[ 58.570792] sshd (6200) used greatest stack depth: 53392 bytes left [....] Starting OpenBSD Secure Shell server: sshd[ 58.794088] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 62.503342] random: sshd: uninitialized urandom read (32 bytes read) [ 62.920399] sshd (6268) used greatest stack depth: 53184 bytes left [ 62.955629] random: sshd: uninitialized urandom read (32 bytes read) [ 65.532929] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.0.14' (ECDSA) to the list of known hosts. [ 71.389862] random: sshd: uninitialized urandom read (32 bytes read) 2018/10/09 17:29:32 fuzzer started [ 76.050352] random: cc1: uninitialized urandom read (8 bytes read) 2018/10/09 17:29:37 dialing manager at 10.128.0.26:44001 2018/10/09 17:29:37 syscalls: 1 2018/10/09 17:29:37 code coverage: enabled 2018/10/09 17:29:37 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled 2018/10/09 17:29:37 setuid sandbox: enabled 2018/10/09 17:29:37 namespace sandbox: enabled 2018/10/09 17:29:37 Android sandbox: /sys/fs/selinux/policy does not exist 2018/10/09 17:29:37 fault injection: enabled 2018/10/09 17:29:37 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2018/10/09 17:29:37 net packed injection: enabled 2018/10/09 17:29:37 net device setup: enabled [ 80.645655] random: crng init done 17:31:34 executing program 0: r0 = syz_open_dev$usb(&(0x7f0000000680)='/dev/bus/usb/00#/00#\x00', 0x80000000009, 0x8000000001) ioctl$FS_IOC_FSGETXATTR(r0, 0xc0105512, &(0x7f00000001c0)={0x0, 0x80805513, 0x705000}) [ 196.381187] IPVS: ftp: loaded support on port[0] = 21 [ 198.766730] bridge0: port 1(bridge_slave_0) entered blocking state [ 198.773608] bridge0: port 1(bridge_slave_0) entered disabled state [ 198.782305] device bridge_slave_0 entered promiscuous mode [ 198.928239] bridge0: port 2(bridge_slave_1) entered blocking state [ 198.934852] bridge0: port 2(bridge_slave_1) entered disabled state [ 198.943344] device bridge_slave_1 entered promiscuous mode [ 199.081210] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 199.219675] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 199.653339] bond0: Enslaving bond_slave_0 as an active interface with an up link 17:31:38 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$kcm(0x29, 0x5, 0x0) dup3(r0, r1, 0x0) [ 199.857154] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 200.245668] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 200.252995] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 200.550062] IPVS: ftp: loaded support on port[0] = 21 [ 200.949563] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 200.958036] team0: Port device team_slave_0 added [ 201.153110] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 201.161353] team0: Port device team_slave_1 added [ 201.332375] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 201.339512] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 201.348602] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 201.507024] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 201.514425] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 201.523482] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 201.718660] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 201.726474] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 201.735711] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 201.928824] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 201.936580] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 201.945830] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 204.322670] ip (6421) used greatest stack depth: 53056 bytes left [ 204.332561] bridge0: port 2(bridge_slave_1) entered blocking state [ 204.339031] bridge0: port 2(bridge_slave_1) entered forwarding state [ 204.346192] bridge0: port 1(bridge_slave_0) entered blocking state [ 204.352735] bridge0: port 1(bridge_slave_0) entered forwarding state [ 204.361883] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 204.463013] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 204.488988] bridge0: port 1(bridge_slave_0) entered blocking state [ 204.495612] bridge0: port 1(bridge_slave_0) entered disabled state [ 204.504310] device bridge_slave_0 entered promiscuous mode [ 204.690441] bridge0: port 2(bridge_slave_1) entered blocking state [ 204.697391] bridge0: port 2(bridge_slave_1) entered disabled state [ 204.705998] device bridge_slave_1 entered promiscuous mode [ 204.860072] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 205.031827] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 205.643877] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 205.833890] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 205.978689] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 205.986038] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready 17:31:45 executing program 2: r0 = syz_open_dev$usb(&(0x7f0000000680)='/dev/bus/usb/00#/00#\x00', 0x80000000009, 0x8000000001) ioctl$FS_IOC_FSGETXATTR(r0, 0xc00c5512, &(0x7f00000001c0)={0x0, 0x80805513, 0x705000}) [ 206.167664] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 206.174885] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 207.045271] IPVS: ftp: loaded support on port[0] = 21 [ 207.192836] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 207.200972] team0: Port device team_slave_0 added [ 207.529863] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 207.538247] team0: Port device team_slave_1 added [ 207.836536] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 207.843907] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 207.852933] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 208.160002] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 208.167217] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 208.176297] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 208.506215] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 208.513992] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 208.523033] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 208.750534] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 208.758249] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 208.767474] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 212.001525] bridge0: port 2(bridge_slave_1) entered blocking state [ 212.008106] bridge0: port 2(bridge_slave_1) entered forwarding state [ 212.015201] bridge0: port 1(bridge_slave_0) entered blocking state [ 212.021740] bridge0: port 1(bridge_slave_0) entered forwarding state [ 212.030602] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 212.046586] bridge0: port 1(bridge_slave_0) entered blocking state [ 212.053245] bridge0: port 1(bridge_slave_0) entered disabled state [ 212.062230] device bridge_slave_0 entered promiscuous mode [ 212.416535] bridge0: port 2(bridge_slave_1) entered blocking state [ 212.423344] bridge0: port 2(bridge_slave_1) entered disabled state [ 212.431961] device bridge_slave_1 entered promiscuous mode [ 212.581965] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 212.789093] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 213.136953] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 213.946628] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 214.243649] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 214.508062] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 214.517342] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready 17:31:53 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000003000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, &(0x7f0000000040)="c744240066000000c744240200000100ff2c240f2c29c482819b6862f22e0f0193a707341b48b805000000000000000f23c80f21f8350000b0000f23f866b88c000f00d0c463c16e2bf5c744240068f7a552c7442402f47f0000c7442406000000000f011c2466baf80cb8ac768f8cef66bafc0cedb805000000b91fb600000f01c1", 0x82}], 0x1, 0x0, &(0x7f0000000240), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 214.790507] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 214.798101] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 215.897349] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 215.905571] team0: Port device team_slave_0 added [ 215.941681] IPVS: ftp: loaded support on port[0] = 21 [ 216.276661] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 216.284931] team0: Port device team_slave_1 added [ 216.653984] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 216.661032] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 216.670072] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 216.773831] 8021q: adding VLAN 0 to HW filter on device bond0 [ 217.029277] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 217.036558] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 217.045368] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 217.391396] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 217.399094] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 217.408298] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 217.764119] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 217.771983] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 217.781040] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 218.188962] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 219.603314] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 219.609635] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 219.617796] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 221.014088] 8021q: adding VLAN 0 to HW filter on device team0 [ 221.753540] bridge0: port 2(bridge_slave_1) entered blocking state [ 221.760035] bridge0: port 2(bridge_slave_1) entered forwarding state [ 221.767067] bridge0: port 1(bridge_slave_0) entered blocking state [ 221.773617] bridge0: port 1(bridge_slave_0) entered forwarding state [ 221.782954] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 221.878290] bridge0: port 1(bridge_slave_0) entered blocking state [ 221.884985] bridge0: port 1(bridge_slave_0) entered disabled state [ 221.893659] device bridge_slave_0 entered promiscuous mode [ 222.229356] bridge0: port 2(bridge_slave_1) entered blocking state [ 222.235995] bridge0: port 2(bridge_slave_1) entered disabled state [ 222.244722] device bridge_slave_1 entered promiscuous mode [ 222.589628] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 222.663738] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 222.898742] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 223.956421] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 224.295170] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 224.659556] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 224.666859] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 224.998068] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 225.005206] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready 17:32:05 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000180)={&(0x7f0000000000), 0xc, &(0x7f0000000140)={&(0x7f0000000340)=@bridge_getlink={0x28, 0x12, 0x501, 0x0, 0x0, {}, [@IFLA_EVENT={0x8}]}, 0x28}}, 0x0) [ 226.006356] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 226.014576] team0: Port device team_slave_0 added [ 226.469243] 8021q: adding VLAN 0 to HW filter on device bond0 [ 226.492464] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 226.500398] team0: Port device team_slave_1 added [ 226.964847] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 226.972101] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 226.980921] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 227.303115] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 227.310173] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 227.319194] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 227.578659] IPVS: ftp: loaded support on port[0] = 21 [ 227.732730] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 227.740353] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 227.749690] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 228.085116] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 228.228003] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 228.235856] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 228.245186] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 229.564883] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 229.571240] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 229.579344] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready 17:32:09 executing program 0: r0 = syz_open_dev$usb(&(0x7f0000000680)='/dev/bus/usb/00#/00#\x00', 0x80000000009, 0x8000000001) ioctl$FS_IOC_FSGETXATTR(r0, 0xc0105512, &(0x7f00000001c0)={0x0, 0x80805513, 0x705000}) 17:32:09 executing program 0: r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c) sendmmsg(r0, &(0x7f0000007e00), 0x3ffffeb, 0x0) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendmmsg(r0, &(0x7f000000ac80), 0x400021b, 0x0) [ 231.249171] 8021q: adding VLAN 0 to HW filter on device team0 [ 233.484309] bridge0: port 2(bridge_slave_1) entered blocking state [ 233.490814] bridge0: port 2(bridge_slave_1) entered forwarding state [ 233.497868] bridge0: port 1(bridge_slave_0) entered blocking state [ 233.504375] bridge0: port 1(bridge_slave_0) entered forwarding state [ 233.512737] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 233.842275] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 235.198174] bridge0: port 1(bridge_slave_0) entered blocking state [ 235.204806] bridge0: port 1(bridge_slave_0) entered disabled state [ 235.213480] device bridge_slave_0 entered promiscuous mode [ 235.599879] bridge0: port 2(bridge_slave_1) entered blocking state [ 235.606455] bridge0: port 2(bridge_slave_1) entered disabled state [ 235.615075] device bridge_slave_1 entered promiscuous mode [ 236.050562] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready 17:32:15 executing program 0: r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c) sendmmsg(r0, &(0x7f0000007e00), 0x3ffffeb, 0x0) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendmmsg(r0, &(0x7f000000ac80), 0x400021b, 0x0) [ 236.536482] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 237.904419] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 238.413917] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 238.751447] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 238.758706] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready 17:32:18 executing program 0: r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c) sendmmsg(r0, &(0x7f0000007e00), 0x3ffffeb, 0x0) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendmmsg(r0, &(0x7f000000ac80), 0x400021b, 0x0) [ 239.247064] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 239.254255] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready 17:32:18 executing program 5: r0 = semget(0x0, 0x1, 0x200) semop(r0, &(0x7f0000000000)=[{0x0, 0x6, 0x1000}, {0x4, 0x4, 0x800}, {0x4, 0xfffffffffffffff7, 0x1000}], 0x3) rseq(&(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x0, 0xff, 0x20, 0xffffffff}, 0x5}, 0x20, 0x1, 0x0) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/rtc0\x00', 0x4002, 0x0) ioctl$KVM_SET_SREGS(r1, 0x4138ae84, &(0x7f0000000100)={{0xf000, 0xd004, 0x0, 0x7ff, 0x2, 0x1af, 0xc4c, 0x3f, 0x8, 0x4, 0xffffffff80000001, 0x800}, {0x106000, 0x6000, 0xf, 0x8, 0x4, 0x3ddb, 0x800, 0xfffffffffffffffd, 0x2, 0x7, 0xffff, 0x9}, {0xd000, 0xf000, 0xf, 0x7, 0x9, 0x6fe0, 0x6, 0x2, 0x2, 0x1, 0xa32, 0x3}, {0x4, 0x2000, 0xf, 0x7, 0x400, 0x8001, 0xaa22, 0x3f, 0x4, 0x1, 0x9, 0x3}, {0x110004, 0x0, 0x0, 0x8000, 0xfffffffffffff2ae, 0x4, 0x29bf, 0x8, 0x80, 0x5, 0x100000001, 0x1}, {0xd000, 0x1000, 0xd, 0x0, 0x1ce, 0x4, 0xffffffffffffffec, 0x6, 0x8, 0x100, 0x100000001}, {0xd000, 0x1, 0xf, 0x3, 0x3, 0x3f, 0x8, 0x3, 0x0, 0x1ff, 0x2, 0x401}, {0x3000, 0xf000, 0xf, 0x1de, 0x7, 0x72202f56, 0xbb, 0x1f, 0x0, 0x4, 0x4, 0x101}, {0x14000, 0x101002}, {0x7000, 0xf000}, 0x24, 0x0, 0x0, 0x40, 0x9, 0x400, 0x0, [0x6, 0x2, 0x8, 0x7]}) ioctl$TIOCGPGRP(r1, 0x540f, &(0x7f0000000240)) getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f0000000280)={0x4d9, 0x2, 0xb, 0x4, 0x8001, 0x3f, 0x40, 0x1f, 0x0}, &(0x7f00000002c0)=0x20) getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f0000000300)={0x0, 0x3, 0x8, 0xc7, 0x78, 0x7, 0x1, 0x1, r2}, &(0x7f0000000340)=0x20) sync() ioctl$KVM_SET_LAPIC(r1, 0x4400ae8f, &(0x7f0000000380)={"a380c3a727ff75bb051c1639ba054f0f9c452cd471d7ae79af6b3a21503a878ca416394531d085d5fc9cf824a5228b7c8c1839a8257f4756955de92d8a1a7a8a1e739a68ebdfac6861e6a1e6227831179bbae105abe680623c694621c8335217bad7b5156b979de2a43f322e523f43c28fdb18909c17bd8fcca6a1bee72fc9695272c8aadabccf6acd4acd093825a65c95893a08517a7f064d91696ef68f87b43be0010ac936047d5df5796172ab0da053ff2e03153aad336282a5901edcb47256fc88f6dfbbf2e4b6d33fc77622c7ad4da3db6b0de92b0e30081dc59bf477b47ffe89bbade3059c082c73f5a36508666abb816df2384e9a7f968ac5c89acb0d8c5a9e87be85e39314624eeaebf70d8edd8f234455bfc1167045a41ead1cf5063e634f35caae8667c67664803ca1912a1deb133fe043d1f463cfad35adbffeae10315f894d83e9f6ded58e045652134b32d69c647be2d8c673eca17df6d5eb9b654d77453b64782341d314cd92e54f855e0583b553b4aeadf5d3b182f4a2ee68c1615172df3b7d5b2b95f92067a566301671a1986140728aa2e140be99196f55dfb55d34867cebd2b9045ea3c53b9d79934a4c30fe7bf0fa31d5df41d4ca1726f1309ce907214dbd8b86c323e5d5667fc3261702b48f9e1c365ffcc78cdd31373d1f042d41cce5813d7d291636f534ae2c38df9a42086ccfe592dfe68dc774c1cb05808ac5ca4d5e246a6596dc46f583aec523f56b6b015b20c3325d50e40d3f3c9479775c7a824f903955e790f6d01a8b8d15ccfa84cb7903cb2965b593c2c56277d067bb5da6384506b22a91cfa68f52ec589950681b716d4b1f5281b53eb7cbf57dc463f09edee28a255c8345e588e19222e91ceadd278e7cf465081971f39c984ab585d98aaa49eef857a5801e7a81fb0a76f1269112b915c3843ae23085a4b1d98d780da9d47043c76237cb310a0fc1bb091b07df283c002626d618535851485fb7c89c5d943964033280178ca7010ac03800c4b01a632d45ab53af3fb9f18cd1f1bf83fa6c67036935ec3339c7c1772856a7c1d23213a6eb1fa5bdaa6f8f2e43a8d04686cac55ef352929b68c8c0f90895c473feb0e1cafb847290b84b8036bc03b15d50b72f5f8ba88018925ae318ff86608888b258adfff1dc07ab4f181448c2af0021d4a577c1cdcbbdf92d80e3e4c2a00af826ced0cb7bc55cdd33e9f074161e34fc2fd3bc350b498e441b47ee3ad28325070e2386a8d378794c23eb30c7ec98a352a49df3fd300699448edfafd72bf857cdee7af723a517a32f2face18458f9db1d6fe8481919d74e2d635b4115557050d31dc011c1bd38226697588706f76e932a20fb50ceb80c269db15ed5feb36c764a5367ebe6f7d46f804e09527da0737e20dcaf5d4dac51badf552a93243232320d9c4da7c2034e5c8819"}) ioctl$KVM_GET_CPUID2(r1, 0xc008ae91, &(0x7f0000000780)={0x6, 0x0, [{}, {}, {}, {}, {}, {}]}) ioctl$KVM_DEASSIGN_PCI_DEVICE(r1, 0x4040ae72, &(0x7f0000000880)={0x8, 0xfffffffffffffffa, 0x9, 0x4, 0x200}) setxattr$security_smack_entry(&(0x7f00000008c0)='./file0\x00', &(0x7f0000000900)='security.SMACK64IPIN\x00', &(0x7f0000000940)='@\x00', 0x2, 0x2) ioctl$int_in(r1, 0x5452, &(0x7f0000000980)=0x5) ioctl$IOC_PR_PREEMPT(r1, 0x401870cb, &(0x7f00000009c0)={0x6, 0x2, 0x9, 0x4}) ioctl$sock_SIOCOUTQNSD(r1, 0x894b, &(0x7f0000000a00)) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r1, 0x84, 0x6b, &(0x7f0000000a40)=[@in6={0xa, 0x4e21, 0x0, @empty, 0xfffffffffffffa63}, @in={0x2, 0x4e22, @remote}, @in={0x2, 0x4e24, @local}, @in={0x2, 0x4e21, @multicast2}, @in6={0xa, 0x4e22, 0xc45, @dev={0xfe, 0x80, [], 0x14}, 0x2}, @in={0x2, 0x4e20}, @in6={0xa, 0x4e20, 0x300, @ipv4={[], [], @loopback}, 0xffffffffffffffff}], 0x94) fcntl$addseals(r1, 0x409, 0x4) write$UHID_INPUT2(r1, &(0x7f0000000b00)={0xc, 0x1000, "e1888e8140840603219c40dc067ee01409f9ce806798da3827c7b5b2bbd08c5d9720c9af9c8886199327de82547a1ca2d620e0a951c364b994e3d5672d94b77c504190999201094389f9f38dbbe1898061134bbf781146a23eed0325771c6c1ca169f291804506cca07fd251e694665ad7f0eafd083ebf3c96331d8b9e4ae68cb9d9387a0660c2b410963cd2d7bf7c7fae9a9e81b1b299ae47c61ed6b9cd44476a4b407599acecf9c3acc29238c2cc30952470bdf7de8aeb72b79d80c55ee4bfa8e71153f01b718f1b990abd452047ef13e42a13304de793ac889e4d1d523c4fb8e6bd4f419677f16809c633f058ac9a20bb6f170cf8e921d483db5ae59b8b6505592fa72296e3ce6cc249e37479220c8db8d6bce49bc51c5992ed14f9c78fa1d2421c3417c01fe12f965ae0d3b6205a16a3466760fa5e84cdff9e29d5bc65029aaa8f60f75a16e1590862f644ddf10428a1fc6fefbc952d76bb2c012909884b83b070d4d9f52ff351128097b1ae8db6cefdad2ace3a20660ec43f130985390622f399ac57009aa24c4c464d15d5efd56d13b248f778f7fc25a3e6b758eeeba397344ced512c9adff0990c289cea4e087d515cf74e21a49b858ec892999e472a7f2a65ee822adff895ffa5069d56934b6769a2f1dfe929576f9eb89ada39266175033bf994df0d4d2af98f13e466cbab88822f5127f29774b3d96de389601f054de385cebd13a801b45d236b6dd9c8ad1a7b1662283e9b5da32dd7966f2e82bca75ccddcb53d75ca959fa11ccaa0acfde6d55fc77c413b900410e2149971a5d630e82160a1aaa4e90859f6bfbd171ca88f129d7a62406edf50200cf3d03650d28cb7233cf4f6c0b7cab697327f091d92455130d76cb42d57ba06c53c683d0c25d798ac49b35553b38ded46948e25280f27029ceb70bbb92f8522b473e1cc523f16fdad444a00bc80f61831a298e26f4db7e3f4c5fe98cfd9cdf3bf84450806f07170e2dd3c55ed441b57e0af27fff91e1a6a276d2d4167752cb38a445184e24d24a0e3a851a29e39eeac70905a57b8d5fc1385ecab2d8e551449cf48e129ae35f7c8f8c8fd14ec5b21766ba6a55591b42abda17cac48fe1ab852dee9ca529970942cce077e9aceb6f6aeeb1db7b61e96a0d270fe299cd0215334edbf6e07ef65e4a425a15ef432a39acb44d36d460cc591a0ff2d598bcb796de4b4dc5b487d2201bebac010460edaa19a04806df242dd8b637407d7ba121949b8ca91f90fabf0d4618648978b955dee14e798f2899822c91eff0d4411d920b32c161c51f428c2bab7639445869d1337e718f850d3d17ae1126d9c01e02d323c22195aab212df2fd27b7cdba2e8b20ec4e8b7033d2bfd4ed1e9ab1175dbbfc095b6ae93460061b12b4167e6ec8e4b3c27201a01a40595061d7e8da20489ec3ddd563c97f45fb50094801d719460d7fef20716c322f312b8753bf46eaa1b071e9ea080544ec8011df8fac24a78b4194195e597c3f5e9d01da361dadf0a7f23d55af49c556dd189499dccb04de37eafb1ae348d12539b277e814f54d94f568e57d08afcd338d4c59a9176ebd40018c80d7905022b623f6989e1821e3feaba3b207793073afefafea3a593f29454d84a8b9ead49431a60d92c534290289d31c9a6ed0298109985fc80aea7ea1b7e8fbe27aaaecd3346e9cb7d55831c6d4b365ee3344dbe82ea0a65e32044e6193c197f8e8d4549964c9b473432eff2382e8864526b18af4ad3ff8966c99684d066b1148e950eff80f5d702d1eaf9f873a28f769d576e5e36c6c7f704d0e1c33dbddc994db0e77fcabee92b233fe0d006fe820da73aea5b6743920a39b6930fc9bd8e6cbc9ca9930043e0b9b7b06fdda660e016d47a4a2aa0122abc1a1bddf6f4f8fe1e1eac540a31d0fb214a81fc977326d8cff44ea2b29fad36fa940e0ddf26281518a5ce8ae5423c54277174b931b063f1b45d2b6791a744f948bc56d209f7ecc629a60f296e729ce8650bcab5768c5166ed8dda6a9429b210cf136ebd687f6bb77b666b3a396c7165ef1690a18d72c836268c62f86471cb2919e769018410ce38e078837c548db717e31c1a60c261ba6dbe0b0b3654ea810b989d4ca7697af1746745a0e497d7d4661c1b56ca7ac5ee08cc574006d41ec381f2ae48143e50dd83b2f51ee6e36b63ee66182baab1d13080f05b6f569221dd9e090daebcbc82efa080c28ff1ed889340e0dc2351b485a56d5f02633b3ce900a591e5092856ba24ac2c3df4844bcea5a720d99899800b7ee52beb64d8fbfe9185fbc5ca9f6e2bd3fec7b20b5575e592cfef6fd0027c79412f23a7464edf341a4d62107c46f3ba747d335a32c32b97911506ec2e21a11467009b84aaab8edc54262202c87b0369fb01189bb2578ce7c4e99f4052b386a7d5fa1f4be1580d72314700808d8c859d9b80339f816513c6b124b2fb6977316edb0969581b9aa75388b5bb98a00d05173a04e94ca844897f5b5a27fbefdccff6bcbb2b444838f5315dc0f6cac330e5f9559c2076f61d3a2b088eff5831547189973c76e732cd69dd75c9c1965d11c3edfab01f8da0b8fceecd14d24bfda0f4eb1b5402fbdb2f3cc1782cb7ba72a8222b36b9fbe40162bc32b013878cdef19c0939ab4973ac52bb0286acbbf1bb5bd73dd81822ecd2d4a3bad7ccb93ba6aa966cbde196029c56ccb9879cf99602efcc3a07adebc040e95f2314c3f5128049ed649a9b41ad946d633db25d3f12ca1526aa02752f47d8a4dd5fc77560a3ff5fee2a32baf5674e74f73a2ebf8dad5e31e9beccee9fddd6c69a49c658b87549cf4ce98f5fed6ef7131c68c009e109cd736f2e3504af78818a1d443bedb1765e2699568e1792b3b74c7e4b901a7d86b9485c2bbe2821867e81a576974cd7877c50b3ae2f7c18936f6a8f054412666859c5754fc277a4fa63975b20e558d5dc071f837e4ba8cb2ab3f5937dea65a21ee3571bf65f72a9a3d072f7012794480e84ed7e1023f3114beae5818fb4b2c1df911d52798cfc90586a8fbe1ee0fcb4d7ac6d3d17ced873923375067158e0ca57e8532d860d3ea425f489df600a68791cf7b765719756b05efb8dc25fd8b6a8fe4ad7040200b6c94631d03c08e4e326c7bc5a10958f2e608410d4936ed5b33b3b336d8bc2290a7cf0bcb46a89fa0e2f6dafcabb3addf095e61ca60ab487287934cc3d79c156b2aa102222aabd8dd6e60f3b7e87d63ed0894a141056616a5de089f151808467a6b3451b343433252f5ad04a4ff03215cd7402de8bf3d6bd97dd6513f1ee4f3e630baa0883314039f71ddfdf9b2450492bdfc0951aead3d6a0f185e90c36bd8334f5737f3d74eed8125181fbb35dd8a18ac6e1ecd5b454d21e5f1b3f6ad6c3bc546a075925008a1eb41af3341296e9a5f3d3d325c46d23e8b29301f9605b27c7ee56145b3053c3962b3cb808ed4e48da103a8f45314b578cb212ebc519d2ac3b934ab1c1b7c08263503387ffe6d04dad4a3a6598ece2c2b590e4d2239387f8bdb20b4368c48f7b3b8efee1d5d9ca39a3cf0d0947897de226f3a4224d7bf4b2d8c9b0e6cf7bd91f887c4af98ea992045ca8604e8d85606d0abcf9b01452288a5b5e1861eee1601de6db01efd9ef8bb34f5d0df1ca027e52f2b2dca90233febd10b59b4ad978c5ba3f761d172450eb6daf1bc202cd24ebf14a1af0eb434eb95964e894514ab26f16b188175fac7262b4d515f8bcbfed79050945a91ada47df0bf0d3014573824c5ba1b9a5cb6bf309063fd4e7d961e83a54ac752c64b8a95259615afe476a70e5428cbe8eaa217ceea6d083091a19eeae4e29484a201f14d3adbb73c41af24c4272ebd4b097d9332a06af4cef35a743378535352fd49552506d4a4da294f5570bd3cf6a78814f50ab56c121544eb86f45e86c05e6d745035fd76857e5018326f9785a90109be9a2ed9c199918ac7491cba1c6217a85d082bba2bb15ee922eb99e45402184b60a34f7b7a8cbd22946825045d12206454d55a1b4cdbc4dcaa6249c686112107c73bd6edcadb69bb7e0e42d5ce2b8aad9549e124220493be42567d269d8201a2c59db14e839fe32a861a113c964920218a12d06ca6b885b03f0e420ae345415e35ada79f4c964e5efc16768f9e37f1eb9cd4a4247694b7ef05c9328644bba54fc0fed09ab75311b93524554bbf38e4467b6583a61dbd5f678579edd86508ada35d36ced75288265a0e0b6a114913aeffff2bff6e65b0944386aa7dd4639402853f72c3c06612e10d869527ae486627c71f1aa8873352745af7f0c32dc0398cdefb4835c39e7a2d73a32de7e762a6d8bd5b5bc5f193f544aea5435143f0209b96a6cb0d068ece58b877f018c53e62503b849922da569b40f3afdc5fd8bd4c003ec1f078f5583cac595441406b36c15445de8786047966e9d6b23b9f3a5c93da22982f6926efa8097b97985d4dd26c1e03e7e7255703642502199d1cf0aa47671ebf83ce04627697a25166f472351010d182749879aba64afcf689721a8700096331ab8b7e1532b4e3c153894628f4c95a84ab9467e8409826645b15c06441adde0ea191d1f77d482b665d093d6dbf995b48db278ee5839c7e9232d0242de37064be30bc636bb42e2b62094fc79cb55b4e10d49859d515f657b594ea507a3150c9deed04158f64e316f9e2d4a6c245dc8dd04982107bdabbdd98675415a4aeb056508efb2fe561e89f23d9bba496421de4ebccd1e1aa69f8a70de8ae54bbe6eb65308f4e8eed6cdf2b7aa33be5991cba748ff7edef7ad68dc48bc3d8c51537ca12e00d60489d0bf0b01fcff6bc9d743b372bc3e995d84d922b67317db150ebb87ea637629fe3c187b96a3ea27903cbabbcf41a9f1ae0275242049a2d7a845718d70d586263541561c90a385e414511ae9ead13cfae83a9f1f63a3e7a26c92a978ff736fa1706cc6b1f407698ac0a856238f0de0e378a7d2d873aa967ed83af1ece08f07b742533e1999509c26e5c1ecf0d39625432f722a333f59490948342051b4ce16e50ade7cf2b7b0ae0a9885e78cb2f629322d2efcc698fe7bb3aae70e83ac49f21d498a235cae802799d2952adb08250fc61e07aa56e49a0ae1f3999c85c57af8c38f38c767e3d3596f7bae3ad0a7fd81682e062c6d71c3dd0fc1f25fbb6bcc4bb8c6aa84a31f173ab3b6ceef4266ea5fef43de2ba96f47013e6dc380be20239ca786431060a1c7ff6bc14a1263d17c811b93b24b53696ca1760c6040a6dac6d0ff7578c80a7834506633bd89cf75e945ddbca3eeb1305a973bbd41f3446cd173abe578c24898f978b4c93e72d7f771c8dfe7b2cce84bd5c6642f372a421bbbfe370ad211f7fee2e1b9dfe9480a043a16a261a6f2fd8220723496f658201b8c4e16a65ac0664877edbb8884d9c8ac7e1485791460d338791cb45ea363c866dc0338b9f1b1b33c6992528fa48cb3115ec2e06573520c8fdb826a6819ab76ce13eb367150ea5077899684ad595e7d931f009614deae32c13288611280aad8cf784eea6e6c478c0baf1e39341fcb2ccff3fd537672686e298468950e91d4445b46ad4e4552681dd70b015aa29fa1df7afd41a75e25cd914f2cad3b2a2ff0657cc6557ff261a4f2fd9d2b0b07c81799a659a5d8acde4510c6b5b0a1c9a06eb7d04bfdcfae7baef0ae2fb66102f10575f0ab7ac130ce9b88cba0c49dc374c66d3b6dabc71bf02e539c25fd66a0e9e2e983b5bd9c397006324191ba8a0f5166b8ef9a505be3b7b3939108049685b1d032f"}, 0x1006) ioctl$EXT4_IOC_MIGRATE(r1, 0x6609) ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000001b40)={0x0, r1}) openat$smack_task_current(0xffffffffffffff9c, &(0x7f0000001b80)='/proc/self/attr/current\x00', 0x2, 0x0) ioctl$UI_SET_SNDBIT(r1, 0x4004556a, 0x4) getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r1, 0x84, 0x70, &(0x7f0000001bc0)={r3, @in6={{0xa, 0x4e24, 0x5, @local, 0x2}}, [0x81, 0xff, 0x20, 0x2, 0x0, 0xd5d, 0xf392, 0x80, 0x100000001, 0x1, 0x5, 0x10000, 0x5, 0x3, 0x9]}, &(0x7f0000001cc0)=0x100) nanosleep(&(0x7f0000001d00), &(0x7f0000001d40)) ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000001d80)=0x7fff) clock_gettime(0x0, &(0x7f0000001dc0)={0x0, 0x0}) setsockopt$sock_timeval(r1, 0x1, 0x15, &(0x7f0000001e00)={r4, r5/1000+30000}, 0x10) rt_sigpending(&(0x7f0000001e40), 0x8) getsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000001e80), &(0x7f0000001ec0)=0x4) [ 239.982931] 8021q: adding VLAN 0 to HW filter on device bond0 [ 240.511962] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 240.519966] team0: Port device team_slave_0 added [ 241.079748] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 241.088073] team0: Port device team_slave_1 added [ 241.376527] IPVS: ftp: loaded support on port[0] = 21 [ 241.627667] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 241.644082] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 241.651085] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 241.659982] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready 17:32:20 executing program 0: r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c) sendmmsg(r0, &(0x7f0000007e00), 0x3ffffeb, 0x0) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendmmsg(r0, &(0x7f000000ac80), 0x400021b, 0x0) 17:32:21 executing program 1: io_setup(0x1000000000005, &(0x7f0000000140)=0x0) r1 = syz_open_dev$binder(&(0x7f0000000080)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_submit(r0, 0x1, &(0x7f0000000b00)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}]) ioctl$BINDER_THREAD_EXIT(r1, 0x40046208, 0x0) [ 242.151903] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 242.158980] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 242.167883] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 242.608545] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 242.616273] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 242.625357] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready 17:32:21 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) prctl$intptr(0x20, 0x0) [ 242.931872] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 242.939528] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 242.948528] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 243.288416] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 243.294964] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 243.303239] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready 17:32:22 executing program 1: mkdir(&(0x7f0000027000)='./file0\x00', 0x0) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") clone(0x20002100, 0x0, 0xfffffffffffffffe, &(0x7f0000000340), 0xffffffffffffffff) mount(&(0x7f0000000000)=@nullb='/dev/nullb0\x00', &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300)='gfs2\x00', 0x0, 0x0) [ 244.898245] 8021q: adding VLAN 0 to HW filter on device team0 [ 246.608478] bridge0: port 2(bridge_slave_1) entered blocking state [ 246.615038] bridge0: port 2(bridge_slave_1) entered forwarding state [ 246.622052] bridge0: port 1(bridge_slave_0) entered blocking state [ 246.628509] bridge0: port 1(bridge_slave_0) entered forwarding state [ 246.637274] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 246.993724] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 247.412560] bridge0: port 1(bridge_slave_0) entered blocking state [ 247.419090] bridge0: port 1(bridge_slave_0) entered disabled state [ 247.427865] device bridge_slave_0 entered promiscuous mode [ 247.658414] bridge0: port 2(bridge_slave_1) entered blocking state [ 247.665033] bridge0: port 2(bridge_slave_1) entered disabled state [ 247.673822] device bridge_slave_1 entered promiscuous mode [ 247.904833] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 248.234414] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 249.002677] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 249.220857] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 249.538486] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 249.546076] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 249.888027] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 249.895271] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 250.606827] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 250.615031] team0: Port device team_slave_0 added [ 250.628415] 8021q: adding VLAN 0 to HW filter on device bond0 [ 250.795379] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 250.803483] team0: Port device team_slave_1 added [ 251.087937] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 251.097026] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 251.106142] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 251.381830] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 251.389718] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 251.398696] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 251.702427] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 251.710010] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 251.718977] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 251.746971] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready 17:32:30 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="d7ca"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000000), 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000006080)=[{{&(0x7f0000000d40)=@xdp, 0x80, &(0x7f0000002040)=[{&(0x7f0000000dc0)=""/52, 0x34}], 0x1, &(0x7f00000020c0)=""/4096, 0x1000}}], 0x1, 0x0, &(0x7f0000006340)) ioctl$KVM_NMI(r2, 0xae9a) openat(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 251.984836] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html for details. [ 252.050669] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 252.060017] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 252.068994] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 252.080327] ================================================================== [ 252.087731] BUG: KMSAN: uninit-value in vmx_set_constant_host_state+0x1778/0x1830 [ 252.095396] CPU: 1 PID: 7507 Comm: syz-executor2 Not tainted 4.19.0-rc4+ #65 [ 252.102599] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 252.111968] Call Trace: [ 252.114596] dump_stack+0x306/0x460 [ 252.118251] ? vmx_set_constant_host_state+0x1778/0x1830 [ 252.123752] kmsan_report+0x1a2/0x2e0 [ 252.127612] __msan_warning+0x7c/0xe0 [ 252.131458] vmx_set_constant_host_state+0x1778/0x1830 [ 252.136794] vmx_create_vcpu+0x3e6f/0x7870 [ 252.141066] ? kmsan_set_origin_inline+0x6b/0x120 [ 252.145938] ? __msan_poison_alloca+0x17a/0x210 [ 252.150646] ? vmx_vm_init+0x340/0x340 [ 252.154567] kvm_arch_vcpu_create+0x25d/0x2f0 [ 252.159096] kvm_vm_ioctl+0x13fd/0x33d0 [ 252.163109] ? __msan_poison_alloca+0x17a/0x210 [ 252.167822] ? do_vfs_ioctl+0x18a/0x2810 [ 252.171915] ? __se_sys_ioctl+0x1da/0x270 [ 252.176092] ? vcpu_stat_clear_per_vm+0x420/0x420 [ 252.180959] ? vcpu_stat_clear_per_vm+0x420/0x420 [ 252.185837] do_vfs_ioctl+0xcf3/0x2810 [ 252.189795] ? security_file_ioctl+0x92/0x200 [ 252.194353] __se_sys_ioctl+0x1da/0x270 [ 252.198378] __x64_sys_ioctl+0x4a/0x70 [ 252.202307] do_syscall_64+0xbe/0x100 [ 252.206154] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 252.211369] RIP: 0033:0x457579 [ 252.214588] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 252.233513] RSP: 002b:00007f7e93dccc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 252.241262] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457579 [ 252.248559] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000004 [ 252.255853] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 252.263144] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7e93dcd6d4 [ 252.270429] R13: 00000000004bfc18 R14: 00000000004cfca0 R15: 00000000ffffffff [ 252.277735] [ 252.279384] Local variable description: ----dt@vmx_set_constant_host_state [ 252.286416] Variable was created at: [ 252.290157] vmx_set_constant_host_state+0x2b0/0x1830 [ 252.295367] vmx_create_vcpu+0x3e6f/0x7870 [ 252.299612] ================================================================== [ 252.306978] Disabling lock debugging due to kernel taint [ 252.312442] Kernel panic - not syncing: panic_on_warn set ... [ 252.312442] [ 252.319842] CPU: 1 PID: 7507 Comm: syz-executor2 Tainted: G B 4.19.0-rc4+ #65 [ 252.328437] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 252.337816] Call Trace: [ 252.340436] dump_stack+0x306/0x460 [ 252.344118] panic+0x54c/0xafa [ 252.347396] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 252.352886] kmsan_report+0x2d3/0x2e0 [ 252.356728] __msan_warning+0x7c/0xe0 [ 252.360583] vmx_set_constant_host_state+0x1778/0x1830 [ 252.365904] vmx_create_vcpu+0x3e6f/0x7870 [ 252.370169] ? kmsan_set_origin_inline+0x6b/0x120 [ 252.375050] ? __msan_poison_alloca+0x17a/0x210 [ 252.379812] ? vmx_vm_init+0x340/0x340 [ 252.383737] kvm_arch_vcpu_create+0x25d/0x2f0 [ 252.388298] kvm_vm_ioctl+0x13fd/0x33d0 [ 252.392330] ? __msan_poison_alloca+0x17a/0x210 [ 252.397041] ? do_vfs_ioctl+0x18a/0x2810 [ 252.401126] ? __se_sys_ioctl+0x1da/0x270 [ 252.405312] ? vcpu_stat_clear_per_vm+0x420/0x420 [ 252.410184] ? vcpu_stat_clear_per_vm+0x420/0x420 [ 252.415054] do_vfs_ioctl+0xcf3/0x2810 [ 252.418990] ? security_file_ioctl+0x92/0x200 [ 252.423541] __se_sys_ioctl+0x1da/0x270 [ 252.427559] __x64_sys_ioctl+0x4a/0x70 [ 252.431487] do_syscall_64+0xbe/0x100 [ 252.435330] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 252.440546] RIP: 0033:0x457579 [ 252.443781] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 252.462740] RSP: 002b:00007f7e93dccc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 252.470508] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457579 [ 252.471088] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 252.477801] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000004 [ 252.477816] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 252.477830] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7e93dcd6d4 [ 252.477844] R13: 00000000004bfc18 R14: 00000000004cfca0 R15: 00000000ffffffff [ 252.484955] Kernel Offset: disabled [ 252.517599] Rebooting in 86400 seconds..