[   54.294041] audit: type=1800 audit(1543380506.348:27): pid=6495 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[   54.313702] audit: type=1800 audit(1543380506.358:28): pid=6495 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="ssh" dev="sda1" ino=2417 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   56.058811] audit: type=1800 audit(1543380508.118:29): pid=6495 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0
[   56.078579] audit: type=1800 audit(1543380508.118:30): pid=6495 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.15.194' (ECDSA) to the list of known hosts.
2018/11/28 04:48:39 fuzzer started
2018/11/28 04:48:43 dialing manager at 10.128.0.26:39003
2018/11/28 04:48:43 syscalls: 1
2018/11/28 04:48:43 code coverage: enabled
2018/11/28 04:48:43 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled
2018/11/28 04:48:43 setuid sandbox: enabled
2018/11/28 04:48:43 namespace sandbox: enabled
2018/11/28 04:48:43 Android sandbox: /sys/fs/selinux/policy does not exist
2018/11/28 04:48:43 fault injection: enabled
2018/11/28 04:48:43 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2018/11/28 04:48:43 net packet injection: enabled
2018/11/28 04:48:43 net device setup: enabled
04:51:08 executing program 0:
socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={<r0=>0x0, <r1=>0x0})
recvmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@ax25, 0x10, &(0x7f0000000000)=[{&(0x7f0000000080)=""/151, 0xffffff77}], 0x1, &(0x7f00000001c0)=""/17, 0x11}, 0x0)
recvmsg$kcm(r0, &(0x7f0000000500)={&(0x7f00000002c0)=@sco, 0x80, &(0x7f0000000400)=[{&(0x7f0000000340)=""/88, 0x58}], 0x1}, 0x0)
recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)=@vsock, 0xfffffffffffffef2, &(0x7f00000000c0)=[{&(0x7f0000000180)=""/154, 0xfffffffffffffe95}], 0x1, &(0x7f0000000240)=""/105, 0x69}, 0x0)
sendmsg(r1, &(0x7f00000001c0)={0x0, 0x16c, &(0x7f0000000100), 0x28a, &(0x7f0000000540), 0x5b}, 0x0)
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f000000d080))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
sendmsg(0xffffffffffffffff, 0x0, 0x0)
sendmsg(0xffffffffffffffff, 0x0, 0x0)
close(0xffffffffffffffff)
r3 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x8000000400200)
socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000840))
close(r3)
socket$kcm(0xa, 0x5, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x8941, &(0x7f0000000240)=0x1)
socketpair$unix(0x1, 0x0, 0x0, 0x0)

syzkaller login: [  217.493165] IPVS: ftp: loaded support on port[0] = 21
[  219.476835] bridge0: port 1(bridge_slave_0) entered blocking state
[  219.483477] bridge0: port 1(bridge_slave_0) entered disabled state
[  219.492020] device bridge_slave_0 entered promiscuous mode
[  219.610647] bridge0: port 2(bridge_slave_1) entered blocking state
[  219.617293] bridge0: port 2(bridge_slave_1) entered disabled state
[  219.625737] device bridge_slave_1 entered promiscuous mode
[  219.742554] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  219.859171] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  220.223541] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  220.345880] bond0: Enslaving bond_slave_1 as an active interface with an up link
04:51:12 executing program 1:
r0 = syz_open_dev$dri(&(0x7f00000001c0)='/dev/dri/card#\x00', 0x0, 0x0)
creat(&(0x7f0000000100)='./file0\x00', 0x0)
dup2(r0, 0xffffffffffffffff)
write(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, 0x0)

[  221.207995] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  221.216018] team0: Port device team_slave_0 added
[  221.329660] IPVS: ftp: loaded support on port[0] = 21
[  221.417515] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  221.425701] team0: Port device team_slave_1 added
[  221.665245] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[  221.673756] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  221.682869] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  221.817906] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  221.971811] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  221.979392] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  221.988390] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  222.132079] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  222.139668] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  222.148697] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  224.368218] bridge0: port 1(bridge_slave_0) entered blocking state
[  224.374895] bridge0: port 1(bridge_slave_0) entered disabled state
[  224.383351] device bridge_slave_0 entered promiscuous mode
[  224.540818] bridge0: port 2(bridge_slave_1) entered blocking state
[  224.547384] bridge0: port 2(bridge_slave_1) entered forwarding state
[  224.554567] bridge0: port 1(bridge_slave_0) entered blocking state
[  224.561101] bridge0: port 1(bridge_slave_0) entered forwarding state
[  224.569742] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  224.576723] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  224.608225] bridge0: port 2(bridge_slave_1) entered blocking state
[  224.614853] bridge0: port 2(bridge_slave_1) entered disabled state
[  224.623246] device bridge_slave_1 entered promiscuous mode
[  224.742854] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  224.964120] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
04:51:17 executing program 2:
mount(&(0x7f0000000340)=ANY=[@ANYBLOB="3f5e3abbfc2dbb1c014bd007f479da5055ca4b6348"], 0x0, 0x0, 0x3080, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000140)={0x2, 0x4e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0xb}}, 0x10)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
sendto$inet(r0, &(0x7f0000000040)='Y', 0x1, 0x0, 0x0, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
sendto(r0, &(0x7f0000000440), 0x0, 0x0, 0x0, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00'})
socketpair$unix(0x1, 0x0, 0x0, 0x0)
pipe2(0x0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0)
fchmodat(0xffffffffffffffff, 0x0, 0x0)
ioctl$TCSETSF(0xffffffffffffffff, 0x5404, &(0x7f0000000100)={0x4, 0x3, 0x1, 0x6, 0x1, 0x1ae, 0x10000, 0x25b, 0x40, 0xfffffffffffffff9, 0x6, 0x4})
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000000c0)={'lo\x00', 0x101})

[  225.726716] IPVS: ftp: loaded support on port[0] = 21
[  225.748916] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  225.918683] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  226.136475] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[  226.143685] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  226.324496] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[  226.331571] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  227.226791] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  227.234745] team0: Port device team_slave_0 added
[  227.557361] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  227.565502] team0: Port device team_slave_1 added
[  227.793239] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[  227.800338] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  227.809066] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  228.009727] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[  228.017079] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  228.025891] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  228.155501] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  228.163519] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  228.172507] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  228.424251] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  228.432014] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  228.440762] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  229.734379] bridge0: port 1(bridge_slave_0) entered blocking state
[  229.740922] bridge0: port 1(bridge_slave_0) entered disabled state
[  229.749336] device bridge_slave_0 entered promiscuous mode
[  230.063087] bridge0: port 2(bridge_slave_1) entered blocking state
[  230.069571] bridge0: port 2(bridge_slave_1) entered disabled state
[  230.077977] device bridge_slave_1 entered promiscuous mode
[  230.329672] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  230.558384] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  231.188986] bridge0: port 2(bridge_slave_1) entered blocking state
[  231.195534] bridge0: port 2(bridge_slave_1) entered forwarding state
[  231.202519] bridge0: port 1(bridge_slave_0) entered blocking state
[  231.209032] bridge0: port 1(bridge_slave_0) entered forwarding state
[  231.217498] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  231.382019] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  231.578393] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  231.778676] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  231.790748] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[  231.803371] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  232.008820] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[  232.016237] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
04:51:24 executing program 3:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket(0xa, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_STOPDAEMON(0xffffffffffffffff, 0x0, 0x48c, &(0x7f0000000000)={0xfffffffffffffffe, "6e72300000000000000000001d00", 0x4}, 0x18)
ioctl(r1, 0x8916, &(0x7f0000000000))
ioctl(r1, 0x8936, &(0x7f0000000000))

[  232.721571] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  232.729593] team0: Port device team_slave_0 added
[  233.073348] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  233.081323] team0: Port device team_slave_1 added
[  233.419378] IPVS: ftp: loaded support on port[0] = 21
[  233.433027] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[  233.440083] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  233.448724] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  233.705575] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[  233.712853] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  233.721330] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  233.977875] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  233.985501] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  233.994389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  234.290689] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  234.298504] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  234.307290] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  235.398920] 8021q: adding VLAN 0 to HW filter on device bond0
[  236.401776] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  237.537986] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  237.544571] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  237.552645] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  237.720983] bridge0: port 2(bridge_slave_1) entered blocking state
[  237.727557] bridge0: port 2(bridge_slave_1) entered forwarding state
[  237.734561] bridge0: port 1(bridge_slave_0) entered blocking state
[  237.740997] bridge0: port 1(bridge_slave_0) entered forwarding state
[  237.749567] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  237.772498] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  238.239864] bridge0: port 1(bridge_slave_0) entered blocking state
[  238.246541] bridge0: port 1(bridge_slave_0) entered disabled state
[  238.254931] device bridge_slave_0 entered promiscuous mode
[  238.524723] bridge0: port 2(bridge_slave_1) entered blocking state
[  238.531188] bridge0: port 2(bridge_slave_1) entered disabled state
[  238.539752] device bridge_slave_1 entered promiscuous mode
[  238.694167] 8021q: adding VLAN 0 to HW filter on device team0
[  238.840968] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  239.117384] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  240.016669] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  240.292560] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  240.549497] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[  240.556829] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  240.893178] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[  240.900390] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
04:51:33 executing program 4:
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)="2f02726f75702e7374617000", 0x2761, 0x0)
ioctl$TUNSETTXFILTER(0xffffffffffffffff, 0x400454d1, &(0x7f0000000080)=ANY=[@ANYBLOB="00ffffffff"])
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0xc0c0583b, 0x20000001)
ioctl$sock_inet6_SIOCDIFADDR(0xffffffffffffffff, 0x8936, 0x0)

[  241.820371] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  241.828366] team0: Port device team_slave_0 added
[  242.180579] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  242.188730] team0: Port device team_slave_1 added
[  242.562249] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[  242.569320] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  242.578063] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  242.916708] IPVS: ftp: loaded support on port[0] = 21
[  242.928776] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[  242.936034] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  242.944740] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  243.321763] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  243.329821] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  243.338623] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  243.676588] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  243.684241] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  243.693097] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  244.110893] 8021q: adding VLAN 0 to HW filter on device bond0
[  245.395589] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  246.868769] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  246.875593] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  246.883564] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  247.440414] bridge0: port 2(bridge_slave_1) entered blocking state
[  247.447050] bridge0: port 2(bridge_slave_1) entered forwarding state
[  247.454035] bridge0: port 1(bridge_slave_0) entered blocking state
[  247.460493] bridge0: port 1(bridge_slave_0) entered forwarding state
[  247.469635] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
04:51:39 executing program 0:
socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={<r0=>0x0, <r1=>0x0})
recvmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000040)=@ax25, 0x10, &(0x7f0000000000)=[{&(0x7f0000000080)=""/151, 0xffffff77}], 0x1, &(0x7f00000001c0)=""/17, 0x11}, 0x0)
recvmsg$kcm(r0, &(0x7f0000000500)={&(0x7f00000002c0)=@sco, 0x80, &(0x7f0000000400)=[{&(0x7f0000000340)=""/88, 0x58}], 0x1}, 0x0)
recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)=@vsock, 0xfffffffffffffef2, &(0x7f00000000c0)=[{&(0x7f0000000180)=""/154, 0xfffffffffffffe95}], 0x1, &(0x7f0000000240)=""/105, 0x69}, 0x0)
sendmsg(r1, &(0x7f00000001c0)={0x0, 0x16c, &(0x7f0000000100), 0x28a, &(0x7f0000000540), 0x5b}, 0x0)
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f000000d080))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
sendmsg(0xffffffffffffffff, 0x0, 0x0)
sendmsg(0xffffffffffffffff, 0x0, 0x0)
close(0xffffffffffffffff)
r3 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x8000000400200)
socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000840))
close(r3)
socket$kcm(0xa, 0x5, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x8941, &(0x7f0000000240)=0x1)
socketpair$unix(0x1, 0x0, 0x0, 0x0)

[  247.931959] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  248.084108] 8021q: adding VLAN 0 to HW filter on device team0
04:51:41 executing program 0:
epoll_create1(0x0)
perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x41, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x6, &(0x7f0000000140)=0x32, 0x4)
connect$inet(r0, &(0x7f0000000440)={0x2, 0x0, @broadcast}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x40000000000002f, 0x0)
ioctl$FICLONE(0xffffffffffffffff, 0x40049409, 0xffffffffffffffff)

[  249.057184] bridge0: port 1(bridge_slave_0) entered blocking state
[  249.063830] bridge0: port 1(bridge_slave_0) entered disabled state
[  249.072318] device bridge_slave_0 entered promiscuous mode
04:51:41 executing program 0:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = syz_open_dev$adsp(&(0x7f0000000100)='/dev/adsp#\x00', 0x8, 0x12400)
write$cgroup_int(r2, &(0x7f0000000140)=0xffffffffffff7fff, 0x12)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
init_module(&(0x7f0000000000)='em1)\x00', 0x5, &(0x7f0000000080)='em1@\x00')
sendmmsg$unix(r1, &(0x7f00000bd000), 0x80, 0x0)
ppoll(&(0x7f0000000040)=[{r1, 0xfffffffffffffffd}], 0x1, &(0x7f0000000200)={0x77359400}, &(0x7f00000001c0), 0x8)
dup3(r1, r0, 0xfffffffffffffffe)
vmsplice(r1, &(0x7f00000000c0)=[{&(0x7f0000000240)="7f18b1034dd886c5d62474b71c4e17161aa264856f441d9a4b732de26b3ac4985a8c1fe2db23761afe27e2cf6a1c0e3c730897b472bce4d25c6066f53849c5adc9144ee4a401d38036832dc2b1e86d6a4d60ff9578d79d293dd4312c9105be02f5701b3217472c7d3a7a2d30c79e6703a6784329c7fccc39377d7a68150714ae54bb70ca4fe1246384db6616f9453d73266e97661dc34d8273e6b5d5310268b9cc66f3ecd72aad8c4d2c4143537fc35532158f0dac1f310e5ed2eb7a32c35550ea2485da83cdc9b550d51d6197f11f7faa655e3f9a86b77e00c612669239be806c23d33a7d804e935d01e000d158ed3b25e9af4cb263375b4f", 0xf9}, {&(0x7f0000000340)="7259837cfc0138fcc823d4e2c1cceeed9a4cbef08cf154eb72bd6d0ae7ac21cd712c6bf37cbd8868c749c6c09391271870d7bd4898bfc29372ed4798dcf1718150271b911df516816d124efbf14f6d472a68b79703556fe736b59f5630a3497984ffe12a8a8bd7d66b794007fb64fbc6320bf9e6c40d7de9903316e970f3ab7a7a94aca1451fb29a27f5cdcbe0a6f9b5498c3bb29543c9ec063aec873c4bf6ae64666d5416c5a238fb684a3302d84493c85bca6e150e4e521ea554b66459399605723fb1ca001b7f8e8af9ceab68a77a560e77a8a9ef16ac4d35855798d93eb83cb186fe6d0dc5844dfd0e83eb3eaf97fc5ce2f08a1a8913e724f248e1611538351fef5086166ccdf1753d0b5b1084b9c3e88fd80969a5f3de8abee2304ff39a00a27b734b4ef656c3bcf93a0c938435bfe06de4f4ef160d55c370545ab59f6b46d51768d237ada6cba97859519aea91bc6baa4e97b45e21f413762503f1d3a752de6136b0b458bcc0bc7a767aa45b65c89b16fbccef11461a88148b7b29476601f7a35372e3ef580c074e141153c3159689d020a9dcd324570bc72a2b479c31fe0f3a05c6e4286eeedaba230a6a0ea896d1d1bab4155a1a10989288083405d599865dbfdf304165994b228f30928901346c75e6290e2ae27b5ac3304b25d0bc826abccc6319ba658e71990a33ffef38fd7925ad6d0474e2479a7f8169a013e0996416ae567d07603e94b13f7522a569b8f8742265152418ec23839cdd468ab77d18387afd8f4329c0a73f0fb84db18b8b1f2225d8aa8e90dc7a3bfa001ffa176f7e61d907c82a938ea356ce553bb571c334113d5182845f090205c7a5c14c5dea3fe8a64fcfb12645c8f637f2f2df6ef311ceed2704a0cb7a2ec761229b72cc91338f92b85558d890e148a71da341b73dbe403b1334776246549f2b0682d4143db21aee16bf5e4036a506b979998ec69ab5a63e5a35cb5e238e30eac754e492a877fc5c458becc59450a08dec03fa38e1926d21cc5c19d199af349382dc0c0496e10ebb05dba951d74825a4d645da1a49bd1d52102d06c19f7af9d5552aad549e6bcd3b720f3c6f4b92ce825aae34dc3b63d32bbda4d02606934a1599afb9aadbf7aa3f238094b2a3e5f22f0484c1e1c5f5c0e26a133b915e46ffd8e8f606ed3d121e8f339d2fdb8deafe2638afb6f773516eebf490db11b880ec382f6b74ea91b3849754be5076d5470d61d82a7b0f457a18f110f5c38fb003aa2687e58cdf116e84193b1d5a63887368d3f5a7d131acff188481cf62ad9b0035a35dbc0f888c55261373c0db420cbeadf1c5f114917fe801b2a375e15253accb0aab4d40e1a4fbeb56f3b3f28b1b9e04aa8f22b9ac2ebe73c94b57d1064ea8dc1cb7336afb2f84e6e005bcb425d8e7c445e646f1a38d6702b897d800005d9e7251ec7377d82984c3e337389cf59b5a9e044063d2442670268250cc2a4c08de1bd7b65f84cd639823b25bfe0a697128227ba723b0ed1751ded44d4d620f0d66153e54d541434b82c224fb2479ca03f75032d7d82e046662bf8b93a78077750d6b67c74b90505b8900c569fbf119a569c0625ad5d42ce305d5eaac78d63c9959e4eba762e1f8277ef51581531e8436f0126374397118ff33945cc4caad36dec36d69f3efbe40b00dd81f4cac62f151f2cf8bdf132ed3bc9d937895f820e545118552b3124efed0678f5082549c261b4ae4bdfc8abb33f273e9135b937e6cb9e200264601ee4be0be512c1ea32f62e89750f9c0f8eba8ba70c0f9147d1ffa797812cbc8ba5a2f55a8551878f51936a66458ebea7b39118ecfc31d190297bf83cb45655824f57abc22cc6c0e3c92be9da96b08dab197655fd0baf00e75cfa318a5bba557b32747cf250ce3b0f69f3a58330bec832fef8a0168d5d25202e51945fccda55c852dcd6f349d319bcf17cb0a448fc516fb28cbb32eb4bd693921f7acf07e5911147faf248e45f96b412b79228b88e96f6943a7eee8605f29bde57dca36c8fb597a26af2a1dc2c7faf3a53a21ddeaa619aae631921ff9ccb027bd1a713e2afef653febf864135e736e56ef52d52725d7d2e219479e9599f4645e34c2ac5706ca38869cda1778d2530b5f707e022b6f6ce18339b4bf942d2fb8051ca621d3aadb6cf8178fde08334baf0bf2bb82769d8bcdc4bd917565af98d59486de2726e03392b5cde0d7a26b6d10b8eb25e8876d48712d1233930ec17c3e043e16679c5223c45adc7e945b0c0adc39aa88bddeba1eb4956b5aed1dda4bcb0f7fcd9cb84f760fa08180fc44c0c0beef78173e3010d082fca533d95b6eefec51c20a9251b46259ac98b64d7e110bb74a29220cf6c257dc201970002639346ce5138e038c9ddbfb0ac8f2ab00c5c84a287e8741a68a0d4887e8d11eaa9556f7a6a1b488c45b1f1a9fa42bb93e462c8a241638432a085d4ca7fe2c55b2ce1600c22084e113d1ac05e2649126effdaf364ca1a3d3c29e4a515a1680036d351efdeecd6cb4e8ca9e68c59e4a824188e7e5e71a3bd31a81ac0e4a23d159058192cdad5053d3e7a1cea0bdb1c41a7a7dd4d298063b7c72f6b8df45f4f52f68d814a507848955faebdd6755eb1e18a5c0abbf2422b78b672861b27ed6737aa3fc53dccbe14209da8b45c4578ac5d04e9559ad6e79e6131b76f72990b96e8d2e2660fa3ad7b4cb9485a31fea986760901c42b9183bac9152df6f8bc00285b1fc8f0858b17bb38dc74c4d9a409d0bc0de61489e608a96beb254d0cae3badf8ff835e5f6abbcce542c0c4250155eec2af1c44258746745fd7525bad1a75ae7170504e9ce99aee54028cb2995379a3700a5497238b864594d7fbad830406143173ce2898d8e194500538825fccc4cb86c3fdce4594190db3b5f4a553cdbeeb03a1f0c9b63c79e3e2e7309e6dbfa3287f4a788fff9bcf0257af9cf74b0c9f55069a46ed233176aa292733d3f3f7c200c6df1cbe374157596a4b557dd50910a9aa245d588b0dbda449b36428559d9feb48badef9b5fdf7773c8a756591a81e9002b8fd77afe243ca10cf34f09bcf7818100f88b3729d560c03c38ecf6c0222e3b66221c5a46e72ea338f386a3ba584ea6e0ce075b31f33a299237e600e3059b7a29ab1a2c581e2e175f0e3854714c74b71450c8f4c56eb2fafe750c9f4f0559384789d1b0a42a7f09a7b1e77f676a5da8552800cc23f7cbbbec02809749bea7aa6d49d9b6674c4667d5eb4ba5e309430c53ecf52ca1fc156aeb9a60c0bdd59d6b630196d48b0b06199f866e64f4e0f797ee804b96cf79ffd16826d0469eda16984ab2cd89b21a31e1495ca5d557255b1c305753951ed4cb4e7520cd8e89560c3369a310c9c231722a8f6f53b092eedb9cdc3b2dcb6fdb17ad6f2cd250df8dab57ca1d30bd38a0234b5b6a760706dc56037aa954ba12f46fa91403ac2e5fa1ecb0f9e91d203ebe5eb6bb2806445cbb4046d136cddb7e69aeba1a6155491290dbb94aed11d417134544042d8dba587dcb7bc8bf04c79ac1f44122c60561f52abb01d53ab1b32fad237e8f84181c79d76cb9d853dc9ac8efc7106c8711634f69f01f94d420597dafab498328501ae7e6ca7888ce827816e1e2f52a3abc06899dd8d30489d2ebc86eca7986e7ecb0e61cc1c85d2743ff48f241039ec531400c4fc81e9cf36a0a206e6f3ffa3350758e2911273d9424f64226737f50f434e615b878724912d0d1233819db91fd56ca4ad60e686346876a1b630cbd79d9c4808c819f15bbe8d68182fe0936207913be4b1205a00f430d2a6a38d5ae452adf26c0fc2cbfa7e98b87d18da6f22c4132eb9a7fbe5aa2b5cc8145a445036c12f556e56755f28ca6bf7eb758be49e06cf6bf23114567673a7861b39e970dfb6a76984c417df6fb9039f2ebc762f13471cfb26986bbbc0a6071db98807d5fb76c8ae84ea802d2ebf4be2371f7830003f32adbcb8e10e0dd9c3f625cb7d94d81793933208350e42392fada8645093203628f2d530e54fd23cd7ea85a7b59b8ee83772bc63f4509423ed7f819b7fbf8b57634a8aa69e81d469dbf9df1ec2a4b427aca9a3435d37e61175a8c42889e596a9c9a17ef68c4cc6f4e4f82dd48930575f2ce04afe8317169fa1b1265117cac33e83eb96184198d95f78f960b82df716d00cfa29851aa5052dcdccf44ac2a1f0afaf0364c2c186d070b8eaa5caccc1c22f9dfcc3196a327fdb37f9ec2c7ded462bfc39845b0f4323dba621f49cef62d76b2bdc63cce691f74a7e7b111e6e9e27871717d649244f8a0405a5cf75b7076f4e0902f544637a5a51790a089e7372887bdb0d7a39eeee409b9c02c9d20a1ad61693c3d7ca7476bcdff704685a20bed6b0f2381a0fbff19a3286a85ac7a863bf808c474480e102a27e580ae557df9d94d06aff10322e92d6d2ec9a0d7e0c8587fd6e984129a898cf176f73d3dad35ad739295b270febe5c4cf39f617e257db88416a323b5c83bc956422a07e197c219fd52b3a41161a08e98bde96404b6151b7175284af939a2b680f001a0046ac2c9a4bd765ddba978e7f487c32ee5c82b8b033fe115fec49e518fe7eca1d276786e1979b41a92400f166e752d9af1df7558ae37405019e4d6b02b143bf51d530526a68a70f8d8427e786281d241f9e7953f1d47a832798141fce22bd82bdaae5dacc837dc2a9f02a0da6b71a8d654deeaa33b7d14963ef9917b8ac92877754b6a920a58185f4ec20eae96466133e51ca00747d1976fd32ee2eab9ed2b465d0f7bcaadc7bb2e0b03ca1a9a99c1192ec2dda145c7eefe991605c5121b424b985ae0dc5b9aa2a502237b671920d943f516fab716acc5b635d1e2d1ff37de15b67757812b0333f6320ab56f86c4ea84834b50b0ad648e89d3666af2cd70a6032c00aeca81b62dd2b4e156e954408e039c2eb615447f57aa93bf27e9ff4f1405a774118627ad47d07eb380fdafcf7ab9fa657bfe60e78e53f2c3b16900898782ac7e8bb930ece0b1e433626cb7aaaa4777ecd46227663d095a7292c1454f4126fe1406902a0d7df46e81ee590860c624d8a6ca709698041dc1422a9e9deb006bae23a35d630f155a57333bdf25fce872467b78d144b81e452db7d173467df7732adf0f1878b95efbf22827933b143a22a1cd8670bb4de71f7432a96f322b4a5b0065fb656ef69f829d87fa1f8ee247ef7c4a08423597d81f5c498f495699776ee600f455b64a3e76a234fb960a59cd7a904cb35f89ef878bf44224ed55176340027d249db74d6581accc83c81197117de3e4591ea16b3a306d3e6e48505b7dcbb0c1cc29a7da21c8a9421b74dd8eb0823b253c959ccac0fd98ba7cd73fc9c76c41bc8f6941249b9fc5a3525a26f9ed9c48b189fd3e6927e9eb86f9e36cb95abeb24ab6892fadc418b2c35a8749186e36ef199f19d01b136cb8fce36e30e502989b4114e3fa5ab2966dc0589913bb76024b237c5194b36f2f3f2de356e361f1f5d54b921f6bc5b0f697ac20340528cff16ab00e1c6020fbd88d441509bf034014c0ff7a5ea887788622151d14d0db019f39eb1936e2738cde8c2f0384d8b759bd2ad6dc02aa5de726e15af8258fb7cd6c7b96084c374daa1195952fb57335a01a7a1c075117451d828fbe6ccf8716209212d02e6a55a64c0e97b291a5e363d2b9d8c4c0b4b944103c63e8958779399f72d2ab78e2d67d9067aa9c241aacaba4670982a657a8c0b0f2f84e1a03ac2a4e4aa7926d3cddcfae6f0630962fcaccfd099ce78c1bb35c3beccb32605", 0x1000}], 0x2, 0x1)

[  249.472533] bridge0: port 2(bridge_slave_1) entered blocking state
[  249.479190] bridge0: port 2(bridge_slave_1) entered disabled state
[  249.487509] device bridge_slave_1 entered promiscuous mode
[  249.871106] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  250.223464] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
04:51:42 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000a40)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e3d63a98fc191f361d264ffa8b46485f02baee1ab6b81542526ca097ddda7c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df10010174a3ac8694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ffd3bf79a1f5c5dc34b2262d66ae793b6304a30b97077f1c131045cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b28dc7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f58e068af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a5ef9c8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f84cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6e9a47b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb56d9b962d2fc43fa01a047526865c888c9ff36056cc4ac258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186718d819164300"})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000040)=0x2)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  250.767110] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html for details.
04:51:43 executing program 5:
r0 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x1000, 0x8002)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffff9c, 0x84, 0x6d, &(0x7f0000000040)={<r1=>0x0, 0x70, "7b165bc9d28d0d64c046b2f653a9e2ce399545157f7300bf624808144f4d08d92db664e14b9efdf080d853bd8128890a9ac648a47133bebf0c0cdc644210194e1be5a8cd9c9446bb32f9670d41a93810cc11852e4c18d3ed5bafa7c1a68438b72f68b99effe18ac4d96aab57740f1e2b"}, &(0x7f00000000c0)=0x78)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000100)={<r2=>r1, 0x47, "1f581bde057c4ff5faa5582b8e19283368b8389f896033cea579412613faff798fd4fe1731c0b246f37d0f01cfc5eefe1bac7234cc7c070fa1e142ec62bf585ca5229b408526da"}, &(0x7f0000000180)=0x4f)
ioctl$TIOCLINUX3(r0, 0x541c, &(0x7f00000001c0))
r3 = getpid()
capset(&(0x7f0000000200)={0x20080522, r3}, &(0x7f0000000240)={0x0, 0x7, 0x3061, 0x100000001, 0x8000, 0x33f0})
mknodat(r0, &(0x7f0000000280)='./file0\x00', 0x0, 0x1f)
ioctl$EVIOCGBITSW(r0, 0x80404525, &(0x7f00000002c0)=""/59)
r4 = shmget$private(0x0, 0x4000, 0x78000002, &(0x7f0000ffc000/0x4000)=nil)
shmctl$IPC_INFO(r4, 0x3, &(0x7f0000000300)=""/10)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000340)={r2, 0x6, 0xd96, 0x7, 0x1, 0x101}, &(0x7f0000000380)=0x14)
ioctl$KVM_GET_CPUID2(r0, 0xc008ae91, &(0x7f00000003c0)={0x5, 0x0, [{}, {}, {}, {}, {}]})
ioctl$int_in(r0, 0x5421, &(0x7f00000004c0)=0x7)
bind$vsock_stream(r0, &(0x7f0000000500)={0x28, 0x0, 0xffffffff, @my=0x0}, 0x10)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000580)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000540)={<r5=>0xffffffffffffffff}, 0x13f, 0xa}}, 0x20)
write$RDMA_USER_CM_CMD_REJECT(r0, &(0x7f00000005c0)={0x9, 0x108, 0xfa00, {r5, 0xc6, "7482d4", "6cda370aa09b6215b75407e69f81594290d02802e2be5350d65bc99134f6e0c2e8b8eb046461484a97aad3eceb8f0ecba8d38c1878c05f572a8c6abe016a35e656eed2ab6c5ad09a953cfaf70ed0e9bc77de17ca130ce88c3a690bdbe83acc10516ba9b8bffd007b6cc2c4c55683e018fa1b2a92d17c3017bbbf277c8cb8504e744c4629ef4d0ced65240cd492369d6e9927b6cec6f67866e0993dde0c33565245570323d1e959d7647a8ce41f443f79a6ab309c5926df2be5347bec945a0aa9e60db43ed717b371efe60b704faa37edde9df56118e85c7aa2d9cbcd93edf3df2b67ae817b87a5b8d892cebe1d6329aceefee095ae9d95b54d6fb4b3219b8f8c"}}, 0x110)
ioctl$SG_GET_SG_TABLESIZE(r0, 0x227f, &(0x7f0000000700))
ioctl$EVIOCGVERSION(r0, 0x80044501, &(0x7f0000000740)=""/159)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(r0, 0x40405515, &(0x7f0000000800)={0x3, 0x3, 0x4778, 0x8001, '\x00', 0x7})
ioctl$KVM_GET_TSC_KHZ(r0, 0xaea3)
syz_open_dev$evdev(&(0x7f0000000840)='/dev/input/event#\x00', 0x8000, 0x8000)
write$P9_RWRITE(r0, &(0x7f0000000880)={0xb, 0x77, 0x1, 0xffffffffffffff81}, 0xb)
ioctl$KVM_SET_CLOCK(r0, 0x4030ae7b, &(0x7f00000008c0)={0x100, 0x1f})
getresuid(&(0x7f0000000980), &(0x7f00000009c0)=<r6=>0x0, &(0x7f0000000a00)=<r7=>0x0)
lsetxattr$security_capability(&(0x7f0000000900)='./file0\x00', &(0x7f0000000940)='security.capability\x00', &(0x7f0000000a40)=@v3={0x3000000, [{0x5, 0x977b}, {0x9725, 0x40}], r7}, 0x18, 0x3)
write$P9_RSTAT(r0, &(0x7f0000000a80)={0x68, 0x7d, 0x1, {0x0, 0x61, 0x8001, 0x3, {0x1, 0x2, 0x7}, 0xa80000, 0x1ff, 0x6600000, 0x3, 0x0, "", 0x17, "27657468319f76626f786e65743076626f786e6574305d", 0x13, 'em0!wlan1bdev]ppp1[', 0x4, 'em0)'}}, 0x68)
setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000b00)={@in6={{0xa, 0x4e21, 0x0, @ipv4={[], [], @remote}, 0x200}}, 0x8, 0x81, 0x0, "2766239576c18866f10b232896ccb717d26919e3a3e44e6c34526788c7c7caea130d5b5a8651a453d1733d4de2a5309a3a09c63f1b6e41fb592705c0463625135184da039864c40846d3c134fcc5f03d"}, 0xd8)
lstat(&(0x7f0000000c00)='./file0\x00', &(0x7f0000000c40)={0x0, 0x0, 0x0, 0x0, 0x0, <r8=>0x0})
write$FUSE_CREATE_OPEN(r0, &(0x7f0000000cc0)={0xa0, 0x0, 0x6, {{0x0, 0x1, 0x6, 0x1, 0x8, 0x7fff, {0x1, 0x7ff, 0x1, 0x6e5, 0x7fff, 0x8, 0x9, 0x4, 0x5, 0x5, 0x4, r6, r8, 0x0, 0x2}}, {0x0, 0x1}}}, 0xa0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r0, 0xc4c85513, &(0x7f0000000d80)={{0x8, 0x1, 0x7fff, 0x7, '\x00', 0x2}, 0x1, [0x5, 0x9, 0x1ff, 0x6, 0xffffffffffffffff, 0xf0dd, 0x8, 0xe3a2, 0x81, 0x2, 0x80, 0x10000, 0x9636, 0x2, 0x9e04, 0xff, 0x9, 0x8, 0xea, 0x700000, 0x4, 0x8, 0x8001, 0x0, 0x2, 0xfffffffffffff2b3, 0x4, 0x5, 0x3, 0x1, 0x2, 0xffffffffffffe11c, 0x0, 0x9, 0x5, 0xe93, 0x8446, 0x8c5, 0x80000001, 0x9, 0x0, 0xbe57, 0xffffffff80000000, 0x100000001, 0x0, 0x4, 0x8000, 0x1be, 0x6, 0x9, 0xffff, 0xfffffffffffff801, 0xfff, 0x9, 0x10000, 0x5, 0x4, 0x4, 0x8001, 0x2, 0x8, 0x9, 0x401, 0x5, 0xff, 0xcb1a, 0x3, 0x7, 0x5, 0x7, 0x9, 0x3c, 0x100000001, 0xfffffffffffffbff, 0x4, 0x0, 0xa8d, 0x5, 0x80000000, 0x7, 0x0, 0x7, 0xf85, 0x5a0, 0x0, 0x7, 0x7fff, 0x2, 0xffffffff, 0x3f, 0x1, 0x3, 0x1f, 0x6, 0x7ff, 0x1, 0x4, 0x0, 0x3, 0x7ff, 0x5, 0x4, 0xfffffffffffffffd, 0x9a0, 0x2, 0x3, 0x1000, 0x100000001, 0x3, 0x3f, 0x2, 0x8001, 0x7, 0x3, 0x18000000, 0xfffffffffffffffb, 0x62e, 0x7f1, 0x800000000000, 0x6, 0x9, 0x6, 0x803, 0x0, 0xfff, 0x9, 0x0, 0xd85], {0x0, 0x989680}})

04:51:43 executing program 0:
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x892, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0x2, 0x0, 0x0)
ioctl$EXT4_IOC_RESIZE_FS(r0, 0x40086610, &(0x7f00000001c0))
clone(0x3102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
tkill(0x0, 0x1b)
clock_adjtime(0x0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc})
ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0)
ptrace$cont(0x1f, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$ipvs(0x0)

[  251.274028] bond0: Enslaving bond_slave_0 as an active interface with an up link
04:51:43 executing program 0:
getsockopt$inet_sctp_SCTP_RECVNXTINFO(0xffffffffffffffff, 0x84, 0x21, &(0x7f0000000100), &(0x7f0000000140)=0x4)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendmsg$IPVS_CMD_GET_DEST(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000000), 0xc, 0x0}, 0x0)
openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000200)='/dev/fuse\x00', 0x2, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f00000002c0)="b8010000000f01c166b8e2000f00d8b9800000c00f3235004000000f304a0fc75f20c44379608d00000100f22e0f01ca67440ff6143f66ba4000b846c95182ef0f01cf400f01df", 0x47}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  251.661454] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  251.829175] ==================================================================
[  251.836686] BUG: KMSAN: kernel-infoleak in kvm_write_guest_page+0x373/0x500
[  251.843890] CPU: 1 PID: 7537 Comm: syz-executor0 Not tainted 4.20.0-rc3+ #95
[  251.851091] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  251.860544] Call Trace:
[  251.863157]  dump_stack+0x32d/0x480
[  251.866806]  ? kvm_write_guest_page+0x373/0x500
[  251.871498]  kmsan_report+0x12c/0x290
[  251.875326]  kmsan_internal_check_memory+0x9ce/0xa50
[  251.880461]  kmsan_copy_to_user+0x78/0xd0
[  251.884640]  kvm_write_guest_page+0x373/0x500
[  251.889181]  kvm_write_guest+0x1e1/0x360
[  251.893276]  kvm_emulate_hypercall+0x19c9/0x1ac0
[  251.898074]  handle_vmcall+0x41/0x50
[  251.900371] 8021q: adding VLAN 0 to HW filter on device bond0
[  251.901805]  ? handle_rdpmc+0x80/0x80
[  251.901828]  vmx_handle_exit+0x21bd/0xb980
[  251.901860]  ? vmalloc_to_page+0x585/0x6c0
[  251.901891]  ? kmsan_get_shadow_origin_ptr+0x142/0x410
[  251.901943]  ? vmx_flush_tlb_gva+0x480/0x480
[  251.929765]  kvm_arch_vcpu_ioctl_run+0xaeee/0x12040
[  251.934910]  ? __msan_metadata_ptr_for_load_8+0x10/0x20
[  251.940290]  ? update_load_avg+0x12ae/0x1db0
[  251.944766]  ? kmsan_internal_unpoison_shadow+0x2f/0x40
[  251.950161]  ? __msan_get_context_state+0x9/0x20
[  251.954943]  ? INIT_BOOL+0xc/0x30
[  251.958405]  ? mutex_lock_killable+0x2f7/0x450
[  251.963013]  kvm_vcpu_ioctl+0xfb1/0x1f90
[  251.967096]  ? do_vfs_ioctl+0x184/0x2f70
[  251.971299]  ? __se_sys_ioctl+0x1da/0x270
[  251.975475]  ? kvm_vm_release+0x90/0x90
[  251.979460]  do_vfs_ioctl+0xfbc/0x2f70
[  251.983379]  ? security_file_ioctl+0x92/0x200
[  251.987898]  __se_sys_ioctl+0x1da/0x270
[  251.991901]  __x64_sys_ioctl+0x4a/0x70
[  251.995804]  do_syscall_64+0xcf/0x110
[  251.999701]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[  252.004904] RIP: 0033:0x457569
[  252.008110] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  252.027029] RSP: 002b:00007fbf9d6f5c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  252.034752] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457569
[  252.042040] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  252.049318] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000
[  252.056601] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbf9d6f66d4
[  252.063881] R13: 00000000004c034e R14: 00000000004d0d60 R15: 00000000ffffffff
[  252.071180] 
[  252.072809] Local variable description: ----clock_pairing.i@kvm_emulate_hypercall
[  252.080460] Variable was created at:
[  252.084188]  kvm_emulate_hypercall+0x62/0x1ac0
[  252.088779]  handle_vmcall+0x41/0x50
[  252.092490] 
[  252.094129] Bytes 28-63 of 64 are uninitialized
[  252.098806] Memory access of size 64 starts at ffff88812832f3d0
[  252.104866] Data copied to user address 0000000020000000
[  252.110318] ==================================================================
[  252.117680] Disabling lock debugging due to kernel taint
[  252.123143] Kernel panic - not syncing: panic_on_warn set ...
[  252.129042] CPU: 1 PID: 7537 Comm: syz-executor0 Tainted: G    B             4.20.0-rc3+ #95
[  252.137624] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  252.146986] Call Trace:
[  252.149591]  dump_stack+0x32d/0x480
[  252.153262]  panic+0x624/0xc08
[  252.156768]  kmsan_report+0x28a/0x290
[  252.160593]  kmsan_internal_check_memory+0x9ce/0xa50
[  252.165754]  kmsan_copy_to_user+0x78/0xd0
[  252.169927]  kvm_write_guest_page+0x373/0x500
[  252.174453]  kvm_write_guest+0x1e1/0x360
[  252.178542]  kvm_emulate_hypercall+0x19c9/0x1ac0
[  252.183344]  handle_vmcall+0x41/0x50
[  252.187069]  ? handle_rdpmc+0x80/0x80
[  252.190885]  vmx_handle_exit+0x21bd/0xb980
[  252.195148]  ? vmalloc_to_page+0x585/0x6c0
[  252.199401]  ? kmsan_get_shadow_origin_ptr+0x142/0x410
[  252.204717]  ? vmx_flush_tlb_gva+0x480/0x480
[  252.209168]  kvm_arch_vcpu_ioctl_run+0xaeee/0x12040
[  252.214298]  ? __msan_metadata_ptr_for_load_8+0x10/0x20
[  252.219673]  ? update_load_avg+0x12ae/0x1db0
[  252.224134]  ? kmsan_internal_unpoison_shadow+0x2f/0x40
[  252.229513]  ? __msan_get_context_state+0x9/0x20
[  252.234292]  ? INIT_BOOL+0xc/0x30
[  252.237766]  ? mutex_lock_killable+0x2f7/0x450
[  252.241443] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[  252.242373]  kvm_vcpu_ioctl+0xfb1/0x1f90
[  252.242403]  ? do_vfs_ioctl+0x184/0x2f70
[  252.242419]  ? __se_sys_ioctl+0x1da/0x270
[  252.242439]  ? kvm_vm_release+0x90/0x90
[  252.242453]  do_vfs_ioctl+0xfbc/0x2f70
[  252.242487]  ? security_file_ioctl+0x92/0x200
[  252.272021] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  252.273838]  __se_sys_ioctl+0x1da/0x270
[  252.285012]  __x64_sys_ioctl+0x4a/0x70
[  252.288920]  do_syscall_64+0xcf/0x110
[  252.292739]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[  252.297931] RIP: 0033:0x457569
[  252.301157] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  252.320072] RSP: 002b:00007fbf9d6f5c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  252.328109] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457569
[  252.335400] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  252.342672] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000
[  252.349951] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbf9d6f66d4
[  252.357252] R13: 00000000004c034e R14: 00000000004d0d60 R15: 00000000ffffffff
[  252.365767] Kernel Offset: disabled
[  252.369397] Rebooting in 86400 seconds..