[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   51.196499] audit: type=1800 audit(1538653595.244:29): pid=5916 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0
[   51.216320] audit: type=1800 audit(1538653595.254:30): pid=5916 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   54.738365] random: sshd: uninitialized urandom read (32 bytes read)
[   55.141420] sshd (6052) used greatest stack depth: 53184 bytes left
[   55.170733] random: sshd: uninitialized urandom read (32 bytes read)
[   56.977464] random: sshd: uninitialized urandom read (32 bytes read)
Warning: Permanently added '10.128.10.5' (ECDSA) to the list of known hosts.
[   62.693911] random: sshd: uninitialized urandom read (32 bytes read)
2018/10/04 11:46:48 fuzzer started
[   66.943376] random: cc1: uninitialized urandom read (8 bytes read)
2018/10/04 11:46:53 dialing manager at 10.128.0.26:36867
2018/10/04 11:46:53 syscalls: 1
2018/10/04 11:46:53 code coverage: enabled
2018/10/04 11:46:53 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled
2018/10/04 11:46:53 setuid sandbox: enabled
2018/10/04 11:46:53 namespace sandbox: enabled
2018/10/04 11:46:53 Android sandbox: /sys/fs/selinux/policy does not exist
2018/10/04 11:46:53 fault injection: enabled
2018/10/04 11:46:53 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2018/10/04 11:46:53 net packed injection: enabled
2018/10/04 11:46:53 net device setup: enabled
[   71.886563] random: crng init done
11:48:31 executing program 0:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000)='/dev/uinput\x00', 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xd)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {}, 0x25}, 0x45c)
ioctl$UI_DEV_SETUP(r0, 0x5501, &(0x7f0000000300)={{}, 'syz0\x00'})

[  168.519739] IPVS: ftp: loaded support on port[0] = 21
[  170.606802] bridge0: port 1(bridge_slave_0) entered blocking state
[  170.613482] bridge0: port 1(bridge_slave_0) entered disabled state
[  170.621880] device bridge_slave_0 entered promiscuous mode
[  170.761263] bridge0: port 2(bridge_slave_1) entered blocking state
[  170.767964] bridge0: port 2(bridge_slave_1) entered disabled state
[  170.776198] device bridge_slave_1 entered promiscuous mode
[  170.900761] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  171.030368] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
11:48:35 executing program 1:
openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0)
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ppp\x00', 0x0, 0x0)
ioctl$EVIOCGPROP(r0, 0x4004743d, &(0x7f0000000440)=""/246)
close(r0)

[  171.417721] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  171.623045] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  172.173449] IPVS: ftp: loaded support on port[0] = 21
[  172.558587] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  172.566809] team0: Port device team_slave_0 added
[  172.794211] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  172.802314] team0: Port device team_slave_1 added
[  172.929041] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  173.118708] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[  173.125888] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  173.134686] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  173.382344] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  173.389873] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  173.398888] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  173.585256] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  173.592898] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  173.601858] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  175.641348] bridge0: port 2(bridge_slave_1) entered blocking state
[  175.647937] bridge0: port 2(bridge_slave_1) entered forwarding state
[  175.654922] bridge0: port 1(bridge_slave_0) entered blocking state
[  175.661373] bridge0: port 1(bridge_slave_0) entered forwarding state
[  175.670504] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  175.697063] bridge0: port 1(bridge_slave_0) entered blocking state
[  175.703699] bridge0: port 1(bridge_slave_0) entered disabled state
[  175.712066] device bridge_slave_0 entered promiscuous mode
[  175.858740] bridge0: port 2(bridge_slave_1) entered blocking state
[  175.865436] bridge0: port 2(bridge_slave_1) entered disabled state
[  175.873705] device bridge_slave_1 entered promiscuous mode
11:48:40 executing program 2:
r0 = open(&(0x7f00009e1000)='./file0\x00', 0x8040, 0x0)
fcntl$setlease(r0, 0x400, 0x0)
setsockopt$IP6T_SO_SET_ADD_COUNTERS(r0, 0x29, 0x41, &(0x7f0000000000)={'security\x00', 0x3, [{}, {}, {}]}, 0x58)
rt_sigtimedwait(&(0x7f00005a1000)={0xfffffffffffffffd}, &(0x7f0000d31ff0), &(0x7f00007adff0)={0x77359400}, 0x8)
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$loop(&(0x7f0000000180)='/dev/loop#\x00', 0x0, 0x82)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfffffffffffffffa, 0x0, 0x2f2c, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000, 0x0, 0x0, 0x0, 0x1000000000000000, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000300)={0xad0}, 0x8, 0x800)
write$cgroup_type(0xffffffffffffffff, &(0x7f00000009c0)='threaded\x00', 0xfffffc47)
memfd_create(&(0x7f0000000240)='threaded\x00', 0x2)
sendfile(r1, r1, &(0x7f0000000000), 0x8000)
close(r1)

[  176.103990] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  176.403143] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  176.581890] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  176.796221] IPVS: ftp: loaded support on port[0] = 21
[  177.112435] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  177.368401] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  177.770069] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[  177.777311] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  178.633496] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  178.641395] team0: Port device team_slave_0 added
[  178.927853] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  178.936022] team0: Port device team_slave_1 added
[  179.226628] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[  179.233825] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  179.242647] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  179.523565] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[  179.530643] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  179.539531] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  179.794922] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  179.802500] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  179.811228] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  180.027848] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  180.035665] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  180.044496] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  180.669915] bridge0: port 1(bridge_slave_0) entered blocking state
[  180.676537] bridge0: port 1(bridge_slave_0) entered disabled state
[  180.684778] device bridge_slave_0 entered promiscuous mode
[  181.046696] bridge0: port 2(bridge_slave_1) entered blocking state
[  181.053337] bridge0: port 2(bridge_slave_1) entered disabled state
[  181.061531] device bridge_slave_1 entered promiscuous mode
[  181.326533] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  181.610477] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  182.388893] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  182.593355] bridge0: port 2(bridge_slave_1) entered blocking state
[  182.599830] bridge0: port 2(bridge_slave_1) entered forwarding state
[  182.606827] bridge0: port 1(bridge_slave_0) entered blocking state
[  182.613309] bridge0: port 1(bridge_slave_0) entered forwarding state
[  182.621897] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  182.696477] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  182.744711] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  182.893584] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[  182.900648] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  183.185462] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[  183.192784] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
11:48:47 executing program 3:
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001540)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}}}, 0x80, &(0x7f0000002900)}}], 0x1, 0x0, &(0x7f0000003280))
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000240)='net/udp\x00')
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
preadv(r0, &(0x7f00000017c0), 0x1d0, 0x1f000000)

[  184.127254] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  184.135270] team0: Port device team_slave_0 added
[  184.543553] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  184.551345] team0: Port device team_slave_1 added
[  184.611064] IPVS: ftp: loaded support on port[0] = 21
[  184.854536] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[  184.861837] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  184.870417] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  185.167277] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[  185.174999] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  185.184080] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  185.534443] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  185.542179] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  185.551017] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  185.893389] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  185.900923] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  185.910019] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  187.628107] 8021q: adding VLAN 0 to HW filter on device bond0
[  188.825086] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  188.877102] ip (6532) used greatest stack depth: 53056 bytes left
[  189.494598] bridge0: port 2(bridge_slave_1) entered blocking state
[  189.501083] bridge0: port 2(bridge_slave_1) entered forwarding state
[  189.508149] bridge0: port 1(bridge_slave_0) entered blocking state
[  189.514671] bridge0: port 1(bridge_slave_0) entered forwarding state
[  189.523407] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  189.705975] bridge0: port 1(bridge_slave_0) entered blocking state
[  189.712737] bridge0: port 1(bridge_slave_0) entered disabled state
[  189.720948] device bridge_slave_0 entered promiscuous mode
[  190.045103] bridge0: port 2(bridge_slave_1) entered blocking state
[  190.051581] bridge0: port 2(bridge_slave_1) entered disabled state
[  190.060058] device bridge_slave_1 entered promiscuous mode
[  190.117432] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  190.124015] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  190.132049] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  190.222000] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  190.454305] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  190.758311] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  191.372544] 8021q: adding VLAN 0 to HW filter on device team0
[  191.641036] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  191.913323] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  192.194796] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[  192.203388] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  192.513387] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[  192.520520] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
11:48:57 executing program 4:
r0 = syz_open_dev$dri(&(0x7f00000000c0)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = dup2(r0, r0)
ioctl$LOOP_SET_BLOCK_SIZE(r1, 0x4c09, 0x0)

[  193.466448] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  193.474705] team0: Port device team_slave_0 added
[  193.830903] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  193.838974] team0: Port device team_slave_1 added
[  194.217173] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[  194.225203] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  194.234014] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  194.353947] IPVS: ftp: loaded support on port[0] = 21
[  194.628592] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[  194.635928] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  194.644733] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  195.017665] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  195.025368] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  195.034301] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  195.220740] 8021q: adding VLAN 0 to HW filter on device bond0
[  195.472012] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  195.479672] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  195.488616] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  196.691281] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  198.109966] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  198.116515] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  198.124596] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  199.486391] 8021q: adding VLAN 0 to HW filter on device team0
[  199.735238] bridge0: port 2(bridge_slave_1) entered blocking state
[  199.741746] bridge0: port 2(bridge_slave_1) entered forwarding state
[  199.748575] bridge0: port 1(bridge_slave_0) entered blocking state
[  199.755140] bridge0: port 1(bridge_slave_0) entered forwarding state
[  199.763649] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  200.183575] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  200.211315] bridge0: port 1(bridge_slave_0) entered blocking state
[  200.217944] bridge0: port 1(bridge_slave_0) entered disabled state
[  200.226494] device bridge_slave_0 entered promiscuous mode
[  200.303415] input: syz1 as /devices/virtual/input/input5
[  200.404907] input: syz1 as /devices/virtual/input/input6
[  200.657305] bridge0: port 2(bridge_slave_1) entered blocking state
[  200.663889] bridge0: port 2(bridge_slave_1) entered disabled state
[  200.672108] device bridge_slave_1 entered promiscuous mode
11:49:04 executing program 0:
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001400)=@ipx, 0x80}}], 0x1, 0x0, &(0x7f0000000140))
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='oom_score_adj\x00')
preadv(r0, &(0x7f00000017c0), 0x1a1, 0x0)

[  201.082102] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
11:49:05 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
r1 = memfd_create(&(0x7f0000000000)="776c6197b000a8f602d0a2c2a582c3c86818b3bfd25a1f6a2d25749f377c03d1ba30a2dec37181251be19032789a3f9da8c9c1db30b7ee7596adae0096e8a1adf519d3ee845d75d985f3ce093d6d77aef1bd974bdda5428e53b9bd362a4c34540dcf267467324671ae9c80a0b1040a57cc4327db5b028df0149495f06358246100253f25d93a97bd9ae3e9b6ad8353ed8905a6db91f4e98a6a036ee84895e27e7126f712ccea596d582829b39105280374dee2d74eb8fd755880995d3c63953e65e5f57e2d290dc84e6cb48c6cf7fb88790a2b08122cd79d42626346660cb4739602fc8f0791b6d573d6d8e06c3f216c5aa37b72", 0x0)
unshare(0x20400)
close(r1)
getsockname$inet(r1, &(0x7f0000000380)={0x2, 0x0, @multicast1}, &(0x7f0000000400)=0x10)
listen(r0, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r2, &(0x7f0000000280), 0xa5, 0x20000004, &(0x7f000031e000)={0xa, 0x4e22}, 0x1c)
r3 = accept4(r0, 0x0, &(0x7f0000000000)=0xfffffd60, 0x807)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
recvfrom$unix(r1, &(0x7f0000000240)=""/135, 0x87, 0x10040, &(0x7f0000000440)=@file={0x0, './file0\x00'}, 0x6e)
sendmsg$netlink(r3, &(0x7f0000004b00)={&(0x7f0000000180)=@proc, 0xc, &(0x7f0000004880)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="100000000000dd000000000000000500998556cf65e1aa194fc210f65e8b24f87163d12462b981cc1aa4e63a4028c14c0aee812a24958ca17fff7f000000000000b324ac59c35446bc74a746cc530baf"], 0x10}], 0x1, &(0x7f00000005c0)=ANY=[@ANYBLOB="10000000000000000100000001db307c70e8824b662020aa4aeb3998135f7a4e8167c035426d8b76ee492b4e58741ce33bd790f213011b0556ebd7dd07d65b3803b93e4bc974d9dccd549439220c7afd4cbff1c8a2c54a7510411526b71055d7c43fc4d6edeece02aa95e8d6f24eec99351df6e3d4"], 0x10}, 0x0)
getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r1, 0x84, 0x6, &(0x7f00000004c0)={<r5=>0x0, @in={{0x2, 0x4e23, @loopback}}}, &(0x7f0000000340)=0x84)
getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f00000003c0)={0x10000, 0xdb, 0x8000, 0x9, 0x7fffffff, 0x101, 0x1f, 0x3, r5}, &(0x7f0000000580)=0x20)
getsockname$inet6(r3, &(0x7f0000000100), &(0x7f0000000140)=0x1c)

[  201.356373] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  201.480210] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
11:49:05 executing program 0:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x4800, 0x0)
ioctl$UI_DEV_SETUP(r1, 0x405c5503, &(0x7f0000000040)={{0xbb3e, 0x5, 0x0, 0x2a}, 'syz0\x00', 0x23})
sendto$inet6(r0, &(0x7f0000000140), 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e22, 0x0, @mcast2={0xff, 0x5}, 0xfffffffffffffffd}, 0x1c)

11:49:06 executing program 0:
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0)
r1 = accept$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @loopback}, &(0x7f0000000080)=0x10)
writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000080), 0xfffffebe}], 0x1)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ppp\x00', 0x2, 0x0)
ioctl$DRM_IOCTL_RES_CTX(r2, 0xc0106426, &(0x7f0000000200)={0x3, &(0x7f00000001c0)=[{<r3=>0x0}, {}, {}]})
ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f0000000100))
ioctl$DRM_IOCTL_SWITCH_CTX(r2, 0x40086424, &(0x7f0000000300)={r3, 0x3})
getsockopt$inet_sctp_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000240)=@assoc_value={<r4=>0x0, 0x6}, &(0x7f0000000280)=0x8)
setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f00000002c0)={r4, 0x4}, 0x8)

11:49:06 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x9, 0x4000000000000800, 0x1}, 0x2c)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r0, &(0x7f0000000040), &(0x7f00000001c0)}, 0x20)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r0, &(0x7f0000000040), &(0x7f00000000c0)}, 0x20)
r1 = syz_open_dev$usbmon(&(0x7f0000000080)='/dev/usbmon#\x00', 0x5, 0x800)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x2000, 0x40)
linkat(r1, &(0x7f0000000100)='./file0\x00', r2, &(0x7f0000000200)='./file0\x00', 0x1000)
r3 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x2, 0x100)
ioctl$SG_GET_NUM_WAITING(r3, 0x227d, &(0x7f0000000040))

[  202.665188] bond0: Enslaving bond_slave_0 as an active interface with an up link
11:49:07 executing program 0:
syz_extract_tcp_res(&(0x7f0000000000)={0x41424344, <r0=>0x41424344}, 0xfffffffffffffffb, 0x80)
syz_extract_tcp_res$synack(&(0x7f0000000040)={0x41424344, <r1=>0x41424344}, 0x1, 0x0)
syz_emit_ethernet(0x15f, &(0x7f00000001c0)={@empty, @link_local, [], {@ipv4={0x800, {{0x5, 0x4, 0x1f, 0x6, 0x151, 0x67, 0x87e5, 0x8e34, 0x89, 0x0, @dev={0xac, 0x14, 0x14, 0x19}, @multicast1}, @tcp={{0x4e20, 0x4e20, r0, r1, 0x22, 0x0, 0x17, 0x10, 0x2, 0x0, 0x3ff, {[@exp_fastopen={0xfe, 0x11, 0xf989, "a76445603aa847e30f38fedfd1"}, @fastopen={0x22, 0x5, "235acb"}, @fastopen={0x22, 0x2}, @timestamp={0x8, 0xa, 0x4, 0x1}, @md5sig={0x13, 0x12, "90c5d1a59abbe80081379187483b2e73"}, @exp_fastopen={0xfe, 0xe, 0xf989, "8e4ae8f7de877d30c259"}, @eol, @sack_perm={0x4, 0x2}, @nop]}}, {"29c0e478648b000ea25a1903fcfe0cf499cd3c5d1a33fc4209307f80d3cf7187d7cfe1fec85c2d50c2d95f6facf7aa4ec679cdb725fa9ea482251d9e3df7240782c916fcc50980025303fb9174be915b5f565022204cdb508deb6e48da30c34dd3b0a1b6d4b963909eb38d4229a472a73fbe919dbb7ecf5309f1018bc57770adc5c57a5e4980db0c511dfda77ae8ed18ada010454e8a25db47a73fea3bf616034f85dde139f8299d6fb9044ea4e168edb22deae4668f93e9dfa32d28726b9f71e50e2ef2111b52f79a79ff9cf1829f33b4c6e4075b30cd6d60f7f599ec4ca8cbbb"}}}}}}, &(0x7f0000000080)={0x0, 0x3, [0xc3e, 0x700, 0x621, 0x6d7]})
syz_emit_ethernet(0x7e, &(0x7f0000000140)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c2800000fcff440000700000000000019078ac1414bbac1414110304907800000000450000000000000000840000ac1414aaac141400444000000000000000000000e000000200000000e000000100000000000000007f00000100000000fffffffc00000000e000000100000000ac14140000000000"], &(0x7f00000000c0))

[  203.059513] bond0: Enslaving bond_slave_1 as an active interface with an up link
11:49:07 executing program 0:
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer2\x00', 0x0, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r1, 0x29, 0x2a, &(0x7f0000000140)={0x2190, {{0xa, 0x4e20, 0x0, @mcast2, 0x7}}}, 0x88)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x9bc2, @remote, 0x4}, 0x1c)
r2 = socket(0x11, 0x4000000000080002, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'ip6_vti0\x00', <r3=>0x0})
setsockopt$packet_int(r2, 0x107, 0x14, &(0x7f0000000080)=0x8, 0xfffffffffffffd8e)
bind$packet(r2, &(0x7f0000000100)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @local}, 0x14)
sendmmsg$inet_sctp(r2, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x1c, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0)

[  203.409719] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[  203.417001] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  203.857149] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[  203.864516] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
11:49:08 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x101000, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r0, 0x40605346, &(0x7f0000000040)={0x89, 0x3, {0x3, 0x3, 0x4, 0x2, 0xc45}})
ioctl$ASHMEM_GET_NAME(r0, 0x81007702, &(0x7f00000000c0)=""/20)
ftruncate(r0, 0x5)
fstatfs(r0, &(0x7f0000000100)=""/121)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000180)={0x0, r0, 0x20400000, 0x1, 0x3ddf, 0x8})
getsockopt$bt_BT_CHANNEL_POLICY(r0, 0x112, 0xa, &(0x7f00000001c0)=0x8, &(0x7f0000000200)=0x4)
ioctl$DRM_IOCTL_DROP_MASTER(r0, 0x641f)
rt_sigprocmask(0x1, &(0x7f0000000240)={0x315183b2}, &(0x7f0000000280), 0x8)
setsockopt$inet_sctp6_SCTP_RECVNXTINFO(r0, 0x84, 0x21, &(0x7f00000002c0)=0x1, 0x4)
set_mempolicy(0x8001, &(0x7f0000000300)=0x5, 0x100)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$IP_VS_SO_SET_STARTDAEMON(r0, 0x0, 0x48b, &(0x7f0000000340)={0x3, 'veth1_to_team\x00', 0x2}, 0x18)
r2 = dup2(r1, r0)
ioctl$TUNSETSNDBUF(r2, 0x400454d4, &(0x7f0000000380)=0xa3)
getsockopt$inet6_IPV6_IPSEC_POLICY(r2, 0x29, 0x22, &(0x7f0000000400)={{{@in6=@local, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0, <r4=>0x0}}, {{@in=@dev}, 0x0, @in=@multicast1}}, &(0x7f0000000500)=0xe8)
sendmsg$nl_route_sched(r0, &(0x7f00000005c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)=@gettfilter={0x2c, 0x2e, 0xc, 0x70bd2c, 0x25dfdbfd, {0x0, r3, {0xffff, 0x10}, {0xb}, {0xffe0, 0x9}}, [{0x8, 0xb, 0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x20000000)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(r2, 0x40405515, &(0x7f0000000600)={0x3, 0x3, 0x40, 0x345c7d7c, 'syz1\x00', 0x2})
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000640)=0x6)
ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f0000000680)={0x0, 0x0, 0x2, 0x0, [], [{0x8, 0x1, 0x1d, 0x1, 0x7fff, 0x5}, {0x2, 0x7, 0x3b5da082, 0x27, 0x6, 0x6}], [[], []]})
ioctl$BLKPBSZGET(r2, 0x127b, &(0x7f00000007c0))
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000840)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000800)={<r5=>0xffffffffffffffff}, 0x113, 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_CONNECT(r0, &(0x7f0000000880)={0x6, 0x118, 0xfa00, {{0x2, 0x81, "5a63d79d8b2001a68f787c0199beea3619a73a3cb3e5ec3fff0759c8495e42f68cb78bec488ec0d34ef9491e5f770d8def82558fa8fe67cfec01db522445a123e9a507e81911bb30085a3f0c6562253b64e913225593d43e579d1f334fa55e9ec36b392606561582ddbb8a2892762cb0a39035823645a2a00d04ffd6dac8fd1961368ab160008e30773a5dba65da09cbe3e8b78af27212bae71035d1cf61180d22e0e2b98730d3405f46dd346545f7d11ce1202a7ef9b0bd6d7bb7c1ffd04d772a3cdce52dcdaa8433d090b02d69ac1cdea85494c4a9c5aacdffa581e58d8786ff55be4ec95f14cf943b6c68a7a933528d593211f79acac94b235cba825939cc", 0x51, 0x3, 0x7ff, 0x2, 0x8, 0x1a}, r5}}, 0x120)
lsetxattr$security_evm(&(0x7f00000009c0)='./file0\x00', &(0x7f0000000a00)='security.evm\x00', &(0x7f0000000a40)=@v1={0x2, "4588151c2e0a8d3a123fd09b"}, 0xd, 0x1)
readv(r1, &(0x7f0000000f00)=[{&(0x7f0000000a80)=""/118, 0x76}, {&(0x7f0000000b00)=""/249, 0xf9}, {&(0x7f0000000c00)=""/223, 0xdf}, {&(0x7f0000000d00)=""/115, 0x73}, {&(0x7f0000000d80)=""/103, 0x67}, {&(0x7f0000000e00)=""/232, 0xe8}], 0x6)
r6 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000f80)='/dev/hwrng\x00', 0x4000, 0x0)
stat(&(0x7f0000001080)='./file0\x00', &(0x7f00000010c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r7=>0x0})
mount$fuseblk(&(0x7f0000000fc0)='/dev/loop0\x00', &(0x7f0000001000)='./file0\x00', &(0x7f0000001040)='fuseblk\x00', 0x400, &(0x7f0000001140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0xe000}, 0x2c, {'user_id', 0x3d, r4}, 0x2c, {'group_id', 0x3d, r7}, 0x2c, {[{@default_permissions='default_permissions'}, {@allow_other='allow_other'}, {@allow_other='allow_other'}, {@blksize={'blksize', 0x3d, 0x1000}}, {@allow_other='allow_other'}], [{@func={'func', 0x3d, 'PATH_CHECK'}}, {@audit='audit'}, {@dont_measure='dont_measure'}, {@uid_lt={'uid<', r4}}, {@smackfsdef={'smackfsdef'}}, {@dont_measure='dont_measure'}, {@smackfsroot={'smackfsroot', 0x3d, 'em1-'}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}]}})
dup3(r1, r2, 0x80000)
write$UHID_INPUT(r6, &(0x7f0000001280)={0x8, "37b08c1f4a53f4ba16b69a2ce2c39384ec5b5e6f3924bff679fca2ff8ca6c9717e4e344cfc176bffff77431b898a68230898bfed0c8eb4b747a6e75be901cb91f2f4e3a3469a34bb409128908656bdb85e536a51d21c991b709cc9d1a917c3bd830a3cacfdbbd19737c08a76994a93cdf5e4592dc3b9cda7b19ca0282f13469a12b0bb665f75cf0db1f5df36243e6694eab71682bf1a2ab0ed2f7c3655be0053d2c4fc30e88f88e9ac99b0a25dce86bc2f78930b16590eac3d207e626f3e690785f28d0ebeedf1ba57fbb38d3d1a7f6b9a2365568c5ab21a59cfa9352658d3ee5658c2f2a464686edcf395fafe48b6e5eb1a4a1b2102ecf78b68c0997a85d191fdcfecc5ea105bb8cd9950072f56058d7bee718cf098ca1ff6f39bc7fa8c48c7547d0c8bd9e5419e9fcd9066a95251967023cf1ad9839d6a54bdc50c7a9d5afc5e7501669640e0421179b8dff5b3ca16b54fae66fc8066c2ef49807b2f3970e4dab4b005ef4c54c06a290c09fbcc9a7dd8d15a0381216188869946e90e03659a153830bbad415e4a2ef7feb66390b1c4d4e606dffde9b9b67715c0466e38bfc547f57e5ea58027efdc33b8925383c98d8de403cdcc661f0e376f4d0ef72cbd124d14dd0ae2305220601dc1d1d5bb57d0a58cdbf551dc1c910ae6228a23e6035c2ff89cde5d54a3d9ae7613ac0571d058de22de2c3f2927effb29bd8f4363db0f46a78c458b0ad4d34fe781e97fa44f3af67a16ae0601d721e92491c8e78dec281bf6b2cf25a9bb0e17cc19656a71a842d0e146662863d97da9a759c762a72d360fbde2b9f9ae2f23716607779ead554cb5bf191af1322c59689aae5f2715b301c7426ef9b9f13a7d798a76633fc2bd5c403824e92aaf43cebc0c2999b0c43d18cb0d1d571aec2160ffc9b5d07476266e32d4263c4962f9a5f11552e7b82f22a4b8b78a4d7931a4fa47a0a5469d2cf01e19b247507b3e9c978ca50561aa16414c97c99101889dfd56cfc2e6e7598bf9b3f6a742a1c3afd804bc0145f1e51c566a8060f23b6a20eace86e91d46c9897bed13467b5cf8880590092bac696a06c5a21cdb53c7bcc712d389accc1b5eca1f0a88d9b3a29e9ab612f3ce49f127e8abd52d8489d49cf8bc2e1d9cb1cfe366f9874c814c3f2ad7c314dec0013fbe3e5ffe9b93d4ebca91d1b6713ea25810188c18515ad803bce6a5ba8c31ff81fd703e531ba184042a4debfaf2b9a1deb62ca22ef038ce5f9284113171155171f0878a12da4cc4fdcf6b4de39b4c73d2eb015bae3b9b28f7dbb856751ec5d6306dce7385e3333bbc7c2aa40a1fa9f5479a8245d7f3671e87cde0f39444c81cd47f0d10cbd3c9b7369dcffe06c198af002e44941a1df2cd1222e92683f016abf4eabf250feb2762efe322f906fcbbb8a98197e12a518640ef2424d662e446308b7f894ec2e392a520dc1f77e2c4c1beffec3494528720a81f2ddbd54943d7bac4471cdc6d1f65e396d3f1ba172fb59f1fac7fb850610879dab1b989c6153f27d5b5e7c32980e95faa93cdb1728af16d07b18e973e207ac01314f280cddf2ecee6bceb28d3c0de9f640e91baf5a20e1b7f264daa35ce32508b05026ed41e8382886ba255be25a308f3094d9328fd8b7abbe398ca5af321b3ed61a9e9f78bf513d57919386b6b1e5522a50adbc7dc253c74ddc31a2844fd4e2cefa9830da5ce081c5d4e840c196261d879085e6c1eba2b5b973d6a5003f8b3e1e5e09ebb13ea315fc56c5d5f273b4ae7ff434a264da6e61f6a112d58e31163ac52dcc7ea1c4ea270d8a33b99e1dcd4b920c91e1e02898dcdb76fa767742ae2205f78b70388ca2268162e802c1c182131bc2a32a50b29be144f41cfd3146207a745abf5771975a6853c02ea39b15343e4fb9b8710b03286f05f31d4d66ffb455732995eba9d375ad80d7630b31973417cda26c50979ac4a2cb0dcf6b0ac74803dfec5a3adc3ecff4367d122d7b95807ec83c2308c70d05265ef642aa23f72e232cbcd6171e9ffcb38fa439766eec80c7e7e325f5a352d4e24ee06328ac5442211094bc568f9dca73ae41b1736cac9017979daa375c646acbe49007c7545e8c2f35c8a39d0816f2c1ce3224f449dc8f5824d33c33a0786bd1d61211a99fb5032269f55b968eb23d654eede97118c1fcee0d6f6e7e79411963df31e7b2f010063a19a145d62e61f5e0cdbc83a7b312b6180f05e7f799c37ca50adaa489e1fea2b441be3ae23bbb71da9d37550bbfa7752eac93fb1f132d11e281c1d2c3cc0f1426708d2fe6b57e1bd057aaef3b869151b2177aa7b237b5b37470ca1c9b8d4c2926f58b07009e0347091488c491516900b542eb8ddd363630cacc3202183e03333b8a50d8946cb98a5084cb28daa8b9e1c76007d3fec6256067cc79181b8e0aedb2170ff003f8904140a0f16d9f36865a830a3c3416876155bcd878e50e6691a54077be8aec2f848cf17619fbea1184edbcb40efb3375bfc2b0fb5ad7c426550b5562b362a4e2f1b5c37369a8d86b75172d8307b1d958e2898b3180906dc0eda4bbe8a59038cb59c2df38b782b949262d8dca9f9817c1d127af64946183e73e40d47608e199264ce9790bd0a0a70d969d12a876609fbcaa2d688ba00cd34cd5d23a4c6912acd40d442f6cc58b70e1894ab633127f000f5e4ae7574221668e34c367a9a2fae03ed9ec44d758ccee6d0f5f44f9a8b557c329f48c0d3185f5e771d385000242ff64809e848aead5ad3d723182e542d1d3978518905392189fda5d0f64e0f5e37dc23bd2e14f3f8459b2b222bb547360979ebd430c4e605c78667e9a2a6f6467104547659c39fa9660a3e7007d8caac741f934baebf7c8b41fe14fb80a798a2619c37263525524c136a0b72cf34898b91607c7d3f4a3d682452cbda637b23f6e4177136627dcf2f3fd0a51053c5992ececad3615b76f408ed707d54553467e3ca03ec492e5e18998bb50769675a7a24c8201921ebf9b2d7a405c00c8f717f41cef51fa0f6c466511159539c3ef99aae78bedfd61235154787b80e7b3645788e89d61f54f18a3daf9d479444cc27d919a84a3bb8ef71f7be2aedd0fc390f3248af113350481c3523d359d6c9070290b21662c866320566dbe91ac41a8b20005299741a365703b32dd9f213c1f26ef88b81b3385a043bb6bdb0195ebe918366b83feaae5c657951301bdd16733dd15fd319d46861221ce4c12d463e7129ace553f240b83854fa710a36cc9d30718024d78ec3f33da3fcb7d404f419e6933f3389ca1b6490884f60175b8cb8730b063e645f5b2dcd03ea0b1f15a9ebfa18cfae48f0c712a379bc15b2aa05bf592095241a1a25ff1759e30b95dbf106bcc09391a573f83c755821933f5e5c5633e4c0ed9dd75d1db7540ece6d2e20349f5ac8539e3a2e5b0cca9dad40dc191ae758df3ff90ba7e89a4b3bd056ee102ca18b2db6f2ac0d18d248ac7c022f0456a226c1753b4379b309d9021d0358a1b7f96ece93ba8056370a5dfe5d1dea01af6f7ebc47f1538e59c9abcb25c996bd3e493c8d9ea68e6e52fca87ac784a3810e520d2b0fbb347289f71d3991b18f93fa4ec33df68fc962de51aad1ca3e94056a56a07eda028d6b91413d8d1cfb07dc9c937e81df5cb4b281215297f5fc6f3016449cdb753d03b6ef95556f55279dc3755a1a014cb069b4d18690a294722a5419f2d2e27b22678413c062f54856b0be003f00b83885b6514c353dac301f00e763d5f1491e2205f0767cbf968ab7922936baae08b7d1b549938034233e0e3ed3308864f3f622680e8fb683bea59ab1596e701cbfc309fcf7f117f864d45b0cf57a93fc06527e13c62e04cbfb842008f010e613a60244316319aace40542f5dab3df6f3087c0c795f2d493f7246e5d5f87de5b5f64bd1c773e34a54e97bc3112a010a7115a746f1ca27416ea039f271737d48624073becd67c3d213535d650b665d025054ef0df191c8105610adb359581ff677a0d17377a7a1e845f1bbf6ee1b9e8f02770d6110ed0d865c0854a516cdeea7c80293b527b212550ea6a07105b436b32c7ad46685d215f4a27463c1b968c5439fb7356e6320bc67bbd4ff7e234dee72c02590c749a98ff032f480341319cdf61525d3e83e6a81fecb20ade6444a9d42c0ed6d162ce216966b404354b729ce4957133ce7ea7ab2097298714fa070b28e0540dade2ffc0e4afa04f9b04c12b13a268dabc5774f3b87265e3ae27d5f23f4a70043daa24f1b6db99dad824f914b97bf47a7b73ad46bf8e6edb322fff0e0d6c5f4ef5678b00e2e86243f69d33dcc8d38270753540a9c6fedeba269f6c815a409d87cb73881719cd43056b506c360cbd0e40e6f63289b260fb42d97b508c79db2bf922502d0714cb46bba51b32c65da1ca01e9cd062eab601248cf8272520fcd3d7bec827b1a9308ea05730040002faf123099ec86323bfc66cb2f7c723bf65c179bac2d9f462faf5d7d0075bc0e16df4a0814579cbcbe28827f1ef64295e6ad28b62d79e2effd76e21474baabaa5b7430c9ed6cafe68a739ffb36da8d11ca02bd336a36bfd3b15febbef220da1b0b3473ec690307c314cf62a23fa97b0e8a38444b0b1b6edccfb1db016cc0cb319d2fc5ed1f82335d05091f7abec568019b08bb5690fc6ca8beeb78c87647c6d60fc9588feeb4d69c807925a804b5e4ed0c8938aa61b1a820e686b710caa5906ae294a0c1cad1b512b40dc295fb46143b953d44cf188ce9171db995599039033ee7d93fe905a98e51bc536302ecb7cb537d6f0c3e71066f7a358563b16fe6ba56d823d47958b30ea83bc83eb0563966202534ee030fa30917479cf74200c50e619360692ec316a7adda7ebb1cdbe23f94fe3e401019232875128eadccd07bd53d1266c66408a89b1830e7d0e924cffe06dd232187323a8dff20b1b9dc16cd66e14bc58604199c42865f6e9fe3a126ffc1370d8d805103abf6c6340765f361465a7fec8572def1c38ec971bcb965a17a9f6d9bf6975fedb39cc3b91d44c621524c971c3c89d538a78d3fe8728dc28d52efb663c6f662de75cb4c20b8c0bcd5e1088f7563f501d6a560a34c7a55489097cfb55298ee6bffc36bfe5dd8aacaf45acdb789a7b042b5d3a8a58c84c7898f37009b4728254090aa714a2ea75990208484270fdf8173b1a02679144f8a40dc68149775ab9fecd0da18758eddaa10b26f62ed3385d509423cbb8842dfc0cd6151884ccf598b7ef02dbc79212a60281eb88d46c84039dd1f41d3d534d77d4f42ddd50a4fd2b2e683b32e212aed53f964c02db5ef53bb73b86cc9fb978ce95889095d3d53612221b8e26235bceb90695d2516907105a1d7edb06a2f58b3266c46072cf79892b2fcc1d1c0f5bb863164014bc613ae65e4040fc43e0063a4441f43332c5f444f96c0951c58dd2b9774beac985e242a4030096aa18a8aaed2f87a27d47b30c3c06f1060b365127e5dd72603d224ff7b4fb8709f4cc8651dd8876022f5f5d672e048acaf6e82941e550b1f406536c9f3c706ea272d2aea7fd6ac1f850d911d6faa31331be296bd20251a2fd1374ab93837766191f38e164814d8e024edf4a021f29e61f2595a751d9c7009c09039518cb86f250d41ea1fdc241717f36235ec5306b1303c89876938e6375409a9a5f8deb93b65e53beef65feb338d5f94f552a3f2536e7cdfb456e2d98dae56fa9ccda6823448d966bcd0f0c9c77298f22354e0811ec50062d2f8cd1593a241731993cdfcab5b87ea02a8d6a4ab0152182", 0x1000}, 0x1006)

[  204.980254] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  204.988620] team0: Port device team_slave_0 added
[  205.199060] 8021q: adding VLAN 0 to HW filter on device bond0
[  205.277125] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  205.285204] team0: Port device team_slave_1 added
[  205.595676] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[  205.602884] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  205.611435] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  205.633613] IPVS: ftp: loaded support on port[0] = 21
[  206.023649] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[  206.030880] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  206.041030] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  206.355440] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  206.363317] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  206.374957] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  206.485433] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  206.620204] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  206.629434] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  206.638568] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  207.728832] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  207.736480] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  207.745961] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
11:49:12 executing program 1:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/uinput\x00', 0x0, 0x0)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x15)
ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000540)={{0x0, 0x0, 0x0, 0xfffffffffffffffe}, 'syz1\x00', 0x10})
ioctl$UI_DEV_CREATE(r0, 0x5501)

[  208.383679] input: syz1 as /devices/virtual/input/input7
[  208.428674] input: syz1 as /devices/virtual/input/input8
[  208.961090] 8021q: adding VLAN 0 to HW filter on device team0
[  210.103358] bridge0: port 2(bridge_slave_1) entered blocking state
[  210.109836] bridge0: port 2(bridge_slave_1) entered forwarding state
[  210.116827] bridge0: port 1(bridge_slave_0) entered blocking state
[  210.123343] bridge0: port 1(bridge_slave_0) entered forwarding state
[  210.131438] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  210.302452] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  210.642104] bridge0: port 1(bridge_slave_0) entered blocking state
[  210.648571] bridge0: port 1(bridge_slave_0) entered disabled state
[  210.656986] device bridge_slave_0 entered promiscuous mode
[  210.848949] bridge0: port 2(bridge_slave_1) entered blocking state
[  210.855523] bridge0: port 2(bridge_slave_1) entered disabled state
[  210.863838] device bridge_slave_1 entered promiscuous mode
[  211.095373] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  211.396386] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  212.134211] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  212.452235] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  212.671817] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[  212.679184] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  212.742883] 8021q: adding VLAN 0 to HW filter on device bond0
[  212.995143] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[  213.002369] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  213.621095] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  213.778246] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  213.786884] team0: Port device team_slave_0 added
[  214.088046] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  214.096270] team0: Port device team_slave_1 added
[  214.327832] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[  214.338245] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  214.346998] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  214.542169] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[  214.549223] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  214.558075] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  214.738854] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  214.745620] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  214.753577] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  214.796588] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  214.804881] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  214.813498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  215.087590] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  215.095573] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  215.104269] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  215.719182] 8021q: adding VLAN 0 to HW filter on device team0
11:49:20 executing program 2:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
close(r1)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet6_icmp_ICMP_FILTER(r1, 0x1, 0x1, &(0x7f0000000040)={0xb4}, 0x4)
setsockopt$inet_tcp_int(r2, 0x6, 0x80000000000002, &(0x7f0000000280)=0x2fe, 0x4)
bind$inet(r2, &(0x7f00000000c0)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xfff}]}, 0x10)
sendto$inet(r2, &(0x7f0000a88f88), 0xfffffffffffffe6e, 0x2000560e, &(0x7f0000e68000)={0x2, 0x4004e23, @local, [0x0, 0x2]}, 0x10)
shutdown(r2, 0x1)

[  217.662906] bridge0: port 2(bridge_slave_1) entered blocking state
[  217.669388] bridge0: port 2(bridge_slave_1) entered forwarding state
[  217.676405] bridge0: port 1(bridge_slave_0) entered blocking state
[  217.682941] bridge0: port 1(bridge_slave_0) entered forwarding state
[  217.690904] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  217.698404] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  219.348361] 8021q: adding VLAN 0 to HW filter on device bond0
[  220.125984] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  220.802608] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  220.809024] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  220.817121] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
11:49:24 executing program 3:
r0 = syz_open_dev$sndctrl(&(0x7f0000000040)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0xfffffffeffffffff}, 0x6, 0x0, 0x7, 0x0, 0x0, 0x0, 'syz1\x00', &(0x7f00000000c0)})

[  221.461363] 8021q: adding VLAN 0 to HW filter on device team0
[  224.415442] 8021q: adding VLAN 0 to HW filter on device bond0
11:49:28 executing program 1:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040), 0x4)
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
sendto$inet6(r0, &(0x7f0000000140), 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
recvmmsg(r0, &(0x7f0000008880), 0x8000000000003ab, 0x440000fe, 0x0)

11:49:28 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)

11:49:28 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000000)={0x8f, 0x0, [0x2]})
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe7000/0x18000)=nil, &(0x7f00000002c0)=[@text32={0x20, &(0x7f0000000180)="c4e39549a503000000ea0f20e035000010000f22e0360f23070f23922ef2f082350700000001650f0098b09931930f235fb9b6020000b800800000ba000000000f3066b8b4000f00d0c744240085290000c744240209000000c7442406000000000f011c24", 0x65}], 0x1, 0xfffffffffffffffd, &(0x7f0000000300), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

11:49:28 executing program 0:
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xee6b}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = memfd_create(&(0x7f0000000e40)="0000000000007225f78380807dde5053601841a0d0f82b74374852b01f125997622dc4a5e71d2ce5ac32ff90824fa25e59073487cf36ad576e32926b04894da740f7e9c0ffb42c356a1f285bfc8f0b8c6f72ef151dab4c5c2a5a751f04bfc69ac5c3b5168a6d13d826b1ed0c7527d58f54adc12fca1f25c8fc2586ea4d90f84dabcdec291fb780a39a117d12b0893b182098dceed33b222a1d413709ae355d4d297fe42c5d4e9d8bbd9d0c709cae47e88f8aa22a505b3e995b501f0d3753cd3510e87436612b401305f316177f6d4d4c70fd9d2621c3707ad88da7852596d89a59cb74505e675ac6ebc03faa3ee99889176b571135031afc973c52c5f6437b8143002b30d8fb92011c4994cc024e40497b2daeb06ad5308af486d0178a418f6bdb6940f07dc6e5cf1a3c852b401e3ecec45d22fd687928411b83f68bf7be4b21fdf0033cf949b8a76aa65d68ad885967c2cc3c2d60ec74fcf5de162c94ffe3e15775c1a1cfd9818d4c17a2f8d0a7302538f079e7b128ef123c8bb909000000000000003814c2aea86c35fbf4244a64635d32ff12e4dcb3df56e5d5d3882a9984993f8a7fef72d875d21c1e3bb2bc3e6e79a2b6d322f710f0378abc2095d32139e39f3223db9961309295e4c3c8e1b0001dd757aa000000000000000000000000000008eca80c7b0c", 0x0)
execveat(r0, &(0x7f0000000000)='\x00', &(0x7f00000001c0), &(0x7f00000001c0), 0x1000)

11:49:28 executing program 3:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x2, 0x0)
write$binfmt_elf32(r0, &(0x7f0000000380)=ANY=[@ANYBLOB="13"], 0x1)
mmap$binder(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x1000002, 0x1013, r0, 0x0)

[  224.779853] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html for details.
[  224.829140] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based  firewall rule not found. Use the iptables CT target to attach helpers instead.
[  224.908804] ==================================================================
[  224.916331] BUG: KMSAN: uninit-value in __vmx_flush_tlb+0x755/0x790
[  224.922779] CPU: 1 PID: 7632 Comm: syz-executor2 Not tainted 4.19.0-rc4+ #63
[  224.929982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  224.939358] Call Trace:
[  224.941976]  dump_stack+0x306/0x460
[  224.945631]  ? __vmx_flush_tlb+0x755/0x790
[  224.949902]  kmsan_report+0x1a3/0x2d0
[  224.953822]  __msan_warning+0x7c/0xe0
[  224.957659]  __vmx_flush_tlb+0x755/0x790
[  224.961756]  vmx_flush_tlb+0x94/0xb0
[  224.965509]  ? vmx_set_rflags+0x740/0x740
[  224.969690]  kvm_mmu_load+0x1656/0x3460
[  224.973708]  ? vmx_set_cr0+0x3510/0x3510
[  224.977820]  kvm_arch_vcpu_ioctl_run+0x879e/0x10a20
[  224.982958]  ? task_kmsan_context_state+0x6b/0x120
[  224.987926]  ? __msan_get_context_state+0x9/0x30
[  224.992707]  ? INIT_INT+0xc/0x30
[  224.996093]  ? task_kmsan_context_state+0x6b/0x120
[  225.001054]  ? __msan_metadata_ptr_for_store_1+0x13/0x20
[  225.007286]  ? kmsan_set_origin_inline+0x6b/0x120
[  225.012154]  ? __msan_poison_alloca+0x17a/0x210
[  225.016888]  ? put_pid+0x71/0x410
[  225.020366]  ? kvm_vcpu_ioctl+0x20a4/0x20b0
[  225.024810]  ? put_pid+0x1a9/0x410
[  225.028369]  ? __msan_metadata_ptr_for_load_8+0x10/0x20
[  225.033750]  ? get_task_pid+0x17b/0x270
[  225.037753]  kvm_vcpu_ioctl+0x11a7/0x20b0
[  225.041937]  ? do_vfs_ioctl+0x18a/0x2810
[  225.046010]  ? __se_sys_ioctl+0x1da/0x270
[  225.050174]  ? kvm_vm_release+0x90/0x90
[  225.054166]  do_vfs_ioctl+0xcf3/0x2810
[  225.058084]  ? security_file_ioctl+0x92/0x200
[  225.062606]  __se_sys_ioctl+0x1da/0x270
[  225.066604]  __x64_sys_ioctl+0x4a/0x70
[  225.070508]  do_syscall_64+0xbe/0x100
[  225.074330]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[  225.079538] RIP: 0033:0x457579
[  225.082750] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  225.101685] RSP: 002b:00007f108fd88c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  225.109430] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457579
[  225.116728] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  225.124028] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000
[  225.131325] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f108fd896d4
[  225.134403] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  225.138606] R13: 00000000004c003b R14: 00000000004d0108 R15: 00000000ffffffff
[  225.138630] Disabling lock debugging due to kernel taint
[  225.157423] Kernel panic - not syncing: panic_on_warn set ...
[  225.157423] 
[  225.164817] CPU: 1 PID: 7632 Comm: syz-executor2 Tainted: G    B             4.19.0-rc4+ #63
[  225.173401] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  225.182856] Call Trace:
[  225.185469]  dump_stack+0x306/0x460
[  225.189127]  panic+0x54c/0xafa
[  225.192359]  ? __msan_metadata_ptr_for_store_1+0x13/0x20
[  225.197825]  kmsan_report+0x2cd/0x2d0
[  225.201756]  __msan_warning+0x7c/0xe0
[  225.205588]  __vmx_flush_tlb+0x755/0x790
[  225.209675]  vmx_flush_tlb+0x94/0xb0
[  225.213528]  ? vmx_set_rflags+0x740/0x740
[  225.217693]  kvm_mmu_load+0x1656/0x3460
[  225.221789]  ? vmx_set_cr0+0x3510/0x3510
[  225.225880]  kvm_arch_vcpu_ioctl_run+0x879e/0x10a20
[  225.231001]  ? task_kmsan_context_state+0x6b/0x120
[  225.235963]  ? __msan_get_context_state+0x9/0x30
[  225.240739]  ? INIT_INT+0xc/0x30
[  225.244139]  ? task_kmsan_context_state+0x6b/0x120
[  225.249091]  ? __msan_metadata_ptr_for_store_1+0x13/0x20
[  225.254575]  ? kmsan_set_origin_inline+0x6b/0x120
[  225.259445]  ? __msan_poison_alloca+0x17a/0x210
[  225.264144]  ? put_pid+0x71/0x410
[  225.267620]  ? kvm_vcpu_ioctl+0x20a4/0x20b0
[  225.271969]  ? put_pid+0x1a9/0x410
[  225.275535]  ? __msan_metadata_ptr_for_load_8+0x10/0x20
[  225.282392]  ? get_task_pid+0x17b/0x270
[  225.286397]  kvm_vcpu_ioctl+0x11a7/0x20b0
[  225.290582]  ? do_vfs_ioctl+0x18a/0x2810
[  225.294675]  ? __se_sys_ioctl+0x1da/0x270
[  225.298838]  ? kvm_vm_release+0x90/0x90
[  225.302832]  do_vfs_ioctl+0xcf3/0x2810
[  225.306745]  ? security_file_ioctl+0x92/0x200
[  225.311271]  __se_sys_ioctl+0x1da/0x270
[  225.315275]  __x64_sys_ioctl+0x4a/0x70
[  225.319176]  do_syscall_64+0xbe/0x100
[  225.323000]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[  225.328210] RIP: 0033:0x457579
[  225.331410] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  225.350327] RSP: 002b:00007f108fd88c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  225.358051] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457579
[  225.365329] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  225.372607] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000
[  225.379923] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f108fd896d4
[  225.387204] R13: 00000000004c003b R14: 00000000004d0108 R15: 00000000ffffffff
[  225.395648] Kernel Offset: disabled
[  225.399279] Rebooting in 86400 seconds..