[   51.250859] sshd (6062) used greatest stack depth: 53392 bytes left
[....] Starting OpenBSD Secure Shell server: sshd[   51.407877] random: sshd: uninitialized urandom read (32 bytes read)
[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   54.127755] random: sshd: uninitialized urandom read (32 bytes read)
[   54.483643] sshd (6135) used greatest stack depth: 53184 bytes left
[   54.514896] random: sshd: uninitialized urandom read (32 bytes read)
[   55.788516] random: sshd: uninitialized urandom read (32 bytes read)
Warning: Permanently added '10.128.0.48' (ECDSA) to the list of known hosts.
[   61.485994] random: sshd: uninitialized urandom read (32 bytes read)
2018/10/06 06:03:23 fuzzer started
[   65.712565] random: cc1: uninitialized urandom read (8 bytes read)
2018/10/06 06:03:27 dialing manager at 10.128.0.26:36867
2018/10/06 06:03:27 syscalls: 1
2018/10/06 06:03:27 code coverage: enabled
2018/10/06 06:03:27 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled
2018/10/06 06:03:27 setuid sandbox: enabled
2018/10/06 06:03:27 namespace sandbox: enabled
2018/10/06 06:03:27 Android sandbox: /sys/fs/selinux/policy does not exist
2018/10/06 06:03:27 fault injection: enabled
2018/10/06 06:03:27 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2018/10/06 06:03:27 net packed injection: enabled
2018/10/06 06:03:27 net device setup: enabled
[   71.484552] random: crng init done
06:05:10 executing program 0:
r0 = socket$inet6(0xa, 0x80003, 0x1)
recvmmsg(r0, &(0x7f0000008880), 0x45b, 0x44000102, 0x0)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
mknod$loop(&(0x7f0000000280)='./file0\x00', 0x0, 0x1)
openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x0, 0x0)
ioctl$RTC_SET_TIME(0xffffffffffffffff, 0x4024700a, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x40, 0x0, 0x156})
fcntl$F_GET_FILE_RW_HINT(r1, 0x40d, &(0x7f0000000100))
sendto$inet6(r0, &(0x7f0000000140)='9', 0x1, 0x0, &(0x7f0000000240)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
setsockopt$inet6_int(r0, 0x29, 0x0, &(0x7f0000000080), 0x4)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x3b, &(0x7f00000000c0), 0x4)
connect$netlink(0xffffffffffffffff, &(0x7f0000000380)=@unspec, 0xc)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(0xffffffffffffffff, 0xc02c5341, &(0x7f0000000300))
r2 = fcntl$getown(0xffffffffffffffff, 0x9)
sched_getattr(r2, &(0x7f0000000180), 0x30, 0x0)
openat$rtc(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/rtc0\x00', 0x800, 0x0)
ioctl$EXT4_IOC_SWAP_BOOT(0xffffffffffffffff, 0x6611)
write$UHID_GET_REPORT_REPLY(0xffffffffffffffff, &(0x7f0000000200)={0xa, 0x0, 0x7}, 0xa)

[  170.857852] IPVS: ftp: loaded support on port[0] = 21
[  172.886266] bridge0: port 1(bridge_slave_0) entered blocking state
[  172.892852] bridge0: port 1(bridge_slave_0) entered disabled state
[  172.901000] device bridge_slave_0 entered promiscuous mode
[  173.023789] bridge0: port 2(bridge_slave_1) entered blocking state
[  173.030235] bridge0: port 2(bridge_slave_1) entered disabled state
[  173.038482] device bridge_slave_1 entered promiscuous mode
[  173.159911] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  173.280755] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  173.651379] bond0: Enslaving bond_slave_0 as an active interface with an up link
06:05:13 executing program 1:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
clone(0x79804100, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000000)={r0})
getsockopt$bt_BT_VOICE(0xffffffffffffffff, 0x112, 0xb, &(0x7f0000000080), &(0x7f00000000c0)=0x2)

[  173.778302] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  174.447523] IPVS: ftp: loaded support on port[0] = 21
[  174.640956] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  174.648923] team0: Port device team_slave_0 added
[  174.770993] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  174.778962] team0: Port device team_slave_1 added
[  174.925679] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  175.088940] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  175.233627] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  175.241119] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  175.250008] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  175.427971] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  175.435738] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  175.444806] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  177.538581] bridge0: port 2(bridge_slave_1) entered blocking state
[  177.545129] bridge0: port 2(bridge_slave_1) entered forwarding state
[  177.552108] bridge0: port 1(bridge_slave_0) entered blocking state
[  177.558561] bridge0: port 1(bridge_slave_0) entered forwarding state
[  177.567007] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  177.874282] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  177.890283] bridge0: port 1(bridge_slave_0) entered blocking state
[  177.896927] bridge0: port 1(bridge_slave_0) entered disabled state
[  177.905019] device bridge_slave_0 entered promiscuous mode
[  178.150702] bridge0: port 2(bridge_slave_1) entered blocking state
[  178.157287] bridge0: port 2(bridge_slave_1) entered disabled state
[  178.165606] device bridge_slave_1 entered promiscuous mode
[  178.290391] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  178.410876] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  178.974009] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  179.171497] bond0: Enslaving bond_slave_1 as an active interface with an up link
06:05:19 executing program 2:
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000200)='/dev/hwrng\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
getsockname$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, &(0x7f0000000180)=0x1c)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060", 0x3f}], 0x1, 0x0, &(0x7f0000000100), 0x1000000000000011)
ioctl$KVM_SET_ONE_REG(0xffffffffffffffff, 0x4010aeac, &(0x7f0000000000)={0x0, 0x8})
r3 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r3)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080))
ioctl$sock_SIOCBRDELBR(0xffffffffffffffff, 0x89a1, &(0x7f0000000100)="726f7365310000000004000046f700")
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040)={0x7ffd})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  179.413465] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[  179.420464] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  179.675305] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[  179.682612] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  179.945690] IPVS: ftp: loaded support on port[0] = 21
[  180.485716] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  180.494189] team0: Port device team_slave_0 added
[  180.700648] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  180.708691] team0: Port device team_slave_1 added
[  181.012691] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[  181.019743] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  181.028579] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  181.326443] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[  181.333680] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  181.342344] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  181.550046] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  181.558184] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  181.567005] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  181.797241] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  181.805331] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  181.814166] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  183.598405] bridge0: port 1(bridge_slave_0) entered blocking state
[  183.605131] bridge0: port 1(bridge_slave_0) entered disabled state
[  183.613385] device bridge_slave_0 entered promiscuous mode
[  183.865945] bridge0: port 2(bridge_slave_1) entered blocking state
[  183.872484] bridge0: port 2(bridge_slave_1) entered disabled state
[  183.880681] device bridge_slave_1 entered promiscuous mode
[  184.107921] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  184.296367] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  184.811832] bridge0: port 2(bridge_slave_1) entered blocking state
[  184.818298] bridge0: port 2(bridge_slave_1) entered forwarding state
[  184.825275] bridge0: port 1(bridge_slave_0) entered blocking state
[  184.831786] bridge0: port 1(bridge_slave_0) entered forwarding state
[  184.840128] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  184.994627] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  185.032315] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  185.235234] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  185.420061] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[  185.428666] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  185.690743] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[  185.698231] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  186.309076] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  186.317160] team0: Port device team_slave_0 added
[  186.603836] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  186.611830] team0: Port device team_slave_1 added
06:05:26 executing program 3:
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000002640)={@ipv4={[], [], @multicast1}, @loopback, @mcast2})
getsockopt$inet_mtu(0xffffffffffffffff, 0x0, 0xa, &(0x7f0000000400), &(0x7f0000000140)=0x4)
r0 = socket$pppoe(0x18, 0x1, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x89f0, &(0x7f0000000080)={"62726964676530000000000000000004", &(0x7f00000000c0)=@ethtool_ringparam={0xf}})

[  186.897078] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[  186.908133] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  186.916831] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  187.163918] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[  187.170935] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  187.179652] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  187.441720] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  187.449513] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  187.458278] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  187.716624] IPVS: ftp: loaded support on port[0] = 21
[  187.784554] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  187.792155] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  187.800906] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  188.474992] 8021q: adding VLAN 0 to HW filter on device bond0
[  189.714957] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  190.894971] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  190.901338] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  190.909332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  191.385398] bridge0: port 2(bridge_slave_1) entered blocking state
[  191.391922] bridge0: port 2(bridge_slave_1) entered forwarding state
[  191.398732] bridge0: port 1(bridge_slave_0) entered blocking state
[  191.405329] bridge0: port 1(bridge_slave_0) entered forwarding state
[  191.413838] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  191.901979] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  192.118331] 8021q: adding VLAN 0 to HW filter on device team0
[  193.170754] bridge0: port 1(bridge_slave_0) entered blocking state
[  193.177443] bridge0: port 1(bridge_slave_0) entered disabled state
[  193.185686] device bridge_slave_0 entered promiscuous mode
[  193.526159] bridge0: port 2(bridge_slave_1) entered blocking state
[  193.532792] bridge0: port 2(bridge_slave_1) entered disabled state
[  193.540868] device bridge_slave_1 entered promiscuous mode
[  193.856988] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  194.159676] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  195.231181] bond0: Enslaving bond_slave_0 as an active interface with an up link
06:05:35 executing program 4:
semtimedop(0x0, &(0x7f0000000100)=[{0x0, 0x0, 0x1000}], 0x1, &(0x7f0000000180)={0x0, 0x989680})

[  195.533154] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  195.975379] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[  195.982567] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  196.393957] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[  196.401002] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  196.805894] IPVS: ftp: loaded support on port[0] = 21
[  197.525592] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  197.534195] team0: Port device team_slave_0 added
[  197.727732] 8021q: adding VLAN 0 to HW filter on device bond0
[  197.870783] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  197.878712] team0: Port device team_slave_1 added
[  198.267313] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[  198.274536] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  198.283323] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  198.663479] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[  198.670534] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  198.679180] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  199.020769] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  199.028495] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  199.037386] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  199.229912] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  199.437631] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  199.445333] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  199.454488] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
06:05:40 executing program 0:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
ioctl$sock_SIOCOUTQ(r1, 0x5411, &(0x7f00000010c0))

[  200.701906] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  200.708273] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  200.716118] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
06:05:40 executing program 0:
r0 = socket$key(0xf, 0x3, 0x2)
pipe2(&(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
r3 = creat(&(0x7f0000000040)='./file0\x00', 0x2)
splice(r0, &(0x7f0000000100), r2, &(0x7f0000000140), 0x4, 0x0)
openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x220000, 0x0)
r4 = gettid()
ioctl$TIOCGPGRP(r3, 0x540f, &(0x7f0000000080)=<r5=>0x0)
kcmp$KCMP_EPOLL_TFD(r4, r5, 0x7, r1, &(0x7f0000000180)={r2, r3, 0x4358})

06:05:41 executing program 0:
bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x3, 0x4, 0x4, 0x40, 0x0, 0xffffffffffffff9c}, 0xfffffffffffffdf6)
bpf$MAP_CREATE(0x2, &(0x7f0000000880)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x2c)

06:05:41 executing program 0:
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000280)={'veth1_to_bond\x00', <r1=>0x0})
setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f00000002c0)={r1, 0x1, 0x6}, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'syz_tun\x00', <r2=>0x0})
setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000040)={r2, 0x1, 0x6}, 0x10)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000100)={0x0, 0x0, <r3=>0x0}, &(0x7f0000000180)=0xc)
setgid(r3)
setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000000)={r2, 0x1, 0x6, @dev}, 0x10)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={<r4=>0x0, 0xffffffffffffff9c, 0x0, 0x3, &(0x7f0000000080)='\\#\x00', 0xffffffffffffffff}, 0x30)
pipe2(&(0x7f00000001c0)={<r5=>0xffffffffffffffff}, 0x80000)
r6 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000480)='IPVS\x00')
sendmsg$IPVS_CMD_SET_INFO(r5, &(0x7f00000003c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x74, r6, 0x300, 0x70bd25, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_SERVICE={0x34, 0x1, [@IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@local}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x58}, @IPVS_SVC_ATTR_PROTOCOL={0x8, 0x2, 0x3e}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x14, 0x12}}]}, @IPVS_CMD_ATTR_DEST={0x24, 0x2, [@IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x7}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x9}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x8001}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x7}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x4}]}, 0x74}}, 0x40000)
sched_getscheduler(r4)

[  201.768227] device veth1_to_bond entered promiscuous mode
[  201.793515] device syz_tun entered promiscuous mode
[  201.903126] device syz_tun left promiscuous mode
[  201.908242] device veth1_to_bond left promiscuous mode
[  202.098047] 8021q: adding VLAN 0 to HW filter on device team0
06:05:42 executing program 0:
r0 = socket$inet(0x10, 0x3, 0x6)
sendmsg(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="24000000240007031dfffd946fa2830020200a0181020000001d85680c1ba3a20400ff7e", 0x24}], 0x1}, 0x0)
setsockopt$IP_VS_SO_SET_FLUSH(r0, 0x0, 0x485, 0x0, 0x0)
setsockopt$inet_tcp_buf(r0, 0x6, 0x0, &(0x7f0000000180)="02cba1ec5a60c75d32f91f9fd4eb7e7ac256de2357ca5bf5b53408be68af26f06c901a1bcf27d03c0c619016b1e5c92a372ccd148cd7ee4c4fc2f7d65bcab811265d10ec3eba3563b3a11429d6276325967657eb744a92fda3bed3c99793495f47157c47c168816173abb9275b17998c42913081518bb94e262ba9d2b5de7f8ec58349cf08f4ba3751a3d51a689141cf6d9bbe79c07c3588d63af42ef5df89f6a651e9c9925da8ba6000f88b881043943ad01ac0526d33a32d310195373f3eb983865a451d4c2676ce633ed5f5e366b9521b9934b18b035794314b07763f6701109998e7e777dfe7897c5454d43c09bc026768eec5fac76276431e2098ef3ac73968324e5808190dfb24d2b2918127fc40b24e4ce17f34e80bb3f178b579f97248badec6bd4d5cb8d9f8b9ac7adfd9767a27da88ffcca1cb2f5f2c4e7f86b8f96c7d9d097596384ad592ddbb59200248acc7dcbeee606766ad34e7cd15b2e02f78057cdc9ad5815d53a3dd416bbe7a21025705eb0290ce775fc731cdf78a255d38b40a95317f9471d00bb9ff7fcf4daccd2189f5e6b07bf54b68876131d71338489c5de3c83ecfd285606920511f7c96d4cd5acc1981bf6c2d76ef9f88298fcc7182f7067610ef5e4e70e2c5a2e900536f2548bdeeab86dda5d1ed0f512f5dc7a8f0cbaec3dbf304cd8a312528166f88459a76622200e46926a546d8126ede26a7b9c83e16cab8b007477525768a67792481ada3139e9eb6f1760ac4e54effb9391c7e6f5029b3ebbd966985c97ac50217762ffb3bbefb7e2fa4fa88c083107a93268d73803eee82e6f05b9eb2c01121fba5b4befcb02b5d4583a815b5912205144eb4371fb6bd9a60cdd3bcb9932da3855629d4a7f6cb37925b6146f092afe6b21c72d412d2ccdad9efdee3b3c0b55d8a06c9976d1fcbe334c8e215c938e17409dd0ec7af1b142f975f925e8894fcaaaea088d12d5b3c7290582a01b39a7ec4ab50151b349be33317e79d4ab721b6d15ea1044891305f1689f74398a32178c6d7b8f451b2a8e3d7817aeb56a093fecb62666a8c2af963ca3fc2b82704b10c16d92f6409c0cabb446a1f31cfe8560318f7c1791aac4a6de5e209dcac65b544ebff7ec7caef39146d1a304b00a74c0752d5d25030fb5380481d089ee0c5307cd59bb05d16721ba585fa84f9cec5c93f12e1fb14526e48a165c60510f48ded884b892ef30cc716be268218353a96dd8e63b7629a96b7549ec84d51468935b205755e631de72103aea42f4b07db25c909290e8ca571a1b49efc3a063d5d6a6bba21db270f3e2da56aa17611833b35cc808d3be69cfc281782c2637e2da71169c474b02b7d22a7aeb98f166d9a96c02dbc801bb13b17ac021342fb49b495d5dd7eef86693735c725a12f2243f6c267f1ce45e761adda022d9d2e4008dc1d2db4cb4768c04a33caf9cbe92ba9e20a468047e1e434fb7e8b8037e8bb59bfb9f97822749beec7f02b9ca8bb56c4ce7f966509b310483cb5767617ba3e073f9d2f0514b043a080140bef584ed34f2dc6f635b9c17012137f175784cc2b415c0b3da3f0e7cbaa3a2b1c26f9a9ac3c2a877ff567accc37d107ab65ccaf9c8cdc1b889696c77f35d2ebbf6a3f5c5fb7d71003fbb51deb8d5e58a51d82de4929d4c75f35449c509b0026b08f3684ed96a4f01d7c8cb5c78fe50cef5803b0241e2638cd58d194dbf01ebcb2e6b2e290373be63a3e0c49cbd900241873e64bea77b38b296f146e9d8e864eea79ddec31da2c68568a3a09f54f00a4549309d5f70458c0fb4966d823f5285df6175d348ed26664b22a5e7ae7f092778e076c5c4256ab95a5c544f331f94f2f196eb44ed058a476dab04981169f3659208ab332b2995c72a00f2be06c059aee5e594d98352a5ee0302ed07716ad2daa0d6fb997108b763277034b93f0d41bd34ad29beeeb5c11456241bce7a845c4e6768a0cdbb289e98f3dc3e0662b9401c141c0d2e7dfe88d846790e96c9ad065cd3e40b35d64fd979c417fd151ce48a3d1734ba27d6242f899919f47269865ee6f6e51f5fc8afe8b32dea5c716e3bb9cac22ad7f85c85a59bc155cbb89f77686d51051af0033d6c0709940b36bade8c12128c7171597f253d955339922fb43ff2702887617f26f3897d310ac1530048d2e4abf347fe67b408e8d7cd6a2bfc0f2517578d9c1b3bb7a77ce769f0ea665123925479683caddec6bc3614660a46d10fc322cb0af9785ee7a53599fcfea4dd4fe7ec1bad575a95cc4636f5512411adf9c1cfb878ea111478b94fb75383761e0f8a4d959e541f296bdb2bfe430c7ec53a75381bb5648aa150bbd85b557d67035f0831e4563a080087ff54677f1af67497737587b11ef1e85bd897b402c0d1ae471bc978e86ac92c38ed1fa414163e1c8ba29f817cebfbe4e353d828613d0d2910b9567faa139b5860a284552944db4c24712ef5c1c12a575e153ac233abec961454050ae0eb80be7c46c4e5e9ff80c41663faba5603f6bb9b20e99cfe9befc69b0b7380d63ae975f561360c574a515107d874d6f599d0db40ee65e11b292dd7ca537275b69f8eea2b4b6dbc06ae8a68a2bac0b9381fa7d6816dbd7d0e4ee2abcfb750f18e28ac4ed44048e62941eebf229918897b2dace6a570dca4778076a78d6b3793015610776fab6f3755d28c9d86fff11359c3bec873b83f7b31629171b6c1507cf8bafec21f0bb0606ccf60cc9557a3651f8fcfdf2a88f2027e3f64955a7d085f0b03b4dffb5eb5af357da3ac5f2e0762f9e1223c43b911d8d32167fb4128dc5e7032ad103b077f96a2e5894b90795a243ac2a2245c3ce09ac7d284f750308e5d63c049f29dc723c19be0a2496a085f4ad120b50a728433d9f2ce89cddb5b2e22908a337054b5156bf674fad6bd802ac35976139c93efbdb77a92f41c2332a06d337b3f6caca6aa2e7082918b38cf6e6278f40b85f3cf56a466d53a9c8b2f3c4212a734e57be4975facc27ee52be83eb270b51c25cc155b1a39398ac193ce8c6077e2d1b5df7d4e46c0638f9bbed4f8d3ae4d1db7f447055021bc23b03feb69694ff7928584b9dc95757843a134e99c6b767109e66744a5ad6f01aca0b4817340bc6a259c25618e43269fed6e672a3581391c283d994b060932ab8ba336acc3a5b7090a9e077fb754d551e69260793481c2fae40dcc1352c50409e8d843c25da05e42d32a23a0a46fb5be472c6ac5c83f6c55b895cb358b26926d8ef965338147b59a5cfde7923857f030eb05707aecab0e8c7f16d42cdd7698f3ae0b80140fd4e6e4ce744f2834e70c55df289d4228723e5dc28d81d778edda6d18a5ef4dda5f4e09a277dcc8b54093f799510075e992560962d016557195fb9c8919f09f7914ed5a2b11870211a2549a9a92aa18a581fa58be1294356e597fee4b59ef315aaf733d3748f352031bfebc14c67af0a49178f7de23e34226eae45824035885db1a9412cfee26b02adeef4db0cf39cd0aee6e6950cb1d021605c3ad476ad99ecd46e7499387d8f8826bdbcf49029327c01d6965d18e4636eae8c776c3ad63c0f63d3cb1ccf3197c73bf9474d68e3ff7276d302e120db315a322af1a53a1a97324c3431135a3f470e4b0a43619ee277ca67b38d7c690b7097b0b89682c2c2e4cc95cddbbacba1e43b3806c124f3e74da383aa789191ab13fb2fcb9814d3f691b9f9c4278506044a5a904ce8cb682be4e88ab700304250c0092a80f2db574ac3ea87a1c8989b7852bc1781ae663369a1b52d28b00f6cef144b99c3558a6bdc55a85d8fd29c55ac94e63eedc017974195d93d3938ec33b085a0669f139489ff5a742b748bded4a088a91d3ad634d5feb97385bdfa0488bf371da64086a1f548dc63d82c1401f20485b58d6695348f64fc2727b8404f197deee48a417ff7f78ee0c8100150bfb563822dc50610b17f886f02c6cae46982447bf19d2c131158b0fb347e3d755ba477f4158d9b28c88badbdf045def6b4eceeefa8a176c2fe9408afb125d843365de006e6e506d7ffa9ca562ce8c47c1b968cd7118c78a44fa9300d28a968d7ab33cbb559f78bb00bdb7f5215afbf1fb0e1ba5dfdc3b725d761bb63f863e45dcf0ebb7346892e8fa2325ef88d9b7068b906dd462a25a6bb8f1e34a99e049c7597545e7262bb5e21481440ffddcb426cfa75732322c3e4be4b758c1e3ace1dd45f69ff3bd9a9a518a8a5915df3998c0ab8df3af8a209d60367d3def54ac25b5fac1cf8e05243efea2fcb97d334827eb8f62b365a6a4c8c4b4ad3837aa61e5a8bb5df4f9d1fa47503cc5ea79829e0a07f33fde986f1dc0b8950e707e621ac08f6e24cee4729e092081f05f581a91a64d2820c74985472c76f9f762599925eba772f327b7616665d6a5328c784b088bc355c1bc14fb5725c7211d6e5d9b900b3e04c4c2e54130bd3c50d33a8a384fbab4af8876426e783e930eb2572b29f49e1d279ef29c8a8070718c3bad886cbabf160c6db7e5224fe1fb15165172b8d5b762b335bea187e30e7cbaf766cd82d497c2d0642675aa22e5472f43ea5f9f8a1f2c873ffc0cdb36fabb027775974a9f2cf4d16af2a09665a9b8070f3687ce5946224a53132f60f23b73c36d074942273726bcb9b31447a16987a550c204030c4541a0da2bf1c98570da3e38c695db7e05646be6564ef04beb70a8dcbb91cc49d6b7e53d38693a32bb23f5e4ea17b6cdea60c7fa1840bee6a6634fe68e25859d62f66c586912926bb07fbff04724cc04a9f0a91ad20600158e65562e1088f95b2d87beac09eef15bc820ef19a46e8a084e51d6390c81ff13f1ee51dbd2edc21c27107ee707b7ab383acb1bb98e363f87d4095be68dfd2691fc905accc698aaca3ef28bea7e164372ad51f5a1bbb441352d791c1c032fca4f7d53774e084958195212860d2f8c1512ddf5f4d7490bba9b7c0a3aa2d5dbd916b948311e3da52d88d509f5cd123709295e93eb3cfebf51756fd1b2b82785c1cb6df465a6b791398bee80abf2a0e94ffd838e08e960bfd0b73314f8f80c5e2df7d1659196faba42cd5b4b6afbea13e99a9d75fb01f29acb550a7235e8ecc289c792e19133d44eb3dc73e53297782d74ede549600963c16dad78f2591fbe0fc76b20652ce837e196b1ad654e9e04b4005775bb2b40a7a327036310c79d4478fcb2146d3f6f9816794a87bc86a51d8f2ff84483eea133ed8f78695f3136309cfec7af34c27e13275c2b2f570c73adff638c7891d2d73501a1269d94c447ff797d7949ce7f53ff57545c73223deef14450778bce26b1d8308912ddf19afc5f8df453a5dca84c0262f058a8a3a93d4f505c49883583eea69a6fdc9ee167adb24476fb1463aa4cbfa79518d813176169bf68d03818fbdc744a75c15ecee4c2685b0c2534b2c1f348f049ffe3ba44e504e79518b2d3dd072e45497fb23ca66d9c70898352a4852189b0e4117754d559084db4c53b665e987d2675fb0320aef5abbfdede758aaa321d66cdb2ff29cc7511779538356eadf38e036f9c26195ba4ecf4fffbc81e87e6d263fd0dbb585df0067eabb7d60a5219774ed453bb4fa69ee5dc65c66b847a7cd6b98af26ec5a79a58c2f8af476f2509a2ef2c061bd861ee89be04e1f1cecfe3603e6cdebe5c40ce26e0c5359a28d823b2795f92ae595b4a70f0685265ddaa099faa4ca0234ce8a2b3fab63f1ec196368241ead462048a273a65f258e9d3024a7741549edf2acbe5c405c7144d0a056600f0ecb281f43f1a91240ee633bf5", 0x1000)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x180, 0x0)
setsockopt$inet_MCAST_LEAVE_GROUP(r0, 0x0, 0x2d, &(0x7f00000011c0)={0x101, {{0x2, 0x4e22, @broadcast}}}, 0x88)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000080)={<r2=>0x0, @local, @broadcast}, &(0x7f00000000c0)=0xc)
bind$can_raw(r1, &(0x7f0000001180)={0x1d, r2}, 0x10)

[  202.393682] netlink: 16 bytes leftover after parsing attributes in process `syz-executor0'.
[  202.437201] netlink: 16 bytes leftover after parsing attributes in process `syz-executor0'.
06:05:42 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$unix(r1, &(0x7f0000000140)={&(0x7f00000000c0)=@abs, 0x6e, &(0x7f000000d000), 0x0, &(0x7f000053c000)=[@rights={0x18, 0x1, 0x1, [r0]}], 0x18}, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
r3 = syz_open_dev$vcsa(&(0x7f0000000040)='/dev/vcsa#\x00', 0x4, 0x84000)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f0000000180)={<r4=>0x0, 0x3, 0x1, [0x7]}, &(0x7f00000001c0)=0xa)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r3, 0x84, 0x1a, &(0x7f0000000200)={r4, 0x1c, "3107a719db8f78ff1313ac280364ea9673e26683b2b5848ede72ecc5"}, &(0x7f0000000240)=0x24)
bind$unix(r2, &(0x7f0000003000)=@file={0x1, "e91f7189591e9233614b00"}, 0xc)
connect$unix(r2, &(0x7f0000000080)=@file={0x1, "e91f7189591e9233614b00"}, 0x6e)
accept4$unix(0xffffffffffffffff, &(0x7f000046f000)=@abs, &(0x7f0000937000)=0x8, 0x0)

[  203.243712] bridge0: port 1(bridge_slave_0) entered blocking state
[  203.250176] bridge0: port 1(bridge_slave_0) entered disabled state
[  203.258712] device bridge_slave_0 entered promiscuous mode
06:05:43 executing program 0:
r0 = socket$inet6(0xa, 0x3, 0x81)
sendto(r0, &(0x7f0000000000), 0x0, 0x0, &(0x7f0000000100)=@xdp, 0x80)
getpeername$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1}, &(0x7f0000000080)=0x1c)
chroot(&(0x7f0000000040)='./file0\x00')

[  203.626226] bridge0: port 2(bridge_slave_1) entered blocking state
[  203.632775] bridge0: port 2(bridge_slave_1) entered forwarding state
[  203.639630] bridge0: port 1(bridge_slave_0) entered blocking state
[  203.646211] bridge0: port 1(bridge_slave_0) entered forwarding state
[  203.654398] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
06:05:43 executing program 0:
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x19, &(0x7f00000000c0)=0x4001, 0x4)
sendto$inet6(r0, &(0x7f0000737000), 0x0, 0x0, &(0x7f0000b85fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000100)={<r1=>0x0, @in6={{0xa, 0x6c, 0x4c3, @empty, 0x5}}}, &(0x7f00000001c0)=0x84)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f0000000200)={r1, 0x1, 0x4}, 0x8)
recvmsg(r0, &(0x7f0000000400)={&(0x7f0000000000)=@nl=@proc, 0x80, &(0x7f0000000040), 0x0, &(0x7f0000000080)=""/36, 0x24}, 0x0)

[  203.764165] bridge0: port 2(bridge_slave_1) entered blocking state
[  203.770699] bridge0: port 2(bridge_slave_1) entered disabled state
[  203.778905] device bridge_slave_1 entered promiscuous mode
[  203.786178] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  203.943378] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based  firewall rule not found. Use the iptables CT target to attach helpers instead.
[  204.169811] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  204.558897] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  205.469681] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  205.787825] 8021q: adding VLAN 0 to HW filter on device bond0
[  205.816820] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  206.164033] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[  206.171091] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  206.472847] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[  206.480161] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  206.996128] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  207.287259] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  207.295307] team0: Port device team_slave_0 added
[  207.477675] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  207.485742] team0: Port device team_slave_1 added
[  207.674287] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[  207.712121] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  207.720642] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  207.967432] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  207.974334] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  207.982131] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  207.996721] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[  208.003760] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  208.012992] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  208.297786] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  208.306700] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  208.315373] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  208.553989] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  208.561483] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  208.570270] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  208.923812] 8021q: adding VLAN 0 to HW filter on device team0
06:05:49 executing program 1:
perf_event_open(&(0x7f000001d000)={0x800000000001, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$FUSE_NOTIFY_POLL(0xffffffffffffffff, &(0x7f00000001c0)={0x18, 0x1, 0x0, {0x7fffffff}}, 0x18)
r0 = syz_open_dev$sndctrl(&(0x7f000000a000)='/dev/snd/controlC#\x00', 0x0, 0x200)
perf_event_open(&(0x7f0000001000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8ce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x4}, 0x1000000000c}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_CTL_IOCTL_PVERSION(r0, 0xc0405519, &(0x7f0000001000))
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffff9c, 0x89e2, &(0x7f0000000300))
write$FUSE_POLL(0xffffffffffffffff, &(0x7f0000000680)={0x18, 0x0, 0x2, {0x1}}, 0x18)
fgetxattr(0xffffffffffffffff, &(0x7f00000006c0)=ANY=[@ANYBLOB], &(0x7f0000000340)=""/144, 0x90)
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000000640)=[{0x0, 0x0, &(0x7f0000000600)=[{&(0x7f0000000580)="b5d7522f9d33b63f526ccc682338444a302afa4b8659b651f6dd80f6217b3ad368cce469ca517224d794e4a616f6bd1bdb5df82abf63f9903d677fce", 0x3c}], 0x1, &(0x7f0000001080)}], 0x1, 0x4010)
getxattr(&(0x7f0000000280)='./file0\x00', &(0x7f0000000440)=ANY=[@ANYBLOB="09732b8d4401c3ee6978b400e36c5f6163636e807300"], &(0x7f00000004c0)=""/116, 0x74)

[  209.316724] hrtimer: interrupt took 43098 ns
[  211.022394] bridge0: port 2(bridge_slave_1) entered blocking state
[  211.028857] bridge0: port 2(bridge_slave_1) entered forwarding state
[  211.035850] bridge0: port 1(bridge_slave_0) entered blocking state
[  211.042360] bridge0: port 1(bridge_slave_0) entered forwarding state
[  211.050361] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  211.057152] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  213.366969] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html for details.
[  213.427177] 8021q: adding VLAN 0 to HW filter on device bond0
[  213.480990] ==================================================================
[  213.488395] BUG: KMSAN: uninit-value in loaded_vmcs_init+0x343/0x590
[  213.494886] CPU: 1 PID: 6769 Comm: syz-executor4 Not tainted 4.19.0-rc4+ #63
[  213.502063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  213.511407] Call Trace:
[  213.513983]  <IRQ>
[  213.516137]  dump_stack+0x306/0x460
[  213.519764]  ? loaded_vmcs_init+0x343/0x590
[  213.524086]  kmsan_report+0x1a3/0x2d0
[  213.527884]  __msan_warning+0x7c/0xe0
[  213.531685]  loaded_vmcs_init+0x343/0x590
[  213.535831]  __loaded_vmcs_clear+0x2fb/0x3c0
[  213.540239]  flush_smp_call_function_queue+0x404/0x770
[  213.545507]  ? vmx_get_msr_feature+0x180/0x180
[  213.550088]  generic_smp_call_function_single_interrupt+0x1f/0x30
[  213.556311]  smp_call_function_single_interrupt+0x2f7/0x530
[  213.562019]  call_function_single_interrupt+0xf/0x20
[  213.567107]  </IRQ>
[  213.569337] RIP: 0010:msan_get_shadow_origin_ptr+0x25a/0x300
[  213.575129] Code: 95 c2 41 ff 8d 7c 09 00 00 0f 85 b7 00 00 00 20 d1 48 0f 45 d8 4d 0f 45 f4 e8 52 d6 36 ff 48 8b 45 b8 48 89 45 b0 ff 75 b0 9d <65> 48 8b 04 25 28 00 00 00 48 3b 45 d0 0f 85 8d 00 00 00 4c 89 f0
[  213.594028] RSP: 0018:ffff88014c65f7a8 EFLAGS: 00000202 ORIG_RAX: ffffffffffffff04
[  213.601732] RAX: 0000000000000202 RBX: ffffffff8c2d8000 RCX: 0000000000000000
[  213.608990] RDX: 0000620007e9cd00 RSI: 0000000000000001 RDI: ffffea0007e9cd80
[  213.616251] RBP: ffff88014c65f800 R08: 0000000000000000 R09: ffffffff8c2d9000
[  213.623510] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  213.630768] R13: ffff88015df70000 R14: ffffffff8c2d7000 R15: ffffea0007e9cd80
[  213.638053]  __msan_metadata_ptr_for_load_8+0x10/0x20
[  213.643251]  copy_page_range+0x2109/0x3d00
[  213.647525]  copy_process+0x702f/0xbc70
[  213.651530]  _do_fork+0x3d4/0x1330
[  213.655085]  __se_sys_clone+0xf6/0x110
[  213.658969]  __x64_sys_clone+0x62/0x80
[  213.662856]  do_syscall_64+0xbe/0x100
[  213.666649]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[  213.671832] RIP: 0033:0x421299
[  213.675016] Code: 01 00 00 48 8d 54 24 0c 48 8d 7c 24 10 be 60 10 42 00 e8 7a ed bd ff 48 8d 54 24 0c 31 f6 bf 11 00 10 00 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 6b 01 00 00 85 c0 89 c7 89 44 24 0c 0f 84
[  213.693909] RSP: 002b:0000000000a3fad0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  213.701614] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000421299
[  213.708874] RDX: 0000000000a3fadc RSI: 0000000000000000 RDI: 0000000000100011
[  213.716132] RBP: 0000000000a3fc80 R08: 0000000000a44a80 R09: 000000000000002a
[  213.723400] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000a3fe98
[  213.730659] R13: 0000000000a3fe28 R14: 0000000000000000 R15: 0000000000000000
[  213.737928] 
[  213.739553] Local variable description: ----error.i@loaded_vmcs_init
[  213.746029] Variable was created at:
[  213.749737]  loaded_vmcs_init+0x8a/0x590
[  213.753787]  __loaded_vmcs_clear+0x2fb/0x3c0
[  213.758181] ==================================================================
[  213.765525] Disabling lock debugging due to kernel taint
[  213.770964] Kernel panic - not syncing: panic_on_warn set ...
[  213.770964] 
[  213.778323] CPU: 1 PID: 6769 Comm: syz-executor4 Tainted: G    B             4.19.0-rc4+ #63
[  213.786886] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  213.796231] Call Trace:
[  213.798802]  <IRQ>
[  213.800946]  dump_stack+0x306/0x460
[  213.804575]  panic+0x54c/0xafa
[  213.807779]  ? __msan_metadata_ptr_for_store_1+0x13/0x20
[  213.813224]  kmsan_report+0x2cd/0x2d0
[  213.817026]  __msan_warning+0x7c/0xe0
[  213.820825]  loaded_vmcs_init+0x343/0x590
[  213.824972]  __loaded_vmcs_clear+0x2fb/0x3c0
[  213.829380]  flush_smp_call_function_queue+0x404/0x770
[  213.834651]  ? vmx_get_msr_feature+0x180/0x180
[  213.839233]  generic_smp_call_function_single_interrupt+0x1f/0x30
[  213.845467]  smp_call_function_single_interrupt+0x2f7/0x530
[  213.851182]  call_function_single_interrupt+0xf/0x20
[  213.856269]  </IRQ>
[  213.858504] RIP: 0010:msan_get_shadow_origin_ptr+0x25a/0x300
[  213.864293] Code: 95 c2 41 ff 8d 7c 09 00 00 0f 85 b7 00 00 00 20 d1 48 0f 45 d8 4d 0f 45 f4 e8 52 d6 36 ff 48 8b 45 b8 48 89 45 b0 ff 75 b0 9d <65> 48 8b 04 25 28 00 00 00 48 3b 45 d0 0f 85 8d 00 00 00 4c 89 f0
[  213.883189] RSP: 0018:ffff88014c65f7a8 EFLAGS: 00000202 ORIG_RAX: ffffffffffffff04
[  213.890889] RAX: 0000000000000202 RBX: ffffffff8c2d8000 RCX: 0000000000000000
[  213.898155] RDX: 0000620007e9cd00 RSI: 0000000000000001 RDI: ffffea0007e9cd80
[  213.905416] RBP: ffff88014c65f800 R08: 0000000000000000 R09: ffffffff8c2d9000
[  213.912679] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  213.919938] R13: ffff88015df70000 R14: ffffffff8c2d7000 R15: ffffea0007e9cd80
[  213.927235]  __msan_metadata_ptr_for_load_8+0x10/0x20
[  213.932419]  copy_page_range+0x2109/0x3d00
[  213.936693]  copy_process+0x702f/0xbc70
[  213.940704]  _do_fork+0x3d4/0x1330
[  213.944256]  __se_sys_clone+0xf6/0x110
[  213.948141]  __x64_sys_clone+0x62/0x80
[  213.952028]  do_syscall_64+0xbe/0x100
[  213.956281]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[  213.961458] RIP: 0033:0x421299
[  213.964648] Code: 01 00 00 48 8d 54 24 0c 48 8d 7c 24 10 be 60 10 42 00 e8 7a ed bd ff 48 8d 54 24 0c 31 f6 bf 11 00 10 00 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 6b 01 00 00 85 c0 89 c7 89 44 24 0c 0f 84
[  213.984055] RSP: 002b:0000000000a3fad0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  213.991757] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000421299
[  213.999015] RDX: 0000000000a3fadc RSI: 0000000000000000 RDI: 0000000000100011
[  214.006277] RBP: 0000000000a3fc80 R08: 0000000000a44a80 R09: 000000000000002a
[  214.013538] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000a3fe98
[  214.020795] R13: 0000000000a3fe28 R14: 0000000000000000 R15: 0000000000000000
[  214.029244] Kernel Offset: disabled
[  214.032868] Rebooting in 86400 seconds..