Warning: Permanently added '10.128.0.250' (ECDSA) to the list of known hosts. 2019/11/17 18:01:37 fuzzer started 2019/11/17 18:01:39 dialing manager at 10.128.0.26:44591 2019/11/17 18:01:39 syscalls: 2566 2019/11/17 18:01:39 code coverage: enabled 2019/11/17 18:01:39 comparison tracing: enabled 2019/11/17 18:01:39 extra coverage: enabled 2019/11/17 18:01:39 setuid sandbox: enabled 2019/11/17 18:01:39 namespace sandbox: enabled 2019/11/17 18:01:39 Android sandbox: /sys/fs/selinux/policy does not exist 2019/11/17 18:01:39 fault injection: enabled 2019/11/17 18:01:39 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/11/17 18:01:39 net packet injection: enabled 2019/11/17 18:01:39 net device setup: enabled 2019/11/17 18:01:39 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2019/11/17 18:01:39 devlink PCI setup: PCI device 0000:00:10.0 is not available 18:04:14 executing program 0: r0 = socket$inet6(0xa, 0x2000000080803, 0x1) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000100)={{{@in6=@local, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1, 0x0, 0x32}, 0x0, @in6, 0x3503, 0x0, 0x0, 0x8464}}, 0xe8) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={[], [], @local}}, 0x1c) 18:04:15 executing program 1: syz_emit_ethernet(0xcf, &(0x7f00000001c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd6082ab9c00992c00fe8000fe8000000000000000000000000000aa01fb90780000000462b4e24200010009fe8000000000000000000000000000bbff020000000000000000000000000001ff00000700a000006c00000700000000000600f700000000fe80000000000000000000000000000000000000000000000000000000000001ff01000000000000000000000000000199780737107b9ed789d416be8ef064ae254b933aa2f009282862d71c7b6ad3dd12000000000000000000002ab802f707c1576b76ac4f08341e6f09a753cb305c031ff5bf05680368d2f274c34b6a487261c161d13eba55b384e65b8cc8abb0f8e5e180caa30fc075e97f73bb60db7d94f200"/284], 0x0) syzkaller login: [ 224.120998][ T8791] IPVS: ftp: loaded support on port[0] = 21 [ 224.255330][ T8793] IPVS: ftp: loaded support on port[0] = 21 18:04:15 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @local, 0x2}, 0x1c) [ 224.318598][ T8791] chnl_net:caif_netlink_parms(): no params data found [ 224.414981][ T8791] bridge0: port 1(bridge_slave_0) entered blocking state [ 224.424469][ T8791] bridge0: port 1(bridge_slave_0) entered disabled state [ 224.433051][ T8791] device bridge_slave_0 entered promiscuous mode [ 224.484958][ T8791] bridge0: port 2(bridge_slave_1) entered blocking state [ 224.500607][ T8791] bridge0: port 2(bridge_slave_1) entered disabled state [ 224.508286][ T8791] device bridge_slave_1 entered promiscuous mode [ 224.555194][ T8791] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 224.569118][ T8793] chnl_net:caif_netlink_parms(): no params data found [ 224.582278][ T8797] IPVS: ftp: loaded support on port[0] = 21 [ 224.593732][ T8791] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link 18:04:15 executing program 3: perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x2, 0x5002) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0) sendfile(r0, r0, 0x0, 0x2000005) [ 224.664118][ T8791] team0: Port device team_slave_0 added [ 224.697768][ T8791] team0: Port device team_slave_1 added [ 224.737996][ T8793] bridge0: port 1(bridge_slave_0) entered blocking state [ 224.747372][ T8793] bridge0: port 1(bridge_slave_0) entered disabled state [ 224.757997][ T8793] device bridge_slave_0 entered promiscuous mode [ 224.833564][ T8791] device hsr_slave_0 entered promiscuous mode 18:04:15 executing program 4: r0 = socket(0x2, 0x3, 0x82) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='loginuid\x00') write$P9_RSTATu(r2, &(0x7f0000000140)={0x58, 0x7d, 0x0, {{0x0, 0x43, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0, 0x4, 'md5\x00', 0x4, 'md5\x00', 0x4, '@}!*', 0x4, 'md5\x00'}}}, 0x58) [ 224.882751][ T8791] device hsr_slave_1 entered promiscuous mode [ 224.936415][ T8793] bridge0: port 2(bridge_slave_1) entered blocking state [ 224.960236][ T8793] bridge0: port 2(bridge_slave_1) entered disabled state [ 224.968343][ T8793] device bridge_slave_1 entered promiscuous mode [ 225.031919][ T8793] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 225.113683][ T8793] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 225.132656][ T8797] chnl_net:caif_netlink_parms(): no params data found [ 225.148970][ T8799] IPVS: ftp: loaded support on port[0] = 21 [ 225.161163][ T8802] IPVS: ftp: loaded support on port[0] = 21 18:04:16 executing program 5: r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x19}}, 0x10) setsockopt$sock_int(r0, 0x1, 0x6, &(0x7f0000000140)=0x32, 0x4) connect$inet(r0, &(0x7f0000000200)={0x2, 0x0, @broadcast}, 0x10) r1 = socket$packet(0x11, 0x3, 0x300) perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x800000000000012, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f00000000c0)={0x0, 0x7}, 0x4) sendmmsg(r0, &(0x7f0000007fc0), 0x4000000000001a8, 0x0) [ 225.212861][ T8791] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 225.275542][ T8791] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 225.383879][ T8791] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 225.465194][ T8791] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 225.535358][ T8805] IPVS: ftp: loaded support on port[0] = 21 [ 225.554055][ T8793] team0: Port device team_slave_0 added [ 225.587015][ T8793] team0: Port device team_slave_1 added [ 225.605275][ T8797] bridge0: port 1(bridge_slave_0) entered blocking state [ 225.612923][ T8797] bridge0: port 1(bridge_slave_0) entered disabled state [ 225.621926][ T8797] device bridge_slave_0 entered promiscuous mode [ 225.652445][ T8797] bridge0: port 2(bridge_slave_1) entered blocking state [ 225.659591][ T8797] bridge0: port 2(bridge_slave_1) entered disabled state [ 225.667432][ T8797] device bridge_slave_1 entered promiscuous mode [ 225.716500][ T8797] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 225.727752][ T8797] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 225.803866][ T8793] device hsr_slave_0 entered promiscuous mode [ 225.870530][ T8793] device hsr_slave_1 entered promiscuous mode [ 225.910284][ T8793] debugfs: Directory 'hsr0' with parent '/' already present! [ 225.930647][ T8797] team0: Port device team_slave_0 added [ 225.939811][ T8797] team0: Port device team_slave_1 added [ 226.027527][ T8802] chnl_net:caif_netlink_parms(): no params data found [ 226.113004][ T8797] device hsr_slave_0 entered promiscuous mode [ 226.170542][ T8797] device hsr_slave_1 entered promiscuous mode [ 226.220169][ T8797] debugfs: Directory 'hsr0' with parent '/' already present! [ 226.234085][ T8799] chnl_net:caif_netlink_parms(): no params data found [ 226.302787][ T8791] 8021q: adding VLAN 0 to HW filter on device bond0 [ 226.311998][ T8793] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 226.366335][ T8793] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 226.456484][ T8793] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 226.537465][ T8793] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 226.627631][ T8802] bridge0: port 1(bridge_slave_0) entered blocking state [ 226.636661][ T8802] bridge0: port 1(bridge_slave_0) entered disabled state [ 226.644763][ T8802] device bridge_slave_0 entered promiscuous mode [ 226.656319][ T8802] bridge0: port 2(bridge_slave_1) entered blocking state [ 226.663767][ T8802] bridge0: port 2(bridge_slave_1) entered disabled state [ 226.672073][ T8802] device bridge_slave_1 entered promiscuous mode [ 226.709243][ T8799] bridge0: port 1(bridge_slave_0) entered blocking state [ 226.716897][ T8799] bridge0: port 1(bridge_slave_0) entered disabled state [ 226.725276][ T8799] device bridge_slave_0 entered promiscuous mode [ 226.736614][ T8799] bridge0: port 2(bridge_slave_1) entered blocking state [ 226.745194][ T8799] bridge0: port 2(bridge_slave_1) entered disabled state [ 226.753342][ T8799] device bridge_slave_1 entered promiscuous mode [ 226.792693][ T8797] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 226.848112][ T8797] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 226.914885][ T8802] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 226.932615][ T8791] 8021q: adding VLAN 0 to HW filter on device team0 [ 226.944044][ T8797] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 227.005188][ T8802] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 227.015572][ T2938] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 227.024192][ T2938] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 227.033025][ T8805] chnl_net:caif_netlink_parms(): no params data found [ 227.053724][ T8799] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 227.066209][ T8799] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 227.076504][ T8797] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 227.143901][ T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 227.153161][ T112] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 227.162146][ T112] bridge0: port 1(bridge_slave_0) entered blocking state [ 227.169286][ T112] bridge0: port 1(bridge_slave_0) entered forwarding state [ 227.177478][ T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 227.187181][ T112] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 227.195640][ T112] bridge0: port 2(bridge_slave_1) entered blocking state [ 227.202721][ T112] bridge0: port 2(bridge_slave_1) entered forwarding state [ 227.210368][ T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 227.219399][ T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 227.268629][ T112] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 227.282226][ T8802] team0: Port device team_slave_0 added [ 227.291546][ T8799] team0: Port device team_slave_0 added [ 227.300827][ T8802] team0: Port device team_slave_1 added [ 227.320349][ T8799] team0: Port device team_slave_1 added [ 227.329797][ T2938] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 227.338633][ T2938] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 227.347986][ T2938] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 227.403553][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 227.412922][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 227.475873][ T8802] device hsr_slave_0 entered promiscuous mode [ 227.520578][ T8802] device hsr_slave_1 entered promiscuous mode [ 227.561866][ T8802] debugfs: Directory 'hsr0' with parent '/' already present! [ 227.571025][ T8805] bridge0: port 1(bridge_slave_0) entered blocking state [ 227.578202][ T8805] bridge0: port 1(bridge_slave_0) entered disabled state [ 227.586331][ T8805] device bridge_slave_0 entered promiscuous mode [ 227.654654][ T8799] device hsr_slave_0 entered promiscuous mode [ 227.692512][ T8799] device hsr_slave_1 entered promiscuous mode [ 227.730316][ T8799] debugfs: Directory 'hsr0' with parent '/' already present! [ 227.751686][ T8805] bridge0: port 2(bridge_slave_1) entered blocking state [ 227.758782][ T8805] bridge0: port 2(bridge_slave_1) entered disabled state [ 227.767904][ T8805] device bridge_slave_1 entered promiscuous mode [ 227.779282][ T2938] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 227.788099][ T2938] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 227.828058][ T8804] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 227.838751][ T8804] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 227.881369][ T8791] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 227.902590][ T8799] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 227.954560][ T8805] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 227.967498][ T8805] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 227.985299][ T8793] 8021q: adding VLAN 0 to HW filter on device bond0 [ 227.992627][ T8802] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 228.034622][ T8799] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 228.086233][ T8799] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 228.159369][ T8791] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 228.170888][ T8802] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 228.218250][ T8799] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 228.284551][ T2938] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 228.292130][ T2938] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 228.305384][ T8805] team0: Port device team_slave_0 added [ 228.316142][ T8802] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 228.363914][ T8802] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 228.423062][ T8805] team0: Port device team_slave_1 added [ 228.432393][ T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 228.441138][ T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 228.456504][ T8797] 8021q: adding VLAN 0 to HW filter on device bond0 [ 228.470448][ T8793] 8021q: adding VLAN 0 to HW filter on device team0 18:04:19 executing program 0: [ 228.510210][ T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 228.518840][ T112] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 228.546097][ T112] bridge0: port 1(bridge_slave_0) entered blocking state [ 228.553270][ T112] bridge0: port 1(bridge_slave_0) entered forwarding state 18:04:19 executing program 0: 18:04:19 executing program 0: [ 228.634006][ T8805] device hsr_slave_0 entered promiscuous mode 18:04:19 executing program 0: [ 228.682693][ T8805] device hsr_slave_1 entered promiscuous mode 18:04:19 executing program 0: [ 228.740153][ T8805] debugfs: Directory 'hsr0' with parent '/' already present! [ 228.756594][ T8808] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 228.767758][ T8808] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 228.783087][ T8808] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready 18:04:19 executing program 0: [ 228.801106][ T8808] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 228.809866][ T8808] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 228.822395][ T8808] bridge0: port 2(bridge_slave_1) entered blocking state [ 228.829480][ T8808] bridge0: port 2(bridge_slave_1) entered forwarding state 18:04:19 executing program 0: [ 228.904004][ T8797] 8021q: adding VLAN 0 to HW filter on device team0 [ 228.920482][ T8804] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 228.994637][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 229.009558][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 229.021900][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 229.030816][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 229.039353][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 229.047855][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 229.055023][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 229.063185][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 229.072019][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 229.080949][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 229.088001][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 229.095720][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 229.134931][ T8805] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 229.173377][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 229.184177][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 229.192364][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 229.201530][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 229.209833][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 229.218744][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 229.228646][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 229.239804][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 229.247972][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 229.256624][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 229.281725][ T8805] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 229.327598][ T8793] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 229.340729][ T8793] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 229.348485][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 229.357875][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 229.366472][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 229.374813][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 229.384004][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 229.392487][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 229.404639][ T8802] 8021q: adding VLAN 0 to HW filter on device bond0 [ 229.417466][ T8797] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 229.429482][ T8797] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 229.437886][ T8805] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 229.504701][ T8805] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 229.579899][ T8799] 8021q: adding VLAN 0 to HW filter on device bond0 [ 229.587585][ T2938] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 229.596736][ T2938] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 229.638598][ T8808] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 229.649071][ T8808] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 229.657996][ T8808] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 229.665939][ T8808] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 229.674160][ T8808] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 229.682124][ T8808] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 229.694568][ T8797] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 229.706745][ T8802] 8021q: adding VLAN 0 to HW filter on device team0 [ 229.717725][ T8799] 8021q: adding VLAN 0 to HW filter on device team0 [ 229.752859][ T8804] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 229.764538][ T8804] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 229.775210][ T8804] bridge0: port 1(bridge_slave_0) entered blocking state [ 229.782375][ T8804] bridge0: port 1(bridge_slave_0) entered forwarding state [ 229.791051][ T8804] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 229.798502][ T8804] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 229.843721][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 229.859466][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 229.869121][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 229.885404][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 229.892675][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 229.907537][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 229.916810][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 229.941757][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 229.951460][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 229.960886][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 229.969710][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 229.978671][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 229.987128][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 229.995802][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 230.004904][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 230.014424][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 230.021717][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 230.029252][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 230.040666][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 230.049084][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 230.056382][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 230.065285][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 230.073993][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 230.101382][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 230.110907][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 230.119463][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 230.128514][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 230.143978][ T8799] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 230.153982][ T8793] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 230.176618][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 230.186948][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 230.195773][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 230.205309][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 230.214430][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 230.238085][ T8802] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 230.250477][ T8802] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 230.267524][ T8805] 8021q: adding VLAN 0 to HW filter on device bond0 [ 230.276194][ T8808] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 230.285519][ T8808] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 230.294719][ T8808] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 230.303679][ T8808] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 230.314267][ T8808] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 230.330663][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 230.338135][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 230.356437][ T8805] 8021q: adding VLAN 0 to HW filter on device team0 [ 230.376273][ T8808] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 230.395967][ T8808] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready 18:04:21 executing program 1: syz_open_procfs(0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket(0x10, 0x800000000080002, 0x10) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=ANY=[@ANYBLOB="140000001300fdff00000000006159923d511b09e05eea94fde50340371c3a84339df3cd7675b99d5b5910e0f7f08642e0777165bab6e0472da9f0fcbafbd03d618e477fa45946c1eee5c81c7fcd6dcc2405b16280d6338223d73843bb9096f1e6a06794ea4b39501a09bf1d2511e0d65758708af6ca3ee3675041ad4fd36b6f87e87d7c6f1c48e5b288f215e55f8a9a7383bb7ca18f5bceb8e1acb583eb81e3c0722b6e7588e929dbe0b2f94a91c7ec06db2dc0b083afc26f532e34f476735ac0644c3ff0375e971ceca3a38a0af20b3e3f2ac8f237060e5d45bf167cbfe8df4ea1f43e8a1ced7cc813806f9c6630d8e5481ff5fbc24cc59bbc91dfdfc47f18ed3ef86ea1e6a3ce63503374527a0a8543d6156b43e69057d08fa55bf8775fbddddcf8f07271a70dc52658e7e4ad555a76ca16bdc004bd90726491a5288072e962b12b8cd6059dc73259d10938f9845609ec053f3a2c94288b4f014ea77a93d5950cc7ccb2b00ebd2a3cda7340194f2fb2a809231155416538fe13f2214212aabaa507fdaf64d0367108bc10c95b67c7e0ecf9d52d933967944fa64a08fb227eec52edff619101a33754609cc4020000000000f8010085de5eaebe8e14d6a1d76953252f9394922141a2d0563bd089cee1bb62ccd8bec78b367c8dfda2ebb34f1a4c66d16a9fddddd407d9aa726aa49e2f21488f918321a0d3c8ae25e4ab855c894a6daef1dc13d6fe6912d6305458dd192df92b5c9b190b50598f1661c9773d56c724faf6c42ab6a4f7c6fac744c1ab9b69"], 0x14}}, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f0000000180)='IPVS\x00') openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IPVS_CMD_ZERO(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r0, &(0x7f0000000140), 0x49249249249266b, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) 18:04:21 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup3(r0, r1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000040)=0x96d1, 0x4) ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) accept4(0xffffffffffffffff, &(0x7f0000000580)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x296, 0x0, 0x0, 0x0, 0x4ce]}) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) [ 230.419537][ T8799] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 230.454958][ T8838] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 230.467688][ T8802] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 230.483849][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 230.511001][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 230.519479][ T3615] bridge0: port 1(bridge_slave_0) entered blocking state [ 230.526641][ T3615] bridge0: port 1(bridge_slave_0) entered forwarding state [ 230.545258][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 230.553609][ T3615] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 230.578612][ T112] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 230.603265][ T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 230.648464][ T112] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 230.658583][ T112] bridge0: port 2(bridge_slave_1) entered blocking state [ 230.666084][ T112] bridge0: port 2(bridge_slave_1) entered forwarding state [ 230.683519][ T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 230.702263][ T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 230.756706][ T8808] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 230.771450][ T8808] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 230.798999][ T8808] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 230.823028][ T8808] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 230.832646][ T8808] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 230.841891][ T8808] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 230.861092][ T8808] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 230.875090][ T8808] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 230.897234][ T8808] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 230.956866][ T2938] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 230.965060][ T2938] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 230.983427][ T8805] 8021q: adding VLAN 0 to HW filter on device batadv0 18:04:22 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa100b000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3c}], 0x1, 0x0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="9feb01001800000016f000000700000400000000000003000000008e"], 0x0, 0x1c}, 0x20) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 18:04:22 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001800dd8d0000000000000000020000000000ff0003000000899d83c4a64e872a022fa54b33ad70f05f412f279139310e7c7b599d8cb41772e698bcc2947049be4d2683464ab7128ed5dd45f2847ca4d3cd53093dbf9d257b288e6c97049f8f607712926bf1bb92db63c16a90a27a4a41d27417a0fcac892817b83dd03e1ab3760a827a86a1fba381dea3684ed9b6d386ca2d426a1ae3638e9b8d020d8cba794e7b5bbc220f0bace4a0c8477bb95125682b5d5df0e691a7ff90037aea8a4d6d817c7d4d8f55bb25f387c30c9417cb83f3c048c581dc36a74925b47cf93031aad02b3a83dad02ee533e9ae51cc43d985b1244c04b77e3b9a9ac811fc7c3b7c1624bb6c249f554403f08e804413c17e00"/289], 0x1c}}, 0x0) 18:04:22 executing program 5: 18:04:22 executing program 2: r0 = socket$inet6(0xa, 0x5, 0x0) getsockopt$bt_hci(r0, 0x84, 0x80, &(0x7f0000000080)=""/4096, &(0x7f0000000000)=0x1000) 18:04:22 executing program 1: syz_open_procfs(0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket(0x10, 0x800000000080002, 0x10) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=ANY=[@ANYBLOB="140000001300fdff00000000006159923d511b09e05eea94fde50340371c3a84339df3cd7675b99d5b5910e0f7f08642e0777165bab6e0472da9f0fcbafbd03d618e477fa45946c1eee5c81c7fcd6dcc2405b16280d6338223d73843bb9096f1e6a06794ea4b39501a09bf1d2511e0d65758708af6ca3ee3675041ad4fd36b6f87e87d7c6f1c48e5b288f215e55f8a9a7383bb7ca18f5bceb8e1acb583eb81e3c0722b6e7588e929dbe0b2f94a91c7ec06db2dc0b083afc26f532e34f476735ac0644c3ff0375e971ceca3a38a0af20b3e3f2ac8f237060e5d45bf167cbfe8df4ea1f43e8a1ced7cc813806f9c6630d8e5481ff5fbc24cc59bbc91dfdfc47f18ed3ef86ea1e6a3ce63503374527a0a8543d6156b43e69057d08fa55bf8775fbddddcf8f07271a70dc52658e7e4ad555a76ca16bdc004bd90726491a5288072e962b12b8cd6059dc73259d10938f9845609ec053f3a2c94288b4f014ea77a93d5950cc7ccb2b00ebd2a3cda7340194f2fb2a809231155416538fe13f2214212aabaa507fdaf64d0367108bc10c95b67c7e0ecf9d52d933967944fa64a08fb227eec52edff619101a33754609cc4020000000000f8010085de5eaebe8e14d6a1d76953252f9394922141a2d0563bd089cee1bb62ccd8bec78b367c8dfda2ebb34f1a4c66d16a9fddddd407d9aa726aa49e2f21488f918321a0d3c8ae25e4ab855c894a6daef1dc13d6fe6912d6305458dd192df92b5c9b190b50598f1661c9773d56c724faf6c42ab6a4f7c6fac744c1ab9b69"], 0x14}}, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f0000000180)='IPVS\x00') openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IPVS_CMD_ZERO(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r0, &(0x7f0000000140), 0x49249249249266b, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) 18:04:22 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) close(r0) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0xf) r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r0, r4, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xfffffffffffffec8, 0x0, 0x0, 0xe1) 18:04:22 executing program 4: 18:04:22 executing program 4: 18:04:22 executing program 2: 18:04:22 executing program 5: [ 231.823787][ C0] hrtimer: interrupt took 46244 ns 18:04:22 executing program 1: syz_open_procfs(0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket(0x10, 0x800000000080002, 0x10) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=ANY=[@ANYBLOB="140000001300fdff00000000006159923d511b09e05eea94fde50340371c3a84339df3cd7675b99d5b5910e0f7f08642e0777165bab6e0472da9f0fcbafbd03d618e477fa45946c1eee5c81c7fcd6dcc2405b16280d6338223d73843bb9096f1e6a06794ea4b39501a09bf1d2511e0d65758708af6ca3ee3675041ad4fd36b6f87e87d7c6f1c48e5b288f215e55f8a9a7383bb7ca18f5bceb8e1acb583eb81e3c0722b6e7588e929dbe0b2f94a91c7ec06db2dc0b083afc26f532e34f476735ac0644c3ff0375e971ceca3a38a0af20b3e3f2ac8f237060e5d45bf167cbfe8df4ea1f43e8a1ced7cc813806f9c6630d8e5481ff5fbc24cc59bbc91dfdfc47f18ed3ef86ea1e6a3ce63503374527a0a8543d6156b43e69057d08fa55bf8775fbddddcf8f07271a70dc52658e7e4ad555a76ca16bdc004bd90726491a5288072e962b12b8cd6059dc73259d10938f9845609ec053f3a2c94288b4f014ea77a93d5950cc7ccb2b00ebd2a3cda7340194f2fb2a809231155416538fe13f2214212aabaa507fdaf64d0367108bc10c95b67c7e0ecf9d52d933967944fa64a08fb227eec52edff619101a33754609cc4020000000000f8010085de5eaebe8e14d6a1d76953252f9394922141a2d0563bd089cee1bb62ccd8bec78b367c8dfda2ebb34f1a4c66d16a9fddddd407d9aa726aa49e2f21488f918321a0d3c8ae25e4ab855c894a6daef1dc13d6fe6912d6305458dd192df92b5c9b190b50598f1661c9773d56c724faf6c42ab6a4f7c6fac744c1ab9b69"], 0x14}}, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f0000000180)='IPVS\x00') openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$IPVS_CMD_ZERO(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(r0, &(0x7f0000000140), 0x49249249249266b, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) 18:04:22 executing program 4: 18:04:23 executing program 3: 18:04:23 executing program 2: 18:04:23 executing program 5: 18:04:23 executing program 4: 18:04:23 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) close(r0) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0xf) r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r0, r4, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xfffffffffffffec8, 0x0, 0x0, 0xe1) 18:04:23 executing program 1: 18:04:23 executing program 3: 18:04:23 executing program 2: 18:04:23 executing program 4: 18:04:23 executing program 5: 18:04:23 executing program 1: 18:04:23 executing program 3: 18:04:23 executing program 2: 18:04:23 executing program 4: 18:04:23 executing program 5: 18:04:23 executing program 1: 18:04:23 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) close(r0) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0xf) r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r0, r4, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xfffffffffffffec8, 0x0, 0x0, 0xe1) 18:04:23 executing program 2: 18:04:23 executing program 4: 18:04:23 executing program 3: 18:04:23 executing program 5: prlimit64(0x0, 0xe, 0x0, 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$IPT_SO_GET_REVISION_MATCH(r0, 0x0, 0x42, &(0x7f0000000000)={'icmp\x00'}, &(0x7f0000000040)=0x1e) r1 = getpid() r2 = open(0x0, 0x0, 0x0) syz_open_procfs(0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setattr(r1, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) r3 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r3, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r5, 0x407, 0x0) write(r5, &(0x7f0000000140)="868a68b4531f3a42f7e81c49c0886746c1f230fead8759bfd93a2e79a5dedea5c0852c3c06a8391b58a5fe97838849c4cf162bc9166159f0b67004a29fc5be8a7c9d578048e4c4fd942613f20461d84323598ef56d3b23eede1cb82f46fc307f5e539dce43dde5c70f8377d233f9a07b3f761d878349b4e1c831810d", 0x413957c0) vmsplice(r4, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) pipe(0x0) r6 = syz_open_dev$sndtimer(&(0x7f0000000000)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r6, 0xc0f85403, &(0x7f000000efcc)={{0x100000001}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5]}) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x3049}, 0x0) r7 = syz_open_dev$loop(&(0x7f0000000280)='/dev/loop#\x00', 0x0, 0x100082) r8 = memfd_create(&(0x7f0000000380)='\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00v\x8e\x05\xf7\xc1U\xad}\xc6\x94|W>Zi$Nv8,\n\xa6=W^\xa3Y\x7f\x8b\x17(\'~\xf7k0TM{\xa9-\xcf\x97\x8f\x1f\x81\xdc\x1b\x7f\x8f{4Q\xda\xda\x02\xec\xb4\xf1\xdd\xcc\x8bRA\xda\x89Efn\x00s\xc2Zb\x01\x00M\xbe\xa3z\xab\xd3\xeb\x98\x88\xc4\xc6)A\x9fP\x93zhH\xe0\xd2\x81\xdb\xeeV\x8cM\xe9\xa06\xc2o\x19\"\xf6Iq\xd4\xdf\x97\xfb\xab\x04\xe8\xceI8\xb3\x1d\xcf%\x9bK\xc6\t\x01\xe1\x86a\xfa\xb8\xfb)\x88\xcd+\xc2`\xc2\xf5r5>k\xb0\xa0\x02\xfc\x16MO\x18\x9b\x06\x80b\xd1\x01\x00\x00\x00\x00\x00\x00\x00@\f\fL\xa5{Tk\x940\x17.\xa56.\xe0\x14\x1b=\xf0j\xd25\xe8\x15\xd8\x9e\xea\xd3\xd9G4\t\xc0\x9c.\'\xa9R3z$\xf2\x01\x88\xc0\x13\x12<\xc01j3\xd8\xb4CE7s\xe4\xa0\x9e\xdd\x801\x12M\xee\x13\xce\x9cu(\x8f.\xc83\xc7\xe6j\xf5\xb1\x9a\x00\x00\x00\x00\x00\x00\x00', 0x0) pwritev(r8, &(0x7f0000001400)=[{&(0x7f00000002c0)='\'', 0x1}], 0x1, 0x8180a) ioctl$LOOP_CHANGE_FD(r7, 0x4c00, r8) sendfile(r7, r8, 0x0, 0x20000102000007) listen(0xffffffffffffffff, 0x0) getdents(0xffffffffffffffff, &(0x7f00000000c0)=""/31, 0x1f) ioctl$KDGETKEYCODE(r2, 0x4b4c, &(0x7f00000001c0)={0x2, 0xddd6}) process_vm_writev(0x0, &(0x7f0000000240)=[{&(0x7f00000004c0)=""/127, 0x7f}, {&(0x7f0000000540)=""/205, 0xcd}], 0x2, &(0x7f0000000880)=[{&(0x7f0000000640)=""/198, 0xc6}, {&(0x7f0000000740)=""/183, 0xb7}, {&(0x7f0000000800)=""/97, 0x61}], 0x3, 0x0) accept$packet(0xffffffffffffffff, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000100)=0x14) r9 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vcs\x00', 0x680100, 0x0) ioctl$TIOCSSOFTCAR(r9, 0x541a, &(0x7f0000000340)=0x142) 18:04:23 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") r1 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r1, &(0x7f00000002c0)={0x2, 0x0, @local}, 0x10) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0x10) r2 = inotify_init1(0x0) fcntl$setown(r2, 0x8, 0xffffffffffffffff) unshare(0x40400) fcntl$getownex(r2, 0x10, &(0x7f0000000100)={0x0, 0x0}) setsockopt$sock_cred(r1, 0x1, 0x35, &(0x7f0000000000)={r3}, 0xc) 18:04:23 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f00000000c0)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0) umount2(&(0x7f0000000000)='./file0\x00', 0x0) 18:04:23 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x2, 0x0, 0x6}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000100)=[{{&(0x7f00000004c0)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast2}}}, 0x57, 0x0, 0x0, 0x0, 0xfe}}], 0x1, 0x20101, 0x0) getpid() ioprio_get$pid(0x0, 0x0) pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r4, 0x407, 0x0) r5 = creat(0x0, 0x0) fcntl$setflags(0xffffffffffffffff, 0x2, 0x0) getresuid(&(0x7f0000000240), 0x0, 0x0) ioctl$DRM_IOCTL_GET_CLIENT(r5, 0xc0286405, 0x0) setxattr$security_selinux(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)='security.selinux\x00', 0x0, 0x0, 0x1) write(r4, &(0x7f0000000340), 0x41395527) vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) getsockopt$ARPT_SO_GET_ENTRIES(r4, 0x0, 0x61, &(0x7f00000009c0)=ANY=[], 0x0) delete_module(&(0x7f00000001c0)='system_u:object_r:clock_device_t:s0\x00', 0x0) perf_event_open(0x0, r0, 0x7, 0xffffffffffffffff, 0x2) write$P9_RSTAT(0xffffffffffffffff, &(0x7f00000008c0)=ANY=[], 0x0) dup2(0xffffffffffffffff, r2) r6 = open(0x0, 0x40c2, 0x0) fallocate(r6, 0x11, 0x0, 0x0) ioctl$TIOCLINUX7(r6, 0x541c, &(0x7f0000000380)={0x7, 0x1d}) clone(0xd48d24434713bd52, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_config_ext, 0x200000000, 0xffffffffffffffff, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x9) syz_open_procfs(0x0, &(0x7f00000000c0)='net/route\x00') preadv(0xffffffffffffffff, &(0x7f0000000180)=[{&(0x7f00000002c0)=""/70, 0x46}, {&(0x7f0000000540)=""/207, 0xcf}, {&(0x7f0000000440)=""/92, 0x5c}, {&(0x7f0000000640)=""/179, 0xb3}], 0x4, 0x800000) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, 0x0) 18:04:24 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") socketpair$unix(0x1, 0x0, 0x0, 0x0) dup(0xffffffffffffffff) syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f00000000c0)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0) r1 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) fchdir(r1) r2 = open(&(0x7f0000000300)='./file0\x00', 0x86842, 0x0) r3 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) write$9p(r2, &(0x7f0000000800)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb9693dd6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b804bfe70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517", 0x1b7) sendfile(r2, r3, 0x0, 0x10000) 18:04:24 executing program 2: pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setstatus(r1, 0x4, 0x46000) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = fcntl$dupfd(r2, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) [ 233.222886][ T23] kauditd_printk_skb: 3 callbacks suppressed [ 233.222898][ T23] audit: type=1800 audit(1574013864.231:31): pid=8980 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="loop4" ino=22 res=0 [ 233.304537][ T23] audit: type=1804 audit(1574013864.231:32): pid=8980 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir640678820/syzkaller.6xb3gy/9/file0/file0" dev="loop4" ino=22 res=1 18:04:24 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000b9aff0)={0x2, 0x4e20}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x2, 0x4e20}, 0x10) sendmmsg$sock(0xffffffffffffffff, 0x0, 0x0, 0x0) setsockopt$sock_int(r0, 0x1, 0x2a, &(0x7f0000000000), 0x4) recvmmsg(r0, &(0x7f0000003ac0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x43, 0x0) 18:04:24 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) close(r0) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0xf) r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r0, r4, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xfffffffffffffec8, 0x0, 0x0, 0xe1) [ 233.457464][ T23] audit: type=1804 audit(1574013864.461:33): pid=8994 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir640678820/syzkaller.6xb3gy/9/file0/file0" dev="loop4" ino=22 res=1 18:04:24 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") socketpair$unix(0x1, 0x0, 0x0, 0x0) dup(0xffffffffffffffff) syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f00000000c0)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0) r1 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) fchdir(r1) r2 = open(&(0x7f0000000300)='./file0\x00', 0x86842, 0x0) r3 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) write$9p(r2, &(0x7f0000000800)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb9693dd6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b804bfe70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517", 0x1b7) sendfile(r2, r3, 0x0, 0x10000) [ 233.532984][ T23] audit: type=1804 audit(1574013864.461:34): pid=8984 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.4" name="/root/syzkaller-testdir640678820/syzkaller.6xb3gy/9/file0/file0" dev="loop4" ino=22 res=1 [ 233.661389][ T9003] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. 18:04:24 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") getsockopt$inet_udp_int(r0, 0x11, 0x1, &(0x7f0000000040), &(0x7f0000000100)=0x4) [ 233.840243][ T23] audit: type=1800 audit(1574013864.841:35): pid=9011 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="sda1" ino=16554 res=0 18:04:24 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) close(r0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0xf) syz_kvm_setup_cpu$x86(r0, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xfffffffffffffec8, 0x0, 0x0, 0xe1) 18:04:25 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0}, &(0x7f0000cab000)=0x1) wait4(r1, 0x0, 0x0, 0x0) [ 234.052844][ T23] audit: type=1804 audit(1574013864.861:36): pid=9011 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir640678820/syzkaller.6xb3gy/10/file0/file0" dev="sda1" ino=16554 res=1 18:04:25 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") getpriority(0x1, 0x0) 18:04:25 executing program 3: connect$inet6(0xffffffffffffffff, &(0x7f0000000240)={0xa, 0x0, 0x0, @local}, 0x1c) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x9) shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000440)={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x8000000000006, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000600)) r1 = syz_open_pts(r0, 0x0) write$binfmt_aout(r0, &(0x7f0000000240)=ANY=[], 0x35b) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000040)={0x17}) connect$inet6(0xffffffffffffffff, 0x0, 0x0) 18:04:25 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount(&(0x7f0000000880)=ANY=[@ANYBLOB='/dev/loop0'], &(0x7f0000000180)='./file0\x00', 0x0, 0x5010, 0x0) 18:04:25 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) clock_gettime(0xf, 0x0) 18:04:25 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") r1 = socket$inet(0x2, 0x803, 0xa0) connect$inet(r1, &(0x7f0000000180)={0x2, 0x0, @remote}, 0x10) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqn(r2, 0x0, 0x27, 0x0, 0x0) setsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x15, &(0x7f0000000200)={{{@in6=@empty, @in=@remote}}, {{@in6=@mcast2}, 0x0, @in=@broadcast}}, 0xe8) 18:04:25 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ppoll(&(0x7f0000000040)=[{r0, 0x21}], 0x1, 0x0, 0x0, 0x0) r1 = dup(r0) shutdown(r1, 0x0) 18:04:25 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) close(r0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0xf) syz_kvm_setup_cpu$x86(r0, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xfffffffffffffec8, 0x0, 0x0, 0xe1) 18:04:25 executing program 3: r0 = gettid() r1 = creat(&(0x7f0000000100)='./file0\x00', 0x10003) write$binfmt_script(0xffffffffffffffff, 0x0, 0x0) fsetxattr$trusted_overlay_upper(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$PPPIOCSACTIVE(0xffffffffffffffff, 0x40107446, 0x0) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x42, 0x4008001, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prctl$PR_SET_PTRACER(0x59616d61, r0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r1) pipe2$9p(0x0, 0x0) r2 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) ioctl$TUNSETVNETLE(r2, 0x400454dc, &(0x7f0000000200)) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) 18:04:25 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") r1 = inotify_init1(0x0) fcntl$setown(r1, 0x8, 0xffffffffffffffff) fcntl$getownex(r1, 0x10, &(0x7f0000000100)={0x0, 0x0}) getpriority(0x2, r2) 18:04:25 executing program 4: r0 = add_key$user(&(0x7f00000002c0)='user\x00', &(0x7f0000000300)={'syz', 0x1}, &(0x7f0000000340)="ff", 0x1, 0xfffffffffffffffc) keyctl$describe(0x6, r0, 0x0, 0x0) 18:04:25 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f00000028c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080)) add_key(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffb) keyctl$read(0xb, 0x0, 0x0, 0x0) keyctl$KEYCTL_PKEY_QUERY(0x18, 0x0, 0x0, 0x0, 0x0) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)=0x0) timer_settime(r4, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) getrandom(&(0x7f0000000180)=""/40, 0x9db3ff6336c4215d, 0x0) 18:04:25 executing program 5: r0 = socket$inet6(0xa, 0x3, 0x9) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x7c) sendmmsg(r0, &(0x7f0000000040), 0x52d, 0x0) recvmmsg(r0, &(0x7f0000000240)=[{{&(0x7f00000000c0)=@x25={0x9, @remote}, 0x80, 0x0}}], 0x1, 0x0, 0x0) 18:04:25 executing program 4: pipe(&(0x7f0000000280)) socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000000)=0x16c, 0x4) setsockopt$inet_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000280)={@in={{0x2, 0x0, @local}}, 0x0, 0x5, 0x2, "a77760f5a7645bc43c241d69912dda0c63c2a66726f8cfafd6c8fe2c98de7ba44947a79015f0fe57917cb62a93987a938fdedfce7bbb24fec2fba09c41fb233245f2604b9e07b8ab79ec15ef2818a179"}, 0xd8) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f00000001c0), 0x4) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0xdc00}], 0x1, &(0x7f0000000200)=""/20, 0x5, 0x3e8}, 0x100) write$binfmt_elf64(r0, &(0x7f0000002300)=ANY=[@ANYRES64], 0x1000001bd) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) 18:04:25 executing program 2: open(&(0x7f0000000100)='./file0\x00', 0x204c2, 0x0) r0 = creat(&(0x7f0000000140)='./file1\x00', 0x100) write$binfmt_script(r0, &(0x7f0000000000)=ANY=[@ANYRES64], 0x8) ioctl$EXT4_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000180)=0x4000) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000000)={&(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000ed6000/0x3000)=nil, &(0x7f0000cfa000/0x1000)=nil, &(0x7f0000eae000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f00000001c0)="fe2470f16790bd2413db77f2c569c09f0783f5e6cefddfff9b0060ac47a5527544bbe8ab11596a6b8d7e7f7eb894a4fc8b528f5c210a4ed984e6df0e65ba3820e52d8ae63eceecb3e2985bc3d9d21f05a9b10b5b87601cc884064ddec33911ce963aafc69c896f27d32d8a65041bfb5178cf32fb5409c5a05d22c0f88599e9750a97e706d5ed00a2cfbd25258acd9916cdc95ab5a6d89f10161a91e297e54f408f1d36925206401aaf81d0c3b71eaf03582335f083edcd618d9cc07c9d1b7819cec233f03c6d9ddb601ff20978e6cbf8e769105ad441", 0xd6, r0}, 0x68) mount(&(0x7f0000001340)=ANY=[@ANYBLOB='./file0'], &(0x7f0000000180)='./file0\x00', 0x0, 0x14c9044, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={0xffffffffffffffff}) close(r1) io_setup(0x6, &(0x7f0000000140)=0x0) io_submit(r2, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r1, 0x0, 0x12f}]) r3 = socket$inet_udp(0x2, 0x2, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) r5 = fcntl$dupfd(r3, 0x0, r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) 18:04:25 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) close(r0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0xf) syz_kvm_setup_cpu$x86(r0, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xfffffffffffffec8, 0x0, 0x0, 0xe1) 18:04:26 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = add_key(&(0x7f0000002000)='logon\x00', &(0x7f0000001000), &(0x7f0000001000)="1c989cc9f58ec796be4720e6160291a2fb7c6445e84b8e9e349ead029fe38d5810bf992b5d51f406a51cc339021268aed6f767582af42dbc8ea1110e4353fcf30b20f1f27ed3b44bef6444f8ca6a808e34ded636ef55e151c11b4ef7a5384f4a0ceb885759dfeeca5aaa540de461d2130755897533032f5639c4ba79988a49d63084f2cbed0a84e5e733146f15192fdabd0e3a", 0x93, 0xfffffffffffffffc) keyctl$describe(0x6, r2, 0x0, 0x0) 18:04:26 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket(0x40000000002, 0x3, 0x2) setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000200)='veth1_to_hsr\x00', 0x10) sendmsg$unix(r2, &(0x7f0000000900)={&(0x7f00000000c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e, 0x0}, 0x0) 18:04:26 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) close(r0) openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ptmx\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r0, r3, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xfffffffffffffec8, 0x0, 0x0, 0xe1) 18:04:26 executing program 3: socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$IPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000000)={'raw\x00'}, &(0x7f00000004c0)=0x54) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = fcntl$dupfd(r1, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) bind$bt_hci(r0, &(0x7f0000000040), 0xc) [ 235.531417][ T9117] raw_sendmsg: syz-executor.2 forgot to set AF_INET. Fix it! 18:04:26 executing program 1: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000040)=0x74, 0x4) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) write$binfmt_elf32(r0, &(0x7f0000000480)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x38}, [{}], "", [[], [], [], [], [], []]}, 0x658) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='bbr\x00', 0x4) write$binfmt_script(r0, &(0x7f0000000440)=ANY=[@ANYBLOB='#'], 0x1) 18:04:26 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$IPT_SO_GET_REVISION_MATCH(r0, 0x0, 0x42, &(0x7f0000000000)={'icmp\x00'}, &(0x7f0000000040)=0x1e) r1 = getpid() r2 = open(0x0, 0x0, 0x0) syz_open_procfs(0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setattr(r1, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) r3 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r3, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r5, 0x407, 0x0) write(r5, 0x0, 0x0) vmsplice(r4, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) pipe(0x0) r6 = syz_open_dev$sndtimer(&(0x7f0000000000)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r6, 0xc0f85403, &(0x7f000000efcc)={{0x100000001}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5]}) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x3049}, 0x0) r7 = syz_open_dev$loop(&(0x7f0000000280)='/dev/loop#\x00', 0x0, 0x100082) r8 = memfd_create(&(0x7f0000000380)='\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00v\x8e\x05\xf7\xc1U\xad}\xc6\x94|W>Zi$Nv8,\n\xa6=W^\xa3Y\x7f\x8b\x17(\'~\xf7k0TM{\xa9-\xcf\x97\x8f\x1f\x81\xdc\x1b\x7f\x8f{4Q\xda\xda\x02\xec\xb4\xf1\xdd\xcc\x8bRA\xda\x89Efn\x00s\xc2Zb\x01\x00M\xbe\xa3z\xab\xd3\xeb\x98\x88\xc4\xc6)A\x9fP\x93zhH\xe0\xd2\x81\xdb\xeeV\x8cM\xe9\xa06\xc2o\x19\"\xf6Iq\xd4\xdf\x97\xfb\xab\x04\xe8\xceI8\xb3\x1d\xcf%\x9bK\xc6\t\x01\xe1\x86a\xfa\xb8\xfb)\x88\xcd+\xc2`\xc2\xf5r5>k\xb0\xa0\x02\xfc\x16MO\x18\x9b\x06\x80b\xd1\x01\x00\x00\x00\x00\x00\x00\x00@\f\fL\xa5{Tk\x940\x17.\xa56.\xe0\x14\x1b=\xf0j\xd25\xe8\x15\xd8\x9e\xea\xd3\xd9G4\t\xc0\x9c.\'\xa9R3z$\xf2\x01\x88\xc0\x13\x12<\xc01j3\xd8\xb4CE7s\xe4\xa0\x9e\xdd\x801\x12M\xee\x13\xce\x9cu(\x8f.\xc83\xc7\xe6j\xf5\xb1\x9a\x00\x00\x00\x00\x00\x00\x00', 0x0) pwritev(r8, &(0x7f0000001400)=[{&(0x7f00000002c0)='\'', 0x1}], 0x1, 0x8180a) ioctl$LOOP_CHANGE_FD(r7, 0x4c00, r8) sendfile(r7, r8, 0x0, 0x20000102000007) listen(0xffffffffffffffff, 0x0) getdents(0xffffffffffffffff, &(0x7f00000000c0)=""/31, 0x1f) ioctl$KDGETKEYCODE(r2, 0x4b4c, &(0x7f00000001c0)={0x2, 0xddd6}) process_vm_writev(0x0, &(0x7f0000000240)=[{&(0x7f00000004c0)=""/127, 0x7f}, {&(0x7f0000000540)=""/205, 0xcd}], 0x2, &(0x7f0000000880)=[{&(0x7f0000000640)=""/198, 0xc6}, {0x0}, {&(0x7f0000000800)=""/97, 0x61}], 0x3, 0x0) accept$packet(0xffffffffffffffff, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000100)=0x14) r9 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vcs\x00', 0x680100, 0x0) ioctl$TIOCSSOFTCAR(r9, 0x541a, &(0x7f0000000340)=0x142) 18:04:26 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") r1 = socket(0x10, 0x802, 0x0) write(r1, &(0x7f0000000200)="240000001a0025f0006bb4f7fdff141c020b5aff6e10b500001180cc0800190001000000", 0x24) 18:04:26 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() select(0xf4, 0x0, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) recvmmsg(r1, &(0x7f0000003fc0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) tkill(r0, 0x2a) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000006c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = fcntl$dupfd(r3, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) 18:04:27 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) close(r0) openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ptmx\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r0, r3, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xfffffffffffffec8, 0x0, 0x0, 0xe1) 18:04:27 executing program 1: r0 = socket$inet_udp(0x2, 0x2, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r0, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) keyctl$negate(0xd, 0x0, 0x0, 0xffffffffffffffff) 18:04:27 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") getsockopt$inet_udp_int(r0, 0x11, 0xb, &(0x7f0000000040), &(0x7f0000000100)=0x4) 18:04:27 executing program 4: open(&(0x7f0000000100)='./file0\x00', 0x204c2, 0x0) mount(&(0x7f0000001340)=ANY=[@ANYBLOB='./file0'], &(0x7f0000000180)='./file0\x00', 0x0, 0x14c9044, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r0, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_mount_image$iso9660(&(0x7f0000000080)='iso9660\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x9, &(0x7f0000000800)=[{&(0x7f00000002c0)="b37060a5aec94012fe9f858ac42d77865b249b64129fabd880425da25e596516a6bd92cdee975528c55b3caeffca2352f068ea43905084bfd2b2be02844183a146a4babef4a8fdd80dbeea85763ec0fb0f78c70012bad1", 0x57, 0x100000000}, {&(0x7f0000000340)="f6f99500c70af50195ac190f405fa190cac10d90650085a9e9", 0x19, 0x401}, {&(0x7f0000000380)="df018276870f530861792a7ef3111459ae342a7373c46ae083ea523735c01d86fb5a37dad5cb6504bb79099bc8401f58f27819b7da28aa36111c837068df018af6667ea5a9aee6011729a4f062cf9008264db0763d752447033d404cc0d1010a2c3cd11dce3e2a8f50c1f3e0b01c7bfe8fc81651cadcab6c4dd12f3871ef5301411c782e4ec9e4ad39bbafeed0225e350cff41efdbec534e55615cefa3870835be5df2b9796c6756c2c07a1d7329b2c817b74d6c2c3e840f3e09bcd0d06a5a00e4030f13da6fb6d09a25483f088c8fa3b7f8", 0xd2, 0x4}, {&(0x7f0000000980)="9fb52a57e0c63074fe2406e08a89a61aa4edeff518369b6592d400a8b7eeeaef52f8b514cb8927935f1ad1d72d9215e3e47cbddc97cf84389a1918385744d21e947f982691edbdc45832e51015eee2d4baa750fed5075d5e71f93a401c851a76a4a6c66cf201c4c95e1f42e3da19e718ae7af7eb619a5c2ce1e748b67541cb525f1b15f21da91ff4a9790014ab518cfaf4f0ee2b94636c3d36e499adcc263434b50727bdf0dcb00e7dd7ca9fe69c8655e2d13808a6dd490cc14cf2d3be0bbd0b894647172831974066ffc50ea2146cc9b91f1d135e26136e0d40babeae81c1fcfc1b56ff8a9d5cf47678f6418dee56e5f653ca299327b15db222e81f242940b57ba93e0b273570d2855ec26858b650e9bd49fb56a498588eb7d7dccb35300805a83ba9c98211c389", 0xfd, 0x9}, {&(0x7f0000000580)="bbfdf04866c2e5714867f3b6c2cc2db0b3056194869ecfde60cde64879fe53069cd5c969532a29296e122b98ee1c1c070533746a24b09f91aadf50186825ff5e223b89432c4316f046162f5894d240933509b5bdd6130300e154f25000be7c6af5ce9c5d267cef3bd5c89f29b703485736b40e552f5fa5eccd6a466ca14a28fddc337a5eaf586e580a7da2457cde0e26077657541e1dec", 0x97, 0x8}, {&(0x7f0000000640)="25af491b5fc77410ba6512d0e1ad3e51cf68dc48cf292734b1f34a1daea2d95239180a30d4af8a67f6a1b9", 0x2b, 0x7fffffffffd}, {&(0x7f0000000680)="58e5f1dc3c3b32e918a90a05dfee156952503f2b0ef8e93dd282f0ddcbe7a591b7797404edc5ca917611e4b31a2d5f2876", 0x31, 0x7}, {&(0x7f00000006c0)="8fede8e7f6f009ef89559dd1c596bd5413b270b5b9e8c3bf873f173b46b790a7c297717cb864ed81b6c05668ad7e513555bfed86620518777a378a0e487a7976", 0x40, 0x100000000}, {&(0x7f0000000700)="8c8cde5e7213ce0dbf29215a667eb3e2ddf38e8a876f973defb495a090342f322724a62ac0b8f1216c1813e15e476e6f0137d27ee24e2ae95e26bfcc616b1477c790c69cdd9c36c414059f14c53ab086042d01b361608f1f9d2afbb6a67ad1c0af50d6eb2c47865404bdc269a1122d496a188c0d32355c1dd03d9ab2675cb596d31d6be384128302c66cc5c0c825025ff1f1e88cbfe40d9af830745281a68834d9d9db1f1e71878a189abbc356a034513fa4d46150e659e31dbcc00ba83537d93d886b960a121286d60411188e316fef4f643fe63260777430c6cedbcc56d1ff41fec5bd07b48d", 0xffffffffffffffc1, 0x80000001}], 0x120002, &(0x7f0000000ac0)={[{@overriderock='overriderockperm'}, {@check_strict='check=strict'}], [{@pcr={'pcr'}}, {@smackfstransmute={'smackfstransmute', 0x3d, '%/vmnet1^,security'}}]}) 18:04:27 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f00000000c0)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0) utimensat(r1, 0x0, &(0x7f0000000200)={{0x77359400}}, 0x0) 18:04:27 executing program 3: r0 = socket(0x40000000002, 0x3, 0x2) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000012c0)='syz_tun\x00', 0x10) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs, 0x6e) 18:04:27 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='mountinfo\x00') preadv(r0, &(0x7f0000001340)=[{&(0x7f00000000c0)=""/4096, 0x1000}], 0x1, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = fcntl$dupfd(r1, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) preadv(r0, &(0x7f0000000000)=[{&(0x7f00000022c0)=""/4096, 0x1000}], 0x1, 0x0) 18:04:27 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) close(r0) openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ptmx\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r0, r3, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xfffffffffffffec8, 0x0, 0x0, 0xe1) 18:04:27 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") r1 = socket(0x10, 0x800000000080002, 0x0) close(r1) 18:04:27 executing program 1: 18:04:27 executing program 2: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r0, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) waitid$P_PIDFD(0x3, 0xffffffffffffffff, &(0x7f0000000800), 0x790837c71a063f7d, 0x0) 18:04:27 executing program 3: r0 = socket$unix(0x1, 0x2, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) clone(0x20002100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit(0x0) 18:04:27 executing program 3: r0 = socket(0x10, 0x3, 0x0) write(r0, &(0x7f00000000c0)="240000001e005f0214fffffffffffff8001b0000000000000000000008000905d6000000", 0x24) 18:04:27 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x6}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000100)=[{{&(0x7f00000004c0)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast2}}}, 0x80, 0x0, 0x0, 0x0, 0xfe}}], 0x1, 0x0, 0x0) getpid() ioprio_get$pid(0x3, 0x0) pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$EVIOCSFF(r3, 0x40304580, &(0x7f0000000300)={0x54, 0x8, 0x252c, {0x1, 0xfff9}, {0x80, 0xf2e}, @period={0x5c, 0x0, 0x7ff, 0x20, 0x0, {0x4, 0xff, 0x0, 0x5c2}, 0x3, &(0x7f00000002c0)=[0x6, 0x6, 0x80]}}) get_robust_list(r0, &(0x7f0000000540)=&(0x7f0000000380)={&(0x7f00000001c0)={&(0x7f00000000c0)}, 0x0, &(0x7f0000000340)={&(0x7f0000000200)}}, &(0x7f0000000580)=0x18) fcntl$setpipe(r3, 0x407, 0x0) r4 = creat(0x0, 0x0) getresuid(&(0x7f0000000240), 0x0, 0x0) ioctl$DRM_IOCTL_GET_CLIENT(r4, 0xc0286405, 0x0) setxattr$security_selinux(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)='security.selinux\x00', 0x0, 0x0, 0x1) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3}, 0x0) getsockopt$ARPT_SO_GET_ENTRIES(r3, 0x0, 0x61, &(0x7f00000009c0)=ANY=[], 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(r4, 0x29, 0x22, &(0x7f00000005c0)={{{@in6=@loopback, @in=@broadcast}}, {{@in6=@empty}, 0x0, @in6=@empty}}, &(0x7f00000006c0)=0xe8) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) dup2(0xffffffffffffffff, 0xffffffffffffffff) r5 = open(0x0, 0x40c2, 0x0) fallocate(r5, 0x11, 0x0, 0x0) clone(0xd48d24434713bd52, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x200000000, 0xffffffffffffffff, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x9) r6 = syz_open_procfs(0x0, 0x0) preadv(r6, &(0x7f0000000180)=[{&(0x7f0000000780)=""/86, 0x56}, {&(0x7f0000000440)=""/92, 0x5c}], 0x2, 0x800000) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, 0x0) 18:04:27 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500)={0xffffffffffffffff}) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000280)='/dev/rtc0\x00', 0x0, 0x0) ioctl$RTC_UIE_ON(r2, 0x7003) 18:04:28 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x6}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000100)=[{{&(0x7f00000004c0)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast2}}}, 0x80, 0x0, 0x0, 0x0, 0xfe}}], 0x1, 0x0, 0x0) getpid() ioprio_get$pid(0x3, 0x0) pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$EVIOCSFF(r3, 0x40304580, &(0x7f0000000300)={0x54, 0x8, 0x252c, {0x1, 0xfff9}, {0x80, 0xf2e}, @period={0x5c, 0x0, 0x7ff, 0x20, 0x0, {0x4, 0xff, 0xfff9, 0x5c2}, 0x3, &(0x7f00000002c0)=[0x6, 0x6, 0x80]}}) get_robust_list(r0, &(0x7f0000000540)=&(0x7f0000000380), &(0x7f0000000580)=0x18) fcntl$setpipe(r3, 0x407, 0x0) r4 = creat(0x0, 0x0) getresuid(&(0x7f0000000240), 0x0, 0x0) ioctl$DRM_IOCTL_GET_CLIENT(r4, 0xc0286405, 0x0) setxattr$security_selinux(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)='security.selinux\x00', 0x0, 0x0, 0x1) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3}, 0x0) getsockopt$ARPT_SO_GET_ENTRIES(r3, 0x0, 0x61, &(0x7f00000009c0)=ANY=[], 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(r4, 0x29, 0x22, &(0x7f00000005c0)={{{@in6=@loopback, @in=@broadcast}}, {{@in6=@empty}, 0x0, @in6=@empty}}, &(0x7f00000006c0)=0xe8) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) dup2(0xffffffffffffffff, 0xffffffffffffffff) r5 = open(0x0, 0x40c2, 0x0) fallocate(r5, 0x11, 0x0, 0x0) clone(0xd48d24434713bd52, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x200000000, 0xffffffffffffffff, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x9) r6 = syz_open_procfs(0x0, 0x0) preadv(r6, &(0x7f0000000180)=[{&(0x7f0000000780)=""/86, 0x56}, {&(0x7f0000000440)=""/92, 0x5c}], 0x2, 0x800000) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, 0x0) 18:04:28 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) close(r0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r0, r3, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xfffffffffffffec8, 0x0, 0x0, 0xe1) 18:04:28 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r0, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) open(&(0x7f0000000100)='./file0\x00', 0x204c2, 0x0) mount(&(0x7f0000001340)=ANY=[@ANYBLOB='./file0'], &(0x7f0000000180)='./file0\x00', 0x0, 0x14c9044, 0x0) syz_mount_image$ext4(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x4220, 0x0) 18:04:28 executing program 3: syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f00000000c0)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0) r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f0000000300)='./file0\x00', 0x86842, 0x0) r2 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) write$9p(r1, &(0x7f0000000800)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb9693dd6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b804bfe70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b73", 0x1c8) sendfile(r1, r2, 0x0, 0x10000) 18:04:28 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") r1 = socket$inet(0x2, 0x803, 0xa0) connect$inet(r1, &(0x7f0000000180)={0x2, 0x0, @remote}, 0x10) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqn(r2, 0x0, 0x0, 0x0, 0x0) setsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x32, 0x0, 0x0) [ 237.364185][ T23] audit: type=1800 audit(1574013868.371:37): pid=9242 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="file0" dev="loop3" ino=23 res=0 18:04:28 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) close(r0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r0, r3, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xfffffffffffffec8, 0x0, 0x0, 0xe1) [ 237.637612][ T23] audit: type=1804 audit(1574013868.401:38): pid=9242 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir603127311/syzkaller.hl4jmd/16/file0/file0" dev="loop3" ino=23 res=1 [ 237.665452][ T9234] EXT4-fs (sda1): re-mounted. Opts: 18:04:28 executing program 5: open(&(0x7f0000000100)='./file0\x00', 0x204c2, 0x0) mount(&(0x7f0000001340)=ANY=[@ANYBLOB='./file0'], &(0x7f0000000180)='./file0\x00', 0x0, 0x14c9044, 0x0) syz_mount_image$ext4(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x4220, &(0x7f0000000140)={[{@journal_path={'journal_path', 0x3d, './file0'}}]}) [ 237.774181][ T23] audit: type=1804 audit(1574013868.761:39): pid=9242 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir603127311/syzkaller.hl4jmd/16/file0/file0" dev="loop3" ino=23 res=1 18:04:28 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f00000000c0)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0) utimensat(r1, 0x0, 0x0, 0x0) 18:04:28 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x10031, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r3, 0x84, 0x6d, &(0x7f0000013ff4)=@assoc_value, &(0x7f0000002000)=0x8) ioctl$sock_SIOCETHTOOL(r3, 0x8946, &(0x7f0000000140)={'bridge_slave_1\x00', &(0x7f00000001c0)=ANY=[@ANYBLOB='M']}) r4 = dup2(r1, r3) dup3(r4, r2, 0x0) 18:04:28 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x80006, 0x0) close(r0) ioctl$TIOCPKT(0xffffffffffffffff, 0x80004506, 0x0) socket(0x10, 0x803, 0x0) 18:04:29 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) close(r0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r0, r3, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xfffffffffffffec8, 0x0, 0x0, 0xe1) [ 237.963423][ T9263] EXT4-fs (sda1): Cannot specify journal on remount [ 237.978172][ T23] audit: type=1804 audit(1574013868.811:40): pid=9257 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir603127311/syzkaller.hl4jmd/16/file0/file0" dev="loop3" ino=23 res=1 [ 238.197712][ T9285] EXT4-fs (sda1): Cannot specify journal on remount 18:04:29 executing program 2: openat$autofs(0xffffffffffffff9c, 0x0, 0x0, 0x0) getpriority(0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) splice(0xffffffffffffffff, 0x0, r0, 0x0, 0x800000a, 0x0) fstat(0xffffffffffffffff, 0x0) ioctl$VIDIOC_G_ENC_INDEX(0xffffffffffffffff, 0x8818564c, 0x0) openat$dsp(0xffffffffffffff9c, 0x0, 0x0, 0x0) unshare(0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8916, &(0x7f0000000280)={'bond_slave_0\x00'}) getpid() bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00', {0x2, 0x0, @loopback}}) 18:04:29 executing program 4: r0 = socket$kcm(0x2, 0x2, 0x73) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @multicast1}, 0x10) connect(r0, &(0x7f0000000000)=@pppol2tpv3={0x2, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @remote}}}, 0x80) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") sendmmsg(r0, &(0x7f0000001540), 0x553, 0x0) 18:04:29 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0xf) r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r0, r4, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xfffffffffffffec8, 0x0, 0x0, 0xe1) 18:04:29 executing program 1: openat$autofs(0xffffffffffffff9c, 0x0, 0x0, 0x0) getpriority(0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0) pipe2$9p(0x0, 0x0) getsockopt$netlink(0xffffffffffffffff, 0x10e, 0x0, 0x0, 0x0) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x800000a, 0x0) lstat(0x0, 0x0) unshare(0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000280)={'bond_slave_0\x00'}) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000080)='us`\x99\x00', 0xffffffffffffffff}, 0x30) ioctl$sock_inet_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00', {0x2, 0x0, @loopback}}) 18:04:29 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e23, @multicast2}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x20000801, &(0x7f0000000100)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0xa}}, 0x10) 18:04:29 executing program 3: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x80006, 0x0) write$uinput_user_dev(r0, &(0x7f0000000140)={'\ayz0\x05\xf0\x00\x00\x00\x80\xff\xff\xff\x03\x00\x00\xfe\xff\xff\xff\x05\xff\xff\xff\x92\xc0\x00\x00\x05\x05\x00'}, 0x45c) close(r0) socket(0x0, 0x0, 0x0) ioctl$TIOCPKT(0xffffffffffffffff, 0x80004506, 0x0) sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0) 18:04:29 executing program 5: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x80006, 0x0) write$uinput_user_dev(r0, &(0x7f0000000140)={'\ayz0\x05\xf0\x00\x00\x00\x80\xff\xff\xff\x03\x00\x00\xfe\xff\xff\xff\x05\xff\xff\xff\x92\xc0\x00\x00\x05\x05\x00'}, 0x45c) close(r0) creat(&(0x7f00000002c0)='./bus\x00', 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x0, 0x0) sendmsg$NBD_CMD_DISCONNECT(r2, 0x0, 0x0) sendmsg$nl_route(r1, 0x0, 0x0) 18:04:29 executing program 3: openat$autofs(0xffffffffffffff9c, 0x0, 0x0, 0x0) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0) ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x2009) clock_gettime(0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) getsockopt$netlink(r0, 0x10e, 0x9, 0x0, &(0x7f0000000140)=0xf9) lstat(&(0x7f0000000280)='./file0\x00', 0x0) ioctl$VIDIOC_G_ENC_INDEX(0xffffffffffffffff, 0x8818564c, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8916, &(0x7f0000000280)={'bond_slave_0\x00'}) getpid() bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x30) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00', {0x2, 0x0, @loopback}}) 18:04:29 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0xf) r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r0, r4, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xfffffffffffffec8, 0x0, 0x0, 0xe1) 18:04:29 executing program 5: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x80006, 0x0) write$uinput_user_dev(r0, &(0x7f0000000140)={'\ayz0\x05\xf0\x00\x00\x00\x80\xff\xff\xff\x03\x00\x00\xfe\xff\xff\xff\x05\xff\xff\xff\x92\xc0\x00\x00\x05\x05\x00'}, 0x45c) close(r0) ioctl$TIOCPKT(0xffffffffffffffff, 0x80004506, 0x0) socket(0x0, 0x0, 0x0) 18:04:30 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x10031, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, 0x0) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, 0x0) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r3, 0x84, 0x6d, &(0x7f0000013ff4)=@assoc_value, &(0x7f0000002000)=0x8) ioctl$sock_SIOCETHTOOL(r3, 0x8946, &(0x7f0000000140)={'bridge_slave_1\x00', &(0x7f0000000240)=@ethtool_eee={0x45, 0x6, 0xe208, 0xffffff7f, 0x802, 0x80, 0x3a9, 0x4, [0xffffffff, 0x1]}}) r4 = dup2(r1, r3) dup3(r4, r2, 0x0) 18:04:30 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @loopback}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r1, 0x0, 0x0, 0x28000003, &(0x7f00000002c0)={0xa, 0x4e22, 0x0, @empty}, 0x1c) socketpair(0x0, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$team(0x0) socket$inet_sctp(0x2, 0x0, 0x84) socket(0x0, 0x0, 0x0) bind$packet(0xffffffffffffffff, 0x0, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") r3 = accept(r0, 0x0, 0x0) sendmsg$TIPC_CMD_RESET_LINK_STATS(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB], 0x1}}, 0x48000) close(r1) 18:04:30 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0xf) r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r0, r4, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xfffffffffffffec8, 0x0, 0x0, 0xe1) 18:04:30 executing program 5: mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() open(&(0x7f0000000040)='./file0/file0\x00', 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x37) wait4(0x0, 0x0, 0x0, 0x0) read$FUSE(r0, 0x0, 0x0) [ 239.181025][ C0] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. 18:04:30 executing program 1: r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000044000)) semtimedop(0x0, &(0x7f0000000000)=[{0x0, 0x8}, {0x2}], 0x2, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) timer_settime(0x0, 0x0, &(0x7f0000000180)={{}, {0x0, 0x989680}}, 0x0) tkill(r0, 0x1004000000015) 18:04:30 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x480100000001, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={[], [], @empty}}, 0x1c) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f85e) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000100)={@ipv4={[], [], @remote}, 0x0, 0x1, 0x0, 0x6}, 0x1d5) tkill(r1, 0xb) ptrace$setopts(0x4206, r1, 0x0, 0x0) wait4(0x0, 0x0, 0x0, 0x0) 18:04:30 executing program 5: syz_emit_ethernet(0x46, &(0x7f0000000000)={@local, @broadcast, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x1, 0x0, @remote={0xac, 0x70}, @dev={0xac, 0x14, 0x14, 0x11}}, @icmp=@parameter_prob={0x3, 0x4, 0x0, 0x0, 0x0, 0x2, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4001, 0x0, @local, @dev={0xac, 0x14, 0x14, 0xfe}}, "23675f8d6e112afd"}}}}}, 0x0) 18:04:30 executing program 2: r0 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mISDNtimer\x00', 0x0, 0x0) ioctl$IMADDTIMER(r0, 0x80044940, &(0x7f0000000080)=0x14) r1 = open(&(0x7f00000005c0)='./file0\x00', 0x200c2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) dup2(r1, r0) [ 239.460688][ C0] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. 18:04:30 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0) close(r0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r0, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xfffffffffffffec8, 0x0, 0x0, 0xe1) [ 239.582676][ T9379] ptrace attach of "/root/syz-executor.3"[9377] was attempted by "/root/syz-executor.3"[9379] 18:04:30 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xaf, 0x0, 0x0, 0xffffff56) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) ioctl$KVM_NMI(r4, 0xae9a) clone(0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)) ioctl$KVM_RUN(r4, 0xae80, 0x0) 18:04:30 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0x2a, &(0x7f0000000040), 0x4) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x110000104e20, @empty}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000000000)={0x2, 0x4e20}, 0x10) shutdown(r0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) recvmmsg(r0, &(0x7f00000038c0)=[{{0x0, 0xc0, 0x0, 0x0, 0x0, 0xffffffe5}}], 0x400000000000440, 0x2, 0x0) 18:04:30 executing program 4: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xc, 0x3, &(0x7f00000000c0)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x11, 0x6c}}, &(0x7f0000000000)='syzkaller\x00', 0x1, 0xcf, &(0x7f0000000480)=""/207}, 0x48) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000100)={r0, 0x0, 0xe, 0x2a2, &(0x7f0000000240)="573ebdc5e621fba9a02cc3b7c4ee", 0x0, 0xf000}, 0x28) 18:04:30 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x8000000, &(0x7f0000000200)={&(0x7f0000000340)=@newlink={0xa0, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_XDP={0x78, 0x2b, [@IFLA_XDP_FD={0x74, 0x1, {0x81000000, 0x30a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}}]}, @IFLA_GROUP={0x8}]}, 0xa0}}, 0x0) [ 239.811559][ T9400] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 239.866492][ T9403] netlink: 'syz-executor.1': attribute type 1 has an invalid length. [ 239.875624][ T9405] BPF:hdr_len not found [ 239.897149][ T9403] netlink: 'syz-executor.1': attribute type 1 has an invalid length. 18:04:30 executing program 4: mkdir(0x0, 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="6e4ad92275d623be", @ANYRES16, @ANYBLOB=',rootmode=0', @ANYBLOB]) read$FUSE(0xffffffffffffffff, 0x0, 0x0) write$FUSE_ENTRY(0xffffffffffffffff, &(0x7f0000000480)={0x90, 0x0, 0x2, {0x400000000001, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1bd4}}}, 0x90) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @broadcast}, 0x10) r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000080)='/dev/uinput\x00', 0x0, 0x0) ioctl$UI_SET_EVBIT(r1, 0x40045564, 0x11) ioctl$UI_DEV_SETUP(r1, 0x405c5503, &(0x7f0000000140)={{}, 'syz0\x00'}) ioctl$UI_SET_LEDBIT(r1, 0x40045569, 0x0) ioctl$UI_DEV_SETUP(r1, 0x5501, 0x0) ioctl$UI_DEV_DESTROY(r1, 0x5502) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS(r1, 0xc0406619, &(0x7f0000000180)={{0x1, 0x0, @descriptor="dcb2771f96eef1f8"}}) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r2, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) bind$inet(r2, 0x0, 0x0) sendto$inet(r2, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFCONF(r3, 0x8912, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r3, 0x0, 0x48f, &(0x7f0000000080)={0x29, @empty, 0x4e24, 0x2, 'lc\x00', 0x4, 0x5, 0x37}, 0x2c) setsockopt$inet_tcp_int(r2, 0x6, 0x19, &(0x7f0000000100)=0x6, 0x4) sendto$inet(r2, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba7860f46ef65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95c25a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x8914, &(0x7f00000001c0)={'veth0\x00', 0x8000}) sendto$inet(r0, 0x0, 0x0, 0x200007fe, 0x0, 0x0) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) name_to_handle_at(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x0, &(0x7f0000000380), 0x400) socket$nl_route(0x10, 0x3, 0x0) pivot_root(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file0\x00') ioctl$BLKTRACESTART(0xffffffffffffffff, 0x1274, 0x0) 18:04:30 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0) close(r0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r0, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xfffffffffffffec8, 0x0, 0x0, 0xe1) 18:04:31 executing program 2: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$unix(r1, 0x0, 0xfffffffffffffe45, 0x0, 0x0, 0x0) r2 = gettid() socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r3, 0x5452, &(0x7f0000000000)=0x3e) recvfrom$unix(r4, 0x0, 0xfffffffffffffe45, 0x0, 0x0, 0x0) fcntl$setown(r3, 0x8, r2) fcntl$setsig(r3, 0xa, 0x12) dup2(r3, r4) r5 = gettid() tkill(r5, 0x16) [ 239.927779][ T9403] netlink: 'syz-executor.1': attribute type 1 has an invalid length. [ 239.993122][ T9403] netlink: 'syz-executor.1': attribute type 1 has an invalid length. [ 240.029141][ T9403] netlink: 'syz-executor.1': attribute type 1 has an invalid length. 18:04:31 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0) close(r0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r0, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xfffffffffffffec8, 0x0, 0x0, 0xe1) [ 240.113998][ T9403] netlink: 'syz-executor.1': attribute type 1 has an invalid length. [ 240.151831][ T9403] netlink: 'syz-executor.1': attribute type 1 has an invalid length. [ 240.177544][ T9414] input: syz0 as /devices/virtual/input/input5 [ 240.208445][ T9403] netlink: 'syz-executor.1': attribute type 1 has an invalid length. [ 240.273045][ T9403] netlink: 'syz-executor.1': attribute type 1 has an invalid length. [ 240.303821][ T9431] IPVS: set_ctl: invalid protocol: 41 0.0.0.0:20004 [ 240.315324][ T9403] netlink: 'syz-executor.1': attribute type 1 has an invalid length. [ 240.375912][ T9403] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready 18:04:31 executing program 3: timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000000c0)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000240)={0xa, 0x0, 0x0, @remote, 0x5}, 0x1c) r1 = gettid() recvmmsg(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, &(0x7f0000000000)={0x77359400}) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) tkill(r1, 0x1004000000013) 18:04:31 executing program 5: r0 = syz_open_dev$sndseq(&(0x7f0000000000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000000080)={{0x80}, 'port0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00 \x00'}) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r0, 0x40505330, &(0x7f00000001c0)={{}, {0x80}, 0x0, 0x1}) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r0, 0x40505330, &(0x7f0000000140)={{}, {0x20000000000080}, 0x0, 0x0, 0x0, [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff]}) 18:04:31 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) close(r0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0xf) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r0, r3, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xfffffffffffffec8, 0x0, 0x0, 0xe1) [ 240.447929][ T9403] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 240.467656][ T9403] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready 18:04:31 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) close(r0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0xf) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r0, r3, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xfffffffffffffec8, 0x0, 0x0, 0xe1) 18:04:31 executing program 5: r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ashmem\x00', 0x0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x100000002) ioctl$ASHMEM_SET_NAME(r0, 0x41007701, &(0x7f0000000000)='eth0wlan0-\x00') mmap(&(0x7f0000701000/0x1000)=nil, 0x1000, 0x0, 0x12, r0, 0x0) 18:04:31 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) close(r0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0xf) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r0, r3, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xfffffffffffffec8, 0x0, 0x0, 0xe1) 18:04:31 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) close(0xffffffffffffffff) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0xf) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xfffffffffffffec8, 0x0, 0x0, 0xe1) [ 240.845341][ T9447] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 240.858457][ T9447] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 240.867454][ T9447] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready 18:04:31 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x8000000, &(0x7f0000000200)={&(0x7f0000000340)=@newlink={0xa0, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_XDP={0x78, 0x2b, [@IFLA_XDP_FD={0x74, 0x1, {0x81000000, 0x30a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}}]}, @IFLA_GROUP={0x8}]}, 0xa0}}, 0x0) [ 240.930904][ T9414] input: syz0 as /devices/virtual/input/input7 18:04:32 executing program 4: r0 = socket$inet6(0xa, 0x401000000001, 0x0) r1 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x11, r2, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, r2) close(r0) syz_open_procfs(0x0, &(0x7f00000002c0)='comm\x00') r3 = open(&(0x7f0000000400)='./bus\x00', 0x1141042, 0x0) r4 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r4, 0x208200) sendfile(r0, r3, 0x0, 0x8000fffffffe) 18:04:32 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) close(0xffffffffffffffff) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0xf) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xfffffffffffffec8, 0x0, 0x0, 0xe1) [ 241.207851][ T9471] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 241.267455][ T9471] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 241.294948][ T9471] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready 18:04:34 executing program 2: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$unix(r1, 0x0, 0xfffffffffffffe45, 0x0, 0x0, 0x0) r2 = gettid() socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r3, 0x5452, &(0x7f0000000000)=0x3e) recvfrom$unix(r4, 0x0, 0xfffffffffffffe45, 0x0, 0x0, 0x0) fcntl$setown(r3, 0x8, r2) fcntl$setsig(r3, 0xa, 0x12) dup2(r3, r4) r5 = gettid() tkill(r5, 0x16) 18:04:34 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=@ipv6_newrule={0x28, 0x20, 0x1af2bc845af9b72b, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, [@FIB_RULE_POLICY=@FRA_GOTO={0x8}]}, 0x28}}, 0x0) 18:04:34 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) close(0xffffffffffffffff) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0xf) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xfffffffffffffec8, 0x0, 0x0, 0xe1) 18:04:34 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x8000000, &(0x7f0000000200)={&(0x7f0000000340)=@newlink={0xa0, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_XDP={0x78, 0x2b, [@IFLA_XDP_FD={0x74, 0x1, {0x81000000, 0x30a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}}]}, @IFLA_GROUP={0x8}]}, 0xa0}}, 0x0) 18:04:34 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0xff) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0xffd8) 18:04:34 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$unix(r1, 0x0, 0xfffffffffffffe45, 0x0, 0x0, 0x0) r2 = gettid() socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r3, 0x5452, &(0x7f0000000000)=0x3e) recvfrom$unix(r4, 0x0, 0xfffffffffffffe45, 0x0, 0x0, 0x0) fcntl$setown(r3, 0x8, r2) fcntl$setsig(r3, 0xa, 0x12) dup2(r3, r4) r5 = gettid() tkill(r5, 0x16) 18:04:34 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) close(r0) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0xf) r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r0, r4, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xfffffffffffffec8, 0x0, 0x0, 0xe1) [ 243.311173][ T9492] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready 18:04:34 executing program 3: r0 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$BLKTRACESTART(r0, 0x1274, 0x0) ioctl$BLKTRACESTOP(r0, 0x1275, 0x0) [ 243.411295][ T9492] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 243.431445][ T9492] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready 18:04:34 executing program 0: r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) close(r0) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0xf) r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r0, r4, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xfffffffffffffec8, 0x0, 0x0, 0xe1) 18:04:34 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x8000000, &(0x7f0000000200)={&(0x7f0000000340)=@newlink={0xa0, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_XDP={0x78, 0x2b, [@IFLA_XDP_FD={0x74, 0x1, {0x81000000, 0x30a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}}]}, @IFLA_GROUP={0x8}]}, 0xa0}}, 0x0) [ 243.850630][ T9522] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 243.892580][ T9522] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 243.905581][ T9522] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 400.840168][ T1066] INFO: task :9477 can't die for more than 143 seconds. [ 400.847167][ T1066] R running task 28144 9477 8802 0x00004006 [ 400.863159][ T1066] Call Trace: [ 400.866588][ T1066] __schedule+0x8e9/0x1f30 [ 400.872865][ T1066] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 400.878331][ T1066] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 400.887796][ T1066] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 400.895888][ T1066] ? lockdep_hardirqs_on+0x421/0x5e0 [ 400.905200][ T1066] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 400.913251][ T1066] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 400.918714][ T1066] ? preempt_schedule_irq+0xf3/0x160 [ 400.928335][ T1066] ? preempt_schedule_irq+0xf3/0x160 [ 400.935361][ T1066] ? retint_kernel+0x2b/0x2b [ 400.942997][ T1066] ? irq_work_sync+0x106/0x1d0 [ 400.947876][ T1066] ? irq_work_sync+0xd1/0x1d0 [ 400.954171][ T1066] ? write_comp_data+0x1e/0x70 [ 400.958934][ T1066] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 400.968132][ T1066] ? irq_work_sync+0xd1/0x1d0 [ 400.974339][ T1066] ? _free_event+0x89/0x13b0 [ 400.978924][ T1066] ? __kasan_check_write+0x14/0x20 [ 400.986958][ T1066] ? __mutex_unlock_slowpath+0xf0/0x6a0 [ 400.994088][ T1066] ? mark_held_locks+0xa4/0xf0 [ 400.998865][ T1066] ? ring_buffer_attach+0x650/0x650 [ 401.008461][ T1066] ? wait_for_completion+0x440/0x440 [ 401.015296][ T1066] ? put_event+0x47/0x60 [ 401.019535][ T1066] ? perf_event_release_kernel+0x6d5/0xd70 [ 401.028354][ T1066] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 401.037103][ T1066] ? __perf_event_exit_context+0x170/0x170 [ 401.045953][ T1066] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 401.053717][ T1066] ? perf_release+0x37/0x50 [ 401.058390][ T1066] ? __fput+0x2ff/0x890 [ 401.065460][ T1066] ? perf_event_release_kernel+0xd70/0xd70 [ 401.072815][ T1066] ? ____fput+0x16/0x20 [ 401.076974][ T1066] ? task_work_run+0x145/0x1c0 [ 401.084964][ T1066] ? exit_to_usermode_loop+0x316/0x380 [ 401.092121][ T1066] ? do_syscall_64+0x676/0x790 [ 401.096894][ T1066] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 401.105839][ T1066] [ 401.105839][ T1066] Showing all locks held in the system: [ 401.115131][ T1066] 1 lock held by khungtaskd/1066: [ 401.123089][ T1066] #0: ffffffff88faccc0 (rcu_read_lock){....}, at: debug_show_all_locks+0x5f/0x279 [ 401.133931][ T1066] 1 lock held by rsyslogd/8661: [ 401.138860][ T1066] #0: ffff88809829dba0 (&f->f_pos_lock){+.+.}, at: __fdget_pos+0xee/0x110 [ 401.152952][ T1066] 2 locks held by getty/8751: [ 401.165211][ T1066] #0: ffff8880a32e3090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 [ 401.176400][ T1066] #1: ffffc90005f2d2e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x220/0x1bf0 [ 401.188400][ T1066] 2 locks held by getty/8752: [ 401.195285][ T1066] #0: ffff8880a8b2b090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 [ 401.206442][ T1066] #1: ffffc90005f292e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x220/0x1bf0 [ 401.218247][ T1066] 2 locks held by getty/8753: [ 401.225110][ T1066] #0: ffff888091da7090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 [ 401.236295][ T1066] #1: ffffc90005f1d2e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x220/0x1bf0 [ 401.249014][ T1066] 2 locks held by getty/8754: [ 401.256013][ T1066] #0: ffff888099ef1090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 [ 401.268226][ T1066] #1: ffffc90005f152e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x220/0x1bf0 [ 401.282614][ T1066] 2 locks held by getty/8755: [ 401.287312][ T1066] #0: ffff88809ab6d090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 [ 401.297781][ T1066] #1: ffffc90005f252e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x220/0x1bf0 [ 401.311998][ T1066] 2 locks held by getty/8756: [ 401.316688][ T1066] #0: ffff8880999d5090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 [ 401.327952][ T1066] #1: ffffc90005f312e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x220/0x1bf0 [ 401.339917][ T1066] 2 locks held by getty/8757: [ 401.346840][ T1066] #0: ffff88809a61e090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 [ 401.358093][ T1066] #1: ffffc90005f012e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x220/0x1bf0 [ 401.369923][ T1066] [ 401.375298][ T1066] ============================================= [ 401.375298][ T1066] [ 401.385949][ T1066] NMI backtrace for cpu 0 [ 401.390363][ T1066] CPU: 0 PID: 1066 Comm: khungtaskd Not tainted 5.4.0-rc7-next-20191115 #0 [ 401.398938][ T1066] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 401.409156][ T1066] Call Trace: [ 401.412504][ T1066] dump_stack+0x197/0x210 [ 401.416825][ T1066] nmi_cpu_backtrace.cold+0x70/0xb2 [ 401.422019][ T1066] ? vprintk_func+0x86/0x189 [ 401.427549][ T1066] ? lapic_can_unplug_cpu.cold+0x3a/0x3a [ 401.433881][ T1066] nmi_trigger_cpumask_backtrace+0x23b/0x28b [ 401.439857][ T1066] arch_trigger_cpumask_backtrace+0x14/0x20 [ 401.445734][ T1066] watchdog+0xc8f/0x1350 [ 401.450242][ T1066] kthread+0x361/0x430 [ 401.454812][ T1066] ? reset_hung_task_detector+0x30/0x30 [ 401.460342][ T1066] ? kthread_mod_delayed_work+0x1f0/0x1f0 [ 401.466057][ T1066] ret_from_fork+0x24/0x30 [ 401.470587][ T1066] Sending NMI from CPU 0 to CPUs 1: [ 401.476166][ C1] NMI backtrace for cpu 1 [ 401.476172][ C1] CPU: 1 PID: 9477 Comm: Not tainted 5.4.0-rc7-next-20191115 #0 [ 401.476177][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 401.476181][ C1] RIP: 0010:irq_work_sync+0xd3/0x1d0 [ 401.476190][ C1] Code: f5 ff 4d 89 e6 4d 89 e5 48 b8 00 00 00 00 00 fc ff df 49 c1 ee 03 41 83 e5 07 49 01 c6 41 83 c5 03 eb 07 e8 7f 87 f5 ff f3 90 78 87 f5 ff be 04 00 00 00 4c 89 e7 e8 ab a6 31 00 41 0f b6 06 [ 401.476194][ C1] RSP: 0018:ffff888054a07c08 EFLAGS: 00000293 [ 401.476201][ C1] RAX: ffff8880562dc3c0 RBX: 0000000000000002 RCX: ffffffff817e51f6 [ 401.476206][ C1] RDX: 0000000000000000 RSI: ffffffff817e51c1 RDI: 0000000000000005 [ 401.476210][ C1] RBP: ffff888054a07c28 R08: ffff8880562dc3c0 R09: ffffed1015059882 [ 401.476215][ C1] R10: ffffed1015059881 R11: ffff8880a82cc40b R12: ffff8880a82cc408 [ 401.476219][ C1] R13: 0000000000000003 R14: ffffed1015059881 R15: ffff888054a07cc8 [ 401.476224][ C1] FS: 0000000002599940(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 [ 401.476228][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 401.476233][ C1] CR2: 000000c43a413010 CR3: 00000000a8872000 CR4: 00000000001426e0 [ 401.476237][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 401.476242][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 401.476244][ C1] Call Trace: [ 401.476247][ C1] _free_event+0x89/0x13b0 [ 401.476250][ C1] ? __kasan_check_write+0x14/0x20 [ 401.476254][ C1] ? __mutex_unlock_slowpath+0xf0/0x6a0 [ 401.476257][ C1] ? mark_held_locks+0xa4/0xf0 [ 401.476260][ C1] ? ring_buffer_attach+0x650/0x650 [ 401.476264][ C1] ? wait_for_completion+0x440/0x440 [ 401.476267][ C1] put_event+0x47/0x60 [ 401.476270][ C1] perf_event_release_kernel+0x6d5/0xd70 [ 401.476274][ C1] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 401.476277][ C1] ? __perf_event_exit_context+0x170/0x170 [ 401.476281][ C1] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 401.476284][ C1] perf_release+0x37/0x50 [ 401.476287][ C1] __fput+0x2ff/0x890 [ 401.476290][ C1] ? perf_event_release_kernel+0xd70/0xd70 [ 401.476293][ C1] ____fput+0x16/0x20 [ 401.476296][ C1] task_work_run+0x145/0x1c0 [ 401.476300][ C1] exit_to_usermode_loop+0x316/0x380 [ 401.476303][ C1] do_syscall_64+0x676/0x790 [ 401.476307][ C1] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 401.476309][ C1] RIP: 0033:0x4141d1 [ 401.476319][ C1] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 1b 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 401.476323][ C1] RSP: 002b:00007ffd450cf4e0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 401.476331][ C1] RAX: 0000000000000000 RBX: 0000000000000005 RCX: 00000000004141d1 [ 401.476335][ C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 [ 401.476340][ C1] RBP: 0000000000000001 R08: 00000000162539f6 R09: 00000000162539fa [ 401.476345][ C1] R10: 00007ffd450cf5c0 R11: 0000000000000293 R12: 000000000075c9a0 [ 401.476349][ C1] R13: 000000000075c9a0 R14: 0000000000761580 R15: 000000000075bf2c [ 401.483420][ T1066] Kernel panic - not syncing: hung_task: blocked tasks [ 401.791441][ T1066] CPU: 0 PID: 1066 Comm: khungtaskd Not tainted 5.4.0-rc7-next-20191115 #0 [ 401.800099][ T1066] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 401.810151][ T1066] Call Trace: [ 401.813434][ T1066] dump_stack+0x197/0x210 [ 401.817753][ T1066] panic+0x2e3/0x75c [ 401.821644][ T1066] ? add_taint.cold+0x16/0x16 [ 401.826305][ T1066] ? lapic_can_unplug_cpu.cold+0x3a/0x3a [ 401.831942][ T1066] ? ___preempt_schedule+0x16/0x18 [ 401.837039][ T1066] ? nmi_trigger_cpumask_backtrace+0x21b/0x28b [ 401.843177][ T1066] ? nmi_trigger_cpumask_backtrace+0x24c/0x28b [ 401.849312][ T1066] ? nmi_trigger_cpumask_backtrace+0x256/0x28b [ 401.855469][ T1066] ? nmi_trigger_cpumask_backtrace+0x21b/0x28b [ 401.861608][ T1066] watchdog+0xca0/0x1350 [ 401.865844][ T1066] kthread+0x361/0x430 [ 401.869896][ T1066] ? reset_hung_task_detector+0x30/0x30 [ 401.875423][ T1066] ? kthread_mod_delayed_work+0x1f0/0x1f0 [ 401.881133][ T1066] ret_from_fork+0x24/0x30 [ 401.887349][ T1066] Kernel Offset: disabled [ 401.892140][ T1066] Rebooting in 86400 seconds..