq_notify(r0, &(0x7f0000000000)={0x0, 0x0, 0x1, @thr={0x0, 0x0}}) 21:39:03 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20, @multicast2}, 0x10) creat(&(0x7f0000000080)='./bus\x00', 0x0) r1 = open(&(0x7f0000000400)='./bus\x00', 0x14103e, 0x0) write$FUSE_NOTIFY_POLL(r1, &(0x7f0000000000)={0x18}, 0x18) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffffe, 0x11, r1, 0x0) sendto$inet(r0, &(0x7f00000004c0)="00040100000000002671b6c2e29e5ae9fc95fed9f20dedb2ba1ccd119b0a1a8e7576ce82171ab588736060dbd528eff9cdaa6647a4c2d20c144b2a4a3f4cb485cddf9b599eb292ab280779449c0000f935b5732efa2f5d41efcfd3b78cd2c8416e9c1b5a05a531ff4140", 0xfffffffffffffdef, 0x20001733, &(0x7f00000003c0)={0x2, 0x4e20, @loopback}, 0x10) 21:39:03 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000140)='cmdline\x00') r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r1, r0, 0x0, 0x80000002) [ 181.797429][ T8526] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. 21:39:03 executing program 2: [ 181.911698][ T8533] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. 21:39:03 executing program 5: 21:39:03 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, "00000000000000000000000000ddc1517600"}) r1 = syz_open_pts(r0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) dup3(r1, r0, 0x0) 21:39:03 executing program 0: 21:39:03 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x21, 0x2, 0x2) setsockopt$sock_attach_bpf(r0, 0x6, 0x14, &(0x7f0000000200), 0x4) gettid() 21:39:04 executing program 2: mkdir(0x0, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x275a, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x401c5820, 0x7ffcc25bb000) ioctl$TUNDETACHFILTER(0xffffffffffffffff, 0x401054d6, 0x0) 21:39:04 executing program 5: syz_open_procfs$namespace(0x0, 0xfffffffffffffffe) r0 = socket$kcm(0x2, 0x5, 0x84) setsockopt$sock_attach_bpf(r0, 0x84, 0xb, &(0x7f0000000ac0), 0xe) sendmsg$inet(r0, &(0x7f0000002f00)={&(0x7f0000000080)={0x2, 0x0, @remote}, 0x10, &(0x7f0000000500)=[{&(0x7f0000002d00)="13", 0x1}], 0x1}, 0x0) recvmsg$kcm(r0, &(0x7f0000004740)={0x0, 0x0, &(0x7f0000004600)=[{&(0x7f00000044c0)=""/254, 0xfe}], 0x1}, 0x0) recvmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000000c0)=""/60, 0x3c}], 0x1}, 0x0) 21:39:04 executing program 1: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000780)=ANY=[@ANYBLOB="b702000014000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe000000b1850000000d000000b7000000001c00009500000000000000e3a333a0daf2f73451c0e17a606fe530cb7d7f933eda02ba18ad181867514fe60077d4dd90123d3ee7cf43548ee858e07dfbdfd433070400a4ce6be614c2c7aef72ebf5fe31789471702c9c2d5a9db90ee3731bac8c48258f8dbe82e16cf8db95f5b068a9e00000000000000000000000000000000c693fbd000000000000000000000000000000018287ba7d8807c0ee93ea1bb7f00a15deb269d0a91985602763e4d70d404da006a3d6eef8f"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000740)={r1, 0x8001a0, 0x1c, 0x5ac484bb51fa106a, &(0x7f0000000380)="4d50b441e692763513ef874588a8ffffffff00000004122e25d30806", 0x0, 0x403, 0x0, 0x22d}, 0x28) 21:39:04 executing program 0: 21:39:04 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, "00000000000000000000000000ddc1517600"}) r1 = syz_open_pts(r0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) dup3(r1, r0, 0x0) 21:39:04 executing program 4: 21:39:04 executing program 2: 21:39:04 executing program 5: 21:39:04 executing program 5: 21:39:04 executing program 4: 21:39:04 executing program 2: 21:39:04 executing program 0: 21:39:04 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, "00000000000000000000000000ddc1517600"}) r1 = syz_open_pts(r0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) dup3(r1, r0, 0x0) 21:39:04 executing program 5: 21:39:04 executing program 1: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000780)=ANY=[@ANYBLOB="b702000014000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe000000b1850000000d000000b7000000001c00009500000000000000e3a333a0daf2f73451c0e17a606fe530cb7d7f933eda02ba18ad181867514fe60077d4dd90123d3ee7cf43548ee858e07dfbdfd433070400a4ce6be614c2c7aef72ebf5fe31789471702c9c2d5a9db90ee3731bac8c48258f8dbe82e16cf8db95f5b068a9e00000000000000000000000000000000c693fbd000000000000000000000000000000018287ba7d8807c0ee93ea1bb7f00a15deb269d0a91985602763e4d70d404da006a3d6eef8f"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000740)={r1, 0x8001a0, 0x1c, 0x5ac484bb51fa106a, &(0x7f0000000380)="4d50b441e692763513ef874588a8ffffffff00000004122e25d30806", 0x0, 0x403, 0x0, 0x22d}, 0x28) 21:39:04 executing program 4: 21:39:04 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, "00000000000000000000000000ddc1517600"}) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000200)=0x1) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) dup3(0xffffffffffffffff, r0, 0x0) 21:39:04 executing program 2: 21:39:04 executing program 0: 21:39:04 executing program 5: 21:39:04 executing program 4: 21:39:04 executing program 2: 21:39:04 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, "00000000000000000000000000ddc1517600"}) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000200)=0x1) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) dup3(0xffffffffffffffff, r0, 0x0) 21:39:04 executing program 5: 21:39:04 executing program 0: 21:39:04 executing program 5: 21:39:05 executing program 1: getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000780)=ANY=[@ANYBLOB="b702000014000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe000000b1850000000d000000b7000000001c00009500000000000000e3a333a0daf2f73451c0e17a606fe530cb7d7f933eda02ba18ad181867514fe60077d4dd90123d3ee7cf43548ee858e07dfbdfd433070400a4ce6be614c2c7aef72ebf5fe31789471702c9c2d5a9db90ee3731bac8c48258f8dbe82e16cf8db95f5b068a9e00000000000000000000000000000000c693fbd000000000000000000000000000000018287ba7d8807c0ee93ea1bb7f00a15deb269d0a91985602763e4d70d404da006a3d6eef8f"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000740)={r0, 0x8001a0, 0x1c, 0x5ac484bb51fa106a, &(0x7f0000000380)="4d50b441e692763513ef874588a8ffffffff00000004122e25d30806", 0x0, 0x403, 0x0, 0x22d}, 0x28) 21:39:05 executing program 4: 21:39:05 executing program 2: 21:39:05 executing program 0: 21:39:05 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, "00000000000000000000000000ddc1517600"}) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000200)=0x1) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) dup3(0xffffffffffffffff, r0, 0x0) 21:39:05 executing program 5: 21:39:05 executing program 4: 21:39:05 executing program 0: 21:39:05 executing program 2: 21:39:05 executing program 5: 21:39:05 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) r1 = syz_open_pts(r0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000200)=0x1) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) dup3(r1, r0, 0x0) 21:39:05 executing program 4: 21:39:05 executing program 1: getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000780)=ANY=[@ANYBLOB="b702000014000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe000000b1850000000d000000b7000000001c00009500000000000000e3a333a0daf2f73451c0e17a606fe530cb7d7f933eda02ba18ad181867514fe60077d4dd90123d3ee7cf43548ee858e07dfbdfd433070400a4ce6be614c2c7aef72ebf5fe31789471702c9c2d5a9db90ee3731bac8c48258f8dbe82e16cf8db95f5b068a9e00000000000000000000000000000000c693fbd000000000000000000000000000000018287ba7d8807c0ee93ea1bb7f00a15deb269d0a91985602763e4d70d404da006a3d6eef8f"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000740)={r0, 0x8001a0, 0x1c, 0x5ac484bb51fa106a, &(0x7f0000000380)="4d50b441e692763513ef874588a8ffffffff00000004122e25d30806", 0x0, 0x403, 0x0, 0x22d}, 0x28) 21:39:05 executing program 5: 21:39:05 executing program 0: 21:39:05 executing program 2: 21:39:05 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) r1 = syz_open_pts(r0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000200)=0x1) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) dup3(r1, r0, 0x0) 21:39:05 executing program 4: 21:39:05 executing program 5: 21:39:05 executing program 2: 21:39:05 executing program 4: 21:39:05 executing program 0: 21:39:06 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) r1 = syz_open_pts(r0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000200)=0x1) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) dup3(r1, r0, 0x0) 21:39:06 executing program 2: 21:39:06 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000780)=ANY=[@ANYBLOB="b702000014000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe000000b1850000000d000000b7000000001c00009500000000000000e3a333a0daf2f73451c0e17a606fe530cb7d7f933eda02ba18ad181867514fe60077d4dd90123d3ee7cf43548ee858e07dfbdfd433070400a4ce6be614c2c7aef72ebf5fe31789471702c9c2d5a9db90ee3731bac8c48258f8dbe82e16cf8db95f5b068a9e00000000000000000000000000000000c693fbd000000000000000000000000000000018287ba7d8807c0ee93ea1bb7f00a15deb269d0a91985602763e4d70d404da006a3d6eef8f"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000740)={r0, 0x8001a0, 0x1c, 0x5ac484bb51fa106a, &(0x7f0000000380)="4d50b441e692763513ef874588a8ffffffff00000004122e25d30806", 0x0, 0x403, 0x0, 0x22d}, 0x28) 21:39:06 executing program 5: 21:39:06 executing program 4: 21:39:06 executing program 0: 21:39:06 executing program 3: ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, "00000000000000000000000000ddc1517600"}) r0 = syz_open_pts(0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000200)=0x1) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) dup3(r0, 0xffffffffffffffff, 0x0) 21:39:06 executing program 2: 21:39:06 executing program 5: 21:39:06 executing program 2: 21:39:06 executing program 4: 21:39:06 executing program 0: 21:39:06 executing program 3: ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, "00000000000000000000000000ddc1517600"}) r0 = syz_open_pts(0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000200)=0x1) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) dup3(r0, 0xffffffffffffffff, 0x0) 21:39:06 executing program 5: 21:39:07 executing program 4: 21:39:07 executing program 2: 21:39:07 executing program 0: 21:39:07 executing program 3: ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, "00000000000000000000000000ddc1517600"}) r0 = syz_open_pts(0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000200)=0x1) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) dup3(r0, 0xffffffffffffffff, 0x0) 21:39:07 executing program 5: 21:39:07 executing program 4: 21:39:07 executing program 2: 21:39:07 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, "00000000000000000000000000ddc1517600"}) r1 = syz_open_pts(r0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000200)=0x1) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) dup3(r1, r0, 0x0) 21:39:07 executing program 1: perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000780)=ANY=[@ANYBLOB="b702000014000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe000000b1850000000d000000b7000000001c00009500000000000000e3a333a0daf2f73451c0e17a606fe530cb7d7f933eda02ba18ad181867514fe60077d4dd90123d3ee7cf43548ee858e07dfbdfd433070400a4ce6be614c2c7aef72ebf5fe31789471702c9c2d5a9db90ee3731bac8c48258f8dbe82e16cf8db95f5b068a9e00000000000000000000000000000000c693fbd000000000000000000000000000000018287ba7d8807c0ee93ea1bb7f00a15deb269d0a91985602763e4d70d404da006a3d6eef8f"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000740)={r0, 0x8001a0, 0x1c, 0x5ac484bb51fa106a, &(0x7f0000000380)="4d50b441e692763513ef874588a8ffffffff00000004122e25d30806", 0x0, 0x403, 0x0, 0x22d}, 0x28) 21:39:07 executing program 5: 21:39:07 executing program 0: 21:39:07 executing program 4: 21:39:07 executing program 0: 21:39:07 executing program 2: 21:39:07 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, "00000000000000000000000000ddc1517600"}) r1 = syz_open_pts(r0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000200)=0x1) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) dup3(r1, r0, 0x0) 21:39:07 executing program 5: 21:39:07 executing program 4: 21:39:07 executing program 0: 21:39:07 executing program 1: perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000780)=ANY=[@ANYBLOB="b702000014000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe000000b1850000000d000000b7000000001c00009500000000000000e3a333a0daf2f73451c0e17a606fe530cb7d7f933eda02ba18ad181867514fe60077d4dd90123d3ee7cf43548ee858e07dfbdfd433070400a4ce6be614c2c7aef72ebf5fe31789471702c9c2d5a9db90ee3731bac8c48258f8dbe82e16cf8db95f5b068a9e00000000000000000000000000000000c693fbd000000000000000000000000000000018287ba7d8807c0ee93ea1bb7f00a15deb269d0a91985602763e4d70d404da006a3d6eef8f"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000740)={r0, 0x8001a0, 0x1c, 0x5ac484bb51fa106a, &(0x7f0000000380)="4d50b441e692763513ef874588a8ffffffff00000004122e25d30806", 0x0, 0x403, 0x0, 0x22d}, 0x28) 21:39:07 executing program 5: 21:39:07 executing program 2: 21:39:07 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, "00000000000000000000000000ddc1517600"}) r1 = syz_open_pts(r0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000200)=0x1) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) dup3(r1, r0, 0x0) 21:39:07 executing program 0: 21:39:07 executing program 4: 21:39:07 executing program 5: 21:39:07 executing program 2: 21:39:07 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, "00000000000000000000000000ddc1517600"}) r1 = syz_open_pts(r0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000200)=0x1) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) dup3(r1, r0, 0x0) 21:39:07 executing program 4: 21:39:07 executing program 0: 21:39:07 executing program 5: 21:39:08 executing program 1: perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000780)=ANY=[@ANYBLOB="b702000014000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe000000b1850000000d000000b7000000001c00009500000000000000e3a333a0daf2f73451c0e17a606fe530cb7d7f933eda02ba18ad181867514fe60077d4dd90123d3ee7cf43548ee858e07dfbdfd433070400a4ce6be614c2c7aef72ebf5fe31789471702c9c2d5a9db90ee3731bac8c48258f8dbe82e16cf8db95f5b068a9e00000000000000000000000000000000c693fbd000000000000000000000000000000018287ba7d8807c0ee93ea1bb7f00a15deb269d0a91985602763e4d70d404da006a3d6eef8f"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000740)={r0, 0x8001a0, 0x1c, 0x5ac484bb51fa106a, &(0x7f0000000380)="4d50b441e692763513ef874588a8ffffffff00000004122e25d30806", 0x0, 0x403, 0x0, 0x22d}, 0x28) 21:39:08 executing program 2: 21:39:08 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, "00000000000000000000000000ddc1517600"}) r1 = syz_open_pts(r0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000200)=0x1) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) dup3(r1, r0, 0x0) 21:39:08 executing program 4: 21:39:08 executing program 0: 21:39:08 executing program 2: 21:39:08 executing program 5: 21:39:08 executing program 4: 21:39:08 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, "00000000000000000000000000ddc1517600"}) r1 = syz_open_pts(r0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000200)=0x1) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) dup3(r1, r0, 0x0) 21:39:08 executing program 0: 21:39:08 executing program 2: 21:39:08 executing program 5: 21:39:08 executing program 1: perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000780)=ANY=[@ANYBLOB="b702000014000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe000000b1850000000d000000b7000000001c00009500000000000000e3a333a0daf2f73451c0e17a606fe530cb7d7f933eda02ba18ad181867514fe60077d4dd90123d3ee7cf43548ee858e07dfbdfd433070400a4ce6be614c2c7aef72ebf5fe31789471702c9c2d5a9db90ee3731bac8c48258f8dbe82e16cf8db95f5b068a9e00000000000000000000000000000000c693fbd000000000000000000000000000000018287ba7d8807c0ee93ea1bb7f00a15deb269d0a91985602763e4d70d404da006a3d6eef8f"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000740)={r0, 0x8001a0, 0x1c, 0x5ac484bb51fa106a, &(0x7f0000000380)="4d50b441e692763513ef874588a8ffffffff00000004122e25d30806", 0x0, 0x403, 0x0, 0x22d}, 0x28) 21:39:08 executing program 0: 21:39:08 executing program 4: pwritev(0xffffffffffffffff, &(0x7f0000000480)=[{&(0x7f0000000040)="be14df377ad91c9816ecdabc2112c790e280283ed393f116d9250bfba91357cb8bc520deef76a4dcbd67f85332e09bf955b5098806316e6d18f12cf3b3356ab022dd8e4a26045aa59a9907ae83263b202feb1098a5103c75c2c61a5ad087c70c401e8f153977a8fb561e60e879c3b0b859e72da737a081f60fa59a85cea4802baa2fb9ed771020ae99393c3391fb50060852bc0d71907984b7bbe5dc1ea677e23949801f05a0598c7fe6cf00580d2592fb5cf09e", 0xb4}], 0x1, 0x2) accept$alg(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000180)={0x2, 0x0, @remote}, 0x10) sendmmsg(r0, &(0x7f0000006d00), 0x800000000000237, 0x1ffffffe) 21:39:08 executing program 5: 21:39:08 executing program 2: 21:39:08 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, 0x0) r1 = syz_open_pts(r0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000200)=0x1) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) dup3(r1, r0, 0x0) 21:39:08 executing program 0: 21:39:08 executing program 2: 21:39:08 executing program 5: 21:39:08 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) shmctl$SHM_LOCK(0x0, 0xb) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000003440), 0x0, 0x0, 0x0) pipe(0x0) ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f0000000280)={0x0, 0x5, 0xf49, 0x0, 0x1}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x10000, 0x0, 0x400000000000}, 0x0) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fallocate(r2, 0x0, 0x0, 0x1000100) lseek(r2, 0x0, 0x3) 21:39:08 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, 0x0) r1 = syz_open_pts(r0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000200)=0x1) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) dup3(r1, r0, 0x0) 21:39:08 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x0, 0x0, 0x0, 0x9}, 0x0) shmctl$SHM_LOCK(0x0, 0xb) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000003440)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f0000000280)={0x1, 0x5, 0xf49, 0x0, 0x1}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x10000, 0x0, 0x400000000000}, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fallocate(r4, 0x0, 0x0, 0x1000100) lseek(r4, 0x0, 0x3) 21:39:09 executing program 1: perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000780)=ANY=[@ANYBLOB="b702000014000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe000000b1850000000d000000b7000000001c00009500000000000000e3a333a0daf2f73451c0e17a606fe530cb7d7f933eda02ba18ad181867514fe60077d4dd90123d3ee7cf43548ee858e07dfbdfd433070400a4ce6be614c2c7aef72ebf5fe31789471702c9c2d5a9db90ee3731bac8c48258f8dbe82e16cf8db95f5b068a9e00000000000000000000000000000000c693fbd000000000000000000000000000000018287ba7d8807c0ee93ea1bb7f00a15deb269d0a91985602763e4d70d404da006a3d6eef8f"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000740)={r0, 0x8001a0, 0x1c, 0x5ac484bb51fa106a, &(0x7f0000000380)="4d50b441e692763513ef874588a8ffffffff00000004122e25d30806", 0x0, 0x403, 0x0, 0x22d}, 0x28) 21:39:09 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$key(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00008feff0)={0x0, 0xffffffffffffff80}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000100)={0x4, 0x0, &(0x7f00008feff0)={&(0x7f0000000140)=ANY=[@ANYBLOB="020d0000100000002f3144e800000000030006000720000002004000e0000001080000f5000000000800120002000100000000000000000030006c000203009f7eae02000000adb20200000000152c000000000000000001020014bb000000000000002300000000030005000020000002"], 0x80}}, 0x0) r3 = socket$key(0xf, 0x3, 0x2) sendmmsg(r3, &(0x7f00000000c0), 0x2c8, 0x0) 21:39:09 executing program 4: bind$inet6(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x8000000000006, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, "eaffffff090000000000000000000000000053"}) write$binfmt_aout(r0, &(0x7f0000000240)=ANY=[], 0x35b) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, "00000000000000000000000000000000001000"}) ioctl$VHOST_VSOCK_SET_GUEST_CID(0xffffffffffffffff, 0x4008af60, 0x0) 21:39:09 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, 0x0) r1 = syz_open_pts(r0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000200)=0x1) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) dup3(r1, r0, 0x0) 21:39:09 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000001000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f0000000040)="f20f2baf8de81878b9f40b0000b8fa8b0000ba000000000f30c4c2d1458e020000000f20e035100000000f22e00fc7379a32000000ba00f4d0a600900000f48fe810a2f906", 0x45}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = creat(&(0x7f0000000100)='./file0\x00', 0x0) fallocate(r3, 0x0, 0x0, 0x84003ff) ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f0000000000)={0x5, 0x7ff}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000980)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4c9]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:39:09 executing program 2: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f00000000c0)='sysfs\x00', 0x0, 0x0) open(&(0x7f0000000240)='./file0\x00', 0x4c100, 0x0) 21:39:09 executing program 5: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="020a000202"], 0x10}}, 0x0) 21:39:09 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, "00000000000000000000000000ddc1517600"}) r1 = syz_open_pts(0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000200)=0x1) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) dup3(r1, r0, 0x0) [ 187.325639][ T8751] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. 21:39:09 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x1a, &(0x7f0000000400)="c4fe910c67e11148b38686cec96ddb5322ad4a7c47f9cf1a0928"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x2) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 21:39:09 executing program 5: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='mountinfo\x00') socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000029000/0x18000)=nil, &(0x7f0000000180)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f322e0f0178000f309a0900000065002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d683ed", 0xfffffffffffffef4}], 0x1, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000000)='cgroup\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x42, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r4 = openat$cgroup_procs(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0) r5 = socket$unix(0x1, 0x1, 0x0) dup2(r5, r4) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc62]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_GET_REGS(r0, 0x8090ae81, &(0x7f00000001c0)) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x7, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000000)) ioctl$KVM_RUN(r3, 0xae80, 0x0) 21:39:09 executing program 1: perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000780)=ANY=[@ANYBLOB="b702000014000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe000000b1850000000d000000b7000000001c00009500000000000000e3a333a0daf2f73451c0e17a606fe530cb7d7f933eda02ba18ad181867514fe60077d4dd90123d3ee7cf43548ee858e07dfbdfd433070400a4ce6be614c2c7aef72ebf5fe31789471702c9c2d5a9db90ee3731bac8c48258f8dbe82e16cf8db95f5b068a9e00000000000000000000000000000000c693fbd000000000000000000000000000000018287ba7d8807c0ee93ea1bb7f00a15deb269d0a91985602763e4d70d404da006a3d6eef8f"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000740)={r0, 0x8001a0, 0x1c, 0x5ac484bb51fa106a, &(0x7f0000000380)="4d50b441e692763513ef874588a8ffffffff00000004122e25d30806", 0x0, 0x403, 0x0, 0x22d}, 0x28) 21:39:09 executing program 2: creat(0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000140)='net/fib_triestat\x00') ioctl$TIOCGPTPEER(r0, 0x5441, 0x0) ioctl$TIOCL_GETSHIFTSTATE(0xffffffffffffffff, 0x541c, &(0x7f0000000100)={0x6, 0x5b}) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x42, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r1, 0x800002, 0x0) ioctl$EXT4_IOC_SETFLAGS(r1, 0x40086602, &(0x7f00000001c0)) write$binfmt_aout(r1, &(0x7f0000000240)=ANY=[], 0xc) lseek(r1, 0x0, 0x3) getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000200)={0x0, @rand_addr, @initdev}, &(0x7f00000000c0)=0xc) setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, 0x0, 0x0) 21:39:09 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, "00000000000000000000000000ddc1517600"}) r1 = syz_open_pts(0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000200)=0x1) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) dup3(r1, r0, 0x0) 21:39:09 executing program 0: r0 = creat(0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000140)='net/fib_triestat\x00') sendfile(0xffffffffffffffff, r1, 0x0, 0x320f) r2 = ioctl$TIOCGPTPEER(r1, 0x5441, 0x2) ioctl$TIOCL_GETSHIFTSTATE(r2, 0x541c, &(0x7f0000000100)={0x6, 0x5b}) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x42, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$apparmor_exec(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="7374ffff6900"], 0x7) r3 = creat(&(0x7f0000000040)='./bus\x00', 0x0) lseek(r3, 0x800002, 0x0) ioctl$EXT4_IOC_SETFLAGS(r3, 0x40086602, &(0x7f00000001c0)) write$binfmt_aout(r3, &(0x7f0000000240)=ANY=[], 0xc) lseek(r3, 0x0, 0x3) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) r4 = socket(0xa, 0x2, 0x0) getsockopt$inet_pktinfo(r4, 0x0, 0x8, &(0x7f0000000200)={0x0, @rand_addr, @initdev}, &(0x7f00000000c0)=0xc) setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, 0x0, 0x0) [ 187.740316][ T8780] ------------[ cut here ]------------ [ 187.746501][ T8780] kernel BUG at arch/x86/kvm/mmu/mmu.c:3719! [ 187.839213][ T8780] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 187.845856][ T8780] CPU: 0 PID: 8780 Comm: syz-executor.5 Not tainted 5.7.0-rc7-next-20200529-syzkaller #0 [ 187.856378][ T8780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 187.866538][ T8780] RIP: 0010:kvm_mmu_load+0xbfa/0xe00 [ 187.871830][ T8780] Code: ac 23 99 00 48 8b 44 24 08 e9 cf f5 ff ff e8 6d 23 99 00 e9 b7 f4 ff ff 4c 89 f7 e8 90 23 99 00 e9 78 f4 ff ff e8 56 1a 5a 00 <0f> 0b 48 89 df e8 7c 23 99 00 e9 7e f8 ff ff e8 72 23 99 00 e9 c4 [ 187.891573][ T8780] RSP: 0018:ffffc90001727b30 EFLAGS: 00010216 [ 187.897638][ T8780] RAX: 0000000000040000 RBX: 0000000000000000 RCX: ffffc90014130000 [ 187.905632][ T8780] RDX: 000000000000de96 RSI: ffffffff8118e14a RDI: 0000000000000001 [ 187.913721][ T8780] RBP: ffff8880519c4040 R08: ffff888052254400 R09: ffffed1015cc719c [ 187.921784][ T8780] R10: ffff8880ae638cdb R11: ffffed1015cc719b R12: 0000000000000000 [ 187.929756][ T8780] R13: 0000000000000001 R14: ffff8880519c4458 R15: 0000000000000000 [ 187.937737][ T8780] FS: 00007f4989145700(0000) GS:ffff8880ae600000(0000) knlGS:0000000000000000 [ 187.946670][ T8780] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 187.953351][ T8780] CR2: 0000000000000000 CR3: 0000000092955000 CR4: 00000000001426f0 [ 187.961414][ T8780] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 187.969473][ T8780] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 187.977530][ T8780] Call Trace: [ 187.981067][ T8780] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 187.988357][ T8780] kvm_arch_vcpu_ioctl_run+0x4016/0x68d0 [ 187.994601][ T8780] ? kvm_arch_vcpu_runnable+0x6c0/0x6c0 [ 188.000254][ T8780] ? lock_downgrade+0x840/0x840 [ 188.005197][ T8780] ? rcu_read_lock_held_common+0xa0/0xa0 [ 188.015263][ T8780] ? check_preemption_disabled+0x38/0x220 [ 188.020988][ T8780] ? kvm_vcpu_ioctl+0x467/0xe10 [ 188.025856][ T8780] kvm_vcpu_ioctl+0x467/0xe10 [ 188.030623][ T8780] ? kvm_get_dirty_log_protect.isra.0+0x670/0x670 [ 188.037062][ T8780] ? ioctl_file_clone+0x180/0x180 [ 188.042090][ T8780] ? check_preemption_disabled+0x38/0x220 [ 188.047814][ T8780] ? __fget_files+0x299/0x400 [ 188.052500][ T8780] ? kvm_get_dirty_log_protect.isra.0+0x670/0x670 [ 188.059091][ T8780] ksys_ioctl+0x11a/0x180 [ 188.063424][ T8780] __x64_sys_ioctl+0x6f/0xb0 [ 188.068012][ T8780] do_syscall_64+0x60/0xe0 [ 188.072430][ T8780] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 188.078400][ T8780] RIP: 0033:0x45cb19 21:39:09 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, "00000000000000000000000000ddc1517600"}) r1 = syz_open_pts(0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000200)=0x1) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) dup3(r1, r0, 0x0) 21:39:09 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000780)=ANY=[@ANYBLOB="b702000014000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe000000b1850000000d000000b7000000001c00009500000000000000e3a333a0daf2f73451c0e17a606fe530cb7d7f933eda02ba18ad181867514fe60077d4dd90123d3ee7cf43548ee858e07dfbdfd433070400a4ce6be614c2c7aef72ebf5fe31789471702c9c2d5a9db90ee3731bac8c48258f8dbe82e16cf8db95f5b068a9e00000000000000000000000000000000c693fbd000000000000000000000000000000018287ba7d8807c0ee93ea1bb7f00a15deb269d0a91985602763e4d70d404da006a3d6eef8f"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000740)={r0, 0x8001a0, 0x1c, 0x5ac484bb51fa106a, &(0x7f0000000380)="4d50b441e692763513ef874588a8ffffffff00000004122e25d30806", 0x0, 0x403, 0x0, 0x22d}, 0x28) [ 188.082902][ T8780] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 188.102588][ T8780] RSP: 002b:00007f4989144c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 188.111096][ T8780] RAX: ffffffffffffffda RBX: 00000000004e8a00 RCX: 000000000045cb19 [ 188.119393][ T8780] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000008 [ 188.127802][ T8780] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 21:39:10 executing program 2: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)={0x2, 0xa, 0x0, 0x9, 0x2}, 0x10}}, 0x0) [ 188.136169][ T8780] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 188.144507][ T8780] R13: 00000000000003d0 R14: 00000000004c68ae R15: 00007f49891456d4 [ 188.152481][ T8780] Modules linked in: 21:39:10 executing program 0: setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f00000000c0)={@initdev={0xfe, 0x88, [], 0x1, 0x0}, 0x800, 0x0, 0xff, 0x1}, 0x20) r0 = accept(0xffffffffffffffff, 0x0, &(0x7f0000000000)) r1 = socket$inet6(0xa, 0x3, 0x6) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000000000)={@mcast1, 0x0, 0x0, 0x2, 0x1, 0x1f, 0x0, 0x400000000}, 0x20) r2 = syz_open_procfs(0x0, &(0x7f00000004c0)='net/ip6_flowlabel\x00') r3 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f00000000c0)={@rand_addr=' \x01\x00', 0x800, 0x0, 0x103, 0x1}, 0x20) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f00000000c0)={@local, 0x800, 0x2}, 0x20) getsockopt$inet6_int(r3, 0x29, 0x19, &(0x7f0000000300), &(0x7f0000000380)=0x4) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) write(r4, &(0x7f00000001c0), 0x0) r5 = fcntl$getown(r4, 0x9) sched_setparam(r5, &(0x7f0000000080)=0xffff) sendfile(r1, r2, &(0x7f0000000240)=0x202, 0x4000000000dc) r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) bind$inet6(r6, &(0x7f0000000040)={0xa, 0x4e23, 0x61dc, @private2={0xfc, 0x2, [], 0x1}, 0x8000}, 0x1c) accept4$inet6(r0, 0x0, &(0x7f0000000200), 0x80000) renameat2(r2, &(0x7f0000000280)='./file0\x00', r2, &(0x7f00000002c0)='./file0\x00', 0x6) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) 21:39:10 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, "00000000000000000000000000ddc1517600"}) r1 = syz_open_pts(r0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000200)=0x1) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) dup3(r1, r0, 0x0) 21:39:10 executing program 2: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)={0x2, 0xa, 0x0, 0x9, 0x2}, 0x10}}, 0x0) [ 188.432313][ T8780] ---[ end trace a7437ae2d41ad516 ]--- [ 188.439618][ T8780] RIP: 0010:kvm_mmu_load+0xbfa/0xe00 [ 188.446394][ T8780] Code: ac 23 99 00 48 8b 44 24 08 e9 cf f5 ff ff e8 6d 23 99 00 e9 b7 f4 ff ff 4c 89 f7 e8 90 23 99 00 e9 78 f4 ff ff e8 56 1a 5a 00 <0f> 0b 48 89 df e8 7c 23 99 00 e9 7e f8 ff ff e8 72 23 99 00 e9 c4 [ 188.476933][ T8780] RSP: 0018:ffffc90001727b30 EFLAGS: 00010216 [ 188.483654][ T8780] RAX: 0000000000040000 RBX: 0000000000000000 RCX: ffffc90014130000 [ 188.492534][ T8780] RDX: 000000000000de96 RSI: ffffffff8118e14a RDI: 0000000000000001 [ 188.500519][ T8780] RBP: ffff8880519c4040 R08: ffff888052254400 R09: ffffed1015cc719c [ 188.509366][ T8780] R10: ffff8880ae638cdb R11: ffffed1015cc719b R12: 0000000000000000 [ 188.518406][ T8780] R13: 0000000000000001 R14: ffff8880519c4458 R15: 0000000000000000 [ 188.526699][ T8780] FS: 00007f4989145700(0000) GS:ffff8880ae600000(0000) knlGS:0000000000000000 [ 188.536363][ T8780] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 188.543320][ T8780] CR2: 0000000000740694 CR3: 0000000092955000 CR4: 00000000001426f0 [ 188.551950][ T8780] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 188.559935][ T8780] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 188.579126][ T8825] ------------[ cut here ]------------ [ 188.580668][ T8780] Kernel panic - not syncing: Fatal exception [ 188.584612][ T8825] kernel BUG at arch/x86/kvm/mmu/mmu.c:3719! [ 188.598333][ T8780] Kernel Offset: disabled [ 188.602780][ T8780] Rebooting in 86400 seconds..