[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 79.288481][ T31] audit: type=1800 audit(1574546033.331:25): pid=11532 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 79.312150][ T31] audit: type=1800 audit(1574546033.361:26): pid=11532 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 79.348040][ T31] audit: type=1800 audit(1574546033.381:27): pid=11532 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.212' (ECDSA) to the list of known hosts. 2019/11/23 21:54:08 fuzzer started 2019/11/23 21:54:12 dialing manager at 10.128.0.26:46451 2019/11/23 21:54:13 syscalls: 2397 2019/11/23 21:54:13 code coverage: enabled 2019/11/23 21:54:13 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled 2019/11/23 21:54:13 extra coverage: enabled 2019/11/23 21:54:13 setuid sandbox: enabled 2019/11/23 21:54:13 namespace sandbox: enabled 2019/11/23 21:54:13 Android sandbox: /sys/fs/selinux/policy does not exist 2019/11/23 21:54:13 fault injection: enabled 2019/11/23 21:54:13 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/11/23 21:54:13 net packet injection: enabled 2019/11/23 21:54:13 net device setup: enabled 2019/11/23 21:54:13 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2019/11/23 21:54:13 devlink PCI setup: PCI device 0000:00:10.0 is not available 21:57:34 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00005befdc)) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = syz_open_pts(r0, 0x0) dup3(r3, r0, 0x0) syzkaller login: [ 300.403911][T11695] IPVS: ftp: loaded support on port[0] = 21 [ 300.540760][T11695] chnl_net:caif_netlink_parms(): no params data found [ 300.596531][T11695] bridge0: port 1(bridge_slave_0) entered blocking state [ 300.603829][T11695] bridge0: port 1(bridge_slave_0) entered disabled state [ 300.612675][T11695] device bridge_slave_0 entered promiscuous mode [ 300.622446][T11695] bridge0: port 2(bridge_slave_1) entered blocking state [ 300.629600][T11695] bridge0: port 2(bridge_slave_1) entered disabled state [ 300.638401][T11695] device bridge_slave_1 entered promiscuous mode [ 300.670104][T11695] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 300.683116][T11695] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 300.715192][T11695] team0: Port device team_slave_0 added [ 300.724484][T11695] team0: Port device team_slave_1 added [ 300.977242][T11695] device hsr_slave_0 entered promiscuous mode [ 301.113021][T11695] device hsr_slave_1 entered promiscuous mode [ 301.850862][T11695] 8021q: adding VLAN 0 to HW filter on device bond0 [ 301.907042][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 301.916047][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 301.937189][T11695] 8021q: adding VLAN 0 to HW filter on device team0 [ 301.983889][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 301.994406][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 302.003551][ T5] bridge0: port 1(bridge_slave_0) entered blocking state [ 302.010739][ T5] bridge0: port 1(bridge_slave_0) entered forwarding state [ 302.019296][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 302.028691][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 302.037722][ T5] bridge0: port 2(bridge_slave_1) entered blocking state [ 302.044968][ T5] bridge0: port 2(bridge_slave_1) entered forwarding state [ 302.117836][T11695] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 302.128368][T11695] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 302.224392][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 302.233167][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 302.243382][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 302.253336][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 302.263158][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 302.272730][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 302.282645][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 302.292220][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 302.301363][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 302.311021][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 302.320151][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 302.329209][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 302.336953][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 302.350439][T11695] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 302.650267][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 302.659520][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready 21:57:36 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_GROUP={0x8}, @IFLA_PROTO_DOWN={0x8, 0xd}]}, 0x30}}, 0x0) [ 302.823289][T11734] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 302.845796][T11734] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 302.854358][T11734] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready 21:57:37 executing program 0: clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000bfff0)={&(0x7f0000000500)=@updpolicy={0xc4, 0x19, 0x1, 0x0, 0x0, {{@in6=@mcast1, @in=@multicast1}}, [@policy_type={0xc}]}, 0xc4}}, 0x0) [ 302.910364][T11735] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 302.923729][T11735] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 302.931338][T11735] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready 21:57:37 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$user(&(0x7f0000000080)='user\x00', &(0x7f0000000040)={'syz', 0x1}, &(0x7f00000002c0)="585ccbe4ed83b836c1a6474914dc55e72206297b6895b66147b3c7218a9169a85ea0bdc9e1587a050000000000000042e33089754c8107c3cd3923dd4a71c2ff06007b6b4816122d2550829eaa9435c99926022b8753a188748c569f435fb3bae96efb74b50ec93c152f5e8e198a29e5c0d0c60000ce0637ce0000b4ec24c53d3d661ff5ff70e48884ca000018cea71fcfacf40d32e4b58a8d2725561f6110fd7b06f90b5274cc5c1e298a16324fe27da2a9d5ba9ff3c009d308bd73f4772539", 0x492, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f0000000200)='user\x00', &(0x7f00000005c0)={'syz'}, &(0x7f0000000100)='\x00', 0x1, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f00000001c0)={r1, r0, r1}, &(0x7f0000000240)=""/112, 0x208, &(0x7f0000000580)={&(0x7f0000000500)={'crc32\x00\x03\x00'}}) 21:57:37 executing program 0: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setscheduler(0x0, 0x0, &(0x7f0000000380)) pipe(0x0) capget(&(0x7f0000000000), 0x0) getpgid(0x0) ppoll(&(0x7f0000000200), 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000580)={0x0, 0x0}) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x0, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) recvmsg$kcm(r3, 0x0, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) fsetxattr$system_posix_acl(r1, 0x0, &(0x7f0000000b40)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB, @ANYBLOB="79a4", @ANYRES32=r2, @ANYRESHEX], 0x6, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x0) memfd_create(&(0x7f00000000c0)='queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00', 0x0) syz_open_dev$sndseq(0x0, 0x0, 0x9a0efa2b65aacb27) prctl$PR_SET_PTRACER(0x59616d61, 0x0) syz_open_dev$sg(0x0, 0x0, 0x0) writev(0xffffffffffffffff, 0x0, 0x0) ptrace$setopts(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x0}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000), 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={r0, r1, 0x0, 0x0, 0x0}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0) ioctl$PPPIOCATTACH(0xffffffffffffffff, 0x4004743d, 0x0) r4 = getpid() bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={r4, 0xffffffffffffffff, 0x0, 0x809, &(0x7f0000001000)='ppp1@'}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0x0, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000100)='\x00'}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000000)='\x00'}, 0x30) sched_setscheduler(0x0, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) r6 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'batadv0\x00', 0x0}) bind$packet(r6, &(0x7f0000000040)={0x11, 0x0, r7}, 0x14) getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000140)=0x14) sendmsg$nl_route_sched(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000b40)=ANY=[@ANYBLOB="44040000240007e744c01e69dfc8a800f1ffffff", @ANYRES32=r8, @ANYBLOB="00000000ffffffff000000810800010063627100180402000404060003000000003bae10ffffff9e000000000006000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c118ed4800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ecffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000001000050005000000000000007f00000008c91af67c82576a74db5c"], 0x444}}, 0x0) mount$fuseblk(0x0, 0x0, 0x0, 0x0, &(0x7f00000015c0)=ANY=[@ANYRES16=0x0, @ANYRESOCT, @ANYBLOB="890d49a34f6df922b727b1414497eaca094e61cd76fd7c98fa4ce3f2358e0fa36dfc479d94fbaef135b1469259c97f93389847db2995a3a097fddbcb07f07071c67e0a7f1fee220c005772219e7ae14bec8116eb817a2dac0bb95b8efa22608eb0358e4c09345570c9dcf4f2ce0ceec49764984c47080257", @ANYRES16=0x0]) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x0) [ 303.411889][ C0] hrtimer: interrupt took 77070 ns 21:57:37 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) getsockopt$inet_tcp_buf(r1, 0x6, 0x10, 0x0, &(0x7f0000000000)=0xffffffffffffffc5) [ 304.254123][T11754] IPVS: ftp: loaded support on port[0] = 21 21:57:38 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="53000000100001055100"/20, @ANYRES16, @ANYBLOB="00000000000000001c0012000c000100626f6e64000000000c00020008001200df480000"], 0x3}}, 0x0) r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer\x00', 0x100000, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$DRM_IOCTL_GET_MAGIC(r3, 0x80046402, &(0x7f0000000140)=0x40) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f00000000c0)={0x1, r1}) [ 304.442241][T11754] chnl_net:caif_netlink_parms(): no params data found 21:57:38 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) socket$netlink(0x10, 0x3, 0xb) prctl$PR_SET_KEEPCAPS(0x8, 0x1) r1 = socket(0x10, 0x800000000080002, 0x10) sendmmsg$alg(r1, &(0x7f0000000140), 0x4924924924925b9, 0x0) setsockopt$inet_opts(r1, 0x0, 0x4, &(0x7f0000000080)="7750f87411da0691c94d79d3dfad44e1b3043870f582c2ba572d3065fc0af5c33a8e22276dbb43862e343b034b4d49ecdc0cda6095619941efdb2886701193d00472af82c8dc3b9bb5ed2921f0f1630f44ce5afd157c79226bd7bfe22f3b2f427f6a739ed46f77357bda694b9d5fc4cfedff2218fb158739c1bb7977d4adcf5eb766f5f5f0a6", 0x86) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYBLOB="ff00"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000800012001000010069703665727370616e00000075fe02001400060000000000000000000000ffffe00000020400120014000700c4ddbba432f1ed5a7009fd4a6dea08ca14000700fe8000000000000000000000000000bb14000600fe8000000000000000000000000000bb14000700ff0200000000000000000000000000010c000a00aaaaaaaaaa1c0000"], 0xac}}, 0x0) [ 304.529832][T11754] bridge0: port 1(bridge_slave_0) entered blocking state [ 304.537229][T11754] bridge0: port 1(bridge_slave_0) entered disabled state [ 304.545949][T11754] device bridge_slave_0 entered promiscuous mode [ 304.556385][T11754] bridge0: port 2(bridge_slave_1) entered blocking state [ 304.563714][T11754] bridge0: port 2(bridge_slave_1) entered disabled state [ 304.572549][T11754] device bridge_slave_1 entered promiscuous mode [ 304.636723][T11754] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 304.651218][T11754] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 304.686983][T11754] team0: Port device team_slave_0 added [ 304.696361][T11754] team0: Port device team_slave_1 added [ 304.777087][T11754] device hsr_slave_0 entered promiscuous mode [ 304.824181][T11754] device hsr_slave_1 entered promiscuous mode [ 304.882968][T11754] debugfs: Directory 'hsr0' with parent '/' already present! [ 305.140945][T11754] bridge0: port 2(bridge_slave_1) entered blocking state [ 305.148220][T11754] bridge0: port 2(bridge_slave_1) entered forwarding state [ 305.156022][T11754] bridge0: port 1(bridge_slave_0) entered blocking state [ 305.163260][T11754] bridge0: port 1(bridge_slave_0) entered forwarding state 21:57:39 executing program 0: syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000180)=[@textreal={0x8, &(0x7f0000000100)="b84d0a8ee8362e0fc73b83dd00ba6100ed660f38083fbaf80c66b87ceb938366efbafc0c66ed0f78ea360f01c8baf80c66b8ec07d68b66efbafc0c66b80680000066ef0f07", 0x45}], 0x1, 0x0, 0x0, 0x0) r0 = socket(0x10, 0x800000000080002, 0x10) sendmmsg$alg(r0, &(0x7f0000000140), 0x4924924924925b9, 0x0) r1 = fcntl$dupfd(r0, 0x0, 0xffffffffffffffff) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r5, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB="000000080000000091a3941fe299e0d3742c84b28fb17180a21676556896948942286dc018840742947001fa2c5731695e5de58996c75bb7499a9854629abb8fa5a6292dda5d1a90c3cb4979aab18995c1ad336c16d3b7588c46ed3388e5432b738e23a51d5e5b03945f7b62c055dab6439b672b388056340a0acb9cf990214931cfbb11c47b4c1f932575daff17853f89463eb391316e1d092d84ce40e3b7d2b87e5abed0a0e5ca5914"], 0x48}}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000640)=ANY=[@ANYBLOB="580000002400070500"/20, @ANYRES32=r5, @ANYBLOB="00000000ffffffff0000000008000100736662002c00020028000100000000000000000000000000000000000000000000000000000000000000000000000000580638432b3b9b87a26742c39ee8cd20845989078dc8730614393c766d2de39a7d4c12706cb823b5ab2ec0e4fe6f5f1526520b996a42507be84a5c18f06d0125f262697fe055e0175061791dc8c0e49b065d03700056e38f6f83ca6607c8babda355789ae46329063c38f8f96e8798fd741f39f9cc0dc5732be4cd5982533351135da929fa85abaa4a46cecc31433eb2870536f598edbf9c1ff6d282a1fd44de6d4861d55181ed86092e5c0a1b08a910"], 0x58}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="440000002c00010700"/20, @ANYRES32=r5, @ANYBLOB="000002000000000002000b0008000100753332001800020014000500005686146e0665c5570000009d00000058188841872cb42b5317e9edfa62997fe46f3dd61d336672a461de270be8670917478b8469b512876d3d47cd05cf15a024a58b62a41ccb2ca048bb7bf248269133c3129fcd9c715cff854bd0dabe88e0e721f269235424e501134931df4dc08a509da1a0c1a5445edd562a3a1a55e9bf15213f484ea22f003be12591626fc5c8e5122d6de9afd57d2a18fcae9acbaeeaa1283b0d0d17fb4732a66f0cecd6ea8de67bda2a767b0ddfd64c1980f949f73992182e43f8bc2ae71d526fe736812a27aab6d9a14a16fc6382751525d3e064ae7e82a9b5ac03afda3eaa65015dcf6f1c5b6a7a64fa5eb7b9600c1cad3f342aa4faa3c5bfd46e5832a4fc85"], 0x44}}, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40086607, &(0x7f00000012c0)=0x2eb0cc45) r7 = socket$inet6_tcp(0xa, 0x1, 0x0) r8 = fcntl$dupfd(r7, 0x0, r7) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) r9 = socket(0x10, 0x80002, 0x0) sendmmsg$alg(r9, &(0x7f0000000140), 0x332, 0x0) ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r1, 0xc0305616, &(0x7f0000000040)={0x0, {0x4, 0x9}}) r10 = socket(0x10, 0x800000000080002, 0x10) sendmmsg$alg(r10, &(0x7f0000000140), 0x4924924924925b9, 0x0) sendto(0xffffffffffffffff, &(0x7f0000000240)="acde148037f6d8abcb15d92b19db7b0dbf8ffefa2ca004ea94e5ed9893f3094d59320a4f003d8a2baebe65d6476f42ecb0644cb39e8a74dbdf0f0c2553a9927d22942c7b5f0fad9cbc5407a532ca943ea49dea72b6a6059ec600d0184f2f8ef6a75074b0b79824e81744d1171ddfbf74657d82aff6a655e4a843940887ef20bc01e12656eda4118a90610acc50b08e7bebf92888615ebb70e2d72187f68fd94bb399757de18817e0671b32aeb5b80a82013fbb921c6c976b1857b2da333d47c2e79a2a4dcdb60758e83f8eef6c6048079f0e8c1b8edcabf6823df90217bbf5bca07e2e167260c2c9af1f65e89fb1822fc54b5c50fb6083133e653c54d8ebf6ae7e347a0f05fcafbc17cc306b08f60554ac39d14255ef65b74f8bae5b890394b1455a927014523220f64e94bb78175586578b935b6b3c265a6890f95f22802bbc52cd0f08def4e793e49c67f215e90538b776c444c9684dbadb1116d7719bd3f239bdac34737e845f4f8a1c4c7c01e59a190f5cc009d1b2bac6aa96b2814acc489fe599052b0f3b4dfe253784bb1aae0a743bb33c4efc5d8fe01b64918efb1b0a4ef138a6b0be43895d21a1f9bf88ab22836eec0bf68ddfb97474b0ac3eaf8f4ef50bd2d24069fc03648e967c09b121249e2bb1f8473f568c261f5fdf85c50b540076d0ddd0d26f2e3d23b99a546d23cdbdc21994834f20de9c318d0b154b32df9ed2fdce0df8332d1700eb7e97a265ca2f3e8166e387b0c1b3805e5e1edb08929b961d942d911b923737fdf044bfb2c9d7cc774ac31f2c5893a095655a0f0d3de97f12372f169e93511f285ddde2b1edbdd6a918f7c8c9ad2790f8b4074185b216cbf7fc3aa21319cfb43c2fb3eca8938137b7d9d4776918453c23b03f854e3ecc235f5cfe94fc60782c80dd22c4377dacec9837909fea1b5d0b4a8b2e4e98d19ea1b6134cfc9919e3e8c0965c2339c0a73964ef4cb55d098a2d39f1294e7e5373f81ea4a31a75f6fd468cce8cfd23f5cb77bbc979964ea447f9961d6c2a6e2206c5829e9c59c9e7ee30ebb0901441f64e29fe323b8c4252065eaaaf2a2eb9d6663340fa1d9a2f88f9cedf42c320cd331e5a641a3aa5644b84cada1fbbde654c645a8c4e1ceae09801416fcabf66e2a7a127b2ac71d9879dcf303a15ab397c524705e3eaab86e9dc78f9883416dd3fd38846cf0d97b229ddf88d730049d390302137e5ae15a785e07958fb00aa0c9631ece70d4deba05963a47d10c633489eeeed13a8cc2b07985f66d9f89bc7940ca6ca607eca9925ee65f0718ba35d4e80894abcf5762b7833ceb7c4fd5f7434864f4863e5807b99b7742bf9c032323015727d546dd76ed115ac94a779b6f20fe89763cfb9287555d53ca093f80d195845c3da647de6d8b4e34cc97e7e52381a34e35dba02d19bfae8aa0252c279abab1e8fe787cfaff07f169f73a7586938d5513d45523e3687fc53a3fcaa7b1ef1536ec33ff12da58337a8c9da1a46e4d0dd0304781652d48e737706b86121f58fcabae21d7105837ee007c5c088cb8e83ce06391561996639cb64860d05049e7f48bddea58615dd06cae041dde40c0aa3ae9ec06ea39dc836c5683961d7b619dbb29e31c8097b3bdf0732919ba26e5486e51175ba655d6bec57602bfffc3f52abd5d1f625dc98ade037b83f8418ce69850f3b3e60f4d5ec3ff4255b5fb07804a1f9e79c1b3f6020238fb286286829731edac396aa352d424ed7e95ae8b757b93b404db5bbc22cb8bc72b64d6821711bd250d5f2b0739c0e86c2cf41581409aca0d0ebd38414cd4ece3414cc93c3e91e9ce46cc6c84b761c644d89a0ccac9981b8b628c43564f7e151fdf251e98878081b15483a3bfabaa63bd2dbefc27038b20f3eff0ac9fbb4ef2d585a6536a311b10ad1c0090c1ba4410fc1330d236a38f5bd3ca56d6c555bb70069535e54ed47c8be4d7cdb390aa150826b16640cb803c8e908fb031afaf2bab3165e6a7bd1a27680be593f597ab6ed1467a401c1d5b81a8e0238597b9e4f08f2d633d82588305530eaa95a3df5ea30600a15b1cdf819183d153f5c7546a3eb93c4d59fb35ab02211372bd384298d4cc07df25704392f5cbbbdc8b0a952025949e6375034e0531f4e48e61816398cc5ddabd8a6bff4c4cf6953da20afa5e9c886ba91860556747de126203336699548e785a940c654f51b4eb157e91a3623e4ed7afa1e4846628b90a14e8c94ef8c6c37263a93e5e296916061d9239eb8e1935a1f1ea56e40c270cd43215dc4cbcc50ea15035db7f81dbc5d2860a890dbca94c02560a6b57bd470cb0e79ebc0ab8ce3b3540d5008d00b391b2d10bbcd66b025872b34f07f529dd4a5ed0c73196dcf812e2a1d17cb9cc732403aa076b15efd35cd1c2c658a8d643be9953c4eba150489d4565c41dd2a26af9eedc94fe153d2f0fa404cf395da03bcc6dcd6ae00130edab1fcfe37776a748cd5b069f3dc00646c53f20e8dfa728eb542cd33831507beefb1aa12364c7333fef5203f0cf5aee66dfd95eb5dbf8d5e4adea5913a15859129bdac15f0367d5b1577c8c33c73978ab9d79a0bd1a8efc714f61148011f487871bcd7d5e3d59f009eccde57094ec0a749deed73a3b456fe69e2365489963bc667552a6077b977ed6240b816a67291199a85fee29620a117baa1c9ee29f406f82fe249c62d534efd8d27f4d3af50b78cdde1a6a6f6d980d8274f64674bb6880cecf7631bf761b705ac12a5f7d66fce5cfcd9888f53badd4ed1030044ad92559f0cf6012a4fd0c28221778f02a8a416cc05f328b4b12f25f3e5fc1ac9025a82a3555c11a558ab99a2ecc5c1dff0a9f3cec2f10f66790819e0f44a2fefc36e93ed79d3f7f4d062b28d1cb87a26ae21650fb0c5e58238bf7dc963e99e7b7c01dfde47781246b955d9a59b601e010780b97025ee924bc84be7a06c4da39b476500e34a36c9f1100bd84c83d1bec2f15321a1c258f3280ac329bf4ee7b3f76d43db8584f5b6943297792668bcbc57042e80034d21e7b066cd2ef5cf8961ec4d0f08da011f2e3fa8ea16bd666cf9b3095f17ebe6aadd680e74b6da8e2e7680679edc23c4041b398cd97012398928870604971b670b150989372327d2ef3403bba13b1e4712dce5474cd89aacf964a9d4885dea603257a7e0cba4324e30f07ac25430fa805a0078bc823b5f0e120dd696680aa72b81900225aa496d48d9d235f95e7874fcec0e273216cf4b202feba6a1216cc8bb96ff5c7e5dc6ed76b1f4c9e1c426eee30722266062e52c6851b2ed5ccfd4d0d988c405dc9358966c7736cc021b8f932122eccac333c074761cb7977848ca6c363d4457eb83998e8e510441d7f91210526c6a29757ef727b46e26bfec1c2a49831ae01353c0f6c3050d4ef76c89c0a9c0f937d8e7e428436c984d9e5fe49ac1b19b2b00e897b22ab378b4fad351d888a7bd80c03dae7455a66c8680cf27452602b178beede2d8d9f46fddb11e41cafe71916c8dc3012586688b06db754dbbd6a446f47306e963923b76e88d9ddb808dcdaaf884fa2ec9325a42039fca79e10edb2601f7523d5a62ae7379598c1f75f69e8e9d8863ddb0f580edd0a8a4c8bb744d857c61e10f64a04e21739838f7c179bfbcc04f2c41e0e86405b39d6df7912be20cbbd4568655ca29821ab447df732a2deb2e1cb17536455b2d572775f5ea5284318866d2dc13b4bfa50c7a050c3544402d3115b99d10b5460978b3633c08c2d637efa3e8f2475b1053e9a2c0ccfa71c195609a692d669124230f557725fae59753450024cf8594900f34950360c7e4f77b8d3b0bc0e436fc713aa64ef5f39be09ae68a84666dc23c5963f3c3aaacca1bb845ab5667094095b0c7e1e09e4417205942d35af1f6f410ca7854ea7d27bcf5d2859c5e1ca6c9ff3429f1edb4c66638aa1206f9b1085761d0c26a3ea79da512f65f8dd0c24f93ecd6fb7f5d233adc02b49726bf870582e5b5f08c4adfe702862a6ac4adbaa9119ab3ca482196e221ab1663a01bd1732e18558076f19df11186e284785691e564dd3759b11d52879eabbeed53c7fae27f1f2e625185ee69e63e9258bb7ca22834e4aa4bae9b71d5f0da408ab072808a86673bd25978892becc9f95e5005ce1fafacc2404672959dd4fa859b3d2dc1c3d2095af0117107b91b07841d0833e443fbb047a7acddcecdfd223cd278bea44e728801b3119f600646084bc35b087b8e223163185010edf430e4fccc996c4c2b0e4ee3a7336ba0480511583129b78234628c5d68d738853ed95821d26d3411465941b42ffd43c63d6d24b86b50b56d06afc4e750919183cd9f578bb44d70a99b4303c98819c02722ab6e6f415a27e50d6d0eec9066d906b58b487b9d71ad104de58782416823a223afcba39b5ecfe404cd711cf54bf0d2accc3787d9d7b5b1f493d85690e5d09248252c4846513177f0636cf0d706194062b76cbbf43acae1427755584384a55cea94ac9a8fb7f15368ef8c1bd83f5009b50df885cdb5d65b994932c7768825e5c0cabf28a14cb264071f00618265075b593e4d90eaefe5469902a0bdc2acb912130d2b53518c16ce5a957c00b5164ea823dc7df7eeac4e4fd69e751b05d91d0b5fb5c5459635c7d2de4f315e391f596586e058565856f93d16c572c0f26c3800693655e55ddd2e194843cb7b5a7df236611e070b42efb62330430827db133c3e4ee9579c360bb579ea31f4caab68b7053f4304b0439b4c1ed91d3886407be301c2ab5dce18fc8d54da4c1ab1742e1de9095b5addaa9410d83b659e338633f28d78bec39714a9990544e06ad3d6ed080b6f4bdac46f06d836fad6185d7c21e60042e9e1d77fa1f474f2dd2a20a0651a877e96aa103bab88658281450c91cadd421a3bef7dfe2446bbc076808b7893daac836b89ad7c694794e3264d62b20753714298d0a64b67910d7a7dadeb6b5d1e8e03ed4eb604c40ca155c1d04f592d9f7a95edd6dc48f47b6dff8361b661786fbadf593b6182c4f78aa5e8aa2170aa2713818e64755f8b3a3c38c70d196dd03a05fe8b72285e1c827d8cd0447e8dfadef87d696acb664a6a454562a62178eb01306e33e52436a257e08738159cfe1709000a519b36d9fa1e8081657ba05e790022db1acd2f3b4d0dd3ad1c0049aeb8f45a562d14c52d5f011687ff4ceec518b7c02ccf4978e58553354948aaf2ed97152bb6ddbb1c1f97ebe6a408c2a8c456289b8b8b647f482cb242597a606b89c3073e37493a456f0a8f8c33f39d3a57819d890f52c3c954b3d53b4f98cd1070492623d2b0b4cffeade037f750162468cb48b628ae53c5e01649d484d0d6f16f10ba0822af88de6df5177591e1dca88faa3654888e73a4911e5014b7314ad73f875d2f859e82ddae3528fea9a5492c8777068151ce1e4f6544d2d43fd885cfc626e34d132adfc4b474eadc1208d0f994dca302d5fb615978b59a41e3bb7dacfa95f661e634787b59fd75362fb8964ebb587c8fe062a8f38cd3383546f3266e0c96796a5830002a0d6a66551678985bc7a0ef56795e3856b4e482325a8f272702025705aa846c80839afe3d663d13565ba59c556ebb8dfeb86bb5c404dc8f0223a758ea47e8597d7bd5818d8e732bd49aa6ac109a9227e4da7fe2caf2d127246d4a0f1548d2ead873eeb91a1bb96ca3fe7954956fad7424d5d7e3da0d10ae93464ecb8ba00985d267d58a3bb2aff176568a98389fcdc0c389f65b99f7d6ee6e736ced5190780c71c8d8da108a37bdc36b1a34", 0x1000, 0x40, &(0x7f0000001240)=@pppol2tpv3={0x18, 0x1, {0x0, r10, {0x2, 0x4e24, @local}, 0x1, 0x2, 0x2, 0x3}}, 0x80) r11 = socket$inet6_tcp(0xa, 0x1, 0x0) r12 = fcntl$dupfd(r11, 0x0, r11) ioctl$PERF_EVENT_IOC_ENABLE(r12, 0x8912, 0x400200) ioctl$USBDEVFS_DISCONNECT_CLAIM(r12, 0x8108551b, &(0x7f0000001300)={0x100, 0x533ec4708e52f94f, "243ecffd2cc8106420882e4cf267f1a5b4c8a5298160dc5af6da6fdb3fd911c1bf178d8441e617aa626b972f034d35d3f9c1d2b2c3a0318adccc301dfa2b670df3bbd319ea4e5d5f1b3674a5c94c3801c765a2ba5d790994368a7aa4ecaad843de7741e27d44ff7234f506805490467274c1169dcad574b61561569e7e46c17dccdbb0ba849037706c08469203b89a7499decfab8ba9845a054d50a109fe28966d6b0c5919f80ab7dcf55cf320927660117283e545ed7a56c36470590f2b525dae2fa33dc5a8b277070b18bd65dc30206de3b0d3f22f9e0eafdf5fdbe24cf776b30f56ced894951b47ca23f2e59236332e87d93057a13a4ef0c16ce3c4b4fc21"}) ioctl$UI_END_FF_UPLOAD(r1, 0x406855c9, &(0x7f00000001c0)={0x9, 0x3b2, {0xff, 0x81, 0x9447, {0x7, 0x828f}, {0x8, 0x4}, @period={0x59, 0x24, 0x3f, 0x594, 0xffff, {0x6, 0x1, 0x4, 0xfbff}, 0x9, &(0x7f0000000000)=[0x9d7, 0x8f5, 0xfe00, 0x8, 0x101, 0x8, 0x8, 0x45, 0xffff]}}, {0x56, 0x5, 0x2f, {0x7, 0x9}, {0x5, 0x8000}, @ramp={0x80, 0xfffb, {0x6, 0x8000, 0x7ff}}}}) r13 = socket$kcm(0x2, 0x5, 0x0) setsockopt$sock_attach_bpf(r13, 0x84, 0x9, &(0x7f0000000080), 0x9c) [ 305.459554][T11787] veth0_to_bond: Caught tx_queue_len zero misconfig [ 305.494504][ T5] bridge0: port 1(bridge_slave_0) entered disabled state [ 305.513109][ T5] bridge0: port 2(bridge_slave_1) entered disabled state [ 305.564087][T11754] 8021q: adding VLAN 0 to HW filter on device bond0 [ 305.636242][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 305.644783][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 305.666822][T11754] 8021q: adding VLAN 0 to HW filter on device team0 21:57:39 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="3c0000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000300000000000000010062722b64676500000c00020008001800000000de64e3b2972e746a49de00bbcf71fca4b6dc58115b55cf6808ec013863d6ca163e674c631197e06fe5e7488c9a3386dba0120f6fe76b6d150ceb80798f922aa6c9a72511ad98b961c92c617ffa62a3"], 0x3c}}, 0x0) r2 = socket(0x10, 0x80002, 0x0) sendmmsg$alg(r2, &(0x7f0000000140), 0xd3, 0x0) [ 305.712898][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 305.722611][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 305.731458][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 305.738679][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 305.746944][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 305.756309][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 305.765243][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 305.772429][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 305.898387][T11754] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 305.909361][T11754] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 305.925186][T11792] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.0'. [ 305.995180][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 306.005599][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 306.015445][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 306.025206][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 306.034778][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 306.044463][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 306.053949][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 306.063075][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 306.072562][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 306.081565][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 306.128574][T11754] 8021q: adding VLAN 0 to HW filter on device batadv0 21:57:40 executing program 0: getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000002d80)={{{@in6=@initdev, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast2}, 0x0, @in6=@ipv4={[], [], @remote}}}, &(0x7f0000002e80)=0xe8) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x2000016a, &(0x7f0000000200)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x2e, 0xffffffb6, 0x0, 0x0, 0xffffffffffffffff}}, &(0x7f0000000240)='EP\xd4\x00\x1f\x91\xeb/W\xb72$C0%\x03\x9c0\x96\xb2\fkC\x93H\xbfh\x9c\b`\x857\xd6\">c\xad\xc0bO\xba\xe2\xe1\t5\x9d\xcei\"2L\xcc\x13\x16\vh\xca\xe6C\x06\x97%\x9d\xd5-\x1fs\xe1j\xdc5\x92\xd0)%\xdf\xfa\xe8^\x9c\xd29\x8clg\xc8\x7f\xb5\xb1&\x02\xf1E\xb4\x84\xbeE\x91)f\xe8\xb7\xe2\xf6`i\xc5m\xd7l\x1d\xc1\x12\x01<:kM\xe9\x99\xcd\xcd\xc8\x85Z\xee47\xdc\xc8u\x80\xcf\xbeTo\xbb\xfb\xc0\xebV\xd8\xbb\xbe\xa2\x90J|s\xc2', 0x1, 0xc3, &(0x7f0000000480)=""/195, 0x0, 0x0, [0x42], r0, 0xc, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x2, 0x100}, 0x8, 0x10, &(0x7f0000000000)={0x40000000}, 0x10}, 0x70) [ 306.276344][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 306.286291][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 306.294905][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 306.302555][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready 21:57:40 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$alg(0x26, 0x5, 0x0) getsockopt$CAN_RAW_JOIN_FILTERS(r1, 0x65, 0x6, &(0x7f0000000000), &(0x7f0000000040)=0x4) bind$alg(r2, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(blowfish)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000080)="ab553fec", 0x4) 21:57:40 executing program 1: r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x140800, 0x0) write$P9_RWSTAT(r0, &(0x7f0000000040)={0x7, 0x7f, 0x1}, 0x7) syz_emit_ethernet(0x12a6, &(0x7f00000001c0)={@empty, @local, [], {@ipv6={0x86dd, {0x0, 0x6, "4c000f", 0x1270, 0x3a, 0x0, @remote, @mcast2, {[], @icmpv6=@time_exceed={0x3, 0x0, 0x0, 0x7, [], {0x9, 0x6, "acd2a0", 0x5, 0x7, 0xff, @dev={0xfe, 0x80, [], 0x2b}, @local, [@srh={0x87, 0xe, 0x4, 0x7, 0x1, 0x40, 0x0, [@initdev={0xfe, 0x88, [], 0x1, 0x0}, @mcast2, @ipv4={[], [], @loopback}, @empty, @rand_addr="cc8c815710a0bcf720bd3fd07835de69", @initdev={0xfe, 0x88, [], 0x0, 0x0}, @local]}, @fragment={0x37, 0x0, 0x7f, 0x1, 0x0, 0x17, 0x67}, @dstopts={0x67, 0x24, [], [@enc_lim={0x4, 0x1, 0x2}, @calipso={0x7, 0x28, {0xbb7, 0x8, 0x40, 0x0, [0x100000000, 0xff, 0x9, 0x7]}}, @generic={0x1, 0xbb, "4143c5e95603f1ca6b2cfc69b295e1404764713dc23a4d354a29f1cb62ef48f837ddcd5adbe8ec12ca92363e7eb4be43eedbc8fd55b6b67205033eb5d1ec8493f06b75cd90938971cc132939c21670e3178737ec9c448916ac2b3ba7afab9279a39d1347950f31f60a66248efbf40c12bbf33e559467926b09ae0d48c05858112b89c572e08dbe8a2ccde8271917b84214935f04530d70b0a16012046db94cb5869bff7ef840c91d9d458300c158ab9a79f2259daa1f6d9726b561"}, @pad1, @padn={0x1, 0x2, [0x0, 0x0]}, @hao={0xc9, 0x10, @rand_addr="c2019ffccb16e630c563e186a739fb8d"}, @hao={0xc9, 0x10, @dev={0xfe, 0x80, [], 0x19}}, @hao={0xc9, 0x10, @ipv4={[], [], @loopback}}]}, @hopopts={0x8, 0x1, [], [@jumbo={0xc2, 0x4, 0xd10}, @padn={0x1, 0x1, [0x0]}]}, @hopopts={0x0, 0xd, [], [@generic={0xff, 0xfffffffffffffff7, "e535732f4b75499508158da41341cde1613f5f0f53f70d6cd18ad616bb490fa25305de562395fb9826a1262b7271b4943a91cc228c64c5e8ca30059ddde3c6fb3920fbfb4b468fcf2027da0891ee87d43c54ead0ef37bca419ef22a7ab3a680d44e136e0"}, @enc_lim={0x4, 0x1, 0x7}]}], "714fc73db76b8745ff679f2ab66cf8ef957633ee609592e6a58c5ff7d2ebc572a26db78b0aacf7010bad264d43c6d4ebb858737bdfd8d245d13664afad5052bca2d465ada1a45b7eeee3062aaca4c12baf3fe97a5bcdcc423311ed72cfd90e6af901e7a17b4c143eb4c756a08b999c8d0dbeada6ad71d0b164aa0cd38dc45e707d2ba9f1c85e9129b93207df5e47d99f5601a0093a9f3f04f37042d002541efafb3282c221914fbcb3327aab872fd6d7593ee0f190acbbb95353c88f1455a92f650a624f519a255c51a7dcb69430ccf95c4fc433fe8b49df9c55d14e7485ffca7063a0896cbde01d1470031717f0bc629649d4b3712a4046b53b1c342556aed063ee10aca5cf7f2f6c2a2065209182bc67a92d959892547358c9fad5693420b7338351fbecb54b4959ab909eada4d7490593d82c599a3f8073d7c0508706dd44ced0e0aa687b1d5c5c7d61a0565dfce435457179f536b48c75f84a2bb8a798ce3e6b3328cfef355fae3dc0faba9031667c258aad145bd9d2c9e0943fc7a4b154cf21520caa007f4062060a1ed7fb7dab2504c7a86fc09e5a4657778be01f9f853acff3c6a7e5bead9c1a25a41254ebd40d1ac6938522314c88ca18ab71eb105d7e923a6daf8f94452e56acc061027bc43799dca0233b84de2e529b56ab393c0b46b0e9123a6ee4a1940fa59ad481a0dd89822d056ea2300f698aba981f2c7d6176d817b514b08a4f99ac488905b02cc58cadfeb2ffabaed6520126b98cc1b8ae2ed85dc1d0295f7700bd8fe29f9a39be95174a4d340db047949f3a5fbed47fe0dbf41bad69ad85106faa946569762984f00938edef49b1fd53d0d29033cacc6e34fd8328e47c7bb3f414230097b1972e44715993bd62d5dbec0d3593e58002d4d433b194590b5ce57fef2ed7069c8f69ad429d31e47d465076c6b5b86f29b7207f8bb1684ccb3f8c3e4c81232fa14b4fc5244a4e947427f2be898cf57d20bfe4d5f5bc42df9961e513de6aa3440e781e1b2b39e8df7f41f8f03a293985c072f9f0e08ba4feb4643e113632fa9e85d9930ce6ba24b17973d711d6e0a8eef37c9b100b444e97bd5fe342e43541c7f503d7a056c9a862d06adda2623b5ddfaedf91cfeefd4f4d2408007d2fb7bae958ba14fdf30c5b4c1909fcccd10b04689f64aa2136a0b60a152ac5b898b6524f7b371629afa78cd8a9f33a4b8cdfbabb18468c7201b5debd6f791d277335f321b586331761921bbb39efd47deee98c34b869cab1966d464908ab2f867cace238bdca0868ac600a2f998cd0bd403fb5dee3e15e398eed05ac01d9a2ced8660b156b0eed65f104a69f0057b48588773acbc8708abaf84c193dcad3d62f7e844785af873c095fa2d19db96b2ac6a71e3248f563473f6e37e4e85ec0a3fffb590035036c98fdb788fb659c0faa9588c1121a3e0a1362ffad62096f2610f1377af2fcd9c78ab6d79ec971c809e7ae5b8fa72cd8528269dac47837f61699334f239d605a73172bab8e208ad1033752198562f4266301c5e70546ca30bb9d0c726be085087ced2c4e3b0e583a25944f7231d67fccdcadee4165bc3d62f98de69415e46ae7ddd33970b4b58a6c45cb1e4e2cc1b4d963b50c742262451bb0ef910dd189276e77fee1fbe3a253fa5040cec1db6ab7b79da5fc835ac9b7b4a9fc7b51a5a92b0767d168727bdd4f5eff2c72a06899d6e2da42eae81ae8221bb44bc8a9880fec62f6b4fb148c097c13a5bfe464126ac788835b6fbbf4fcdcfa9eeb1af47f24ced75e108add9f1c612eae376ab4b4c92aed23eb23af20d5c6a5294ef717acf1b3668dd038ac4e42d63161e59a7e2cf812bcbe9d7f73197d63d3ad1cc618fed3b5a4f66eada3c2a3f878ef06d35d88a85dd35364f8b6508cd5ee10156d851424e7ceb96fe8800bb6c03e08cc74ec1a59d302a48df9709dd3ccb71e677885b4f8cb83a47c04b8e9c88da73f9cf022f1f4934a79adc137bf01da936cc3fbd608161a6fee61a818d06f7c4e187dc19d113a288b18983482b1eeb77ebf08d885132be5eecec754a40f3273abeff5885a0b61c27293dad31d51394cc87b27a0a7938a4f5c15f1a37d04d52212ef323ab236bdc8562da84b695ad51227422c3b90474a279191ec08d0c5249669ca5c2c5aaa5d08af36989e78e24c1e3bd07c0fd1c0ca3438db89dd2756bfd51d59afd66f5178b923f047c884c68c0ca90791641ec5b2a79af8c8fd2244b636cffd74c4e44a47c818ec36dce587ab01b91cef022d5dbeacc96b511b81b1b629e599a59e2f972e62f2e11c6f95e21526e74efa04efde16339b8c5a64983a0f9bd59fcdc2082ce0d11d050e57c83120bfa34073eb13bf514f0761a4594f574ad3ddcabfdc8039fd3c7e70b448ad5f9ba037eb24ef2c7d9743a57945e770900a28dd120e7a095b92f7c29cbd08ba614d946c39d6899d3f75489f45cd4b87d2dca591939a75cd694864b3112266c6e049f1d302803f0c3c5d2b3f540fa32e0baecf626811ed17fbff01c5368e6f629a7cd9406545aed103d56470819e0b1a5532aa1e68431d786b97ac0f7ac571f71078da8a6922585e7e3edab0d8ec5b558d439fb269ebf576888d3a2bf56883f21f21b1d5ba18694309191e272977137c01e8dab0f086a4b6f687accfb58e003c56775b533390bc4a204b95efc219c8bdd8b94688cde87930e7f1d3f1380ccd7d169ee249f265e5c1dbe285c78cb2b11a6b2999aeaa14d074bb1d24a36b5a5aa9dc2d39e3f33844f1a420cbf6ed583554631fd9a9045f1009865199e73272b585435cc247458b932f0227159c3ea075f182eef4d40829f87b92d2c0c14d07040b89ac6f12558f707de384b85314ba3a36365d970950c31d504665e844d78991551cc32c8f6b40970042e0edd08c8b327f940e28c835eda0b932c548f84a55bc5d54a1fa264508ebb103baf3c2001e4376cc328bc9bca4d58f1c469408582356b62aa06ae2dea57c3dc0b01ecb17fe394816b68a7c31e77213a112c955c0c8f0f6c82024ab2c005865802bbf875892b556fb2c95b5030a000ec3da6f85368b9e8f4ae4634e1931073ee28e8bcbb9362e12344c6de0bdb74a3008a4fb72fd689738c56de3b69eac422e3268e78ff487db0b600613d2899168db1f0713ad125dee1869890727a3084fef20b9ec2642960af095df3261140893c010d3451aaa9669a61241913548f33cb8cce1d92166a6575c555c8a3ad2310fa97b200229075d6799d1d694832d40f09ae88a0b6189bff9225f45a13e9de64af3933aa38a8d954594cc297a619ebf8bdf2f7b658ec696dc8e3afa338ec0bad654fa676d05e466e523bfbe058e4afbb012ec4785e917fc526164fa02d2f4cbbc773cc27554598760d3c5eff6efc1dfb876e806824af4cce34528733e8cee4a78c3fc2d3a3a4dca89c5cfd6b6ffd85b687e4d9d8b477292e02cd2ea96cc3a0fa88fcb1dba80343d284e33e52228f826fb534a27cc25ea11e49921a01dd33d426338b6de379c1ef5c33183bb59466346dc8827b5f6d6c6da1bc6d1b012d4101c3936e0f4ab25321014218e782825c7faca6fa3959bd1cc5bb0d4d0acf03c4a1967f8d6f185457bc04f338a8e407d731622b4ca4616ef813db1cbb9ab7f99e33e4a76ec81723dd43f453d7e228de6ca31154d1ba8d6e12b0386c883c1fe838b973a1eb2ef3db295cba1653ba90c881d3138bad8b2ba81c01f9d1b8056c75651674cf777d48c5d72a8516f2590896d138bccfe582a9302e08c06f5e1eeb72bdd6299eb3b31ffcd9fb02a37e6229a8494d9fb7c7df0ef3b58904056f85ba072a3aeea85c5e1a6e46bc8480bcc3dcc7471b64c6940eae9d17e6d853e04bd62540f6b399c66137d8deeda07adb9454b4ad495a7e3647566902ed34cbf5d18715c5063549f63963a2d61646a65ab34fe2b05175b1cc56bbf655b6122486dfc58e6dc112bd3149e08993964947641b3628ee88d479a60bd8179cc57ccaf399d61c90edbf242bbdef3284d70551b55c0d323a2322d6a30d8a8b4d4df30da1cb183a2ee5df2252060c3807894aa990a15f74677c75006ff8c11a358ec28f6c2c5e4deba2ddbb3dadbdbc2de27b86ff215d9f596420234818236161d6ccab1b5c7cf27535d7f5f39fbb420972621d31f5c4f56ea6841c967a1bfc6637c3f64311ab15b3e6a2ef5e3ebf5d3a13eb4ff14fde9ea6e53c0d7cc4bcbbde0be2aac06cf10c1402e2e882cb53f4358df404b2efaad2334c8e122a3e85d7259d11f3020f8d13a944c58a3119fb0b35bb8991b9513184ab8b9e2a23defddadbf42903c4f4101393aaea7273a7fecf3a284b0562e9024510dd76475fae0c3f2aa1efdb5175f879fd14cc6fd7998599f6f8f88506b93e3c50feb6419f8b2b4ba03683726cb6794e340dc680e5edcfedbc5e900bf5245d74a9db8cd95bbbc3190dc29697a45fa51425fdfc026f885d18d64a81fb285024357f5dde2a5faf1cb5d0090f3721a72afbc34e0b8eeb6f3c00b5662aa49d342ad995969aa9a070fdde0241eeea4951ddfdbee2486f3b9a553549204e17a0d3ea3ce8c772407a89e6db6f33f5a3556dc543b51ba4b37ac59a93d66312d503c903d234c0c2d86b3bfb81fd05fd52239e6268a86cdb41c53a2b5fd2283090653bb7d661490c9d69300da09449b0f91773686bbf8a33ea784e3d34975074e5d7a1cb672ef8717e71123516b6127c3b41490e433bc4774ca88786db1cdb2cbb7fb62a95b3578302a73df288873bb4fe669ddef3429648ac7af32df161f6ecee25bca929afb9bf92e7a1e415a3de8316ebbab2cb45bc88be133c3556bf470a0aa2ea7893acfa77921e47afe9de43157594fe7cc5232e8209d83ee1a18cd55ab4832ee9652ef624be9c75ea894ea863dc6fb56e59cf74b8ecbfacb905574ceb7f8b98c6456a33f2b867fca49ac40bafba43ff21c5dfb672bffe283614cddabaf4d4b30d2ea7d54eeccbae26fc6aa31e2e2170cb79081cc6b668168e04f45f132f47e883d11f3c7971bbe1369197961e73b210416bcd14386acc189d47c47f89b238f6020f40eb87a0bf34fa1b3079fb4542c8addf6a11d10439d5167aa4ba272f1afc2b418fc9d6a17b3e6eac783ede2ecb0cd9d3ea88e1c41c9239383410dd6e4fa8127a7ee0b06c7b68de09e58b0ab1d245c03cd48a3c333ae6712e3deed3e60fee0fc3a8bc03e86c1f7b6ff89f226b70ab6475a8695a5f3b93e196e2d6d82c3ec33acdc3d9601185038a81d81047b77afc7d2d62e5770aac5c53a6e7deb46900cd2a18254c4e049882c5b6d7edd49fcf30acfc4366365240b5058ae54606d81a78349123bdd0d25f0ade161dcd01ec9bffbec07ca3642a4c07aedc529547bb525c4a510fa2c6673765e48046d3496c7115e632b3679bb50c11167fb1d5bdbf579c4d2a233f64a2e4b2f3fc7bba12ef100e39c72ae5af026659c8d07e535eff1e469ae2a03cea3c3025570370920c4abd8d64c3ae6b0babeba69e40d4a8cf435a72d34b1cf7164b041a32dd71f509f4e1b803c1f4a2db38aab89d755a6a70d253adacef355608bd457ffd2730ba2a253f1e314b981008bc6ff2fa884b255a9221ab3127cd3b6c019d3e2c68d297c53eba0dc68d640c75eb14b2f4ec88c4fe7d7414261cd722785ebc8071f7756af59013b3986fd4be0a5140ddd9850dd1e8878a47c459f6baf84499e0aee3cdfacbabc6873d57cfa5b7b91130bc6afb7881950b8564ddb69161f0903690fd84c671b760c0a609c5c88f8613e07b4bcd224"}}}}}}}, 0x0) 21:57:40 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$inet(0x10, 0x2, 0x0) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_route(r0, &(0x7f0000002040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="1100000015000103000000000000000002000200ffe876eee015dc1d935a192c774c7f4b4300c34ef5b91dcea305cb9e3b1ace6019804e8731ddd049cdcc1da7f539043fc8208a4c56feb8644483417bd876b853a10662e01e5605b51298ecb21dc7405fd0e1fa904ba9a0370a30cab5780ce461ab69e7344583465970ad78c0a84101fdbe280a1cd39dd6cb7654887f376b90b03023386d3e51de33b7daea3961615d3fb61d878f2b80af2a9f4c9beac198ef12e8cbe5a128da9e7ad5f9d3bd7869872a37b3292b45f93562c050ec15bc9154c710517dbd3b42a46008d71d51c32e98381e7efb138ca067220440fa05acab44c689c40e08920a9ef51e4bb51962d570f73d3c2192b569e6484543c4696d4d411517bcb7759be7ea97a86b661a2b810d097c5b6da6f3380df30e826e1fbde3ae74dc8e57d221d4e8a22d1161dec44ebc463bd40756802b28", @ANYRES32=0x0], 0x18}, 0x1, 0x0, 0x0, 0x8000}, 0x10) r3 = socket(0x10, 0x800000000080002, 0x10) sendmmsg$alg(r3, &(0x7f0000000140), 0x4924924924925b9, 0x0) setsockopt$inet_sctp_SCTP_DELAYED_SACK(r3, 0x84, 0x10, &(0x7f0000000000)=@assoc_value={0x0, 0x7}, 0x8) 21:57:40 executing program 1: stat(&(0x7f00000004c0)='./file0\x00', &(0x7f00000001c0)) lstat(&(0x7f0000000040)='./file0\x00', &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0}) socketpair$unix(0x1, 0x5, 0x0, 0x0) fstat(0xffffffffffffffff, 0x0) add_key$user(0x0, &(0x7f0000000500)={'syz', 0x1}, &(0x7f0000000540), 0x0, 0xfffffffffffffffd) r1 = add_key$keyring(&(0x7f0000000240)='keyring\x00', &(0x7f0000000000)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffc) r2 = add_key$keyring(&(0x7f0000000300)='ng\x00', &(0x7f00000002c0)={'M&z', 0x1}, 0x0, 0x0, r1) add_key(&(0x7f0000000100)='dns_resolver\x00', &(0x7f0000000080)={'syz', 0x1}, &(0x7f0000000140)="dee7030022cf9e5e1dbac27b0426fc0299c41fb9b9761a1b44dac894f365ae68edf335abf35ec53d6751467ebd", 0x2d, r2) r3 = request_key(0x0, &(0x7f0000001300)={'syz', 0x2}, 0x0, 0xfffffffffffffff8) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000001380)={0x0, 0x0, 0x0}, 0x0) keyctl$chown(0x4, r3, 0x0, r4) add_key$user(&(0x7f0000000580)='user\x00', &(0x7f00000005c0)={'syz', 0x0}, &(0x7f00000000c0)="0bbe3e9a98908f7ae247bec00231940c21f90a9e26", 0x15, r3) r5 = add_key$keyring(&(0x7f0000000200)='keyring\x00', &(0x7f0000000280)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd) add_key$keyring(&(0x7f0000000300)='keyring\x00', &(0x7f00000002c0)={'syz', 0x1}, 0x0, 0x0, r5) r6 = socket$inet6(0xa, 0x8000008000080001, 0x0) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'bridge_slave_0\x00'}) getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, 0x0, &(0x7f0000000780)) r7 = syz_open_dev$dspn(0x0, 0x0, 0x80) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r7, 0x84, 0x70, &(0x7f00000007c0)={0x0, @in6={{0xa, 0x4e22, 0x9, @ipv4={[], [], @multicast1}, 0x5}}, [0x3ff, 0x1000, 0x4, 0x0, 0x7, 0x8, 0x3ff, 0x0, 0xffff, 0x6, 0x1, 0x764d, 0x1, 0x4]}, &(0x7f0000000400)=0x100) keyctl$chown(0x4, 0x0, r0, 0x0) getgroups(0x3, &(0x7f0000000140)=[0x0, 0x0, 0x0]) r8 = socket(0x1, 0x80005, 0x0) sendto$inet6(r8, 0x0, 0x0, 0x0, 0x0, 0x0) getsockopt$IPT_SO_GET_REVISION_MATCH(r8, 0x0, 0x42, &(0x7f0000000540)={'icmp\x00'}, &(0x7f0000000480)=0xaea9) getgid() r9 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0) ioctl$RTC_IRQP_SET(r9, 0x4008700c, 0x0) ioctl$VIDIOC_SUBDEV_ENUM_MBUS_CODE(r9, 0xc0305602, &(0x7f0000000100)={0x0, 0x556, 0x3013}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) request_key(&(0x7f00000002c0)='cifs.idmap\x00', &(0x7f0000000300)={'syz', 0x3}, &(0x7f0000000340)='/dev/input/mice\x00', 0xfffffffffffffff9) add_key$keyring(&(0x7f0000000380)='keyring\x00', &(0x7f00000003c0)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff) unshare(0x60020000) 21:57:40 executing program 0: r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000d0fff5)='/dev/audio\x00', 0x42801, 0x0) ioctl$int_in(r0, 0xc00000c0045005, &(0x7f00000002c0)=0x1000) write$P9_RFSYNC(r0, &(0x7f0000000000)={0x7}, 0x7) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x141080, 0x0) r3 = fcntl$dupfd(r1, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = socket(0x10, 0x800000000080002, 0x10) sendmmsg$alg(r4, &(0x7f0000000140), 0x4924924924925b9, 0x0) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r4, &(0x7f0000000080)={0x20000000}) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$USBDEVFS_FREE_STREAMS(r6, 0x8008551d, &(0x7f0000000100)={0x731b, 0x9, [{0xc}, {0xd, 0x1}, {0x2}, {0x1}, {0xd, 0x1}, {0x8}, {0xc, 0x1}, {0x5, 0x1}, {0xe}]}) ioctl$DRM_IOCTL_GET_CAP(r3, 0xc010640c, &(0x7f0000000040)={0x0, 0x5}) close(r0) [ 306.887596][T11825] IPVS: ftp: loaded support on port[0] = 21 21:57:41 executing program 0: r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000d0fff5)='/dev/audio\x00', 0x42801, 0x0) ioctl$int_in(r0, 0xc00000c0045005, &(0x7f00000002c0)=0x1000) write$P9_RFSYNC(r0, &(0x7f0000000000)={0x7}, 0x7) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x141080, 0x0) r3 = fcntl$dupfd(r1, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = socket(0x10, 0x800000000080002, 0x10) sendmmsg$alg(r4, &(0x7f0000000140), 0x4924924924925b9, 0x0) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r4, &(0x7f0000000080)={0x20000000}) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$USBDEVFS_FREE_STREAMS(r6, 0x8008551d, &(0x7f0000000100)={0x731b, 0x9, [{0xc}, {0xd, 0x1}, {0x2}, {0x1}, {0xd, 0x1}, {0x8}, {0xc, 0x1}, {0x5, 0x1}, {0xe}]}) ioctl$DRM_IOCTL_GET_CAP(r3, 0xc010640c, &(0x7f0000000040)={0x0, 0x5}) close(r0) 21:57:41 executing program 1: getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f0000000180)={0x408, 0x7363d08304af3901, 0x3ff}, 0x0) r0 = add_key$user(&(0x7f00000003c0)='user\x00', &(0x7f0000000000)={'syz', 0x0}, &(0x7f0000000040), 0x0, 0xfffffffffffffffd) r1 = syz_open_dev$vcsa(&(0x7f0000000400)='/dev/vcsa#\x00', 0x6, 0x501000) getsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r1, 0x84, 0xc, &(0x7f0000000340), &(0x7f0000000380)=0x4) ioctl$TIOCGSERIAL(0xffffffffffffffff, 0x541e, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=""/63}) rt_sigpending(&(0x7f0000000080), 0x8) keyctl$dh_compute(0x17, &(0x7f0000000140)={0x0, r0}, &(0x7f00000000c0)=""/83, 0xa2bd1d5677b481f6, 0x0) r2 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dlm-control\x00', 0x2000, 0x0) ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f00000002c0)={r2}) openat$cgroup_type(r2, &(0x7f0000000280)='cgroup.type\x00', 0x2, 0x0) 21:57:41 executing program 1: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000540)={0x0, 0x10, &(0x7f0000000600)=[@in={0x2, 0x0, @dev}]}, &(0x7f00000005c0)=0x26c) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x7b, &(0x7f0000000300)={r1, @in={{0x2, 0x0, @empty}}}, &(0x7f00000003c0)=0x98) getsockopt$SO_TIMESTAMP(r2, 0x1, 0x5d, &(0x7f0000000000), &(0x7f0000000040)=0x4) 21:57:42 executing program 1: r0 = socket$inet6(0xa, 0x8000000000001, 0x8010000000000084) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = accept(r0, &(0x7f0000000000)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000080)=0x80) setsockopt$inet_mreq(r2, 0x0, 0x23, &(0x7f00000000c0)={@empty, @loopback}, 0x8) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmmsg$inet6(r0, &(0x7f0000005940)=[{{&(0x7f0000000280)={0xa, 0x0, 0x0, @local, 0x8}, 0x1c, &(0x7f00000002c0)=[{&(0x7f0000000340)="18", 0x1}], 0x1}}, {{&(0x7f0000000700)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000001940)=[{&(0x7f0000000740)='%', 0x1}], 0x1}}], 0x2, 0x4004040) close(r0) 21:57:42 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x213) sendmsg$nl_route(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000080)=@ipv6_getroute={0x38, 0x1a, 0xc05, 0x0, 0x0, {0x2}, [@RTA_OIF={0x8}, @RTA_GATEWAY={0x14, 0x5, @rand_addr="fe799428d610c1915c0110bb0e3f3151"}]}, 0x38}}, 0x0) r1 = socket(0x10, 0x800000000080002, 0x10) sendmmsg$alg(r1, &(0x7f0000000140), 0x4924924924925b9, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) getsockname$packet(r3, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000005c0)=@newlink={0x38, 0x10, 0x705, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, @sit={{0x8, 0x1, 'sit\x00'}, {0xc, 0x2, [@tunl_policy=[@IFLA_IPTUN_LINK={0x8, 0x2, r5}]]}}}]}, 0x38}}, 0x0) sendmsg$can_raw(r1, &(0x7f0000000180)={&(0x7f0000000000)={0x1d, r4}, 0x10, &(0x7f0000000140)={&(0x7f00000000c0)=@canfd={{0x2, 0x1, 0x1}, 0xe, 0x2, 0x0, 0x0, "79db933a976ad49dce94b1295ab5f0a13de637e1bbfce95f41abaa2e91662496f6a0e36fe803fba1f149ee1a67e2c392890df2a17207f48f136096762a368268"}, 0x48}, 0x1, 0x0, 0x0, 0x802c000}, 0x40000c0) 21:57:42 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nullb0\x00', 0x4000000004002, 0x0) r1 = syz_open_dev$mouse(&(0x7f0000000340)='/dev/input/mouse#\x00', 0x662ad99f, 0x400080) getsockopt$inet_sctp_SCTP_AUTOCLOSE(r1, 0x84, 0x4, &(0x7f0000000380), &(0x7f00000003c0)=0x4) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x200000e, 0x13, r0, 0x0) r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x0, 0x0) ioctl$EVIOCGABS20(r2, 0x80184560, &(0x7f0000000400)=""/80) ioctl$TCSETS(r2, 0x5402, 0x0) ioctl$KDGKBLED(r2, 0xc0045405, &(0x7f0000a07fff)) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000300)={r2, 0x0, 0xbf, 0x32, &(0x7f00000000c0)="0425a298401eb9bdce8d8a391fa0b94a2841d90d601dfc3f84695579dddb15ffac75134bae23a5c8ec9e4367542214e44ce0a35e41d53eb429a77e96f5b33eda2a6b2761e0e2c111aad3a891f640b965cae9872368c12c6f9f392e6a3d85583a4e7ccda9e6ce8495d23a9e1780754e865ca6e60238650afd0ab233244ff6a006e9013bf6f1f4134a506596b4478f77eb26f0464068ab81f52a76204e46a198fc4d0f8358eb90da71aebffa1785b5969b0a400b79589ea3b9c588eceeb42e3c", &(0x7f0000000040)=""/50, 0x1000, 0x0, 0x5e, 0xd0, &(0x7f0000000180)="27ea52522294c49c9fc2a59bef1a251679b098bdc3e0021a74ada2b827a998f1a143c5df07e2ec04c2ea44af7013445134cfe7f4a72b8a472c3f097d54bf21b33830ba37160e589b589fab80b9f7e99748e1d6baba660fd7fbdb6b7bf26c", &(0x7f0000000200)="9751460479ce48e16575c0cc72f574a79f8de92ceb497d9e8e384474da558a234c1eef521e5e800fa1e35f8d8a7cf72bef6573817a04a771295d174a96d94f4ede0e40cd69fdb842f4be94bd3dac87dcf675d04ac00dbeb77248cbaf263070dd4365743358fea7360748e12b89fd4f8ce0b924b94616a739fb739a797f68dd8757e0a2f94abad707aecdd86986edeac9bffeec03a63d851b23c9d4feed1764d7ec18c44d75766ad4e36a60fc6d5ca23b492d5728b5c2b0746bf7b63f2da2dd8f955af92d6ad0186a87c09f2bf373541a"}, 0x40) [ 308.225824][T11854] netlink: 'syz-executor.0': attribute type 5 has an invalid length. [ 308.265697][T11855] netlink: 'syz-executor.0': attribute type 5 has an invalid length. 21:57:42 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=@newlink={0x48, 0x10, 0xe3b, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x20, 0x12, @ipip6={{0xc, 0x1, 'ip6tnl\x00'}, {0x18, 0x2, [@tunl6_policy=[@IFLA_IPTUN_REMOTE={0x14, 0x3, @ipv4}]]}}}]}, 0x48}}, 0x0) socket$netlink(0x10, 0x3, 0x5) r1 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x0, 0x1) r2 = socket(0x10, 0x800000000080002, 0x10) sendmmsg$alg(r2, &(0x7f0000000140), 0x4924924924925b9, 0x0) getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r2, 0x6, 0x1d, &(0x7f00000002c0), &(0x7f0000000300)=0x14) r3 = syz_genetlink_get_family_id$nbd(&(0x7f0000000140)='nbd\x00') sendmsg$NBD_CMD_STATUS(r1, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x64, r3, 0x200, 0x70bd2d, 0x25dfdbfd, {}, [@NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x24}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x1}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x4}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_TIMEOUT={0xc}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x4}]}, 0x64}, 0x1, 0x0, 0x0, 0x4000000}, 0x4) 21:57:42 executing program 1: perf_event_open(&(0x7f0000000000)={0x1000000002, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = dup3(r0, r1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/pfkey\x00', 0x40000, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) r5 = fcntl$dupfd(r4, 0x0, r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f00000000c0)={0x4, r5}) [ 308.481743][T11864] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 308.491133][T11864] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.0'. [ 308.568410][T11864] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 308.577917][T11864] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.0'. 21:57:42 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000500)=ANY=[@ANYBLOB="b700000001ed9fffbfa30000000000000703000031feffff720af0fff8ffffff71a4f0ff00000000b7060000000000012d400500000000004704000001ed00003400000000ffffffde640000000000007b0a00fe000000001f14000000000000b7000000000000009500000000000000023bc065b7a3790779fc9e94af69912435f1b6a693002e7f3be361917adef6ee1caa2b4f8ef1e50becb19bc461e91a7168c5181554a090f32050e436fe275daf51efd601b6bf01c8e8b1b5e4fef3bef70548aed0d600c095199fe3ff3128e599b0eaebbdbd7359a48f5b0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd8dff0c710e4cdbf4fc41fbba4f94369e646b8ee6de2109fbe4ef154400e2438ec649dc74a1a610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda8a3658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06ad99edc3a6138d5fcfba53f8d0c67ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdf098bc908f523d228a40f9411fe7226a4040996e37c4f46756d50b928f63fc77b830282294484fa6da21b62987c71c1d6e6297eadbab95444937b029e3bd90eef51977a085eaa790167cdd110d9fcc36a8dc6cf1c8e24fe23d7b6727a611b731c6fc186844deadc5bdaa83c0556cbb3c05913afcac91bd0d79c4ea63f9990de57965e2c013a05928ea51b4245dd358155b46f64f5f15c99e2504b70c3b02c7588632f92c3958cf071044c1c"], &(0x7f00000001c0)='\x00\xf1)\r*\xbbzL\x8e7\x9e\xaa\xb3y\xb9\xfa!\xad!\xb4\xd4\x94\xa0\x86\xcf\x12#\xb4\xd3n$\x85\x06k\xb2\xf9\xd5\"\xfe\x86 \b\x7f\xe8\x8a\xcf\x89\x9b\xbaR]\xf5{J\x84\x15\xf9)\xf3\xc8\xd5`\xe6\xe6\x9eI\x02\xce\x1fI\xa8w\xc3#\xba\xf5\xe9\xea>\xc7\xab2,\xa0\x84t\xce\x04Tf\xc5\xfe`\'\x9b\xe2MH%\x93\x028\xcb\x0f\xdb\x16\xe2l\x80\xe6\xcd\xceW\x01SS-o`X\xf6\xa4\xc1|\xbe\xc4\xf0\xac1zp\xc9\x89\xef.\xa4\x91\xb4\xf3('}, 0x48) 21:57:42 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000500)=ANY=[@ANYBLOB="b700000001ed9fffbfa30000000000000703000031feffff720af0fff8ffffff71a4f0ff00000000b7060000000000012d400500000000004704000001ed00003400000000ffffffde640000000000007b0a00fe000000001f14000000000000b7000000000000009500000000000000023bc065b7a3790779fc9e94af69912435f1b6a693002e7f3be361917adef6ee1caa2b4f8ef1e50becb19bc461e91a7168c5181554a090f32050e436fe275daf51efd601b6bf01c8e8b1b5e4fef3bef70548aed0d600c095199fe3ff3128e599b0eaebbdbd7359a48f5b0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd8dff0c710e4cdbf4fc41fbba4f94369e646b8ee6de2109fbe4ef154400e2438ec649dc74a1a610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda8a3658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06ad99edc3a6138d5fcfba53f8d0c67ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdf098bc908f523d228a40f9411fe7226a4040996e37c4f46756d50b928f63fc77b830282294484fa6da21b62987c71c1d6e6297eadbab95444937b029e3bd90eef51977a085eaa790167cdd110d9fcc36a8dc6cf1c8e24fe23d7b6727a611b731c6fc186844deadc5bdaa83c0556cbb3c05913afcac91bd0d79c4ea63f9990de57965e2c013a05928ea51b4245dd358155b46f64f5f15c99e2504b70c3b02c7588632f92c3958cf071044c1c"], &(0x7f00000001c0)='\x00\xf1)\r*\xbbzL\x8e7\x9e\xaa\xb3y\xb9\xfa!\xad!\xb4\xd4\x94\xa0\x86\xcf\x12#\xb4\xd3n$\x85\x06k\xb2\xf9\xd5\"\xfe\x86 \b\x7f\xe8\x8a\xcf\x89\x9b\xbaR]\xf5{J\x84\x15\xf9)\xf3\xc8\xd5`\xe6\xe6\x9eI\x02\xce\x1fI\xa8w\xc3#\xba\xf5\xe9\xea>\xc7\xab2,\xa0\x84t\xce\x04Tf\xc5\xfe`\'\x9b\xe2MH%\x93\x028\xcb\x0f\xdb\x16\xe2l\x80\xe6\xcd\xceW\x01SS-o`X\xf6\xa4\xc1|\xbe\xc4\xf0\xac1zp\xc9\x89\xef.\xa4\x91\xb4\xf3('}, 0x48) 21:57:43 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="b70000000000000074000000000000000400000000000000952cff0000000000eea7b9a2541feaf1c5eff9f8f3652d74f16af463a6970c414f14e458554c1c9ee5d06ba0d2dbf6312f575bb5402d98b626acab0906ae8c7b3116bfb51bf982f2f37df6d4"], &(0x7f0000003ff6)='OPL\x00', 0x1, 0xff06, &(0x7f000000cf3d)=""/195}, 0x48) r0 = socket(0x10, 0x800000000080002, 0x10) sendmmsg$alg(r0, &(0x7f0000000140), 0x4924924924925b9, 0x0) fcntl$F_GET_RW_HINT(r0, 0x40b, &(0x7f0000000100)) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0xd, &(0x7f0000000040)=@req={0x8, 0x80000000, 0x800, 0x1}, 0x10) sysinfo(&(0x7f0000000140)=""/126) 21:57:43 executing program 1: set_mempolicy(0x4003, &(0x7f0000000140)=0x101, 0x2) add_key$user(&(0x7f0000000000)='user\x00', &(0x7f0000000300)={'syz', 0x3}, &(0x7f0000000200)='\x00', 0x1, 0xfffffffffffffffe) add_key$user(&(0x7f00000003c0)='user\x00', &(0x7f0000000440)={'syz'}, &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd) r0 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000140)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f00000000c0)={'syz', 0x0}, 0x0, 0x0, r0) add_key$keyring(&(0x7f0000000180)='keyring\x00', &(0x7f0000000280)={'syz', 0x0}, 0x0, 0x0, r1) r2 = add_key$keyring(&(0x7f0000000040)='keyring\x00', &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff) openat$cgroup_subtree(0xffffffffffffffff, &(0x7f00000001c0)='cgroup.subtree_control\x00', 0x2, 0x0) add_key(&(0x7f0000000580)='pkcs7_test\x00', 0x0, &(0x7f0000000200)="3081a3", 0x3, r2) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$VHOST_SET_VRING_ERR(r4, 0x4008af22, &(0x7f00000002c0)={0x3, r6}) add_key(&(0x7f0000000080)='keyring\x00', &(0x7f0000000380)={'syz', 0x1}, &(0x7f0000000480)="fac8e93d790d679fe4d62fa286bce5ae53f9606046ba6d9fb2d24225b51711e898223e6888b055c082d342dbab59aaeba2266343050802c2052869ea29f695a0ba82f2af0af30af9989a2ba142298f5849a04ff9d559ab50a2bd3ca1c0cc2322ee00", 0x62, r2) r7 = socket$inet6_tcp(0xa, 0x1, 0x0) r8 = fcntl$dupfd(r7, 0x0, r7) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) r9 = socket(0x10, 0x800000000080002, 0x10) sendmmsg$alg(r9, &(0x7f0000000140), 0x4924924924925b9, 0x0) r10 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000340)=0xffffffffffffffff, 0x4) r11 = socket(0x10, 0x800000000080002, 0x10) sendmmsg$alg(r11, &(0x7f0000000140), 0x4924924924925b9, 0x0) r12 = socket(0x10, 0x800000000080002, 0x10) sendmmsg$alg(r12, &(0x7f0000000140), 0x4924924924925b9, 0x0) r13 = socket(0x10, 0x800000000080002, 0x10) sendmmsg$alg(r13, &(0x7f0000000140), 0x4924924924925b9, 0x0) r14 = socket(0x10, 0x800000000080002, 0x10) sendmmsg$alg(r14, &(0x7f0000000140), 0x4924924924925b9, 0x0) r15 = socket(0x10, 0x800000000080002, 0x10) sendmmsg$alg(r15, &(0x7f0000000140), 0x4924924924925b9, 0x0) r16 = socket(0x10, 0x800000000080002, 0x10) sendmmsg$alg(r16, &(0x7f0000000140), 0x4924924924925b9, 0x0) socket$bt_cmtp(0x1f, 0x3, 0x5) accept4$tipc(r13, &(0x7f0000000500)=@name, &(0x7f0000000540)=0x10, 0x800) r17 = openat$ppp(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/ppp\x00', 0x20000, 0x0) r18 = socket(0x10, 0x800000000080002, 0x10) sendmmsg$alg(r18, &(0x7f0000000140), 0x4924924924925b9, 0x0) r19 = socket(0x10, 0x800000000080002, 0x10) sendmmsg$alg(r19, &(0x7f0000000140), 0x4924924924925b9, 0x0) io_uring_register$IORING_REGISTER_FILES(r8, 0x2, &(0x7f0000000400)=[r9, r10, r11, r17, r18, r13, r14, r19, r5, r16], 0x2d9) add_key$keyring(&(0x7f0000000240)='\x00\x00\x00\x00\x00\xfc\xff\x00', &(0x7f0000000140)={'syz', 0x2}, 0x0, 0x0, 0x0) clone(0x4412c500, 0x0, 0x0, 0x0, 0x0) [ 309.262320][T11888] IPVS: ftp: loaded support on port[0] = 21 [ 309.409972][T11891] IPVS: ftp: loaded support on port[0] = 21 21:57:43 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x61, 0x10, 0x2c}, [@call={0x85, 0x0, 0x0, 0x2f}]}, &(0x7f0000000080)='G\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x147, 0x10, &(0x7f0000000000), 0xfffffffffffffd3a}, 0x48) madvise(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0xa) 21:57:43 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) gettid() ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x11, 0x800000003, 0x0) socket(0x200000000000011, 0x0, 0x0) socket(0x200000000000011, 0x0, 0x0) accept4$packet(0xffffffffffffffff, &(0x7f0000000240)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000340)=0x14, 0x0) socket(0x200000000000011, 0x4000000000080002, 0x0) socket(0x11, 0x0, 0x0) bind(0xffffffffffffffff, 0x0, 0x0) accept$packet(0xffffffffffffffff, &(0x7f00000029c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, 0x0) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0) r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm_plock\x00', 0x10400, 0x0) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e22, 0xd1f, @empty, 0x3872}, 0x114) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="28000080fff4000034a700", @ANYRES32=0x0, @ANYBLOB="000000000000000008001b0000000000"], 0x28}}, 0x0) 21:57:43 executing program 1: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu\x00', 0x200002, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup2(r1, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) mount(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f00000000c0)='tmpfs\x00', 0x0, 0x0) sendto$unix(0xffffffffffffffff, &(0x7f0000000000)="e125ee993703d26eb8", 0x9, 0x8010000, 0x0, 0x0) unshare(0x400) chdir(&(0x7f0000000140)='./file0\x00') symlink(&(0x7f0000000500)='.\x00', &(0x7f00000004c0)='./file0\x00') umount2(&(0x7f00000001c0)='./file0/../file0/file0\x00', 0x80000000002) fchdir(r0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$VIDIOC_G_SLICED_VBI_CAP(r4, 0xc0745645, &(0x7f0000000040)={0x8, [0x4, 0x84, 0xa9, 0x8001, 0xdc1b, 0x4, 0x4, 0x0, 0xfff8, 0x5, 0x2, 0x8000, 0x800, 0x68, 0x5, 0x2, 0xf001, 0x2, 0x6, 0x2e, 0x400, 0x1, 0x401, 0x4, 0x1, 0x8, 0x8, 0x8000, 0x12a1, 0x1, 0x54, 0x401, 0x1, 0x7, 0x58, 0x4, 0x3, 0x1f, 0x6, 0x1000, 0x9, 0x77, 0xff, 0xff8, 0x1, 0xcb, 0x53, 0x80], 0xa}) 21:57:43 executing program 1: r0 = syz_open_dev$usbfs(&(0x7f0000001280)='/dev/bus/usb/00#/00#\x00', 0x200, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = dup3(r3, r2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$SNDRV_RAWMIDI_IOCTL_STATUS(r4, 0xc0385720, &(0x7f0000000000)={0x0, {0x77359400}, 0xfffff77c, 0x9}) dup2(r1, r0) 21:57:43 executing program 0: r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000f61fe4)={0xa, 0x4e20, 0x0, @ipv4={[], [], @broadcast}}, 0x1c) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = dup2(r0, r1) setsockopt$inet6_int(r2, 0x29, 0x35, &(0x7f0000000000)=0x1e, 0x4) syz_open_dev$char_usb(0xc, 0xb4, 0x80000000000) syz_emit_ethernet(0x21a, &(0x7f000070aef1)={@local, @empty=[0x3, 0x0, 0x14], [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}, @broadcast}, @udp={0x0, 0x4e20, 0x8}}}}}, 0x0) recvmmsg(r0, &(0x7f0000006500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 21:57:44 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = syz_open_dev$sndpcmc(&(0x7f0000000200)='/dev/snd/pcmC#D#c\x00', 0x0, 0x1) ioctl$RTC_EPOCH_SET(r3, 0x40084149, 0x718000) r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop-control\x00', 0x0, 0x0) r5 = ioctl$LOOP_CTL_GET_FREE(r4, 0x4c82) ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5) ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, r5) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r5) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0) r7 = socket(0x10, 0x800000000080002, 0x10) sendmmsg$alg(r7, &(0x7f0000000140), 0x4924924924925b9, 0x0) r8 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r8, 0x84, 0x6b, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @loopback={0x10000120, 0x3cec11fffe4fef91}}], 0x1c) shutdown(r8, 0x2) r9 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r9, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r8, 0x84, 0x76, &(0x7f0000000080)={r10}, &(0x7f00000000c0)=0x8) getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r7, 0x84, 0x18, &(0x7f0000000040)={r10, 0x4}, &(0x7f0000000080)=0x8) r11 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) syz_open_dev$evdev(0x0, 0x0, 0x0) r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x0) unshare(0x8000400) syz_kvm_setup_cpu$x86(r0, r12, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2, 0x0, 0x0, 0xe1) [ 310.062855][T11913] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. 21:57:44 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) r2 = socket(0x10, 0x800000000080002, 0x10) sendmmsg$alg(r2, &(0x7f0000000140), 0x4924924924925b9, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x8914, &(0x7f0000000000)={'bcsf0\x00', 0x1000}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000280)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r3, 0x400455c8, 0x1) 21:57:44 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'sit0\x00'}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r3 = socket(0x10, 0x800000000080002, 0x10) sendmmsg$alg(r3, &(0x7f0000000140), 0x4924924924925b9, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, &(0x7f0000000100)=[@in6={0xa, 0x4e20, 0x1f, @remote, 0x5}, @in6={0xa, 0x4e24, 0x9, @empty, 0x7ff}], 0x38) r4 = fcntl$dupfd(r2, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400212) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = getuid() getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000040)={0x0, 0x0, 0x0}, &(0x7f00000001c0)=0x3e5) write$P9_RGETATTR(0xffffffffffffffff, &(0x7f0000000000)={0xa0, 0x19, 0x1, {0x2000, {0x42, 0x2, 0x6}, 0x0, r6, r7, 0x7, 0x8000, 0x9, 0x1f, 0x4, 0x9, 0x0, 0xfffffffffffffff9, 0x99, 0x5, 0x80, 0x0, 0xff, 0x9, 0x7}}, 0xa0) sendmsg$nl_route(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=@ipmr_delroute={0x2a3, 0x19, 0x10, 0x70bd28, 0x25dfdbfd, {0x80, 0x10, 0x10, 0x5, 0xfd, 0x1, 0xff, 0x9, 0x100}, [@RTA_SRC={0x0, 0x2, @multicast2}]}, 0x14a}, 0x1, 0x0, 0x0, 0x3516b9e6bbed5483}, 0x60000000) setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r3, 0x84, 0x19, &(0x7f0000000180)={0x0, 0x6}, 0x8) 21:57:44 executing program 2: chroot(&(0x7f0000000000)='./file0\x00') r0 = signalfd(0xffffffffffffffff, &(0x7f0000000040)={0xd0a}, 0x8) ioctl$FIBMAP(r0, 0x1, &(0x7f0000000080)=0x7) r1 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_inet_SIOCGIFADDR(r1, 0x8915, &(0x7f00000000c0)={'veth0_to_hsr\x00', {0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}}) r2 = socket$pptp(0x18, 0x1, 0x2) recvmmsg(r2, &(0x7f0000001800)=[{{&(0x7f0000000100)=@l2, 0x80, &(0x7f0000000540)=[{&(0x7f0000000180)=""/142, 0x8e}, {&(0x7f0000000240)=""/181, 0xb5}, {&(0x7f0000000300)=""/50, 0x32}, {&(0x7f0000000340)=""/64, 0x40}, {&(0x7f0000000380)=""/135, 0x87}, {&(0x7f0000000440)=""/157, 0x9d}, {&(0x7f0000000500)=""/31, 0x1f}], 0x7, &(0x7f00000005c0)=""/8, 0x8}, 0x9}, {{&(0x7f0000000600)=@xdp, 0x80, &(0x7f0000001740)=[{&(0x7f0000000680)=""/4096, 0x1000}, {&(0x7f0000001680)=""/19, 0x13}, {&(0x7f00000016c0)=""/95, 0x5f}], 0x3, &(0x7f0000001780)=""/70, 0x46}, 0x3}], 0x2, 0x40, 0x0) ioctl$KVM_SET_BOOT_CPU_ID(0xffffffffffffffff, 0xae78, &(0x7f0000001880)=0x2) r3 = request_key(&(0x7f00000018c0)='trusted\x00', &(0x7f0000001900)={'syz', 0x1}, &(0x7f0000001940)='\\wlan1ppp0\x00', 0xfffffffffffffff8) keyctl$KEYCTL_PKEY_QUERY(0x18, r3, 0x0, &(0x7f0000001980)='{self-GPLkeyringvmnet1\x00', &(0x7f00000019c0)) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000001a00)={0xffffffffffffffff}) setsockopt$inet6_IPV6_ADDRFORM(r4, 0x29, 0x1, &(0x7f0000001a40), 0x4) r5 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000001a80)='/dev/qat_adf_ctl\x00', 0x10400, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000001b00)={r5, 0x0, 0x1, 0x5, &(0x7f0000001ac0)=[0x0], 0x1}, 0x20) write$P9_RSYMLINK(r5, &(0x7f0000001b40)={0x14, 0x11, 0x2, {0x2, 0x1, 0x2}}, 0x14) pipe(&(0x7f0000001b80)={0xffffffffffffffff}) getsockopt$inet_pktinfo(r6, 0x0, 0x8, &(0x7f0000001bc0)={0x0, @remote}, &(0x7f0000001c00)=0xc) pipe2(&(0x7f0000001c40)={0xffffffffffffffff}, 0x80800) ioctl$CAPI_GET_SERIAL(r7, 0xc0044308, &(0x7f0000001c80)=0x1000) r8 = dup(0xffffffffffffffff) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_REM(r8, 0x84, 0x65, &(0x7f0000001cc0)=[@in6={0xa, 0x4e20, 0x1, @remote, 0xfff}, @in={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x21}}, @in={0x2, 0x4e20, @broadcast}, @in={0x2, 0x4e23, @broadcast}, @in6={0xa, 0x4e23, 0x6, @remote, 0x100}, @in6={0xa, 0x4e20, 0x20, @loopback, 0x5}, @in6={0xa, 0x4e24, 0x5, @remote, 0x9}, @in={0x2, 0x4e22, @remote}, @in6={0xa, 0x4e24, 0x7, @rand_addr="7428c493b006f63a8619e7781b9ea5bb", 0x8}], 0xcc) openat$vnet(0xffffffffffffff9c, &(0x7f0000001dc0)='/dev/vhost-net\x00', 0x2, 0x0) mmap$binder(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x1, 0x11, 0xffffffffffffffff, 0xe000000000000000) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000001e00)=0x0) fcntl$setown(r5, 0x8, r9) r10 = openat$null(0xffffffffffffff9c, &(0x7f0000001e40)='/dev/null\x00', 0xc0, 0x0) r11 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000001e80)='/proc/self\x00', 0x101a00, 0x0) ioctl$LOOP_SET_FD(r10, 0x4c00, r11) lsetxattr$trusted_overlay_origin(&(0x7f0000001ec0)='./file0\x00', &(0x7f0000001f00)='trusted.overlay.origin\x00', &(0x7f0000001f40)='y\x00', 0x2, 0x0) r12 = syz_open_dev$mouse(&(0x7f0000001f80)='/dev/input/mouse#\x00', 0x100000001, 0x10000) ioctl$UI_SET_LEDBIT(r12, 0x40045569, 0x5) [ 310.552791][ T595] Bluetooth: Error in BCSP hdr checksum [ 310.812976][ T595] Bluetooth: Error in BCSP hdr checksum 21:57:44 executing program 1: ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) gettid() fcntl$lock(0xffffffffffffffff, 0x0, 0x0) syz_open_procfs(0x0, 0x0) setsockopt$inet6_tcp_TCP_QUEUE_SEQ(0xffffffffffffffff, 0x6, 0x15, 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = add_key(&(0x7f0000000000)='user\x00', &(0x7f0000000380)={'syz', 0x1}, &(0x7f00000003c0)='v', 0x1, 0xffffffffffffffff) keyctl$clear(0x7, r0) r1 = add_key$keyring(&(0x7f00000002c0)='keyring\x00', &(0x7f0000000300)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$instantiate_iov(0x14, r0, &(0x7f0000000040)=[{&(0x7f0000000180)="95a6a86b1a16b9157cdc59fc08d3694c6c5ec166dce095a9f2a2a75212a1290933ab1896d9bd45a78eaabf2989357706b8103e1a3bc255f957ed79e5d6bdfed48f", 0x41}, {&(0x7f0000000200)="00960996641f3dcb5f99b2914ac0104b8c991198de519e17052f084dcfd23c506deff3b7a9e26edc0b5b2ed51a540fd8c016bae134a0a256f7a9e10475d1d01f1ab5fb7beb183e64178cbf92634fc3ba01484513c8eb99425830fb14ec4e8f0daa90d8d8d6c5a362c5dd3af4b6eda58420351e7a7d33a56ba620c5a45e7774f9846d46e0ef158917620a1215fa07a17915c4ff72b2998da19b29d0e271a2d961d9fc0ea4b2f856d443605934613e9e03fd95", 0xb2}], 0x2, r1) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_inet_sctp_SIOCINQ(0xffffffffffffffff, 0x541b, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000340)='/proc/capi/capi20ncci\x00', 0x101240, 0x0) ioctl$sock_inet6_tcp_SIOCOUTQ(r3, 0x5411, &(0x7f0000000400)) r4 = gettid() fcntl$lock(r2, 0x6, &(0x7f0000000000)={0x0, 0x3, 0x0, 0x0, r4}) r5 = socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x10032, 0xffffffffffffffff, 0x0) r6 = userfaultfd(0x0) ioctl$UFFDIO_API(r6, 0xc018aa3f, &(0x7f0000000480)) ioctl$UFFDIO_REGISTER(r6, 0xc020aa00, &(0x7f0000000300)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r7 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r7, 0x84, 0x74, &(0x7f0000013ff4)=@assoc_value, &(0x7f0000002000)=0xff0a) r8 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) r9 = socket(0x10, 0x800000000080002, 0x10) sendmmsg$alg(r9, &(0x7f0000000140), 0x4924924924925b9, 0x0) r10 = socket(0x10, 0x800000000080002, 0x10) sendmmsg$alg(r10, &(0x7f0000000140), 0x4924924924925b9, 0x0) setsockopt$inet_sctp6_SCTP_MAX_BURST(r10, 0x84, 0x23, 0x0, 0x0) r11 = dup2(r5, r7) dup3(r11, r6, 0x0) syz_open_procfs$namespace(r4, &(0x7f0000000140)='ns/pid_for_children\x00') 21:57:45 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000100)=ANY=[@ANYBLOB="b405000001040000611095000000000200e191ff01f0bee64362d27ddfb70d9e5efa0520211863ce21f4a356069e1ac6220e1404977aa31a83f6d48dcfff010000000000001995aa2ee5036c24bffe7eaa992096d8ec5da18361adb96fc928226c1f6d614c762234750e0500000000000000b7f3d43e4fcd5bdd181c1d91402943cd63a395ad7c4fddd92f9bdc262e1175ddd7b6ff53ef7f5d806fac3bc292fa5acc78"], &(0x7f0000003ff6)='G\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [0x2e], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x241}, 0x48) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r1, 0x84, 0x6b, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @loopback={0x10000120, 0x3cec11fffe4fef91}}], 0x1c) shutdown(r1, 0x2) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000000080)={r3}, &(0x7f00000000c0)=0x8) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000040)={r3, @in={{0x2, 0x4e23, @broadcast}}, 0xf543, 0x20}, 0x90) [ 311.093123][T11935] IPVS: ftp: loaded support on port[0] = 21 [ 311.240298][T11935] chnl_net:caif_netlink_parms(): no params data found [ 311.296408][T11935] bridge0: port 1(bridge_slave_0) entered blocking state [ 311.304130][T11935] bridge0: port 1(bridge_slave_0) entered disabled state [ 311.312872][T11935] device bridge_slave_0 entered promiscuous mode [ 311.323654][T11935] bridge0: port 2(bridge_slave_1) entered blocking state [ 311.330841][T11935] bridge0: port 2(bridge_slave_1) entered disabled state [ 311.339743][T11935] device bridge_slave_1 entered promiscuous mode 21:57:45 executing program 1: pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000003060501ff0000fffdffff2ef6ff04610c0001"], 0x17}}, 0x0) r3 = socket(0x10, 0x800000000080002, 0x10) sendmmsg$alg(r3, &(0x7f0000000140), 0x4924924924925b9, 0x0) pread64(r3, &(0x7f0000000080)=""/44, 0x2c, 0x3) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0) splice(r0, 0x0, r2, 0x0, 0x4ffe0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) mq_unlink(&(0x7f0000000040)='{\x00') [ 311.373524][T11935] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 311.406990][T11935] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 311.458035][T11935] team0: Port device team_slave_0 added [ 311.467565][T11935] team0: Port device team_slave_1 added [ 311.520215][T11944] netlink: 'syz-executor.1': attribute type 1 has an invalid length. [ 311.528608][T11944] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'. [ 311.557925][T11935] device hsr_slave_0 entered promiscuous mode [ 311.613911][T11935] device hsr_slave_1 entered promiscuous mode [ 311.752120][T11935] debugfs: Directory 'hsr0' with parent '/' already present! [ 312.001731][T11935] bridge0: port 2(bridge_slave_1) entered blocking state [ 312.009032][T11935] bridge0: port 2(bridge_slave_1) entered forwarding state [ 312.016833][T11935] bridge0: port 1(bridge_slave_0) entered blocking state [ 312.024093][T11935] bridge0: port 1(bridge_slave_0) entered forwarding state 21:57:46 executing program 1: stat(&(0x7f0000000000)='./file0\x00', &(0x7f00000001c0)) lstat(&(0x7f0000000040)='./file0\x00', &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0}) socketpair$unix(0x1, 0x5, 0x0, 0x0) fstat(0xffffffffffffffff, 0x0) add_key$user(0x0, &(0x7f0000000500)={'syz', 0x1}, &(0x7f0000000540), 0x0, 0xfffffffffffffffd) r1 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000280)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd) r2 = add_key$keyring(&(0x7f0000000300)='keyring\x00', &(0x7f00000002c0)={'syz', 0x1}, 0x0, 0x0, r1) add_key(&(0x7f0000000100)='dns_resolver\x00', &(0x7f0000000080)={'syz', 0x1}, &(0x7f0000000140)="dee7030022cf9e5e1dbac27b0426fc0299c41fb9b9761a1b44dac894f365ae68edf335abf35ec53d6751467ebd", 0x2d, r2) add_key$user(&(0x7f0000000580)='user\x00', &(0x7f00000005c0)={'syz', 0x0}, &(0x7f0000000600), 0x0, r2) r3 = add_key$keyring(&(0x7f0000000200)='keyring\x00', &(0x7f0000000280)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd) add_key$keyring(&(0x7f0000000300)='keyring\x00', &(0x7f0000000380)={'\x00', 0x1}, 0x0, 0x0, r3) r4 = socket$inet6(0xa, 0x8000008000080001, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'bridge_slave_0\x00'}) r5 = syz_open_dev$dspn(0x0, 0x0, 0x80) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r5, 0x84, 0x70, &(0x7f00000007c0)={0x0, @in6={{0xa, 0x4e22, 0x9, @loopback, 0x5}}, [0x3ff, 0x1000, 0x4, 0x0, 0x7, 0x8, 0x3ff, 0x0, 0xffff, 0x6, 0x1, 0x764d, 0x1, 0x4]}, &(0x7f0000000900)=0x100) r6 = add_key(&(0x7f0000000600)='y\xf0ph\x00\x10\x03h]\xa7L\xf7\x94#\xb6\r\xa9{2\f\x12O\xa8\xfaKg\x1b(\xf4\xafs\xc7\xcd\x85\xf2\x9e\xea\xa1\xbe\"\xb1D\xee\x81lp\xbc\xd2\x85\xddD+He\x88\x12 .c\x1e\xcaZ\x80)-&\\uz\xd3\xb4\xa6@8\xb7', &(0x7f0000000700)={'syz', 0x1}, &(0x7f0000000a40)="6cd9779bb897265f0a63a4c0dba66e74a74e69473cf753eef9682812fa998727a1c90fc4428d62fa3b9029fb69e39e4c4e53db144a5e277bb74449f953953501ddff8a333bf2fdb9b9f020ca7c08d3f4fa86a1a8ef0f62aaf03658c20aad85af58458df4a553242c540b653158c1a2afcd371ff0a4edd1d39840b575aae9f438e20885ea5810648cb7064a59baa9b2f53ffc9335501a1971e9d10986bb777b61a1d53bb2253536ed93a752bbe9864a5f008bc43db930ca2944c0de503d2d614b385b66372686632c03269574bb956c0739787274d5d20f6b6f2a02c2e1b337e5f4f0b5460e0da5444216d61c27e429f3ed046d64f8baab3aa84ad9f7", 0xfc, r3) keyctl$chown(0x4, r6, r0, 0x0) getgroups(0x3, &(0x7f0000000140)=[0x0, 0x0, 0x0]) r7 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000400)='/dev/cachefiles\x00', 0x48000, 0x0) getsockopt$IPT_SO_GET_REVISION_MATCH(r7, 0x0, 0x42, &(0x7f0000000440)={'icmp\x00'}, &(0x7f0000000480)=0x1e) getgid() r8 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0) ioctl$RTC_IRQP_SET(r8, 0x4008700c, 0x0) ioctl$VIDIOC_SUBDEV_ENUM_MBUS_CODE(r8, 0xc0305602, &(0x7f0000000100)={0x0, 0x556, 0x3013}) connect$l2tp(r7, &(0x7f00000000c0)=@pppol2tpv3={0x18, 0x1, {0x0, r8, {0x2, 0x4e24, @rand_addr=0x3ff}, 0x2, 0x1, 0x3, 0x4}}, 0x2e) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r9 = request_key(&(0x7f00000002c0)='log/n\x00', &(0x7f0000000300)={'syz', 0x2}, &(0x7f0000000340)='icmp\x00', 0xfffffffffffffff9) r10 = add_key$keyring(&(0x7f0000000540)='keyring\x00', &(0x7f0000000680)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffa) r11 = add_key$keyring(&(0x7f0000000740)='\x00\x00\x04\x00', &(0x7f00000003c0)={'syz', 0x2}, 0x0, 0x0, r10) keyctl$negate(0xd, r9, 0x49b, r11) unshare(0x60020000) [ 312.264266][ T3774] bridge0: port 1(bridge_slave_0) entered disabled state [ 312.285032][ T3774] bridge0: port 2(bridge_slave_1) entered disabled state [ 312.342359][ T5] Bluetooth: hci0: command 0x1003 tx timeout [ 312.348620][T11926] Bluetooth: hci0: sending frame failed (-49) [ 312.416215][T11935] 8021q: adding VLAN 0 to HW filter on device bond0 [ 312.526598][T11968] IPVS: ftp: loaded support on port[0] = 21 [ 312.616700][ T3774] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 312.625486][ T3774] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 312.653455][T11935] 8021q: adding VLAN 0 to HW filter on device team0 [ 312.867990][ T30] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 312.877822][ T30] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 312.886829][ T30] bridge0: port 1(bridge_slave_0) entered blocking state [ 312.894034][ T30] bridge0: port 1(bridge_slave_0) entered forwarding state [ 313.084599][ T3774] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 313.094468][ T3774] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 313.103550][ T3774] bridge0: port 2(bridge_slave_1) entered blocking state [ 313.110719][ T3774] bridge0: port 2(bridge_slave_1) entered forwarding state [ 313.119192][ T3774] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 313.129239][ T3774] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 313.139264][ T3774] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 313.148972][ T3774] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 313.158488][ T3774] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 313.168293][ T3774] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 313.177837][ T3774] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 313.186970][ T3774] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 313.196042][ T3774] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 313.205259][ T3774] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 313.268179][ T30] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 313.410714][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 313.418444][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 313.448744][T11975] IPVS: ftp: loaded support on port[0] = 21 [ 313.495803][T11935] 8021q: adding VLAN 0 to HW filter on device batadv0 21:57:47 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000001c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0xa2762718ec785d0, 0x0, 0x0, 0x342) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000040)=0x96d1, 0x4) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) accept4(0xffffffffffffffff, &(0x7f0000000500)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, 0x0}], 0xaaaabd4, 0x0, 0x0, 0x152) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000400)={[0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x4ce]}) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = dup2(r3, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f00000000c0)=@sack_info={0x0, 0x7fffffff}, &(0x7f0000000100)=0xc) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$BLKFLSBUF(r6, 0x1261, &(0x7f0000000180)=0x20) ioctl$CAPI_CLR_FLAGS(r6, 0x80044325, &(0x7f0000000200)=0x1) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f0000000240)={0x0, @in6={{0xa, 0x0, 0x0, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0x80}}}, 0x0) sendmmsg$inet(0xffffffffffffffff, &(0x7f0000003140)=[{{0x0, 0x0, &(0x7f0000001b00)=[{&(0x7f0000000580)="9e1e88e43e4244e4e64f10ebec34f1b1ca8e9250b348d94969b0db7ac8cdd1d3fc1141b3cf2ba88ec3c63bb965efb97c5cc94930a6cca929c983ed39610ddab7310c85a821a10fef33074f6af0141464ea3e4a5b395ca5d87aceb31227b12009609098078229a4e4d8ee9eb35ed76d205d0d18b5567e7b9755b907c402652dbd11a9706598fc56cde4cadcbecb60363bba20cafd9675b0099d074b92e067800069924c527597654c5916237b10ab544948ed74c69b2bb4df1ab1243158a1cf8c215174cb0b7f3a97ab857447afc4e5f94e9952bd3a4214da5b3e9f8c3f949df0cf37757b9a44376618b1e3676e0a77045a8f9dc50561a41f64057544d7b6c1de973ee2b6d58fec2733ee3ab63dbc90006be6e5341f2a6b8aaef27a383a0626f2281210031e498d06152dbcf6d7e1a9e954a21ae92957e13c08fc41c50d844fee3f8ad2285cabd5db5f6c1d3845f33fa9ba2d4d28d92e2572c5363a1949782ded0b35105f002867b09bf5964b76f8695c3998828244711a30af8fa731e83795244fca855fa71147102df3ff93948269e815c82707572983291341a7a2ab4eac7f1dd0dbf5ea85977b9c7e5d593520a2452e04ddc18efbf70d584af148346908f8718eb7537763f8d2a68172c51c7a0e04255d4df6f1586a28fc7e821c7c29758d845563fd0c6a0d4b5a7cbd1610903149df33c1e24cf8651748c15eb3e2deb548145496d71a22d3d854b1faefe68039e678d1b517497da25a10070f0bf799525c378c1c5c69b37513be44245cb341ae25792c8fb0e45578f16aeb13070275c23d6b04712cd0e965cf251789e9a777b279e171e66ed9872d23b42d2c1ee7f2a7ddc842128b6a1d120cc1d521274e3b29f77c9d85c4a8d971d16177705f1947cc656d7b4c52adedffddf6ea480c20a2b3f2ee98fa2b2b503b11931a2c61a16e399af59a7148a86718b73062ab98b7c0b396bd672c1451905e12495091850a562902d5c60b5feb33e0cffbf6fe4f1fa289650589430ed1f3fa4d8bae45752b4a371fae95c2e5f247254ef3d83d4e7db3652fad4e52fa73bc74ab52a50e9d7d91919bdb2c863779b145bf2d6b3d6e5f3727fe36891b3202ce02ee8a79e35390b50c5b37ed9dc09684144edf854fbecfdc93a1f58a4a", 0x333}], 0x1}}], 0x1, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 313.749741][T11984] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. 21:57:48 executing program 1: r0 = creat(&(0x7f0000000080)='./file0\x00', 0x43e) write$binfmt_script(r0, &(0x7f0000001240)={'#! ', './file0', [{0x20, 'vboxnet11cgroup\\{&'}, {0x20, 'gcB\xc6+\xbf\xcc_\x81 \xd5\xb9\x93L9\x87\x84K\xb9!\x0eX czg\x14\xec*\xed\xa6u\xc4\x14*\xdb_\xe8\\\x96\n\xa6)\v\xf9 \xddb|\xe7\x14\x82\xc3\x90\xf9\r?i\x86Lpw\xba\xe1\v\x1a9G\x04\fpfP\xcf\xee<:C\x1e\\\x1f&\xaf\xea?\x91\a\xea\x8d\x05\x83aJ\xf0v\xc0q\x84\x93il\v\x03\b\xadT\a\x14\xd7\xd5u\x84\x82\xb2\xd4(\x1d\x04\xf2\v\xe9\x8a\xdfU\xd1\x1f\x9b\x1d2mRQ\xea\x90\xa0m#\xa4\x1dy\x9d\xe9\xfa\x06\xa27\x9d;\xe4\xb4\x86\xa7&\xa9c6\x1b\x8d\xa6$\x82\x1b\x9a\x82\xc0o/\x8c\x97\xb9BJh\x9f\xb2\"\x95j\xd7PN\x89\x7f\xc8AB\xc7}T\xbe\x8aO\x9d\x94\x8d\xf1\xe7\xe2\xad\xdd\xc2\xb7\xe8Ac*v\xf7\x16\x8fe\xef\x84\xf5k\xa9\xeb\xebt\xc3\xf1f\xca\x04*\xec\xfa\xe5b\xeb\xb4\x99\xefSv\x82\xe2\xe3\x02)sP%Z\xad\x83\xda\xbe2\xa9\xf2\x04\xda\nU\x84\xc2\xe3E\xc1\xd8L\xb1r\xb0\xdaH\xf2{\xf6~\x0f\xb9\xdd.\x06W\xd7\x1dG<\x1e\f2c\xf4\xa0d\x01\x88\xee\xcc\x18(\rap\x98?\xb1$\xe9\xe9+\xa6\xfb\xb1\xc61\xf1\xe7m\xfd\x05\xee\xa0L\xe4C\"\xba\xd5\x91]]\xb26\xbfA\x86\f\xda\fi\xc8\xefl&*\"_^5\xd1 H\x17\xf0\xcc\a\x10dxb\xc2\x13m[P\xac]\xc2\xc1\xa8\x1df_\xcax\xbd\xf4m\x1e\x18occU\xb5\\\xf5\x05\xec\xa3\x98\f1\x8b\x99\xf0P\x8e\x1b\xe3\x9e\xb9\x0f\xf9\xb0\xadd\x9d=d\x94\xec\xceQx\xdb\xf6zG!3\xd7\x05\xf0Xk\xb7vo?1H\x86\x192\xb2&\xa5\x9d\xd7\xbc\x85\a\xfer\x14\x0e\xd9=\x9f\xa1\xda@\xc7-\x93\xbc4\xc0\xfe\xf6\xf6\xc4\xc3ZT>R\x11\xba\xf9\x17\r\x98\a'}]}, 0x1f4) close(r0) execve(&(0x7f0000000000)='./file0\x00', &(0x7f00000003c0)=[&(0x7f0000001b00)='gcB\xc6+\xbf\xcc_\x81 \xd5\xb9\x93L9\x87\x84K\xb9!\x0eX czg\x14\xec*\xed\xa6u\xc4\x14*\xdb_\xe8\\\x96\n\xa6)\v\xf9 \xddb|\xe7\x14\x82\xc3\x90\xf9\r?i\x86Lpw\xba\xe1\v\x1a9G\x04\fpfP\xcf\xee<:C\x1e\\\x1f&\xaf\xea?\x91\a\xea\x8d\x05\x83aJ\xf0v\xc0q\x84\x93il\v\x03\b\xadT\a\x14\xd7\xd5u\x84\x82\xb2\xd4(\x1d\x04\xf2\v\xe9\x8a\xdfU\xd1\x1f\x9b\x1d2mRQ\xea\x90\xa0m#\xa4\x1dy\x9d\xe9\xfa\x06\xa27\x9d;\xe4\xb4\x86\xa7&\xa9c6\x1b\x8d\xa6$\x82\x1b\x9a\x82\xc0o/\x8c\x97\xb9BJh\x9f\xb2\"\x95j\xd7PN\x89\x7f\xc8AB\xc7}T\xbe\x8aO\x9d\x94\x8d\xf1\xe7\xe2\xad\xdd\xc2\xb7\xe8Ac*v\xf7\x16\x8fe\xef\x84\xf5k\xa9\xeb\xebt\xc3\xf1f\xca\x04*\xec\xfa\xe5b\xeb\xb4\x99\xefSv\x82\xe2\xe3\x02)sP%Z\xad\x83\xda\xbe2\xa9\xf2\xdaH\xf2{\xf6~\x0f\xb9\xdd.\x06W\xd7\x1dG<\x1e\f2c\xf4\xa0d\x01\x88\xee\xcc\x18(\rap\x98?\xb1$\xe9\xe9+\xa6\xfb\xb1\xc61\xf1\xe7m\xfd\x05\xee\xa0L\xe4C\"\xba\xd5\x91]]\xb26\xbfA\x86\f\xda\fi\xc8\xefl&*\"_^5\xd1 H\x17\xf0\xcc\a\x10dxb\xc2\x13m[P\xac]\xc2\xc1\xa8\x1df_\xcax\xbd\xf4m\x1e\x18occU\xb5\\\xf5\x05\xec\xa3\x98\f1\x89\x99\xf0P\x8e\x1b\xe3\x9e\xb9\x0f\xf9\xb0\xadd\x9d=d\x94\xec\xceQx\xdb\xf6zG!3\xd7\x05\xf0Xk\xb7vo?1H\x86\x192\xb2&\xa5\x9d\xd7\xbc\x85\a\xfer\x14\x0e\xd9=\x9f\xa1\xda@\xc7-\x93\xbc4\xc0\xfe\xf6\xf6\xc4\xc3ZT>R\x11\xba\xf9\x17\r\x98\a\x06\xe8\x80\xef\xdf\x87\x1f\xfd\xb8\x99\x9c\x19\xb4\xac', &(0x7f0000001d00)='gcB\xc6+\xbf\xcc_\x81 \xd5\xb9\x93L9\x87\x84K\xb9!\x0eX czg\x14\xec*\xed\xa6u\xc4\x14*\xdb_\xe8\\\x96\n\xa6)\v\xf9 \xddb|\xe7\x14\x82\xc3\x90\xf9\r?i\x86Lpw\xba\xe1\v\x1a9G\x04\fpfP\xcf\xee<:C\x1e\\\x1f&\xaf\xea?\x91\a\xea\x8d\x05\x83aJ\xf0v\xc0q\x84\x93il\v\x03\b\xadT\a\x14\xd7\xd5u\x84\x82\xb2\xd4(\x1d\x04\xf2\v\xe9\x8a\xdfU\xd1\x1f\x9b\x1d2mRQ\xea\x90\xa0m#\xa4\x1dy\x9d\xe9\xfa\x06\xa27\x9d;\xe4\xb4\x86\xa7&\xa9c6\x1b\x8d\xa6$\x82\x1b\x9a\x82\xc0o/\x8c\x97\xb9BJh\x9f\xb2\"\x95j\xd7PN\x89\x7f\xc8AB\xc7}T\xbe\x8aO\x9d\x94\x8d\xf1\xe7\xe2\xad\xdd\xc2\xb7\xe8Ac*v\xf7\x16\x8fe\xef\x84\xf5k\xa9\xeb\xebt\xc3\xf1f\xca\x04*\xec\xfa\xe5b\xeb\xb4\x99\xefSv\x82\xe2\xe3\x02)sP%Z\xad\x83\xda\xbe2\xa9\xf2\xdaH\xf2{\xf6~\x0f\xb9\xdd.\x06W\xd7\x1dG<\x1e\f2c\xf4\xa0d\x01\x88\xee\xcc\x18(\rap\x98?\xb1$\xe9\xe9+\xa6\xfb\xb1\xc61\xf1\xe7m\xfd\x05\xee\xa0L\xe4C\"\xba\xd5\x91]]\xb26\xbfA\x86\f\xda\fi\xc8\xefl&*\"_^5\xd1 H\x17\xf0\xcc\a\x10dxb\xc2\x13m[P\xac]\xc2\xc1\xa8\x1df_\xcax\xbd\xf4m\x1e\x18occU\xb5\\\xf5\x05\xec\xa3\x98\f1\x89\x99\xf0P\x8e\x1b\xe3\x9e\xb9\x0f\xf9\xb0\xadd\x9d=d\x94\xec\xceQx\xdb\xf6zG!3\xd7\x05\xf0Xk\xb7vo?1H\x86\x192\xb2&\xa5\x9d\xd7\xbc\x85\a\xfer\x14\x0e\xd9=\x9f\xa1\xda@\xc7-\x93\xbc4\xc0\xfe\xf6\xf6\xc4\xc3ZT>R\x11\xba\xf9\x17\r\x98\a\x06\xe8\x80\xef\xdf\x87\x1f\xfd\xb8\x99\x9c\x19\xb4\xac'], &(0x7f0000001ac0)=[&(0x7f0000002100)='gcB\xc6+\xbf\xcc_\x81 \xd5\xb9\x93L9\x87\x84K\xb9!\x0eX czg\x14\xec*\xed\xa6u\xc4\x14*\xdb_\xe8\\\x96\n\xa6)\v\xf9 \xddb|\xe7\x14\x82\xc3\x90\xf9\r?i\x86Lpw\xba\xe1\v\x1a9G\x04\fpfP\xcf\xee<:C\x1e\\\x1f&\xaf\xea?\x91\a\xea\x8d\x05\x83aJ\xf0v\xc0q\x84\x93il\v\x03\b\xadT\a\x14\xd7\xd5u\x84\x82\xb2\xd4(\x1d\x04\xf2\v\xe9\x8a\xdfU\xd1\x1f\x9b\x1d2mRQ\xea\x90\xa0m#\xa4\x1dy\x9d\xe9\xfa\x06\xa27\x9d;\xe4\xb4\x86\xa7&\xa9c6\x1b\x8d\xa6$\x82\x1b\x9a\x82\xc0o/\x8c\x97\xb9BJh\x9f\xb2\"\x95j\xd7PN\x89\x7f\xc8AB\xc7}T\xbe\x8aO\x9d\x94\x8d\xf1\xe7\xe2\xad\xdd\xc2\xb7\xe8Ac*v\xf7\x16\x8fe\xef\x84\xf5k\xa9\xeb\xebt\xc3\xf1f\xca\x04*\xec\xfa\xe5b\xeb\xb4\x99\xefSv\x82\xe2\xe3\x02)sP%Z\xad\x83\xda\xbe2\xa9\xf2\xdaH\xf2{\xf6~\x0f\xb9\xdd.\x06W\xd7\x1dG<\x1e\f2c\xf4\xa0d\x01\x88\xee\xcc\x18(\rap\x98?\xb1$\xe9\xe9+\xa6\xfb\xb1\xc61\xf1\xe7m\xfd\x05\xee\xa0L\xe4C\"\xba\xd5\x91]]\xb26\xbfA\x86\f\xda\fi\xc8\xefl&*\"_^5\xd1 H\x17\xf0\xcc\a\x10dxb\xc2\x13m[P\xac]\xc2\xc1\xa8\x1df_\xcax\xbd\xf4m\x1e\x18occU\xb5\\\xf5\x05\xec\xa3\x98\f1\x89\x99\xf0P\x8e\x1b\xe3\x9e\xb9\x0f\xf9\xb0\xadd\x9d=d\x94\xec\xceQx\xdb\xf6zG!3\xd7\x05\xf0Xk\xb7vo?1H\x86\x192\xb2&\xa5\x9d\xd7\xbc\x85\a\xfer\x14\x0e\xd9=\x9f\xa1\xda@\xc7-\x93\xbc4\xc0\xfe\xf6\xf6\xc4\xc3ZT>R\x11\xba\xf9\x17\r\x98\a\x06\xe8\x80\xef\xdf\x87\x1f\xfd\xb8\x99\x9c\x19\xb4\xac', &(0x7f0000000840)='gcB\xc6+\xbf\xcc_\x81 \xd5\xb9\x93L9\x87\x84K\xb9!\x0eX czg\x14\xec*\xed\xa6u\xc4\x14*\xdb_\xe8\\\x96\n\xa6)\v\xf9 \xddb|\xe7\x14\x82\xc3\x90\xf9\r?i\x86Lpw\xba\xe1\v\x1a9G\x04\fpfP\xcf\xee<:C\x1e\\\x1f&\xaf\xea?\x91\a\xea\x8d\x05\x83aJ\xf0v\xc0q\x84\x93il\v\x03\b\xadT\a\x14\xd7\xd5u\x84\x82\xb2\xd4(\x1d\x04\xf2\v\xe9\x8a\xdfU\xd1\x1f\x9b\x1d2mRQ\xea\x90\xa0m#\xa4\x1dy\x9d\xe9\xfa\x06\xa27\x9d;\xe4\xb4\x86\xa7&\xa9c6\x1b\x8d\xa6$\x82\x1b\x9a\x82\xc0o/\x8c\x97\xb9BJh\x9f\xb2\"\x95j\xd7PN\x89\x7f\xc8AB\xc7}T\xbe\x8aO\x9d\x94\x8d\xf1\xe7\xe2\xad\xdd\xc2\xb7\xe8Ac*v\xf7\x16\x8fe\xef\x84\xf5k\xa9\xeb\xebt\xc3\xf1f\xca\x04*\xec\xfa\xe5b\xeb\xb4\x99\xefSv\x82\xe2\xe3\x02)sP%Z\xad\x83\xda\xbe2\xa9\xf2\x04\xda\nU\x84\xc2\xe3E\xc1\xd8L\xb1r\xb0\xdaH\xf2{\xf6~\x0f\xb9\xdd.\x06W\xd7\x1dG<\x1e\f2c\xf4\xa0d\x01\x88\xee\xcc\x18(\rap\x98?\xb1$\xe9\xe9+\xa6\xfb\xb1\xc61\xf1\xe7m\xfd\x05\xee\xa0L\xe4C\"\xba\xd5\x91]]\xb26\xbfA\x86\f\xda\fi\xc8\xefl&*\"_^5\xd1 H\x17\xf0\xcc\a\x10dxb\xc2\x13m[P\xac]\xc2\xc1\xa8\x1df_\xcax\xbd\xf4m\x1e\x18occU\xb5\\\xf5\x05\xec\xa3\x98\f1\x8b\x99\xf0P\x8e\x1b\xe3\x9e\xb9\x0f\xf9\xb0\xadd\x9d=d\x94\xec\xceQx\xdb\xf6zG!3\xd7\x05\xf0Xk\xb7vo?1H\x86\x192\xb2&\xa5\x9d\xd7\xbc\x85\a\xfer\x14\x0e\xd9=\x9f\xa1\xda@\xc7-\x93\xbc4\xc0\xfe\xf6\xf6\xc4\xc3ZT>R\x11\xba\xf9\x17\r\x98\a', &(0x7f0000001040)='gcB\xc6+\xbf\xcc_\x81 \xd5\xb9\x93L9\x87\x84K\xb9!\x0eX czg\x14\xec*\xed\xa6u\xc4\x14*\xdb_\xe8\\\x96\n\xa6)\v\xf9 \xddb|\xe7\x14\x82\xc3\x90\xf9\r?i\x86Lpw\xba\xe1\v\x1a9G\x04\fpfP\xcf\xee<:C\x1e\\\x1f&\xaf\xea?\x91\a\xea\x8d\x05\x83aJ\xf0v\xc0q\x84\x93il\v\x03\b\xadT\a\x14\xd7\xd5u\x84\x82\xb2\xd4(\x1d\x04\xf2\v\xe9\x8a\xdfE\xd1\x1f\x9b\x1d2mRQ\xea\x90\xa0m#\xa4\x1dy\x9d\xe9\xfa\x06\xa27\x9d;\xe4\xb4\x86\xa7&\xa9c6\x1b\x8d\xa6$\x82\x1b\x9a\x82\xc0o/\x8c\x97\xb9BJh\x9f\xb2\"\x95j\xd7PN\x89\x7f\xc8AB\xc7}T\xbe\x8aO\x9d\x94\x8d\xf1\xe7\xe2\xad\xdd\xc2\xb7\xe8Ac*v\xf7\x16\x8fe\xef\x84\xf5k\xa9\xeb\xebt\xc3\xf1f\xca\x04*\xec\xfa\xe5b\xeb\xb4\x99\xefSv\x82\xe2\xe3\x02)sP%Z\xad\x83\xda\xbe2\xa9\xf2\xdaH\xf2{\xf6~\x0f\xb9\xdd.\x06W\xd7\x1dG<\x1e\f2c\xf4\xa0d\x01\x88\xee\xcc\x18(\rap\x98?\xb1$\xe9\xe9+\xa6\xfb\xb1\xc61\xf1\xe7m\xfd\x05\xee\xa0L\xe4C\"\xba\xd5\x91]]\xb26\xbfA\x86\f\xda\fi\xc8\xefl&*\"_^5\xd1 H\x17\xf0\xcc\a\x10dxb\xc2\x13m[P\xac]\xc2\xc1\xa8\x1df_\xcax\xbd\xf4m\x1e\x18occU\xb5\\\xf5\x05\xec\xa3\x98\f1\x89\x99\xf0P\x8e\x1b\xe3\x9e\xb9\x0f\xf9\xb0\xadd\x9d=d\x94\xec\xceQx\xdb\xf6zG!3\xd7\x05\xf0Xk\xb7vo?1H\x86\x192\xb2&\xa5\x9d\xd7\xbc\x85\a\xfer\x14\x0e\xd9=\x9f\xa1\xda@\xc7-\x93\xbc4\xc0\xfe\xf6\xf6\xc4\xc3ZT>R\x11\xba\xf9\x17\r\x98\x06\x06\xe8\x80\xef\xdf\x87\x1f\xfd\xb8\x99\x9c\x19\xb4\xac', &(0x7f0000000a40)='gcB\xc6+\xbf\xcc_\x81 \xd5\xb9\x93L9\x87\x84K\xb9!\x0eX czg\x14\xec*\xed\xa6u\xc4\x14*\xdb_\xe8\\\x96\n\xa6)\v\xf9 \xddb|\xe7\x14\x82\xc3\x90\xf9\r?i\x86Lpw\xba\xe1\v\x1a9G\x04\fpfP\xcf\xee<:C\x1e\\\x1f&\xaf\xea?\x91\a\xea\x8d\x05\x83aJ\xf0v\xc0q\x84\x93il\v\x03\b\xadT\a\x14\xd7\xd5u\x84\x82\xb2\xd4(\x1d\x04\xf2\v\xe9\x8a\xdfU\xd1\x1f\x9b\x1d2mRQ\xea\x90\xa0m#\xa4\x1dy\x9d\xe9\xfa\x06\xa27\x9d;\xe4\xb4\x86\xa7&\xa9c6\x1b\x8d\xa6$\x82\x1b\x9a\x82\xc0o/\x8c\x97\xb9BJh\x9f\xb2\"\x95j\xd7PN\x89\x7f\xc8AB\xc7}T\xbe\x8aO\x9d\x94\x8d\xf1\xe7\xe2\xad\xdd\xc2\xb7\xe8Ac*v\xf7\x16\x8fe\xef\x84\xf5k\xa9\xeb\xebt\xc3\xf1f\xca\x04*\xec\xfa\xe5b\xeb\xb4\x99\xefSv\x82\xe2\xe3\x02)sP%Z\xad\x83\xda\xbe2\xa9\xf2\x04\xda\nU\x84\xc2\xe3E\xc1\xd8L\xb1r\xb0\xdaH\xf2{\xf6~\x0f\xb9\xdd.\x06W\xd7\x1dG<\x1e\f2c\xf4\xa0d\x01\x88\xee\xcc\x18(\rap\x98?\xb1$\xe9\xe9+\xa6\xfb\xb1\xc61\xf1\xe7m\xfd\x05\xee\xa0L\xe4C\"\xba\xd5\x91]]\xb26\xbfA\x86\f\xda\fi\xc8\xefl&*\"_^5\xd1 H\x17\xf0\xcc\a\x10dxb\xc2\x13m[P\xac]\xc2\xc1\xa8\x1df_\xcax\xbd\xf4m\x1e\x18occU\xb5\\\xf5\x05\xec\xa3\x98\f1\x8b\x99\xf0P\x8e\x1b\xe3\x9e\xb9\x0f\xf9\xb0\xadd\x9d=d\x94\xec\xceQx\xdb\xf6zG!3\xd7\x05\xf0Xk\xb7vo?1H\x86\x192\xb2&\xa5\x9d\xd7\xbc\x85\a\xfer\x14\x0e\xd9=\x9f\xa1\xda@\xc7-\x93\xbc4\xc0\xfe\xf6\xf6\xc4\xc3ZT>R\x11\xba\xf9\x17\r\x98\a', &(0x7f0000000180)='gcB\xc6+\xbf\xcc_\x81 \xd5\xb9\x93L9\x87\x84K\xb9!\x0eX czg\x14\xec*\xed\xa6u\xc4\x14*\xdb_\xe8\\\x96\n\xa6)\v\xf9 \xddb|\xe7\x14\x82\xc3\x90\xf9\r?i\x86Lpw\xba\xe1\v\x1a9G\x04\fpfP\xcf\xee<:C\x1e\\\x1f&\xaf\xea?\x91\a\xea\x8d\x05\x83aJ\xf0v\xc0q\x84\x93il\v\x03\b\xadT\a\x14\xd7\xd5u\x84\x82\xb2\xd4(\x1d\x04\xf2\v\xe9\x8a\xdfU\xd1\x1f\x9b\x1d2mRQ\xea\x90\xa0m#\xa4\x1dy\x9d\xe9\xfa\x06\xa27\x9d;\xe4\xb4\x86\xa7&\xa9c6\x1b\x8d\xa6$\x82\x1b\x9a\x82\xc0o/\x8c\x97\xb9BJh\x9f\xb2\"\x95j\xd7PN\x89\x7f\xc8AB\xc7}T\xbe\x8aO\x9d\x94\x8d\xf1\xe7\xe2\xad\xdd\xc2\xb7\xe8Ac*v\xf7\x16\x8fe\xef\x84\xf5k\xa9\xeb\xebt\xc3\xf1f\xca\x04*\xec\xfa\xe5b\xeb\xb4\x99\xefSv\x82\xe2\xe3\x02)sP%Z\xad\x83\xda\xbe2\xa9\xf2\xdaH\xf2{\xf6~\x0f\xb9\xdd.\x06W\xd7\x1dG<\x1e\f2c\xf4\xa0d\x01\x88\xee\xcc\x18(\rap\x98?\xb1$\xe9\xe9+\xa6\xfb\xb1\xc61\xf1\xe7m\xfd\x05\xee\xa0L\xe4C\"\xba\xd5\x91]]\xb26\xbfA\x86\f\xda\fi\xc8\xefl&*\"_^5\xd1 H\x17\xf0\xcc\a\x10dxb\xc2\x13m[P\xac]\xc2\xc1\xa8\x1df_\xcax\xbd\xf4m\x1e\x18occU\xb5\\\xf5\x05\xec\xa3\x98\f1\x89\x99\xf0P\x8e\x1b\xe3\x9e\xb9\x0f\xf9\xb0\xadd\x9d=d\x94\xec\xceQx\xdb\xf6zG!3\xd7\x05\xf0Xk\xb7vo?1H\x86\x192\xb2&\xa5\x9d\xd7\xbc\x85\a\xfer\x14\x0e\xd9=\x9f\xa1\xda@\xc7-\x93\xbc4\xc0\xfe\xf6\xf6\xc4\xc3ZT>R\x11\xba\xf9\x17\r\x98\a\x06\xe8\x80\xef\xdf\x87\x1f\xfd\xb8\x99\x9c\x19\xb4\xac', &(0x7f0000000440)='gcB\xc6+\xbf\xcc_\x81 \xd5\xb9\x93L9\x87\x84K\xb9!\x0eX czg\x14\xec*\xed\xa6u\xc4\x14*\xdb_\xe8\\\x96\n\xa6)\v\xf9 \xddb|\xe7\x14\x82\xc3\x90\xf9\r?i\x86Lpw\xba\xe1\v\x1a9G\x04\fpfP\xcf\xee<:C\x1e\\\x1f&\xaf\xea?\x91\a\xea\x8d\x05\x83aJ\xf0v\xc0q\x84\x93il\v\x03\b\xadT\a\x14\xd7\xd5u\x84\x82\xb2\xd4(\x1d\x04\xf2\v\xe9\x8a\xdfU\xd1\x1f\x9b\x1d2mRQ\xea\x90\xa0m#\xa4\x1dy\x9d\xe9\xfa\x06\xa27\x9d;\xe4\xb4\x86\xa7&\xa9c6\x1b\x8d\xa6$\x82\x1b\x9a\x82\xc0o/\x8c\x97\xb9BJh\x9f\xb2\"\x95j\xd7PN\x89\x7f\xc8AB\xc7}T\xbe\x8aO\x9d\x94\x8d\xf1\xe7\xe2\xad\xdd\xc2\xb7\xe8Ac\xe6,\xf9\xec\x84R\xc2\x02\xf5k\xa9\xeb\xebt\xc3\xf1f\xca\x04*\xec\xfa\xe5b\xeb\xb4\x99\xefSv\x82\xe2\xe3\x02)sP%Z\xad\x83\xda\xf2{\xf6~\x0f\xb9\xdd.\x06W\xd7\x1dG<\x1e\f2c\xf4\xa0d\x01\x88\xee\xcc\x18(\rap\x98?\xb1$\xe9\xe9+\xa6\xfb\xb1\xc61\xf1\xe7m\xfd\x05\xee\xa0L\xe4C\"\xba\xd5\x91]]\xb26\xbfA\x86\f\xda\fi\xc8\xefl&*\"_^5\xd1 H\x17\xf0\xcc\a\x10dxb\xc2\x13m[P\xac]\xc2\xc1\xa8\x1df_\xcax\xbd\xf4m\x1e\x18occU\xb5\\\xf5\x05\xec\xa3\x98\f1\x89\x99\xf0P\x8e\x1b\xe3\x9e\xb9\x0f\xf9\xb0\xadd\x9d=f\xf3\xca\'\xa8\x1b\xae\xff\xbe\xf9\xe7\xed34\x1c\xd1\x94\xec\xceQx\xdb\xf6zG!3\xd7\x05\xf0Xk\xb7vo?1H\x86\x192\xb2&\xa5\x9d\xd7\xbc\x85\a\xfer\x14\x0e\xd9=\x9f\xa1\xda@\xc7-\x93\xbc4\xc0\xfe\xf6\xf6\xc4\xc3ZT>R\x11\xba\xf9\x17\r\x98\a\x06\xe8\x80\xef\xdf\x87\x1f\xfd\xb8\x99\x9c\x19\xb4\xac', &(0x7f0000000640)='gcB\xc6+\xbf\xcc_\x81 \xd5\xb9\x93L9\x87\x84K\xb9!\x0eX czg\x14\xec*\xed\xa6u\xc4\x14*\xdb_\xe8\\\x96\n\xa6)\v\xf9 \xddb|\xe7\x14\x82\xc3\x90\xf9\r?i\x86Lpw\xba\xe1\v\x1a9G\x04\fpfP\xcf\xee<:C\x1e\\\x1f&\xaf\xea?\x91\a\xea\x8d\x05\x83aJ\xf0v\xc0q\x84\x93il\v\x03\b\xadT\a\x14\xd7\xd5u\x84\x82\xb2\xd4(\x1d\x04\xf2\v\xe9\x8a\xdfU\xd1\x1f\x9b\x1d2mRQ\xea\x90\xa0m#\xa4\x1dy\x9d\xe9\xfa\x06\xa27\x9d;\xe4\xb4\x86\xa7&\xa9c6\x1b\x8d\xa6$\x82\x1b\x9a\x82\xc0o/\x8c\x97\xb9BJh\x9f\xb2\"\x95j\xd7PN\x89\x7f\xc8AB\xc7}T\xbe\x8aO\x9d\x94\x8d\xf1\xe7\xe2\xad\xdd\xc2\xb7\xe8Ac*v\xf7\x16\x8fe\xef\x84\xf5k\xa9\xeb\xebt\xc3\xf1f\xca\x04*\xec\xfa\xe5b\xeb\xb4\x99\xefSv\x82\xe2\xe3\x02)sP%Z\xad\x83\xda\xbe2\xa9\xf2\xdaH\xf2{\xf6~\x0f\xb9\xdd.\x06W\xd7\x1dG<\x1e\f2c\xf4\xa0d\x01\x88\xee\xcc\x18(\rap\x98?\xb1$\xe9\xe9+\xa6\xfb\xb1\xc61\xf1\xe7m\xfd\x05\xee\xa0L\xe4C\"\xba\xd5\x91]]\xb26\xbfA\x86\f\xda\fi\xc8\xefl&*\"_^5\xd1 H\x17\xf0\xcc\a\x10dxb\xc2\x13m[P\xac]\xc2\xc1\xa8\x1df_\xcax\xbd\xf4m\x1e\x18occU\xb5\\\xf5\x05\xec\xa3\x98\f1\x89\x99\xf0P\x8e\x1b\xe3\x9e\xb9\x0f\xf9\xb0\xadd\x9d=d\x94\xec\xceQx\xdb\xf6zG!3\xd7\x05\xf0Xk\xb7vo?1H\x86\x192\xb2&\xa5\x9d\xd7\xbc\x85\a\xfer\x14\x0e\xd9=\x9f\xa1\xda@\xc7-\x93\xbc4\xc0\xfe\xf6\xf6\xc4\xc3ZT>R\x11\xba\xf9\x17\r\x98\a\x06\xe8\x80\xef\xdf\x87\x1f\xfd\xb8\x99\x9c\x19\xb4\xac']) r1 = socket(0x10, 0x800000000080002, 0x10) sendmmsg$alg(r1, &(0x7f0000000140), 0x4924924924925b9, 0x0) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r2, 0x84, 0x6b, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @loopback={0x10000120, 0x3cec11fffe4fef91}}], 0x1c) shutdown(r2, 0x2) r3 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r2, 0x84, 0x76, &(0x7f0000000080)={r4}, &(0x7f00000000c0)=0x8) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r1, 0x84, 0xf, &(0x7f00000000c0)={r4, @in6={{0xa, 0x4e24, 0x95, @empty, 0x1}}, 0x1, 0x5, 0x3b, 0xbf, 0x8}, &(0x7f0000000040)=0x98) 21:57:48 executing program 2: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/loop-control\x00', 0x0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_ADD(r2, 0x4c80, r3) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r4 = syz_open_dev$vbi(&(0x7f00000000c0)='/dev/vbi#\x00', 0x1, 0x2) r5 = syz_genetlink_get_family_id$tipc(&(0x7f0000000140)='TIPC\x00') sendmsg$TIPC_CMD_ENABLE_BEARER(r4, &(0x7f0000000000)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x180}, 0xc, &(0x7f00000001c0)={&(0x7f0000000040)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="10001ad29a61e0e34e9e28bd7000fddbdf25010000000000000001410000001800170000000e0000797a3100"/54], 0x34}, 0x1, 0x0, 0x0, 0x4000814}, 0x70) r6 = socket(0x10, 0x800000000080002, 0x10) sendmmsg$alg(r6, &(0x7f0000000140), 0x4924924924925b9, 0x0) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$fou(&(0x7f00000000c0)='fou\x00') sendmsg$FOU_CMD_GET(r7, &(0x7f0000004c80)={0x0, 0x0, &(0x7f0000004c40)={&(0x7f0000004c00)={0x24, r8, 0x1, 0x0, 0x0, {}, [@FOU_ATTR_IFINDEX={0x8}, @FOU_ATTR_AF={0x8, 0x2, 0xa}]}, 0x24}}, 0x0) r9 = socket(0x10, 0x800000000080002, 0x10) sendmmsg$alg(r9, &(0x7f0000000140), 0x4924924924925b9, 0x0) getpeername$packet(r9, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000300)=0x14) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f00000004c0)={&(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000240)=[0x0, 0x0, 0x0], &(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0], 0x7, 0x3, 0x5, 0x4}) sendmsg$FOU_CMD_DEL(r6, &(0x7f0000000440)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000400)={&(0x7f0000000340)={0x58, r8, 0x100, 0x70bd2b, 0x25dfdbff, {}, [@FOU_ATTR_AF={0x8, 0x2, 0x2}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4}, @FOU_ATTR_IPPROTO={0x8, 0x3, 0x32}, @FOU_ATTR_IFINDEX={0x8, 0xb, r10}, @FOU_ATTR_AF={0x8, 0x2, 0x2}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4}, @FOU_ATTR_PEER_V6={0x14, 0x9, @local}, @FOU_ATTR_PORT={0x8, 0x1, 0x4e22}]}, 0x58}, 0x1, 0x0, 0x0, 0x8}, 0x4c050) syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0) [ 314.422280][ T5] Bluetooth: hci0: command 0x1001 tx timeout [ 314.428534][T11926] Bluetooth: hci0: sending frame failed (-49) 21:57:49 executing program 2: socket$key(0xf, 0x3, 0x2) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_AF_SPEC={0x8, 0x1a, [{0x4, 0x2}]}, @IFLA_GROUP={0x8}]}, 0x30}, 0x1, 0x400000000000000}, 0x0) r1 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-monitor\x00', 0x38785bd1b2bfbdbe, 0x0) r2 = socket$netlink(0x10, 0x3, 0x14) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000280)='IPVS\x00') sendmsg$IPVS_CMD_DEL_SERVICE(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000002c0)={0x14, r3, 0x1}, 0x14}}, 0x0) sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x24, r3, 0x400, 0x70bd28, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x6}]}, 0x24}, 0x1, 0x0, 0x0, 0x8080}, 0x0) statfs(0x0, 0x0) setsockopt$RDS_GET_MR_FOR_DEST(0xffffffffffffffff, 0x114, 0x7, 0x0, 0x0) r4 = socket(0x10, 0x800000000080002, 0x10) sendmmsg$alg(r4, &(0x7f0000000140), 0x4924924924925b9, 0x0) setsockopt$inet6_dccp_buf(r4, 0x21, 0xf, &(0x7f0000000000)="b0b95cb652c1fc0d4dd8bc45bb8b2812202ab3f5716d6f991d65d66f2815d78e0e73", 0x22) setxattr$security_smack_transmute(0x0, 0x0, 0x0, 0x0, 0x2) [ 315.253305][T12003] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 315.339188][T12003] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 315.350822][T12003] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 315.773143][T12003] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 315.847510][T12003] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 315.858553][T12003] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready 21:57:50 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ifreq(r0, 0x8922, &(0x7f0000000040)={'bridge_slave_0\x00', @ifru_flags=0x4000}) r1 = socket(0x10, 0x800000000080002, 0x10) sendmmsg$alg(r1, &(0x7f0000000140), 0x4924924924925b9, 0x0) setsockopt$inet_tcp_buf(r1, 0x6, 0xd6d5e3560e8828e4, &(0x7f0000000000)="3c2845a23ba88c3e", 0x8) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ifreq(r4, 0x8922, &(0x7f0000000040)={'bridge_slave_0\x00?', @ifru_map={0xc7}}) [ 316.686461][ T12] Bluetooth: hci0: command 0x1009 tx timeout [ 320.429688][T11919] ===================================================== [ 320.436761][T11919] BUG: KMSAN: use-after-free in kfree_skb+0x23c/0x4c0 [ 320.443546][T11919] CPU: 1 PID: 11919 Comm: syz-executor.0 Not tainted 5.4.0-rc8-syzkaller #0 [ 320.452222][T11919] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 320.462287][T11919] Call Trace: [ 320.465637][T11919] dump_stack+0x1c9/0x220 [ 320.470097][T11919] kmsan_report+0x128/0x220 [ 320.474661][T11919] __msan_warning+0x64/0xc0 [ 320.479181][T11919] kfree_skb+0x23c/0x4c0 [ 320.483433][T11919] ? kmsan_get_shadow_origin_ptr+0x91/0x4d0 [ 320.489440][T11919] bcsp_close+0x127/0x1e0 [ 320.493781][T11919] ? bcsp_open+0x5d0/0x5d0 [ 320.498209][T11919] hci_uart_tty_close+0x385/0x410 [ 320.503244][T11919] ? hci_uart_tty_open+0x5a0/0x5a0 [ 320.508438][T11919] tty_ldisc_release+0x5dd/0xd50 [ 320.513396][T11919] tty_release_struct+0x4f/0x1d0 [ 320.518362][T11919] ? tty_unlock+0x82/0x100 [ 320.522805][T11919] tty_release+0x1be2/0x1e80 [ 320.527427][T11919] ? tty_release_struct+0x1d0/0x1d0 [ 320.532701][T11919] __fput+0x4c9/0xba0 [ 320.536710][T11919] ____fput+0x37/0x40 [ 320.540709][T11919] ? fput_many+0x2a0/0x2a0 [ 320.545201][T11919] task_work_run+0x22e/0x2a0 [ 320.549839][T11919] prepare_exit_to_usermode+0x39d/0x4d0 [ 320.555400][T11919] syscall_return_slowpath+0x90/0x610 [ 320.560799][T11919] do_syscall_64+0xdc/0x160 [ 320.565314][T11919] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 320.571209][T11919] RIP: 0033:0x4141d1 [ 320.575110][T11919] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 1b 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 320.594726][T11919] RSP: 002b:0000000000a6fbf0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 320.603149][T11919] RAX: 0000000000000000 RBX: 0000000000000008 RCX: 00000000004141d1 [ 320.611131][T11919] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 320.619115][T11919] RBP: 0000000000000001 R08: 00000000d11d969f R09: ffffffffffffffff [ 320.627100][T11919] R10: 0000000000a6fcd0 R11: 0000000000000293 R12: 000000000075c9a0 [ 320.635084][T11919] R13: 000000000075c9a0 R14: 00000000007604e0 R15: 000000000075bfd4 [ 320.643076][T11919] [ 320.645411][T11919] Uninit was created at: [ 320.649666][T11919] kmsan_internal_poison_shadow+0x60/0x120 [ 320.655484][T11919] kmsan_slab_free+0x7a/0xe0 [ 320.660101][T11919] kmem_cache_free+0x5ce/0x2c00 [ 320.664962][T11919] kfree_skb+0x473/0x4c0 [ 320.669216][T11919] kfree_skb_list+0x9d/0xe0 [ 320.673749][T11919] __dev_queue_xmit+0x396f/0x4200 [ 320.678775][T11919] dev_queue_xmit+0x4b/0x60 [ 320.683313][T11919] tx+0xe2/0x2f0 [ 320.686861][T11919] kthread+0x1f6/0x470 [ 320.690976][T11919] kthread+0x4b5/0x4f0 [ 320.695049][T11919] ret_from_fork+0x35/0x40 [ 320.699458][T11919] ===================================================== [ 320.706391][T11919] Disabling lock debugging due to kernel taint [ 320.712548][T11919] Kernel panic - not syncing: panic_on_warn set ... [ 320.719141][T11919] CPU: 1 PID: 11919 Comm: syz-executor.0 Tainted: G B 5.4.0-rc8-syzkaller #0 [ 320.729285][T11919] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 320.739347][T11919] Call Trace: [ 320.742657][T11919] dump_stack+0x1c9/0x220 [ 320.747072][T11919] panic+0x3c9/0xc1e [ 320.751008][T11919] kmsan_report+0x215/0x220 [ 320.755535][T11919] __msan_warning+0x64/0xc0 [ 320.760046][T11919] kfree_skb+0x23c/0x4c0 [ 320.764296][T11919] ? kmsan_get_shadow_origin_ptr+0x91/0x4d0 [ 320.770209][T11919] bcsp_close+0x127/0x1e0 [ 320.774557][T11919] ? bcsp_open+0x5d0/0x5d0 [ 320.779003][T11919] hci_uart_tty_close+0x385/0x410 [ 320.784045][T11919] ? hci_uart_tty_open+0x5a0/0x5a0 [ 320.789166][T11919] tty_ldisc_release+0x5dd/0xd50 [ 320.794133][T11919] tty_release_struct+0x4f/0x1d0 [ 320.799075][T11919] ? tty_unlock+0x82/0x100 [ 320.803500][T11919] tty_release+0x1be2/0x1e80 [ 320.808114][T11919] ? tty_release_struct+0x1d0/0x1d0 [ 320.813315][T11919] __fput+0x4c9/0xba0 [ 320.817317][T11919] ____fput+0x37/0x40 [ 320.821299][T11919] ? fput_many+0x2a0/0x2a0 [ 320.825718][T11919] task_work_run+0x22e/0x2a0 [ 320.830320][T11919] prepare_exit_to_usermode+0x39d/0x4d0 [ 320.835878][T11919] syscall_return_slowpath+0x90/0x610 [ 320.841269][T11919] do_syscall_64+0xdc/0x160 [ 320.845786][T11919] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 320.851679][T11919] RIP: 0033:0x4141d1 [ 320.855577][T11919] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 1b 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 320.875188][T11919] RSP: 002b:0000000000a6fbf0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 320.883612][T11919] RAX: 0000000000000000 RBX: 0000000000000008 RCX: 00000000004141d1 [ 320.891597][T11919] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 320.899585][T11919] RBP: 0000000000000001 R08: 00000000d11d969f R09: ffffffffffffffff [ 320.907577][T11919] R10: 0000000000a6fcd0 R11: 0000000000000293 R12: 000000000075c9a0 [ 320.915565][T11919] R13: 000000000075c9a0 R14: 00000000007604e0 R15: 000000000075bfd4 [ 320.924211][T11919] ------------[ cut here ]------------ [ 320.929658][T11919] kernel BUG at mm/kmsan/kmsan.c:468! [ 320.935014][T11919] invalid opcode: 0000 [#1] SMP [ 320.939842][T11919] CPU: 1 PID: 11919 Comm: syz-executor.0 Tainted: G B 5.4.0-rc8-syzkaller #0 [ 320.949874][T11919] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 320.959921][T11919] RIP: 0010:kmsan_internal_check_memory+0x41d/0x440 [ 320.966485][T11919] Code: c0 e8 a4 a8 72 ff 0f 0b 0f 0b 65 8b 35 10 0c fc 5e 48 c7 c7 b4 05 21 ae 31 c0 e8 8b a8 72 ff 0f 0b 0f 0b e8 25 67 4e ff 0f 0b <0f> 0b 65 8b 35 ee 0b fc 5e 48 c7 c7 b4 05 21 ae 31 c0 e8 69 a8 72 [ 320.986065][T11919] RSP: 0018:ffffb12b81fef600 EFLAGS: 00010046 [ 320.992121][T11919] RAX: 0000000000000002 RBX: 000000000761004a RCX: 000000000761004a [ 321.000072][T11919] RDX: 0000000000000000 RSI: 0000000000000001 RDI: ffffb12b81fef6dc [ 321.008022][T11919] RBP: ffffb12b81fef6a8 R08: 0000000000000000 R09: ffff913eefd41950 [ 321.015975][T11919] R10: 00000000ffffffff R11: ffffffffa50796f0 R12: 0000000000000000 [ 321.023922][T11919] R13: 000000000761004a R14: 0000000000000002 R15: 0000000000000001 [ 321.031874][T11919] FS: 0000000001b3f940(0000) GS:ffff913eefd00000(0000) knlGS:0000000000000000 [ 321.040779][T11919] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 321.047337][T11919] CR2: 00007ff1b59b0000 CR3: 0000000048bc7000 CR4: 00000000001406e0 [ 321.055285][T11919] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 321.063233][T11919] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 321.071221][T11919] Call Trace: [ 321.074503][T11919] kmsan_check_memory+0xd/0x10 [ 321.079304][T11919] iowrite8+0x99/0x2e0 [ 321.083408][T11919] ? pvpanic_mmio_remove+0x60/0x60 [ 321.088496][T11919] pvpanic_panic_notify+0x46/0x70 [ 321.093512][T11919] atomic_notifier_call_chain+0x13d/0x240 [ 321.099212][T11919] panic+0x45a/0xc1e [ 321.103099][T11919] kmsan_report+0x215/0x220 [ 321.107588][T11919] __msan_warning+0x64/0xc0 [ 321.112071][T11919] kfree_skb+0x23c/0x4c0 [ 321.116289][T11919] ? kmsan_get_shadow_origin_ptr+0x91/0x4d0 [ 321.122162][T11919] bcsp_close+0x127/0x1e0 [ 321.126470][T11919] ? bcsp_open+0x5d0/0x5d0 [ 321.130865][T11919] hci_uart_tty_close+0x385/0x410 [ 321.135871][T11919] ? hci_uart_tty_open+0x5a0/0x5a0 [ 321.140965][T11919] tty_ldisc_release+0x5dd/0xd50 [ 321.145886][T11919] tty_release_struct+0x4f/0x1d0 [ 321.150800][T11919] ? tty_unlock+0x82/0x100 [ 321.155195][T11919] tty_release+0x1be2/0x1e80 [ 321.159773][T11919] ? tty_release_struct+0x1d0/0x1d0 [ 321.164949][T11919] __fput+0x4c9/0xba0 [ 321.168915][T11919] ____fput+0x37/0x40 [ 321.172871][T11919] ? fput_many+0x2a0/0x2a0 [ 321.177263][T11919] task_work_run+0x22e/0x2a0 [ 321.181834][T11919] prepare_exit_to_usermode+0x39d/0x4d0 [ 321.187359][T11919] syscall_return_slowpath+0x90/0x610 [ 321.192712][T11919] do_syscall_64+0xdc/0x160 [ 321.197193][T11919] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 321.203060][T11919] RIP: 0033:0x4141d1 [ 321.206933][T11919] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 1b 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 321.226513][T11919] RSP: 002b:0000000000a6fbf0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 321.234897][T11919] RAX: 0000000000000000 RBX: 0000000000000008 RCX: 00000000004141d1 [ 321.242844][T11919] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 321.250812][T11919] RBP: 0000000000000001 R08: 00000000d11d969f R09: ffffffffffffffff [ 321.258764][T11919] R10: 0000000000a6fcd0 R11: 0000000000000293 R12: 000000000075c9a0 [ 321.266725][T11919] R13: 000000000075c9a0 R14: 00000000007604e0 R15: 000000000075bfd4 [ 321.274726][T11919] Modules linked in: [ 321.278616][T11919] ---[ end trace 41a3fcefc55a2980 ]--- [ 321.284067][T11919] RIP: 0010:kmsan_internal_check_memory+0x41d/0x440 [ 321.290634][T11919] Code: c0 e8 a4 a8 72 ff 0f 0b 0f 0b 65 8b 35 10 0c fc 5e 48 c7 c7 b4 05 21 ae 31 c0 e8 8b a8 72 ff 0f 0b 0f 0b e8 25 67 4e ff 0f 0b <0f> 0b 65 8b 35 ee 0b fc 5e 48 c7 c7 b4 05 21 ae 31 c0 e8 69 a8 72 [ 321.310234][T11919] RSP: 0018:ffffb12b81fef600 EFLAGS: 00010046 [ 321.316274][T11919] RAX: 0000000000000002 RBX: 000000000761004a RCX: 000000000761004a [ 321.324229][T11919] RDX: 0000000000000000 RSI: 0000000000000001 RDI: ffffb12b81fef6dc [ 321.332175][T11919] RBP: ffffb12b81fef6a8 R08: 0000000000000000 R09: ffff913eefd41950 [ 321.340123][T11919] R10: 00000000ffffffff R11: ffffffffa50796f0 R12: 0000000000000000 [ 321.348070][T11919] R13: 000000000761004a R14: 0000000000000002 R15: 0000000000000001 [ 321.356022][T11919] FS: 0000000001b3f940(0000) GS:ffff913eefd00000(0000) knlGS:0000000000000000 [ 321.364939][T11919] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 321.371497][T11919] CR2: 00007ff1b59b0000 CR3: 0000000048bc7000 CR4: 00000000001406e0 [ 321.379477][T11919] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 321.387438][T11919] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 321.395396][T11919] Kernel panic - not syncing: Fatal exception [ 321.402178][T11919] Kernel Offset: 0x1f000000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff) [ 321.413791][T11919] Rebooting in 86400 seconds..