[   66.310106] audit: type=1800 audit(1542236420.377:25): pid=6748 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[   66.329463] audit: type=1800 audit(1542236420.397:26): pid=6748 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[   66.348886] audit: type=1800 audit(1542236420.417:27): pid=6748 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   67.785077] sshd (6814) used greatest stack depth: 52688 bytes left
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.99' (ECDSA) to the list of known hosts.
2018/11/14 23:00:34 fuzzer started
2018/11/14 23:00:39 dialing manager at 10.128.0.26:43625
2018/11/14 23:00:40 syscalls: 1
2018/11/14 23:00:40 code coverage: enabled
2018/11/14 23:00:40 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled
2018/11/14 23:00:40 setuid sandbox: enabled
2018/11/14 23:00:40 namespace sandbox: enabled
2018/11/14 23:00:40 Android sandbox: /sys/fs/selinux/policy does not exist
2018/11/14 23:00:40 fault injection: enabled
2018/11/14 23:00:40 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2018/11/14 23:00:40 net packed injection: enabled
2018/11/14 23:00:40 net device setup: enabled
23:03:41 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f00000001c0)=0x1)

syzkaller login: [  267.945206] IPVS: ftp: loaded support on port[0] = 21
[  270.386065] bridge0: port 1(bridge_slave_0) entered blocking state
[  270.392668] bridge0: port 1(bridge_slave_0) entered disabled state
[  270.401398] device bridge_slave_0 entered promiscuous mode
[  270.544347] bridge0: port 2(bridge_slave_1) entered blocking state
[  270.550799] bridge0: port 2(bridge_slave_1) entered disabled state
[  270.559504] device bridge_slave_1 entered promiscuous mode
[  270.699538] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  270.842546] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  271.286486] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  271.429501] bond0: Enslaving bond_slave_1 as an active interface with an up link
23:03:45 executing program 1:
ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0)
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x800)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff)
ioctl$BINDER_SET_MAX_THREADS(r0, 0xc0306201, 0x0)
ioctl$KVM_IRQ_LINE_STATUS(0xffffffffffffffff, 0xc008ae67, &(0x7f0000000100))

[  271.825788] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[  271.833022] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  272.296389] IPVS: ftp: loaded support on port[0] = 21
[  272.559073] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  272.567382] team0: Port device team_slave_0 added
[  272.806560] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  272.814678] team0: Port device team_slave_1 added
[  272.965300] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[  272.972476] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  272.981459] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  273.226453] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[  273.233704] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  273.242748] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  273.462497] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  273.470211] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  273.479777] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  273.736936] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  273.744733] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  273.753868] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  276.129806] bridge0: port 1(bridge_slave_0) entered blocking state
[  276.136490] bridge0: port 1(bridge_slave_0) entered disabled state
[  276.145537] device bridge_slave_0 entered promiscuous mode
[  276.245341] bridge0: port 2(bridge_slave_1) entered blocking state
[  276.251975] bridge0: port 2(bridge_slave_1) entered forwarding state
[  276.258972] bridge0: port 1(bridge_slave_0) entered blocking state
[  276.265504] bridge0: port 1(bridge_slave_0) entered forwarding state
[  276.274499] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  276.365212] bridge0: port 2(bridge_slave_1) entered blocking state
[  276.371706] bridge0: port 2(bridge_slave_1) entered disabled state
[  276.380761] device bridge_slave_1 entered promiscuous mode
[  276.619462] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  276.874095] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  276.953051] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  277.601129] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  277.889696] bond0: Enslaving bond_slave_1 as an active interface with an up link
23:03:52 executing program 2:
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0)=[{{&(0x7f0000000500)=@pppoe={0x18, 0x0, {0x0, @random}}, 0x80, &(0x7f0000001940)=[{&(0x7f0000000100)=""/141, 0x8d}], 0x1, &(0x7f00000019c0)=""/23, 0xfffffffffffffe50}}], 0x1, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/netstat\x00')
getsockopt$IPT_SO_GET_INFO(r0, 0x0, 0x40, &(0x7f0000000040)={'filter\x00'}, &(0x7f00000001c0)=0x54)
preadv(r0, &(0x7f00000017c0), 0x1d0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='filter\x00', r0}, 0x10)

[  278.181575] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[  278.188850] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  278.460050] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[  278.467318] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  278.960495] IPVS: ftp: loaded support on port[0] = 21
[  279.338970] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  279.347240] team0: Port device team_slave_0 added
[  279.607987] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  279.616306] team0: Port device team_slave_1 added
[  279.946504] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[  279.954853] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  279.964174] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  280.220860] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[  280.228463] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  280.237350] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  280.538091] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  280.545878] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  280.555237] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  280.868384] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  280.876183] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  280.885261] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  283.911485] bridge0: port 1(bridge_slave_0) entered blocking state
[  283.918181] bridge0: port 1(bridge_slave_0) entered disabled state
[  283.926917] device bridge_slave_0 entered promiscuous mode
[  284.076233] bridge0: port 2(bridge_slave_1) entered blocking state
[  284.082809] bridge0: port 2(bridge_slave_1) entered forwarding state
[  284.089734] bridge0: port 1(bridge_slave_0) entered blocking state
[  284.096381] bridge0: port 1(bridge_slave_0) entered forwarding state
[  284.105307] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  284.245808] bridge0: port 2(bridge_slave_1) entered blocking state
[  284.252483] bridge0: port 2(bridge_slave_1) entered disabled state
[  284.261066] device bridge_slave_1 entered promiscuous mode
[  284.392386] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  284.614095] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  284.968278] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  285.890697] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  286.211140] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  286.488290] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[  286.495701] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  286.717742] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[  286.724959] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
23:04:01 executing program 3:
clone(0x2102001fff, 0x0, 0xfffffffffffffffe, &(0x7f0000000200), 0xffffffffffffffff)
rt_sigtimedwait(&(0x7f0000000000), 0x0, &(0x7f0000000040)={0x0, 0x1c9c380}, 0x8)
r0 = getpid()
rt_tgsigqueueinfo(r0, r0, 0x16, &(0x7f0000000100))
ptrace(0x10, r0)
ptrace$cont(0x420d, r0, 0x0, 0x0)

[  287.749419] 8021q: adding VLAN 0 to HW filter on device bond0
[  287.819895] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  287.828213] team0: Port device team_slave_0 added
[  288.166423] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  288.174868] team0: Port device team_slave_1 added
[  288.524944] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[  288.532190] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  288.540942] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  288.699686] IPVS: ftp: loaded support on port[0] = 21
[  288.871499] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[  288.878916] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  288.888001] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  289.245245] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  289.300750] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  289.308772] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  289.317907] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  289.678508] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  289.686324] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  289.695840] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  290.779309] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  290.786015] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  290.794617] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  292.164934] 8021q: adding VLAN 0 to HW filter on device team0
[  293.819407] bridge0: port 2(bridge_slave_1) entered blocking state
[  293.825976] bridge0: port 2(bridge_slave_1) entered forwarding state
[  293.833977] bridge0: port 1(bridge_slave_0) entered blocking state
[  293.840439] bridge0: port 1(bridge_slave_0) entered forwarding state
[  293.849568] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  293.893263] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  294.757787] bridge0: port 1(bridge_slave_0) entered blocking state
[  294.764385] bridge0: port 1(bridge_slave_0) entered disabled state
[  294.773232] device bridge_slave_0 entered promiscuous mode
[  295.156124] bridge0: port 2(bridge_slave_1) entered blocking state
[  295.162944] bridge0: port 2(bridge_slave_1) entered disabled state
[  295.171419] device bridge_slave_1 entered promiscuous mode
[  295.567010] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  295.939210] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  297.075244] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  297.420351] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  297.810292] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[  297.817463] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  298.225711] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[  298.233008] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  298.286611] 8021q: adding VLAN 0 to HW filter on device bond0
23:04:13 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000003000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000100)="0f20e06635040000000f22e0baf80c66b894b1618466efbafc0c66b8c700c0fe66ef0f0866b8204783760f23d00f21f866352000000d0f23f80f235a0f210c673e0f236a650f1b8bf9f7baf80c66b82cce0c8466efbafc0cec0f20e06635002000000f22e0", 0x65}], 0xaaaaaaaaaaaab79, 0x0, &(0x7f0000000480), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  299.282401] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  299.290502] team0: Port device team_slave_0 added
[  299.659935] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  299.668179] team0: Port device team_slave_1 added
[  299.719273] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  300.135824] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[  300.143085] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  300.152046] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  300.603785] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[  300.610877] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  300.619719] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
23:04:14 executing program 0:
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000040))
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mq_open(&(0x7f0000000a00)='lo.\x00', 0x2, 0x0, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x0, 0x0)
readv(r1, &(0x7f00000000c0)=[{&(0x7f0000000200)=""/255, 0x443}], 0x1000000000000248)
r2 = syz_open_dev$mouse(&(0x7f0000000300)='/dev/input/mouse#\x00', 0x5, 0x1)
ioctl$VIDIOC_S_TUNER(r2, 0x4054561e, &(0x7f0000000400)={0x6, "11dd303e1b2f45a0a9140c0098669cf51825f64e62601571947fd10bf0ade3d3", 0x0, 0x400, 0x4f, 0x0, 0x4, 0x4, 0x3})
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000180)='/dev/hwrng\x00', 0x20000, 0x0)
getpgrp(0x0)
ioctl$SG_SET_KEEP_ORPHAN(0xffffffffffffffff, 0x2287, &(0x7f0000000900))
r4 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000500)='/dev/sequencer2\x00', 0x0, 0x0)
getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000700)={0x0, @in6={{0xa, 0x4e20, 0x0, @remote}}}, &(0x7f00000007c0)=0x84)
ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc))
r5 = syz_open_pts(r1, 0x2)
dup3(r5, r1, 0x0)
write(r1, &(0x7f0000c34fff), 0xffffff0b)
socket$inet_udp(0x2, 0x2, 0x0)
ioctl$BLKPG(r3, 0x1269, &(0x7f00000005c0)={0x8, 0x8, 0xa0, &(0x7f0000000800)="5789b8d0914ebda8fa0ff496c3d82fec252568219c2211b9784783b4c21f8bc8620646b067b2e4e328a4616e7f33140c584a63ee474f01174f9ac102024be2bc2c9273fc75161f4456ce6675929f57d8df9af6a4fcb97cd7861c1c111bf8428efaf8b4f30dbcbddbac164d03051d2fb4f71aed2dc64bd06651bd3bb3afc117beb8ba187a180b6e4daea0063fe34b69b55c858957c4882bd5561f6cff0bc310d8"})
chroot(&(0x7f0000000340)='./file0\x00')
name_to_handle_at(0xffffffffffffffff, &(0x7f0000000380)='./file0\x00', &(0x7f0000000540)=ANY=[@ANYBLOB="2800000000fcffd6ffd1301ed5047b98f1004d0000000000"], &(0x7f0000000600), 0xe64455e5a85b7897)
syz_open_dev$sg(&(0x7f0000000080)='/dev/sg#\x00', 0x0, 0x4080)
openat$zero(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/zero\x00', 0x0, 0x0)
openat(0xffffffffffffffff, &(0x7f0000000940)='./file0\x00', 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r4, 0x84, 0xc, &(0x7f0000000680)=0x5, 0xd)
setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r4, 0x84, 0x78, &(0x7f0000000480), 0x4)

[  300.699084] IPVS: ftp: loaded support on port[0] = 21
[  300.948428] hrtimer: interrupt took 64108 ns
[  301.027740] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  301.035547] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  301.044755] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  301.611596] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  301.619346] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  301.628589] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  301.731330] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  301.737870] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  301.745872] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
23:04:16 executing program 0:
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r0, 0x0)
fcntl$F_SET_RW_HINT(r0, 0x40c, &(0x7f0000000080))
ioctl$PERF_EVENT_IOC_RESET(r0, 0x2403, 0x200800000061f3)
r1 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x81, 0x4080)
setsockopt$bt_BT_SECURITY(r1, 0x112, 0x4, &(0x7f0000000040)={0x92, 0x10001}, 0x2)

23:04:16 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = accept4(r0, 0x0, &(0x7f0000000080), 0x0)
getsockopt$IPT_SO_GET_ENTRIES(r1, 0x0, 0x41, &(0x7f00000000c0)={'mangle\x00', 0xd6, "889ff9357fc5e9b7f4aad92dd1f1540993441bb0bb33fcabb21fced3f4b2546422c0ab4d0cbd5293404187c140cff19b41e366f251fd2e34a6624bfd67c92273282f295c261c1f8dfe71a14fc12d78e5f12878a8354ca243fce05a9e0b5c58094d9fa58acc04c320d72a56d112be3f90dfa19479232aeec889c1513f58c1e91eda4d94f1f948054f5d8b53b7877ec39dcd94dada8549783085ae8e9611e058f3bbda63a22d7fee0c42ecc7d09c21234caf1eb93fb2b26df71d6b85b16c5e9decc7e352b4444a6b17afc43085bae6689ea77356cd2a99"}, &(0x7f0000000000)=0xfa)

23:04:16 executing program 0:
r0 = syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x8, 0x10000)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000026c0)={0x53, 0x0, 0x50, 0xfffffffffffeffff, @scatter={0x9, 0x0, &(0x7f00000024c0)=[{&(0x7f0000000040)=""/4, 0x4}, {&(0x7f0000000180)=""/4096, 0x1000}, {&(0x7f0000001180)=""/157, 0x9d}, {&(0x7f0000000080)=""/21, 0x15}, {&(0x7f0000001240)=""/4096, 0x1000}, {&(0x7f0000002240)=""/118, 0x76}, {&(0x7f00000022c0)=""/193, 0xc1}, {&(0x7f00000023c0)=""/252, 0xfc}, {&(0x7f00000000c0)=""/60, 0x3c}]}, &(0x7f0000002580)="9c62fa5fbc7e61859f7ba8b7b18e4ad0cabe785efcea0482f982f8f9cbafba052635b7aff0c87d43179c15d4b6fa2c2c27c1116e0091ae976d432e76f80b8a8427998f9d84a4b7c935428b940fa81296", &(0x7f0000002600)=""/113, 0x8, 0x2, 0x3, &(0x7f0000002680)})
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'tgr192-generic\x00'}, 0x67)
r2 = accept$alg(r1, 0x0, 0x0)
sendmmsg(r2, &(0x7f0000007f00)=[{{&(0x7f00000056c0)=@can, 0x10, &(0x7f00000000c0)}}, {{&(0x7f0000005900)=@pppoe={0x18, 0x0, {0x0, @link_local, 'syzkaller0\x00'}}, 0x80, &(0x7f0000007ac0), 0x1a9, &(0x7f0000007b00), 0x4000}}], 0x3fffffffffffe0d, 0x7ffff000)
sendmmsg$alg(r2, &(0x7f0000004d00)=[{0x0, 0x0, &(0x7f00000016c0), 0x0, &(0x7f0000001780)}], 0x1, 0x0)

[  303.460629] not chained 10000 origins
[  303.464518] CPU: 1 PID: 7634 Comm: ip Not tainted 4.20.0-rc2+ #85
[  303.470766] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  303.480141] Call Trace:
[  303.482766]  dump_stack+0x32d/0x480
[  303.486431]  ? save_stack_trace+0xc6/0x110
[  303.490720]  kmsan_internal_chain_origin+0x222/0x240
[  303.495866]  ? kmsan_internal_chain_origin+0x136/0x240
[  303.501186]  ? __msan_chain_origin+0x6d/0xb0
[  303.505638]  ? __save_stack_trace+0x833/0xc60
[  303.510195]  ? save_stack_trace+0xc6/0x110
[  303.514453]  ? kmsan_internal_chain_origin+0x136/0x240
[  303.519755]  ? kmsan_memcpy_origins+0x13d/0x190
[  303.524452]  ? __msan_memcpy+0x6f/0x80
[  303.528369]  ? nla_put+0x20a/0x2d0
[  303.531941]  ? br_port_fill_attrs+0x366/0x1ea0
[  303.536549]  ? br_port_fill_slave_info+0xff/0x120
[  303.541421]  ? rtnl_fill_ifinfo+0x5b6e/0x6d80
[  303.545939]  ? rtnl_dump_ifinfo+0x18b5/0x2140
[  303.550456]  ? netlink_dump+0xc79/0x1c90
[  303.554536]  ? netlink_recvmsg+0xec2/0x19d0
[  303.558880]  ? sock_recvmsg+0x1d1/0x230
[  303.562871]  ? ___sys_recvmsg+0x444/0xae0
[  303.567036]  ? __se_sys_recvmsg+0x2fa/0x450
[  303.571375]  ? __x64_sys_recvmsg+0x4a/0x70
[  303.575633]  ? do_syscall_64+0xcf/0x110
[  303.579643]  ? entry_SYSCALL_64_after_hwframe+0x63/0xe7
[  303.585044]  ? __irqentry_text_end+0x1fa056/0x1fa056
[  303.590201]  ? kmsan_internal_chain_origin+0x1e3/0x240
[  303.595530]  ? kmsan_internal_chain_origin+0x136/0x240
[  303.600833]  ? __msan_chain_origin+0x6d/0xb0
[  303.605267]  ? save_stack_trace+0xfa/0x110
[  303.609565]  ? kmsan_internal_chain_origin+0x136/0x240
[  303.614883]  ? kmsan_memcpy_origins+0x13d/0x190
[  303.619594]  ? __msan_metadata_ptr_for_store_8+0x13/0x20
[  303.625067]  ? in_task_stack+0x12c/0x210
[  303.629176]  __msan_chain_origin+0x6d/0xb0
[  303.633439]  ? rtnl_fill_ifinfo+0x5b6e/0x6d80
[  303.637959]  __save_stack_trace+0x8be/0xc60
[  303.642308]  ? get_page_from_freelist+0x1617/0x1c90
[  303.647383]  ? rtnl_fill_ifinfo+0x5b6e/0x6d80
[  303.651914]  save_stack_trace+0xc6/0x110
[  303.656007]  kmsan_internal_chain_origin+0x136/0x240
[  303.661183]  ? kmsan_internal_chain_origin+0x136/0x240
[  303.666494]  ? kmsan_memcpy_origins+0x13d/0x190
[  303.671208]  ? __msan_memcpy+0x6f/0x80
[  303.675124]  ? nla_put+0x20a/0x2d0
[  303.678695]  ? br_port_fill_attrs+0x366/0x1ea0
[  303.683303]  ? br_port_fill_slave_info+0xff/0x120
[  303.688179]  ? __msan_metadata_ptr_for_load_8+0x10/0x20
[  303.693582]  ? __msan_poison_alloca+0x1e0/0x270
[  303.698309]  ? kmsan_set_origin+0x7f/0x100
[  303.702590]  ? kmsan_internal_unpoison_shadow+0x83/0xd0
[  303.707990]  kmsan_memcpy_origins+0x13d/0x190
[  303.712559]  __msan_memcpy+0x6f/0x80
[  303.716323]  nla_put+0x20a/0x2d0
[  303.719733]  br_port_fill_attrs+0x366/0x1ea0
[  303.724191]  br_port_fill_slave_info+0xff/0x120
[  303.729234]  ? br_port_get_slave_size+0x30/0x30
[  303.733936]  rtnl_fill_ifinfo+0x5b6e/0x6d80
[  303.738350]  rtnl_dump_ifinfo+0x18b5/0x2140
[  303.742828]  ? kmsan_internal_unpoison_shadow+0x83/0xd0
[  303.748231]  ? rtnl_getlink+0xec0/0xec0
[  303.752229]  netlink_dump+0xc79/0x1c90
[  303.756185]  netlink_recvmsg+0xec2/0x19d0
[  303.760395]  sock_recvmsg+0x1d1/0x230
[  303.764223]  ? netlink_sendmsg+0x1440/0x1440
[  303.768671]  ___sys_recvmsg+0x444/0xae0
[  303.772712]  ? __msan_poison_alloca+0x1e0/0x270
[  303.777430]  ? __msan_metadata_ptr_for_load_4+0x10/0x20
[  303.782818]  ? __fdget+0x23c/0x440
[  303.786399]  __se_sys_recvmsg+0x2fa/0x450
[  303.790597]  __x64_sys_recvmsg+0x4a/0x70
[  303.794692]  do_syscall_64+0xcf/0x110
[  303.798530]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[  303.803757] RIP: 0033:0x7f56c29e4210
[  303.807496] Code: 31 d2 48 29 c2 64 89 11 48 83 c8 ff eb ea 90 90 90 90 90 90 90 90 90 90 90 90 83 3d e5 d3 2a 00 00 75 10 b8 2f 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 6e bb 00 00 48 89 04 24
[  303.826421] RSP: 002b:00007ffff52c7f38 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  303.834614] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f56c29e4210
[  303.841910] RDX: 0000000000000000 RSI: 00007ffff52c7f80 RDI: 0000000000000003
[  303.849199] RBP: 0000000000001c28 R08: 00007f56c2c8dec8 R09: 00007f56c2a2ac00
[  303.856504] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006395c0
[  303.863790] R13: 00007ffff52cc010 R14: 0000000000001c28 R15: 00007ffff52c9be8
[  303.871103] Uninit was stored to memory at:
[  303.875457]  kmsan_internal_chain_origin+0x136/0x240
[  303.880605]  __msan_chain_origin+0x6d/0xb0
[  303.884858]  __save_stack_trace+0x8be/0xc60
[  303.889208]  save_stack_trace+0xc6/0x110
[  303.893296]  kmsan_internal_chain_origin+0x136/0x240
[  303.898421]  kmsan_memcpy_origins+0x13d/0x190
[  303.902938]  __msan_memcpy+0x6f/0x80
[  303.906680]  nla_put+0x20a/0x2d0
[  303.910070]  br_port_fill_attrs+0x366/0x1ea0
[  303.914497]  br_port_fill_slave_info+0xff/0x120
[  303.919191]  rtnl_fill_ifinfo+0x5b6e/0x6d80
[  303.923564]  rtnl_dump_ifinfo+0x18b5/0x2140
[  303.927918]  netlink_dump+0xc79/0x1c90
[  303.931827]  netlink_recvmsg+0xec2/0x19d0
[  303.936000]  sock_recvmsg+0x1d1/0x230
[  303.939821]  ___sys_recvmsg+0x444/0xae0
[  303.943813]  __se_sys_recvmsg+0x2fa/0x450
[  303.947982]  __x64_sys_recvmsg+0x4a/0x70
[  303.952061]  do_syscall_64+0xcf/0x110
[  303.955885]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[  303.961087] 
[  303.962729] Uninit was stored to memory at:
[  303.967076]  kmsan_internal_chain_origin+0x136/0x240
[  303.972202]  __msan_chain_origin+0x6d/0xb0
[  303.976463]  __save_stack_trace+0x8be/0xc60
[  303.980802]  save_stack_trace+0xc6/0x110
[  303.984881]  kmsan_internal_chain_origin+0x136/0x240
[  303.990003]  kmsan_memcpy_origins+0x13d/0x190
[  303.994517]  __msan_memcpy+0x6f/0x80
[  303.998251]  nla_put+0x20a/0x2d0
[  304.001639]  br_port_fill_attrs+0x366/0x1ea0
[  304.006078]  br_port_fill_slave_info+0xff/0x120
[  304.010765]  rtnl_fill_ifinfo+0x5b6e/0x6d80
[  304.015105]  rtnl_dump_ifinfo+0x18b5/0x2140
[  304.019473]  netlink_dump+0xc79/0x1c90
[  304.023378]  netlink_recvmsg+0xec2/0x19d0
[  304.027548]  sock_recvmsg+0x1d1/0x230
[  304.031365]  ___sys_recvmsg+0x444/0xae0
[  304.035373]  __se_sys_recvmsg+0x2fa/0x450
[  304.039536]  __x64_sys_recvmsg+0x4a/0x70
[  304.043618]  do_syscall_64+0xcf/0x110
[  304.047517]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[  304.052714] 
[  304.054349] Uninit was stored to memory at:
[  304.058709]  kmsan_internal_chain_origin+0x136/0x240
[  304.063840]  __msan_chain_origin+0x6d/0xb0
[  304.068100]  __save_stack_trace+0x8be/0xc60
[  304.072440]  save_stack_trace+0xc6/0x110
[  304.076543]  kmsan_internal_chain_origin+0x136/0x240
[  304.081703]  kmsan_memcpy_origins+0x13d/0x190
[  304.086237]  __msan_memcpy+0x6f/0x80
[  304.089970]  nla_put+0x20a/0x2d0
[  304.093353]  br_port_fill_attrs+0x366/0x1ea0
[  304.097824]  br_port_fill_slave_info+0xff/0x120
[  304.102512]  rtnl_fill_ifinfo+0x5b6e/0x6d80
[  304.106850]  rtnl_dump_ifinfo+0x18b5/0x2140
[  304.111211]  netlink_dump+0xc79/0x1c90
[  304.115130]  netlink_recvmsg+0xec2/0x19d0
[  304.119305]  sock_recvmsg+0x1d1/0x230
[  304.123125]  ___sys_recvmsg+0x444/0xae0
[  304.127187]  __se_sys_recvmsg+0x2fa/0x450
[  304.131386]  __x64_sys_recvmsg+0x4a/0x70
[  304.135470]  do_syscall_64+0xcf/0x110
[  304.139293]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[  304.144542] 
[  304.146226] Uninit was stored to memory at:
[  304.150567]  kmsan_internal_chain_origin+0x136/0x240
[  304.155701]  __msan_chain_origin+0x6d/0xb0
[  304.159958]  __save_stack_trace+0x8be/0xc60
[  304.164297]  save_stack_trace+0xc6/0x110
[  304.168374]  kmsan_internal_chain_origin+0x136/0x240
[  304.173511]  kmsan_memcpy_origins+0x13d/0x190
[  304.178045]  __msan_memcpy+0x6f/0x80
[  304.181782]  nla_put+0x20a/0x2d0
[  304.185176]  br_port_fill_attrs+0x366/0x1ea0
[  304.189599]  br_port_fill_slave_info+0xff/0x120
[  304.194288]  rtnl_fill_ifinfo+0x5b6e/0x6d80
[  304.198625]  rtnl_dump_ifinfo+0x18b5/0x2140
[  304.202980]  netlink_dump+0xc79/0x1c90
[  304.206885]  netlink_recvmsg+0xec2/0x19d0
[  304.211056]  sock_recvmsg+0x1d1/0x230
[  304.214871]  ___sys_recvmsg+0x444/0xae0
[  304.218864]  __se_sys_recvmsg+0x2fa/0x450
[  304.223030]  __x64_sys_recvmsg+0x4a/0x70
[  304.227130]  do_syscall_64+0xcf/0x110
[  304.230959]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[  304.236178] 
[  304.237811] Uninit was stored to memory at:
[  304.242154]  kmsan_internal_chain_origin+0x136/0x240
[  304.247297]  __msan_chain_origin+0x6d/0xb0
[  304.251565]  __save_stack_trace+0x8be/0xc60
[  304.255908]  save_stack_trace+0xc6/0x110
[  304.259990]  kmsan_internal_chain_origin+0x136/0x240
[  304.265161]  kmsan_memcpy_origins+0x13d/0x190
[  304.269725]  __msan_memcpy+0x6f/0x80
[  304.273487]  nla_put+0x20a/0x2d0
[  304.276930]  br_port_fill_attrs+0x366/0x1ea0
[  304.281360]  br_port_fill_slave_info+0xff/0x120
[  304.286046]  rtnl_fill_ifinfo+0x5b6e/0x6d80
[  304.290383]  rtnl_dump_ifinfo+0x18b5/0x2140
[  304.294742]  netlink_dump+0xc79/0x1c90
[  304.298649]  netlink_recvmsg+0xec2/0x19d0
[  304.302829]  sock_recvmsg+0x1d1/0x230
[  304.306645]  ___sys_recvmsg+0x444/0xae0
[  304.310675]  __se_sys_recvmsg+0x2fa/0x450
[  304.314844]  __x64_sys_recvmsg+0x4a/0x70
[  304.318942]  do_syscall_64+0xcf/0x110
[  304.322770]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[  304.327965] 
[  304.329603] Uninit was stored to memory at:
[  304.333941]  kmsan_internal_chain_origin+0x136/0x240
[  304.339066]  __msan_chain_origin+0x6d/0xb0
[  304.343321]  __save_stack_trace+0x8be/0xc60
[  304.347675]  save_stack_trace+0xc6/0x110
[  304.351773]  kmsan_internal_chain_origin+0x136/0x240
[  304.356896]  kmsan_memcpy_origins+0x13d/0x190
[  304.361428]  __msan_memcpy+0x6f/0x80
[  304.365160]  nla_put+0x20a/0x2d0
[  304.368549]  br_port_fill_attrs+0x366/0x1ea0
[  304.372976]  br_port_fill_slave_info+0xff/0x120
[  304.377688]  rtnl_fill_ifinfo+0x5b6e/0x6d80
[  304.382031]  rtnl_dump_ifinfo+0x18b5/0x2140
[  304.386372]  netlink_dump+0xc79/0x1c90
[  304.390294]  netlink_recvmsg+0xec2/0x19d0
[  304.394480]  sock_recvmsg+0x1d1/0x230
[  304.398297]  ___sys_recvmsg+0x444/0xae0
[  304.402290]  __se_sys_recvmsg+0x2fa/0x450
[  304.406452]  __x64_sys_recvmsg+0x4a/0x70
[  304.410529]  do_syscall_64+0xcf/0x110
[  304.414355]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[  304.419548] 
[  304.421184] Uninit was stored to memory at:
[  304.425528]  kmsan_internal_chain_origin+0x136/0x240
[  304.430670]  __msan_chain_origin+0x6d/0xb0
[  304.434948]  __save_stack_trace+0x8be/0xc60
[  304.439291]  save_stack_trace+0xc6/0x110
[  304.443380]  kmsan_internal_chain_origin+0x136/0x240
[  304.448502]  kmsan_memcpy_origins+0x13d/0x190
[  304.453021]  __msan_memcpy+0x6f/0x80
[  304.456754]  nla_put+0x20a/0x2d0
[  304.460141]  br_port_fill_attrs+0x366/0x1ea0
[  304.464577]  br_port_fill_slave_info+0xff/0x120
[  304.469265]  rtnl_fill_ifinfo+0x5b6e/0x6d80
[  304.473603]  rtnl_dump_ifinfo+0x18b5/0x2140
[  304.477946]  netlink_dump+0xc79/0x1c90
[  304.481868]  netlink_recvmsg+0xec2/0x19d0
[  304.486037]  sock_recvmsg+0x1d1/0x230
[  304.489857]  ___sys_recvmsg+0x444/0xae0
[  304.493851]  __se_sys_recvmsg+0x2fa/0x450
[  304.498036]  __x64_sys_recvmsg+0x4a/0x70
[  304.502128]  do_syscall_64+0xcf/0x110
[  304.505960]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[  304.511176] 
23:04:18 executing program 0:
r0 = syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x8, 0x10000)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000026c0)={0x53, 0x0, 0x50, 0xfffffffffffeffff, @scatter={0x9, 0x0, &(0x7f00000024c0)=[{&(0x7f0000000040)=""/4, 0x4}, {&(0x7f0000000180)=""/4096, 0x1000}, {&(0x7f0000001180)=""/157, 0x9d}, {&(0x7f0000000080)=""/21, 0x15}, {&(0x7f0000001240)=""/4096, 0x1000}, {&(0x7f0000002240)=""/118, 0x76}, {&(0x7f00000022c0)=""/193, 0xc1}, {&(0x7f00000023c0)=""/252, 0xfc}, {&(0x7f00000000c0)=""/60, 0x3c}]}, &(0x7f0000002580)="9c62fa5fbc7e61859f7ba8b7b18e4ad0cabe785efcea0482f982f8f9cbafba052635b7aff0c87d43179c15d4b6fa2c2c27c1116e0091ae976d432e76f80b8a8427998f9d84a4b7c935428b940fa81296", &(0x7f0000002600)=""/113, 0x8, 0x2, 0x3, &(0x7f0000002680)})
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'tgr192-generic\x00'}, 0x67)
r2 = accept$alg(r1, 0x0, 0x0)
sendmmsg(r2, &(0x7f0000007f00)=[{{&(0x7f00000056c0)=@can, 0x10, &(0x7f00000000c0)}}, {{&(0x7f0000005900)=@pppoe={0x18, 0x0, {0x0, @link_local, 'syzkaller0\x00'}}, 0x80, &(0x7f0000007ac0), 0x1a9, &(0x7f0000007b00), 0x4000}}], 0x3fffffffffffe0d, 0x7ffff000)
sendmmsg$alg(r2, &(0x7f0000004d00)=[{0x0, 0x0, &(0x7f00000016c0), 0x0, &(0x7f0000001780)}], 0x1, 0x0)

[  304.512830] Local variable description: ----v.addr.i.i108@update_curr
[  304.519413] Variable was created at:
[  304.523164]  update_curr+0x62/0x2100
[  304.526901]  pick_next_task_fair+0x29c/0x3060
23:04:18 executing program 0:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = perf_event_open(&(0x7f0000000240)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x4000000005, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000040)=@req={0x3, 0x6, 0x8, 0x313}, 0x10)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r1, 0x4008240b, &(0x7f0000000080)={0x5, 0x70, 0x6, 0x3f, 0x185, 0xfffffffffffffffb, 0x0, 0x2, 0x98340, 0xa, 0x4, 0xfffffffffffffff9, 0x1, 0x9, 0x8001, 0xffff, 0x4, 0x5c7, 0x0, 0x1, 0xfffffffffffffffe, 0x0, 0x12eb06ef, 0xffffffff, 0x80000000, 0x4, 0x8, 0x7fffffff, 0x81, 0x40, 0x7, 0x3, 0x1, 0x4, 0x0, 0x100, 0x5, 0x1, 0x0, 0x7, 0x1, @perf_config_ext={0x6, 0xdd}, 0x10004, 0x1d81, 0x4e, 0x4, 0xf7, 0xffff})
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000007affc)={0x3, 0x0, 0xa000}, 0x4)

23:04:19 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_netfilter(r0, &(0x7f0000dddfc8)={&(0x7f0000000080), 0xc, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c00000005060501ff0080fffdffff2e0a00000300000000060000007d0a00010c000200000022ff02f10000"], 0x2c}}, 0x0)

[  305.555761] netlink: 24 bytes leftover after parsing attributes in process `syz-executor0'.
23:04:19 executing program 0:
set_mempolicy(0x4002, &(0x7f0000000000)=0x3, 0x9)
mmap(&(0x7f00006bb000/0x1000)=nil, 0x1000, 0xa, 0x44031, 0xffffffffffffffff, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')

[  306.574205] 8021q: adding VLAN 0 to HW filter on device team0
[  306.776561] bridge0: port 2(bridge_slave_1) entered blocking state
[  306.783180] bridge0: port 2(bridge_slave_1) entered forwarding state
[  306.790225] bridge0: port 1(bridge_slave_0) entered blocking state
[  306.796884] bridge0: port 1(bridge_slave_0) entered forwarding state
[  306.805559] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  307.303038] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  308.072911] bridge0: port 1(bridge_slave_0) entered blocking state
[  308.079463] bridge0: port 1(bridge_slave_0) entered disabled state
[  308.088492] device bridge_slave_0 entered promiscuous mode
[  308.444361] bridge0: port 2(bridge_slave_1) entered blocking state
[  308.450850] bridge0: port 2(bridge_slave_1) entered disabled state
[  308.459750] device bridge_slave_1 entered promiscuous mode
[  308.851239] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  309.247905] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  310.391078] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  310.684572] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  311.003333] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[  311.010392] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  311.066783] 8021q: adding VLAN 0 to HW filter on device bond0
[  311.273544] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[  311.281398] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  312.156775] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  312.165009] team0: Port device team_slave_0 added
[  312.198008] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  312.469120] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  312.477501] team0: Port device team_slave_1 added
[  312.767769] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[  312.776323] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  312.785258] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  313.102063] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[  313.109141] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  313.118033] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  313.382362] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  313.390060] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  313.399195] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  313.436235] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  313.442897] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  313.450895] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  313.676444] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  313.684586] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  313.693880] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
23:04:28 executing program 1:

[  314.078064] binder: 7877:7878 ioctl c0306201 0 returned -14
[  314.086349] binder: 7880:7880 ioctl c0306201 0 returned -14
[  314.676695] 8021q: adding VLAN 0 to HW filter on device team0
[  316.159530] bridge0: port 2(bridge_slave_1) entered blocking state
[  316.166129] bridge0: port 2(bridge_slave_1) entered forwarding state
[  316.173241] bridge0: port 1(bridge_slave_0) entered blocking state
[  316.179736] bridge0: port 1(bridge_slave_0) entered forwarding state
[  316.188728] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  316.195633] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  318.107022] 8021q: adding VLAN 0 to HW filter on device bond0
[  318.960562] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  319.811974] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  319.818381] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  319.826341] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
23:04:34 executing program 2:

[  320.580347] 8021q: adding VLAN 0 to HW filter on device team0
[  323.735488] 8021q: adding VLAN 0 to HW filter on device bond0
23:04:38 executing program 3:

[  324.000233] ptrace attach of "/root/syz-executor3"[8171] was attempted by "/root/syz-executor3"[8175]
[  324.248411] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  324.535846] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  324.542260] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  324.549927] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  324.851462] 8021q: adding VLAN 0 to HW filter on device team0
[  326.717835] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html for details.
23:04:40 executing program 4:

23:04:40 executing program 0:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc), 0x4)
syz_emit_ethernet(0x12, &(0x7f00000000c0)={@empty, @empty, [{}]}, &(0x7f0000000040))
rt_sigreturn()
r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x10002, 0x0)
write$P9_RSYMLINK(r1, &(0x7f0000000080)={0x14, 0x11, 0x1, {0x52, 0x4, 0x1}}, 0x14)

23:04:40 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x200000, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000040)='/dev/input/mice\x00', 0x0, 0x200200)
setsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r1, 0x84, 0x13, &(0x7f0000000080)=0x7ff, 0x4)
ioctl$SG_SET_KEEP_ORPHAN(r1, 0x2287, &(0x7f00000000c0)=0x7360)
bind$vsock_stream(r1, &(0x7f0000000100)={0x28, 0x0, 0x0, @hyper}, 0x10)
unlink(&(0x7f0000000140)='./file0\x00')
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000280)={<r2=>0x0, 0xcc, &(0x7f0000000180)=[@in={0x2, 0x4e20}, @in6={0xa, 0x4e21, 0x4, @mcast2, 0x2}, @in={0x2, 0x4e23, @multicast1}, @in6={0xa, 0x4e22, 0x3, @loopback, 0x58b921a3}, @in6={0xa, 0x4e23, 0x2b8, @mcast1, 0xe3ec}, @in6={0xa, 0x4e24, 0x0, @loopback, 0x8}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xa}}, @in6={0xa, 0x4e20, 0x0, @mcast1, 0x9}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x20}}]}, &(0x7f00000002c0)=0x10)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r1, 0x84, 0x1a, &(0x7f0000000300)={<r3=>r2, 0x29, "cb7e7e24eb6b7297e903b2e24a94ed65683c0e9d803c44d0ffbb647a96862804be8142520bbd0e994f"}, &(0x7f0000000340)=0x31)
r4 = signalfd(r1, &(0x7f0000000380)={0x5}, 0x8)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$RTC_RD_TIME(r1, 0x80247009, &(0x7f00000003c0))
write$FUSE_NOTIFY_INVAL_ENTRY(r4, &(0x7f0000000400)={0x26, 0x3, 0x0, {0x0, 0x5, 0x0, ',user'}}, 0x26)
ioctl$VIDIOC_TRY_FMT(r1, 0xc0d05640, &(0x7f0000000440)={0x6, @raw_data="a2fa7e5d2b558c22a09892d369dcb6b956dc727cd506be395c6d52ad6b921459264277b58e113c4984e5465219540ed72b8c3e947438fd9aaa92bfc8d00225e2198c37757289d4a4de5f2baf87de7c629dcfe15ade41263c7da81a7d00f7ec17014116b272e47b9a32c99fec01fa598153d3eda280ef3cd4c3f6d6b00e220b84fae8d155dbd931fdf9d113ab416bc7d24c365b5a73d1010c80694a88dd0225287c0efb65cca6cd567def65b3ecd69d6c00813bfad0eca298dbb4c6dcfa46c323e1190f41a2c84747"})
getsockopt$inet_IP_IPSEC_POLICY(r5, 0x0, 0x10, &(0x7f0000000640)={{{@in=@multicast1, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0}}, {{@in=@local}, 0x0, @in6=@loopback}}, &(0x7f0000000740)=0xe8)
sendto$packet(r1, &(0x7f0000000540)="2c0946940ec0c2f2c5fe5092accfb8346bd2324720ba693582182c1d954c07674a49adede04a662f6f1c740786cb2ddf8efeeb5fbaba878c4bd6b79bba4fe5a188becda61c7e3d40d1d29ba6bac7456f7fb59b2ebd3e9abef3ece1dfc29d321578f30e35dea58e8708ca8a883f453407a031d0b52203dc66a2159eedd9fdb69effbf10413133d9c0527e89aeb580d222651d001c651dc5a6665c3457b9b3a313172956dbcc8e1a5f35db7e7a07094b0d68331cffb585bf74031906b9c4757130aff0f5dedca82ea8f720009ac0c2e53cc36915891989c50be9fcd72ec64135a7746ca7", 0xe3, 0x800, &(0x7f0000000780)={0x11, 0x0, r6, 0x1, 0x6, 0x6, @remote}, 0x14)
r7 = creat(&(0x7f00000007c0)='./file0\x00', 0xe)
ioctl$VT_RELDISP(r7, 0x5605)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r7, 0x84, 0x6d, &(0x7f0000000800)={r3, 0x13, "561c5903b0ac614406412fa7761527f01d3bfd"}, &(0x7f0000000840)=0x1b)
ioctl$KVM_CHECK_EXTENSION(r1, 0xae03, 0x3a)
setsockopt$inet_sctp_SCTP_HMAC_IDENT(r1, 0x84, 0x16, &(0x7f0000000880), 0x4)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r7, 0x84, 0x1d, &(0x7f00000008c0)={0x2, [0x0, 0x0]}, &(0x7f0000000900)=0xc)
getsockopt$SO_COOKIE(r5, 0x1, 0x39, &(0x7f0000000940), &(0x7f0000000980)=0x8)
getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r1, 0x84, 0x1e, &(0x7f00000009c0), &(0x7f0000000a00)=0x4)
r8 = add_key$user(&(0x7f0000000a40)='user\x00', &(0x7f0000000a80)={'syz', 0x2}, &(0x7f0000000ac0)="0491f24ff76bdb3a79d36f7312f8708d7dfb2b59a22965a05fb2d46d788aea55a69347e082a131b7aa48458744053fe9d350ace6a339c499bd3cd3de30d59d633790", 0x42, 0xfffffffffffffff9)
r9 = add_key(&(0x7f0000000b80)='pkcs7_test\x00', &(0x7f0000000bc0)={'syz', 0x1}, &(0x7f0000000c00)="fc08b322261f49c6248facf678c1422df65b06cf9166faadbc8abbc0c32cf68b22b7671ed7b4080873b36f48d81d1ec2eff7ba10fc4639d90204eb7af88cf7c488d5faba9e82cfee0ae335fef77084262050704a3f5d6f58ee325bb2caba53b4d0f2be875e6e82ca4709cecccb163c6489caee8c29a698c2fb1989cff7756938ff6071f7dc17f3765f1878b52f544cd277cf5d33a7ed30cb329fa4c4d7b55819767604d197fb69b11e0a987fc5d6f00a4a017205929a99791391635ff3d8322bb011a34db05e4445ee3add370212299bda9ae811525653ba86aee79de2f319e789efaba6b47af5cd96fc265db98452e30ab209", 0xf3, 0xffffffffffffffff)
keyctl$instantiate(0xc, r8, &(0x7f0000000b40)=@encrypted_update={'update ', 'default', 0x20, 'user:', ',user'}, 0x1a, r9)
ioctl$SG_SET_KEEP_ORPHAN(r1, 0x2287, &(0x7f0000000d00)=0x1ff)
r10 = creat(&(0x7f0000000d40)='./file0\x00', 0x1)
ioctl$FS_IOC_GETFSLABEL(r10, 0x81009431, &(0x7f0000000d80))
ioctl$sock_FIOGETOWN(r7, 0x8903, &(0x7f0000000e80))

23:04:40 executing program 1:

23:04:40 executing program 2:

23:04:40 executing program 3:

[  327.018804] PANIC: double fault, error_code: 0x0
[  327.023709] CPU: 0 PID: 8258 Comm: syz-executor0 Not tainted 4.20.0-rc2+ #85
[  327.030969] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  327.043239] ==================================================================
[  327.043250] BUG: KMSAN: uninit-value in do_raw_spin_lock+0x130/0x410
[  327.043277] CPU: 0 PID: 8258 Comm: syz-executor0 Not tainted 4.20.0-rc2+ #85
[  327.043288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  327.043296] Call Trace:
[  327.043303]  <#DF>
[  327.043310]  dump_stack+0x32d/0x480
[  327.043318]  ? do_raw_spin_lock+0x130/0x410
[  327.043327]  kmsan_report+0x19f/0x300
[  327.043336]  kmsan_internal_check_memory+0x35b/0x3b0
[  327.043344]  ? __msan_poison_alloca+0x1e0/0x270
[  327.043353]  kmsan_check_memory+0xd/0x10
[  327.043361]  do_raw_spin_lock+0x130/0x410
[  327.043369]  ? kmsan_internal_unpoison_shadow+0x83/0xd0
[  327.043377]  _raw_spin_lock+0x27/0x30
[  327.043385]  vprintk_emit+0x1d9/0x8a0
[  327.043392]  vprintk_default+0x90/0xa0
[  327.043400]  vprintk_func+0x26b/0x2a0
[  327.043408]  printk+0x1a3/0x1f0
[  327.043416]  ? kmsan_get_origin_address+0x212/0x360
[  327.043425]  ? kmsan_get_shadow_origin_ptr+0x2c0/0x410
[  327.043432]  show_iret_regs+0x13c/0x540
[  327.043441]  ? kmsan_get_origin_address+0x212/0x360
[  327.043448]  ? __show_regs+0xb2/0x1350
[  327.043456]  ? show_regs+0xaf/0x170
[  327.043464]  __show_regs+0xc9/0x1350
[  327.043472]  ? get_cpu_entry_area+0xc/0x30
[  327.043480]  ? kmsan_get_shadow_origin_ptr+0x2c0/0x410
[  327.043488]  show_regs+0xaf/0x170
[  327.043495]  df_debug+0x86/0xb0
[  327.043503]  do_double_fault+0x362/0x480
[  327.043510]  double_fault+0x1e/0x30
[  327.043519] RIP: 0010:kmsan_get_origin_address+0x212/0x360
[  327.043536] Code: 2d 01 00 00 e9 fe 00 00 00 65 44 8b 34 25 20 a1 02 00 48 b8 00 00 00 00 00 02 00 00 48 01 d8 48 3d ff 0f e8 00 77 38 44 89 f7 <e8> 19 30 4a ff 48 89 d9 48 29 c1 85 c9 78 26 48 63 c1 48 3d ff 9f
[  327.043544] RSP: 0018:fffffe0000002000 EFLAGS: 00010093
[  327.043559] RAX: 0000000000002150 RBX: fffffe0000002150 RCX: 000000000000002e
[  327.043569] RDX: 0000000000000001 RSI: 0000000000000088 RDI: 0000000000000000
[  327.043579] RBP: fffffe0000002038 R08: 0000000000000000 R09: 0000000000000000
[  327.043589] R10: 0000000000000000 R11: 0000000000000000 R12: 0000778000000000
[  327.043598] R13: 0000000000000000 R14: 0000000000000000 R15: fffffe0080002150
[  327.043605]  </#DF>
[  327.043612]  <ENTRY_TRAMPOLINE>
[  327.043620]  kmsan_memmove_origins+0xbd/0x1c0
[  327.043628]  ? kmsan_memmove_shadow+0xad/0xd0
[  327.043636]  __msan_memmove+0x6c/0x80
[  327.043644]  fixup_bad_iret+0x63/0xc0
[  327.043651]  error_entry+0xad/0xc0
[  327.043659] RIP: 0000:          (null)
[  327.043666] Code: Bad RIP value.
[  327.043674] RSP: a3fb7f:00007f456301c9c0 EFLAGS: 00000000 ORIG_RAX: 0000000000000000
[  327.043708] RAX: 0000000000000000 RBX: ffffffff8b000e58 RCX: 000000000040393c
[  327.043719] RDX: c5ca71e7713d0400 RSI: 0000000000000000 RDI: 0000000000000000
[  327.043729] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000072bf08
[  327.043740] R10: 000000000072bf00 R11: 000000000072bf0c R12: 0000000000000000
[  327.043750] R13: 000000000072bf08 R14: 000000000072bf00 R15: 000000000072bf0c
[  327.043759]  ? general_protection+0x8/0x30
[  327.043767]  ? general_protection+0x8/0x30
[  327.043776]  </ENTRY_TRAMPOLINE>
[  327.043783] 
[  327.043795] Local variable description: ----v.addr.i.i@do_raw_spin_lock
[  327.043804] Variable was created at:
[  327.043814]  do_raw_spin_lock+0x62/0x410
[  327.043823]  _raw_spin_lock+0x27/0x30
[  327.043829] 
[  327.043839] Bytes 0-7 of 8 are uninitialized
[  327.043850] Memory access of size 8 starts at fffffe00000099f8
[  327.043861] ==================================================================
[  327.043871] Disabling lock debugging due to kernel taint
[  327.043882] Kernel panic - not syncing: panic_on_warn set ...
[  327.043893] CPU: 0 PID: 8258 Comm: syz-executor0 Tainted: G    B             4.20.0-rc2+ #85
[  327.043905] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  327.043912] Call Trace:
[  327.043919]  <#DF>
[  327.043928]  dump_stack+0x32d/0x480
[  327.043936]  panic+0x624/0xc08
[  327.043945]  kmsan_report+0x300/0x300
[  327.043954]  kmsan_internal_check_memory+0x35b/0x3b0
[  327.043963]  ? __msan_poison_alloca+0x1e0/0x270
[  327.043972]  kmsan_check_memory+0xd/0x10
[  327.043979]  do_raw_spin_lock+0x130/0x410
[  327.043989]  ? kmsan_internal_unpoison_shadow+0x83/0xd0
[  327.043997]  _raw_spin_lock+0x27/0x30
[  327.044004]  vprintk_emit+0x1d9/0x8a0
[  327.044013]  vprintk_default+0x90/0xa0
[  327.044020]  vprintk_func+0x26b/0x2a0
[  327.044028]  printk+0x1a3/0x1f0
[  327.044036]  ? kmsan_get_origin_address+0x212/0x360
[  327.044046]  ? kmsan_get_shadow_origin_ptr+0x2c0/0x410
[  327.044053]  show_iret_regs+0x13c/0x540
[  327.044061]  ? kmsan_get_origin_address+0x212/0x360
[  327.044070]  ? __show_regs+0xb2/0x1350
[  327.044078]  ? show_regs+0xaf/0x170
[  327.044085]  __show_regs+0xc9/0x1350
[  327.044093]  ? get_cpu_entry_area+0xc/0x30
[  327.044102]  ? kmsan_get_shadow_origin_ptr+0x2c0/0x410
[  327.044109]  show_regs+0xaf/0x170
[  327.044116]  df_debug+0x86/0xb0
[  327.044124]  do_double_fault+0x362/0x480
[  327.044131]  double_fault+0x1e/0x30
[  327.044139] RIP: 0010:kmsan_get_origin_address+0x212/0x360
[  327.044155] Code: 2d 01 00 00 e9 fe 00 00 00 65 44 8b 34 25 20 a1 02 00 48 b8 00 00 00 00 00 02 00 00 48 01 d8 48 3d ff 0f e8 00 77 38 44 89 f7 <e8> 19 30 4a ff 48 89 d9 48 29 c1 85 c9 78 26 48 63 c1 48 3d ff 9f
[  327.044164] RSP: 0018:fffffe0000002000 EFLAGS: 00010093
[  327.044179] RAX: 0000000000002150 RBX: fffffe0000002150 RCX: 000000000000002e
[  327.044189] RDX: 0000000000000001 RSI: 0000000000000088 RDI: 0000000000000000
[  327.044199] RBP: fffffe0000002038 R08: 0000000000000000 R09: 0000000000000000
[  327.044211] R10: 0000000000000000 R11: 0000000000000000 R12: 0000778000000000
[  327.044222] R13: 0000000000000000 R14: 0000000000000000 R15: fffffe0080002150
[  327.044229]  </#DF>
[  327.044236]  <ENTRY_TRAMPOLINE>
[  327.044244]  kmsan_memmove_origins+0xbd/0x1c0
[  327.044253]  ? kmsan_memmove_shadow+0xad/0xd0
[  327.044262]  __msan_memmove+0x6c/0x80
[  327.044269]  fixup_bad_iret+0x63/0xc0
[  327.044277]  error_entry+0xad/0xc0
[  327.044286] RIP: 0000:          (null)
[  327.044293] Code: Bad RIP value.
[  327.044301] RSP: a3fb7f:00007f456301c9c0 EFLAGS: 00000000 ORIG_RAX: 0000000000000000
[  327.044319] RAX: 0000000000000000 RBX: ffffffff8b000e58 RCX: 000000000040393c
[  327.044329] RDX: c5ca71e7713d0400 RSI: 0000000000000000 RDI: 0000000000000000
[  327.044339] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000072bf08
[  327.044349] R10: 000000000072bf00 R11: 000000000072bf0c R12: 0000000000000000
[  327.044360] R13: 000000000072bf08 R14: 000000000072bf00 R15: 000000000072bf0c
[  327.044368]  ? general_protection+0x8/0x30
[  327.044377]  ? general_protection+0x8/0x30
[  327.044384]  </ENTRY_TRAMPOLINE>
[  327.045395] Kernel Offset: disabled