[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   38.044419][   T26] audit: type=1800 audit(1556678367.255:25): pid=7638 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[   38.081980][   T26] audit: type=1800 audit(1556678367.255:26): pid=7638 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[   38.107453][   T26] audit: type=1800 audit(1556678367.255:27): pid=7638 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.10.48' (ECDSA) to the list of known hosts.
2019/05/01 02:39:38 fuzzer started
2019/05/01 02:39:41 dialing manager at 10.128.0.26:34869
2019/05/01 02:39:41 syscalls: 2440
2019/05/01 02:39:41 code coverage: enabled
2019/05/01 02:39:41 comparison tracing: enabled
2019/05/01 02:39:41 extra coverage: extra coverage is not supported by the kernel
2019/05/01 02:39:41 setuid sandbox: enabled
2019/05/01 02:39:41 namespace sandbox: enabled
2019/05/01 02:39:41 Android sandbox: /sys/fs/selinux/policy does not exist
2019/05/01 02:39:41 fault injection: enabled
2019/05/01 02:39:41 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2019/05/01 02:39:41 net packet injection: enabled
2019/05/01 02:39:41 net device setup: enabled
02:41:06 executing program 0:
r0 = semget(0x0, 0x3, 0x412)
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e24, 0x800, @remote}, 0x1c)
accept4$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0)
add_key(&(0x7f00000006c0)='rxrpc\x00', &(0x7f0000000700)={'syz'}, 0x0, 0x0, 0xffffffffffffffff)
setsockopt$inet_group_source_req(0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000000a80)={0x6, {{0x2, 0x4e20, @multicast2}}, {{0x2, 0x4e24, @initdev}}}, 0x108)
shmat(r0, &(0x7f0000ffa000/0x4000)=nil, 0x0)

syzkaller login: [  137.738111][ T7804] IPVS: ftp: loaded support on port[0] = 21
02:41:07 executing program 1:
pause()
syz_execute_func(&(0x7f00000003c0)="660f3a60af00000000954a2be94535e7000000980f053ef3aec4a37bf0c50341e2e9064598282142dc33660f1158469249f7dec461dc55172525000e8145dd99adbe76b290c5c083497c34c402cccc67f30f52a601000000c462b99e3d1ce647ed0a0a952e6d3fc21d9053c7ab8636331f6543c2d9c44145d40ca33f7a595d438f34b267f3e668b4b421f5758a03000000564105ba16f2aed3a69a62b16616286c6c0ff2f0458733c402795912c40195dda70000002030e4a2b300b1500909660fc5d7660f7e8ceb18a525f0e949609a567be4816185590000008248db350f352ec701530000e490b0b040db3e1400e4260fe88c4200000000c230ca0ff4fcc4c2cb8b4b0505c421a9fda2e5003666450ffcdb470f2cffee0468070faf34961515660fc20500d0000003263666440f5530d8002e44abc4a1025deef243a5660fd9d20c0ce42ec4a17c1002970678260f38c9bb0f0000008374fb0a07c40155f64e06f247acc0d53323d5332395e96a21b66bd182ebf062e3204be32043910002f20f5f3347cc47cc66430f38f6de389f9f060f0f2ef246e16d660f594802d8fbc9c4a1fc5a6e86663e41a5df")

[  137.856389][ T7804] chnl_net:caif_netlink_parms(): no params data found
[  137.947032][ T7804] bridge0: port 1(bridge_slave_0) entered blocking state
[  137.964818][ T7804] bridge0: port 1(bridge_slave_0) entered disabled state
[  137.973287][ T7804] device bridge_slave_0 entered promiscuous mode
[  137.983538][ T7804] bridge0: port 2(bridge_slave_1) entered blocking state
[  138.004816][ T7804] bridge0: port 2(bridge_slave_1) entered disabled state
[  138.023271][ T7804] device bridge_slave_1 entered promiscuous mode
[  138.049686][ T7804] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  138.060483][ T7804] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  138.088840][ T7804] team0: Port device team_slave_0 added
02:41:07 executing program 2:
pause()
syz_execute_func(&(0x7f0000001100)="660f3a60af00000000954a2be94535e7000000980f053ef3aec4a37bf0c50341e2e9064598c4417a2d58d442dc33660f1158469249f7dec461dc55b1e617f344306e008181d78890c5c083497c34c42e67660fe9da664c0f3a6052729acc1894cc180f52a60100f343aac462b99e3d1ce647ed0a0a6566430f381d7b00009532f6c4613fc21d9053c7ab8636331f6543c2d9d97dbf3f7a595d438f34b267f36ab4c421f5758a03000000564105ba16f2aed3a6da62216616286c6c0ff2f0458733c402795912c40195dda70000002030e4a2b300b15009090fc5d709e9e949609a56c456d59e7a17a1ec823bb8e7d6d6828248db350f352ec7c100000000f5c4e3490a5aa958d7b0b0660f38de8e85e1f3261400e4260fe88c4200000000c4a161593ac41026c17d6fad000880418041cbf54b0502c421a9fda2e5003666450ffcdb0000ee0468070faf34961515df7ac20500d00000032664642e66460f3a0983765feb2c01d800470f1310c4a1025deebc43a5660fd9d20c0ce42ea17c1002970678260f38c9bb0f0000008374fb0a07c40155f64e06f247acc0d53323d5332395e96a21b66b67420f18d9204be32043910002660f71e0016e4c47cc66430f38f6de389f9f060f0f2ef246e16d660f594802d8fa8ecbc4a1fcfc6e86663e41a5df")

[  138.096549][ T7804] team0: Port device team_slave_1 added
[  138.100072][ T7807] IPVS: ftp: loaded support on port[0] = 21
[  138.157937][ T7804] device hsr_slave_0 entered promiscuous mode
[  138.195100][ T7804] device hsr_slave_1 entered promiscuous mode
[  138.277593][ T7804] bridge0: port 2(bridge_slave_1) entered blocking state
[  138.284905][ T7804] bridge0: port 2(bridge_slave_1) entered forwarding state
[  138.292716][ T7804] bridge0: port 1(bridge_slave_0) entered blocking state
[  138.299872][ T7804] bridge0: port 1(bridge_slave_0) entered forwarding state
[  138.310993][ T7809] IPVS: ftp: loaded support on port[0] = 21
02:41:07 executing program 3:
pause()
syz_execute_func(&(0x7f0000000b40)="660f3a60af00000000954a2be94535e7000000980f053ef3aec4a37bf0c50341e2e9064598c4417a2d58d442dc33660f1158469249f7dec461dc55b1e61775a38181d78890c5c083497c34c4021394cc1894cc180f52a601000000c462b99e3d1ce647ed0a0a6566430f381d7b00009532f6c4613fc21d9053c7ab86331f43c25299d9d97dbf3f7a595d438d3467f36ab4c421f5758a03000000564105ba16f2aed3a69a62b16616286c6c0ff2f0458733c402795912c40195dda70000002030e4a2b300b15009090fc5d709e9e949609a567be4a1ec823bb8e7d6d68282430f957b00c10000f0461908f5c4e3490a5aa95890b0b0660f38de8e85e1f326e4260fe88c4200000000c4e161593ac4c17d6fad00088041c4c2cbf54b0502c421a9fda2e5003666450ffcdb0000ee0468070faf34961515df7ac20500d000000326c4c27d306700d800d800c4a1025deebc43a5660fd9d20c0ce42ea17c1002970678260f38c9bb0f0000008374fb0a07c40155f64e06f247acc0d53323d5332395e96a21b66b67420f18d9204be32043910002660f71e0016e4c47cc66430f38f6de389f9f060f0f2ef246e16d660f594802d86a8ecb8fa98895ed663e41a5df")

[  138.437229][ T7804] 8021q: adding VLAN 0 to HW filter on device bond0
[  138.472144][ T7804] 8021q: adding VLAN 0 to HW filter on device team0
[  138.481473][ T2989] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  138.493356][ T2989] bridge0: port 1(bridge_slave_0) entered disabled state
[  138.513720][ T2989] bridge0: port 2(bridge_slave_1) entered disabled state
[  138.537219][ T2989] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[  138.582169][ T2989] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  138.591818][ T2989] bridge0: port 1(bridge_slave_0) entered blocking state
[  138.598961][ T2989] bridge0: port 1(bridge_slave_0) entered forwarding state
[  138.608148][ T2989] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  138.617232][ T2989] bridge0: port 2(bridge_slave_1) entered blocking state
[  138.624336][ T2989] bridge0: port 2(bridge_slave_1) entered forwarding state
[  138.709960][ T7809] chnl_net:caif_netlink_parms(): no params data found
[  138.722229][ T7813] IPVS: ftp: loaded support on port[0] = 21
[  138.734339][ T7811] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  138.751867][ T7811] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
02:41:08 executing program 4:
clone(0xbffd, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
syz_execute_func(&(0x7f0000000240)="c4e3f9614832074a2be93693980f05460f4ae8c4a37bf0c50141e2e9400f189841ca00002726fa68660f8fc97cc61ba163796379450de29c39c50000f047a2c1a87a520000c461dc55b1e62500008182b00080008080e285f3d9f7fbcdcd0f189700000000c4e2090229c54de90d07e82c719c6466dbca0ba156a1563e533df500c443d9497dbf59f0d234f60f3434b2b2fb4cb446c4224d797df8b6ebeb0536dee16800000100400f0f298ac40293a3130966c4a13915715f8f69601656d7138713877474d8d8a1de2ad764b5c1c4213a5fc040dcfec00f383b7d0f12e401f4e39bc422014727ca30ca2f842a2a434d7969654af0808a0080000003e27d19d1660f38298f000000008a2fc4817d5b8cd0c43400008fe978cb5ae2f92e28c45e3aa07ae6423095c3d8c4c3c472a2fd216100000c64e42e4b160bdddd0606c401657d699c7adbe86bc4637d19a6d5b973e85866cc1b5400664c1b7f7ff0e547c463791422b236f30f2d041f1f0fab0e0077aeae66470fec8a1d340282f1eb2759cd424201c2c4623d409a6ed70000ed36660f38058b97610d928fa878c0250000000064c403716accb33b80c74382004d8bcaf0caf066c4e3cd4087c18a00001c2666f30fa00f65002d0800000030f9646466f3f0428090ae60000000580e6190073b06c442b9aa8ef9af07b5c4e1fc2bb000a9bb000042c4f2456cd147473636a6")

[  138.787908][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  138.808092][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  138.843705][ T7807] chnl_net:caif_netlink_parms(): no params data found
[  138.928471][ T3680] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  138.945463][ T3680] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  138.960551][ T7804] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  138.978484][ T7809] bridge0: port 1(bridge_slave_0) entered blocking state
[  138.985938][ T7809] bridge0: port 1(bridge_slave_0) entered disabled state
[  138.994060][ T7809] device bridge_slave_0 entered promiscuous mode
[  139.026232][ T7817] IPVS: ftp: loaded support on port[0] = 21
[  139.045107][ T7809] bridge0: port 2(bridge_slave_1) entered blocking state
[  139.052377][ T7809] bridge0: port 2(bridge_slave_1) entered disabled state
[  139.064059][ T7809] device bridge_slave_1 entered promiscuous mode
[  139.104507][ T7804] 8021q: adding VLAN 0 to HW filter on device batadv0
[  139.150798][ T7807] bridge0: port 1(bridge_slave_0) entered blocking state
[  139.159449][ T7807] bridge0: port 1(bridge_slave_0) entered disabled state
[  139.175882][ T7807] device bridge_slave_0 entered promiscuous mode
[  139.185788][ T7809] bond0: Enslaving bond_slave_0 as an active interface with an up link
02:41:08 executing program 5:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r0, 0x84, 0x12, &(0x7f0000000000)=0x4, 0x4)
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000001f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(&(0x7f0000000240)='/dev/binder#\x00', 0xffffffffffffffff, 0x4)
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000006c0)='/dev/zero\x00', 0x0, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000005c0)={{{@in6=@mcast2, @in=@dev}}, {{@in6=@remote}, 0x0, @in6=@mcast1}}, &(0x7f00000002c0)=0xe8)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
syz_open_dev$binder(&(0x7f0000000400)='/dev/binder#\x00', 0x0, 0xffffffffffffffff)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000001100)={{{@in=@multicast2, @in6=@ipv4={[], [], @broadcast}}}, {{@in6}, 0x0, @in=@broadcast}}, 0x0)
sendmsg$kcm(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000940)}], 0x1, 0x0, 0x0, 0x14}, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f0000000480)={0x1, [0x0]}, &(0x7f00000004c0)=0x8)
ioctl$EVIOCSFF(r3, 0x402c4580, &(0x7f0000000f40)={0x55, 0x5, 0x4, {0x0, 0x5}, {0x8000, 0x5}, @const={0xffffffffffffff81, {0xfffffffffffffffc, 0x53, 0x9, 0x39a5fe91}}})
lsetxattr$trusted_overlay_nlink(&(0x7f0000000580)='./file0\x00', &(0x7f0000000900)='trusted.overlay.nlink\x00', &(0x7f00000008c0)={'L-', 0xfffffffffffff000}, 0x28, 0x2)
sendmsg$kcm(r3, &(0x7f0000000980)={&(0x7f0000000840)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @rand_addr=0x894}}, 0x80, 0x0}, 0x80)
sendmsg$IPVS_CMD_DEL_DEST(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000100), 0xc, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[]}}, 0x24000800)
setsockopt$IP_VS_SO_SET_ADD(r4, 0x0, 0x482, &(0x7f0000000500)={0x84, @rand_addr, 0x0, 0x0, 'mh\x00\x00\x00\x00\x00\x00\x00\x8f\x00\x00\x00\x00\x00 '}, 0x2c)
poll(&(0x7f0000000440)=[{r5}, {0xffffffffffffffff, 0x40000}], 0x2, 0x3ff)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080), 0x0, 0x0, 0x0})
sysfs$1(0x1, &(0x7f0000000140)='mh\x00\x00\x00\x00\x00\x00\x00\x8f\x00\x00\x00\x00\x00 ')
fsetxattr$security_capability(r2, &(0x7f0000000940)='security.capability\x00', &(0x7f00000009c0)=@v1={0x1000000, [{0x1851e26e}]}, 0xc, 0x2)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r2, 0x0)
mkdirat(r3, &(0x7f0000000180)='./file0\x00', 0x0)
epoll_ctl$EPOLL_CTL_MOD(r3, 0x3, 0xffffffffffffffff, &(0x7f0000000540))
ioctl$FS_IOC_ENABLE_VERITY(0xffffffffffffffff, 0x6685)
ioctl$RTC_WIE_OFF(r3, 0x7010)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000200)={0x8, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x0, 0x0, 0x0})

[  139.224111][ T7807] bridge0: port 2(bridge_slave_1) entered blocking state
[  139.231464][ T7807] bridge0: port 2(bridge_slave_1) entered disabled state
[  139.240024][ T7807] device bridge_slave_1 entered promiscuous mode
[  139.265234][ T7809] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  139.316435][ T7809] team0: Port device team_slave_0 added
[  139.336607][ T7809] team0: Port device team_slave_1 added
[  139.350679][ T7807] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  139.427934][ T7809] device hsr_slave_0 entered promiscuous mode
[  139.485164][ T7809] device hsr_slave_1 entered promiscuous mode
02:41:08 executing program 0:
ioctl$SG_NEXT_CMD_LEN(0xffffffffffffffff, 0x2283, 0x0)
r0 = syz_open_dev$binder(&(0x7f0000000480)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200)=[@flat={0x73622a85}], &(0x7f0000000240)=[0x0]}}], 0x0, 0x0, 0x0})

[  139.582854][ T7807] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  139.652953][ T7809] bridge0: port 2(bridge_slave_1) entered blocking state
[  139.658981][ T7831] binder: 7830:7831 transaction failed 29189/-22, size 24-8 line 2995
[  139.660104][ T7809] bridge0: port 2(bridge_slave_1) entered forwarding state
[  139.670237][ T3686] binder: undelivered TRANSACTION_ERROR: 29189
[  139.675702][ T7809] bridge0: port 1(bridge_slave_0) entered blocking state
[  139.686016][ T7832] binder: 7830:7832 transaction failed 29189/-22, size 24-8 line 2995
02:41:08 executing program 0:
r0 = syz_open_dev$sg(&(0x7f0000000240)='/dev/sg#\x00', 0x0, 0x5)
r1 = dup(r0)
write$binfmt_aout(r1, &(0x7f0000000280), 0x20)
write$P9_RSTAT(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="59000000941f0000005200000000000000000000000100000000000000000000000000000000000000206fcfda87adfdcf7f0108cf77e6e220b84cc064c933edc91a3c7d870cca4a75bcf4404598b07d7a9c1b9995fac0770736749a8913b33fd06d0eaa0470f847fb7c21d5dc54312a4c2378489780eeb5eaf67ee9edce65510e19333fb7a7d22dd75bf482623c4f9f3ccf0a194f82a245785a9c43ce4670d099368e108dfbd90c"], 0xa8)

[  139.688996][ T7809] bridge0: port 1(bridge_slave_0) entered forwarding state
[  139.704873][ T3686] binder: undelivered TRANSACTION_ERROR: 29189
[  139.755270][ T7807] team0: Port device team_slave_0 added
[  139.770168][ T7807] team0: Port device team_slave_1 added
[  139.777257][ T7835] sg_write: data in/out 8048/126 bytes for SCSI command 0x0-- guessing data in;
[  139.777257][ T7835]    program syz-executor.0 not setting count and/or reply_len properly
[  139.786246][ T7823] IPVS: ftp: loaded support on port[0] = 21
02:41:09 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffc000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f0000000280)={0x1000000077, 0x0, [0x4b564d03, 0x1]})
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x8090ae81, &(0x7f0000000040))

[  139.808065][ T7813] chnl_net:caif_netlink_parms(): no params data found
[  139.883728][ T7840] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html for details.
[  139.914094][ T3686] bridge0: port 1(bridge_slave_0) entered disabled state
[  139.930620][ T3686] bridge0: port 2(bridge_slave_1) entered disabled state
02:41:09 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffc000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f0000000280)={0x1000000077, 0x0, [0x4b564d03, 0x1]})
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x8090ae81, &(0x7f0000000040))

[  140.043513][ T7817] chnl_net:caif_netlink_parms(): no params data found
[  140.061297][ T7813] bridge0: port 1(bridge_slave_0) entered blocking state
[  140.071738][ T7813] bridge0: port 1(bridge_slave_0) entered disabled state
[  140.080420][ T7813] device bridge_slave_0 entered promiscuous mode
[  140.127987][ T7807] device hsr_slave_0 entered promiscuous mode
[  140.165990][ T7807] device hsr_slave_1 entered promiscuous mode
[  140.199217][ T7809] 8021q: adding VLAN 0 to HW filter on device bond0
[  140.222878][ T7813] bridge0: port 2(bridge_slave_1) entered blocking state
[  140.231861][ T7813] bridge0: port 2(bridge_slave_1) entered disabled state
[  140.241008][ T7813] device bridge_slave_1 entered promiscuous mode
[  140.258747][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  140.266758][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
02:41:09 executing program 0:
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup3(r1, r0, 0x80000)

[  140.301888][ T7809] 8021q: adding VLAN 0 to HW filter on device team0
[  140.358686][ T7817] bridge0: port 1(bridge_slave_0) entered blocking state
[  140.366548][ T7817] bridge0: port 1(bridge_slave_0) entered disabled state
[  140.374289][ T7817] device bridge_slave_0 entered promiscuous mode
[  140.391922][ T3680] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
02:41:09 executing program 0:
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup3(r1, r0, 0x80000)

[  140.401996][ T3680] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  140.411230][ T3680] bridge0: port 1(bridge_slave_0) entered blocking state
[  140.418390][ T3680] bridge0: port 1(bridge_slave_0) entered forwarding state
02:41:09 executing program 0:
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup3(r1, r0, 0x80000)

[  140.459118][ T7817] bridge0: port 2(bridge_slave_1) entered blocking state
[  140.473588][ T7817] bridge0: port 2(bridge_slave_1) entered disabled state
[  140.481812][ T7817] device bridge_slave_1 entered promiscuous mode
[  140.496207][ T7813] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  140.552711][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  140.565024][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  140.573619][    T5] bridge0: port 2(bridge_slave_1) entered blocking state
[  140.580761][    T5] bridge0: port 2(bridge_slave_1) entered forwarding state
[  140.588995][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  140.623175][ T7813] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  140.649861][ T7817] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  140.660899][ T7817] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  140.692400][ T7813] team0: Port device team_slave_0 added
[  140.709280][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  140.718291][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  140.726957][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  140.744195][ T7809] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  140.756286][ T7809] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  140.768447][ T7823] chnl_net:caif_netlink_parms(): no params data found
[  140.790392][ T7813] team0: Port device team_slave_1 added
[  140.802959][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  140.811056][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  140.820470][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  140.828948][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  140.837600][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  140.846488][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  140.854841][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  140.863325][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  140.888455][ T7817] team0: Port device team_slave_0 added
[  140.902311][ T7817] team0: Port device team_slave_1 added
[  140.996677][ T7817] device hsr_slave_0 entered promiscuous mode
[  141.055329][ T7817] device hsr_slave_1 entered promiscuous mode
[  141.124159][ T7823] bridge0: port 1(bridge_slave_0) entered blocking state
[  141.132275][ T7823] bridge0: port 1(bridge_slave_0) entered disabled state
[  141.141063][ T7823] device bridge_slave_0 entered promiscuous mode
[  141.176622][ T7813] device hsr_slave_0 entered promiscuous mode
[  141.215581][ T7813] device hsr_slave_1 entered promiscuous mode
[  141.270657][ T7809] 8021q: adding VLAN 0 to HW filter on device batadv0
[  141.279765][ T7823] bridge0: port 2(bridge_slave_1) entered blocking state
[  141.292507][ T7823] bridge0: port 2(bridge_slave_1) entered disabled state
[  141.305933][ T7823] device bridge_slave_1 entered promiscuous mode
[  141.350137][ T7807] 8021q: adding VLAN 0 to HW filter on device bond0
[  141.387069][ T7823] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  141.413027][ T7817] 8021q: adding VLAN 0 to HW filter on device bond0
[  141.429968][ T3680] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  141.437920][ T3680] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  141.447862][ T7823] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  141.458988][ T7807] 8021q: adding VLAN 0 to HW filter on device team0
[  141.494345][ T7817] 8021q: adding VLAN 0 to HW filter on device team0
[  141.525145][ T3680] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  141.533529][ T3680] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  141.543569][ T3680] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  141.553297][ T3680] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  141.562967][ T3680] bridge0: port 1(bridge_slave_0) entered blocking state
[  141.570071][ T3680] bridge0: port 1(bridge_slave_0) entered forwarding state
[  141.578745][ T3680] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  141.595340][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  141.604426][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  141.620139][ T3686] bridge0: port 2(bridge_slave_1) entered blocking state
[  141.627452][ T3686] bridge0: port 2(bridge_slave_1) entered forwarding state
[  141.638645][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  141.647645][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  141.659182][ T3686] bridge0: port 1(bridge_slave_0) entered blocking state
[  141.666458][ T3686] bridge0: port 1(bridge_slave_0) entered forwarding state
[  141.684404][ T7823] team0: Port device team_slave_0 added
[  141.699288][ T7823] team0: Port device team_slave_1 added
[  141.728950][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  141.737051][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  141.746104][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  141.754867][ T3686] bridge0: port 2(bridge_slave_1) entered blocking state
[  141.761920][ T3686] bridge0: port 2(bridge_slave_1) entered forwarding state
[  141.770210][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  141.778826][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  141.838341][ T7823] device hsr_slave_0 entered promiscuous mode
[  141.895520][ T7823] device hsr_slave_1 entered promiscuous mode
[  141.942032][ T3680] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  141.950719][ T3680] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  141.959994][ T3680] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  141.971118][ T3680] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  141.979922][ T3680] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  141.989231][ T3680] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  141.998310][ T3680] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  142.006304][ T3680] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  142.029703][ T7813] 8021q: adding VLAN 0 to HW filter on device bond0
[  142.037567][ T7811] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  142.046413][ T7811] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  142.054791][ T7811] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  142.063006][ T7811] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  142.071570][ T7811] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  142.080043][ T7811] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  142.088494][ T7811] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  142.097282][ T7811] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  142.128951][ T7817] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  142.137967][ T3680] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  142.150425][ T3680] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  142.158991][ T3680] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  142.168298][ T3680] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  142.177344][ T3680] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  142.185429][ T3680] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  142.194075][ T7807] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  142.207630][ T7813] 8021q: adding VLAN 0 to HW filter on device team0
[  142.233794][ T7817] 8021q: adding VLAN 0 to HW filter on device batadv0
[  142.263143][ T3680] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  142.273369][ T3680] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  142.282478][ T3680] bridge0: port 1(bridge_slave_0) entered blocking state
[  142.289613][ T3680] bridge0: port 1(bridge_slave_0) entered forwarding state
[  142.313903][ T7807] 8021q: adding VLAN 0 to HW filter on device batadv0
[  142.323070][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  142.331929][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  142.341072][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  142.351142][ T3686] bridge0: port 2(bridge_slave_1) entered blocking state
[  142.358285][ T3686] bridge0: port 2(bridge_slave_1) entered forwarding state
[  142.384604][ T3680] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  142.398143][ T3680] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  142.432083][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  142.463455][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  142.481148][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  142.490803][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  142.504108][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  142.513022][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  142.525796][ T7823] 8021q: adding VLAN 0 to HW filter on device bond0
[  142.544128][ T2989] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  142.556804][ T2989] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  142.567532][ T2989] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  142.568110][ T7881] mmap: syz-executor.4 (7881) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst.
[  142.597208][ T7813] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  142.605748][ T7864] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  142.613706][ T7864] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  142.625855][ T7823] 8021q: adding VLAN 0 to HW filter on device team0
[  142.651997][ T7864] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  142.663614][ T7864] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  142.672735][ T7864] bridge0: port 1(bridge_slave_0) entered blocking state
[  142.679915][ T7864] bridge0: port 1(bridge_slave_0) entered forwarding state
[  142.707924][ T7813] 8021q: adding VLAN 0 to HW filter on device batadv0
[  142.727831][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  142.738869][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  142.764546][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  142.774509][ T3686] bridge0: port 2(bridge_slave_1) entered blocking state
[  142.781632][ T3686] bridge0: port 2(bridge_slave_1) entered forwarding state
[  142.790345][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  142.799260][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  142.820363][ T2989] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  142.830076][ T2989] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  142.844237][ T2989] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  142.852976][ T2989] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  142.865134][ T2989] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  142.887512][ T3680] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  142.896614][ T3680] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  142.905616][ T3680] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  142.914131][ T3680] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  142.933888][ T7823] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  142.990378][ T7823] 8021q: adding VLAN 0 to HW filter on device batadv0
02:41:12 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c123f319bd070")
clone(0x2102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
socket$inet(0x2, 0x0, 0x0)
ptrace$setopts(0x4206, r1, 0x0, 0x0)
tkill(r1, 0x12)
wait4(0x0, 0x0, 0x0, 0x0)

02:41:12 executing program 0:
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup3(r1, r0, 0x80000)

02:41:13 executing program 3:
r0 = syz_open_dev$binder(&(0x7f0000000480)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x4020011, r1, 0x0)
ioctl$BINDER_GET_NODE_DEBUG_INFO(r0, 0xc018620b, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200)=[@flat={0x73622a85}], &(0x7f0000000240)=[0x0]}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000500)=[@release={0x40046306, 0x1}], 0x0, 0x0, &(0x7f00000009c0)})

02:41:13 executing program 2:
ioctl$TCSETS2(0xffffffffffffffff, 0x402c542b, &(0x7f0000000080)={0x0, 0x0, 0x5, 0x0, 0x0, "1be8d3ad9eb0330da25c6cc480a710f0382ad6"})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffec7)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

02:41:13 executing program 4:
r0 = syz_open_dev$binder(&(0x7f0000000480)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200)=[@flat={0x73622a85}], &(0x7f0000000240)=[0x0]}}], 0xfffffffffffffe43, 0x0, &(0x7f00000003c0)})

02:41:13 executing program 5:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r0, 0x84, 0x12, &(0x7f0000000000)=0x4, 0x4)
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000001f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(&(0x7f0000000240)='/dev/binder#\x00', 0xffffffffffffffff, 0x4)
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000006c0)='/dev/zero\x00', 0x0, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000005c0)={{{@in6=@mcast2, @in=@dev}}, {{@in6=@remote}, 0x0, @in6=@mcast1}}, &(0x7f00000002c0)=0xe8)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
syz_open_dev$binder(&(0x7f0000000400)='/dev/binder#\x00', 0x0, 0xffffffffffffffff)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000001100)={{{@in=@multicast2, @in6=@ipv4={[], [], @broadcast}}}, {{@in6}, 0x0, @in=@broadcast}}, 0x0)
sendmsg$kcm(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000940)}], 0x1, 0x0, 0x0, 0x14}, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f0000000480)={0x1, [0x0]}, &(0x7f00000004c0)=0x8)
ioctl$EVIOCSFF(r3, 0x402c4580, &(0x7f0000000f40)={0x55, 0x5, 0x4, {0x0, 0x5}, {0x8000, 0x5}, @const={0xffffffffffffff81, {0xfffffffffffffffc, 0x53, 0x9, 0x39a5fe91}}})
lsetxattr$trusted_overlay_nlink(&(0x7f0000000580)='./file0\x00', &(0x7f0000000900)='trusted.overlay.nlink\x00', &(0x7f00000008c0)={'L-', 0xfffffffffffff000}, 0x28, 0x2)
sendmsg$kcm(r3, &(0x7f0000000980)={&(0x7f0000000840)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @rand_addr=0x894}}, 0x80, 0x0}, 0x80)
sendmsg$IPVS_CMD_DEL_DEST(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000100), 0xc, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[]}}, 0x24000800)
setsockopt$IP_VS_SO_SET_ADD(r4, 0x0, 0x482, &(0x7f0000000500)={0x84, @rand_addr, 0x0, 0x0, 'mh\x00\x00\x00\x00\x00\x00\x00\x8f\x00\x00\x00\x00\x00 '}, 0x2c)
poll(&(0x7f0000000440)=[{r5}, {0xffffffffffffffff, 0x40000}], 0x2, 0x3ff)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080), 0x0, 0x0, 0x0})
sysfs$1(0x1, &(0x7f0000000140)='mh\x00\x00\x00\x00\x00\x00\x00\x8f\x00\x00\x00\x00\x00 ')
fsetxattr$security_capability(r2, &(0x7f0000000940)='security.capability\x00', &(0x7f00000009c0)=@v1={0x1000000, [{0x1851e26e}]}, 0xc, 0x2)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r2, 0x0)
mkdirat(r3, &(0x7f0000000180)='./file0\x00', 0x0)
epoll_ctl$EPOLL_CTL_MOD(r3, 0x3, 0xffffffffffffffff, &(0x7f0000000540))
ioctl$FS_IOC_ENABLE_VERITY(0xffffffffffffffff, 0x6685)
ioctl$RTC_WIE_OFF(r3, 0x7010)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000200)={0x8, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x0, 0x0, 0x0})

02:41:13 executing program 0:
r0 = socket$inet(0x2, 0x3, 0x1e)
ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0ad401003c123f319bd070")
r1 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmmsg$alg(r1, &(0x7f0000003d40)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000002780)=[@assoc={0x18, 0x29, 0x3b}], 0x18}], 0x3ad, 0x0)

02:41:13 executing program 1:
r0 = socket$inet(0x2, 0x3, 0x1e)
ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0ad401003c123f319bd070")
r1 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmmsg$alg(r1, &(0x7f0000003d40)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000002780)=[@assoc={0x18, 0x29, 0x3}], 0x18}], 0x3ad, 0x0)

[  143.861361][ T7924] binder: 7923:7924 transaction failed 29189/-22, size 24-8 line 2995
[  143.876790][    C1] hrtimer: interrupt took 26810 ns
02:41:13 executing program 1:
r0 = socket$inet(0x2, 0x3, 0x1e)
ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0ad401003c123f319bd070")
r1 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmmsg$alg(r1, &(0x7f0000003d40)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000002780)=[@assoc={0x18, 0x29, 0x3}], 0x18}], 0x3ad, 0x0)

[  143.905122][ T7935] binder: 7933:7935 ioctl c018620b 0 returned -14
[  143.932062][ T7937] binder: 7923:7937 transaction failed 29189/-22, size 24-8 line 2995
02:41:13 executing program 0:
r0 = socket$inet(0x2, 0x3, 0x1e)
ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0ad401003c123f319bd070")
r1 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmmsg$alg(r1, &(0x7f0000003d40)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000002780)=[@assoc={0x18, 0x29, 0x3b}], 0x18}], 0x3ad, 0x0)

02:41:13 executing program 5:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r0, 0x84, 0x12, &(0x7f0000000000)=0x4, 0x4)
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000001f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(&(0x7f0000000240)='/dev/binder#\x00', 0xffffffffffffffff, 0x4)
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000006c0)='/dev/zero\x00', 0x0, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000005c0)={{{@in6=@mcast2, @in=@dev}}, {{@in6=@remote}, 0x0, @in6=@mcast1}}, &(0x7f00000002c0)=0xe8)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
syz_open_dev$binder(&(0x7f0000000400)='/dev/binder#\x00', 0x0, 0xffffffffffffffff)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000001100)={{{@in=@multicast2, @in6=@ipv4={[], [], @broadcast}}}, {{@in6}, 0x0, @in=@broadcast}}, 0x0)
sendmsg$kcm(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000940)}], 0x1, 0x0, 0x0, 0x14}, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f0000000480)={0x1, [0x0]}, &(0x7f00000004c0)=0x8)
ioctl$EVIOCSFF(r3, 0x402c4580, &(0x7f0000000f40)={0x55, 0x5, 0x4, {0x0, 0x5}, {0x8000, 0x5}, @const={0xffffffffffffff81, {0xfffffffffffffffc, 0x53, 0x9, 0x39a5fe91}}})
lsetxattr$trusted_overlay_nlink(&(0x7f0000000580)='./file0\x00', &(0x7f0000000900)='trusted.overlay.nlink\x00', &(0x7f00000008c0)={'L-', 0xfffffffffffff000}, 0x28, 0x2)
sendmsg$kcm(r3, &(0x7f0000000980)={&(0x7f0000000840)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @rand_addr=0x894}}, 0x80, 0x0}, 0x80)
sendmsg$IPVS_CMD_DEL_DEST(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000100), 0xc, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[]}}, 0x24000800)
setsockopt$IP_VS_SO_SET_ADD(r4, 0x0, 0x482, &(0x7f0000000500)={0x84, @rand_addr, 0x0, 0x0, 'mh\x00\x00\x00\x00\x00\x00\x00\x8f\x00\x00\x00\x00\x00 '}, 0x2c)
poll(&(0x7f0000000440)=[{r5}, {0xffffffffffffffff, 0x40000}], 0x2, 0x3ff)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080), 0x0, 0x0, 0x0})
sysfs$1(0x1, &(0x7f0000000140)='mh\x00\x00\x00\x00\x00\x00\x00\x8f\x00\x00\x00\x00\x00 ')
fsetxattr$security_capability(r2, &(0x7f0000000940)='security.capability\x00', &(0x7f00000009c0)=@v1={0x1000000, [{0x1851e26e}]}, 0xc, 0x2)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r2, 0x0)
mkdirat(r3, &(0x7f0000000180)='./file0\x00', 0x0)
epoll_ctl$EPOLL_CTL_MOD(r3, 0x3, 0xffffffffffffffff, &(0x7f0000000540))
ioctl$FS_IOC_ENABLE_VERITY(0xffffffffffffffff, 0x6685)
ioctl$RTC_WIE_OFF(r3, 0x7010)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000200)={0x8, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x0, 0x0, 0x0})

[  143.961494][ T2989] binder: release 7933:7935 transaction 6 out, still active
[  143.975118][ T7939] binder: BINDER_SET_CONTEXT_MGR already set
[  143.975556][ T7935] binder: 7933:7935 ioctl c018620b 0 returned -14
[  143.998935][ T2989] binder: undelivered TRANSACTION_COMPLETE
[  144.035835][ T7939] binder: 7933:7939 ioctl 40046207 0 returned -16
[  144.053519][ T2989] binder: send failed reply for transaction 6, target dead
[  144.066275][ T7940] kasan: CONFIG_KASAN_INLINE enabled
[  144.069549][ T7946] binder: 7933:7946 Release 1 refcount change on invalid ref 1 ret -22
[  144.071745][ T7940] kasan: GPF could be caused by NULL-ptr deref or user memory access
[  144.071784][ T7940] general protection fault: 0000 [#1] PREEMPT SMP KASAN
[  144.071810][ T7940] CPU: 1 PID: 7940 Comm: syz-executor.2 Not tainted 5.1.0-rc7-next-20190430 #33
[  144.104139][ T7940] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  144.114217][ T7940] RIP: 0010:vcpu_enter_guest+0xbcd/0x5fb0
[  144.119946][ T7940] Code: 48 c1 ea 03 80 3c 02 00 0f 85 6f 48 00 00 49 8b 9f b0 03 00 00 48 b8 00 00 00 00 00 fc ff df 48 8d 7b 78 48 89 fa 48 c1 ea 03 <0f> b6 04 02 84 c0 74 08 3c 03 0f 8e 39 48 00 00 8b 5b 78 31 ff 89
[  144.139912][ T7940] RSP: 0018:ffff888065177a00 EFLAGS: 00010006
[  144.145992][ T7940] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffc9000a40c000
[  144.153982][ T7940] RDX: 000000000000000f RSI: ffffffff810cd7b2 RDI: 0000000000000078
[  144.161957][ T7940] RBP: ffff888065177b10 R08: ffff88808a12a140 R09: ffffed1015d26be0
[  144.169955][ T7940] R10: ffffed1015d26bdf R11: ffff8880ae935efb R12: ffff8880650400ac
[  144.177932][ T7940] R13: 0000000000000000 R14: ffff8880650400b0 R15: ffff888065040080
[  144.185932][ T7940] FS:  00007f010884f700(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000
[  144.194860][ T7940] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  144.201467][ T7940] CR2: 00007f212212ad90 CR3: 0000000089f6f000 CR4: 00000000001426e0
[  144.209490][ T7940] Call Trace:
[  144.212801][ T7940]  ? emulator_read_emulated+0x50/0x50
[  144.218180][ T7940]  ? lock_acquire+0x16f/0x3f0
[  144.222953][ T7940]  ? kvm_check_async_pf_completion+0x2d8/0x440
[  144.229140][ T7940]  kvm_arch_vcpu_ioctl_run+0x425/0x1750
[  144.234688][ T7940]  ? kvm_arch_vcpu_ioctl_run+0x425/0x1750
[  144.240416][ T7940]  kvm_vcpu_ioctl+0x4dc/0xf90
[  144.245092][ T7940]  ? kvm_set_memory_region+0x50/0x50
[  144.250379][ T7940]  ? tomoyo_path_number_perm+0x263/0x520
[  144.256025][ T7940]  ? tomoyo_execute_permission+0x4a0/0x4a0
[  144.261840][ T7940]  ? __fget+0x35a/0x550
[  144.265996][ T7940]  ? kvm_set_memory_region+0x50/0x50
[  144.271288][ T7940]  do_vfs_ioctl+0xd6e/0x1390
[  144.275882][ T7940]  ? ioctl_preallocate+0x210/0x210
[  144.281166][ T7940]  ? __fget+0x381/0x550
[  144.285329][ T7940]  ? ksys_dup3+0x3e0/0x3e0
[  144.289762][ T7940]  ? nsecs_to_jiffies+0x30/0x30
[  144.294620][ T7940]  ? tomoyo_file_ioctl+0x23/0x30
[  144.299564][ T7940]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  144.305803][ T7940]  ? security_file_ioctl+0x93/0xc0
[  144.310914][ T7940]  ksys_ioctl+0xab/0xd0
[  144.315081][ T7940]  __x64_sys_ioctl+0x73/0xb0
[  144.319670][ T7940]  do_syscall_64+0x103/0x670
[  144.324268][ T7940]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  144.330158][ T7940] RIP: 0033:0x458da9
[  144.334063][ T7940] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  144.353703][ T7940] RSP: 002b:00007f010884ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  144.362141][ T7940] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000458da9
[  144.370116][ T7940] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  144.378093][ T7940] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000
[  144.386071][ T7940] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f010884f6d4
[  144.394049][ T7940] R13: 00000000004c1d42 R14: 00000000004d4550 R15: 00000000ffffffff
[  144.402044][ T7940] Modules linked in:
[  144.405955][ T7940] ---[ end trace 764186188153f0ae ]---
[  144.411419][ T7940] RIP: 0010:vcpu_enter_guest+0xbcd/0x5fb0
[  144.417139][ T7940] Code: 48 c1 ea 03 80 3c 02 00 0f 85 6f 48 00 00 49 8b 9f b0 03 00 00 48 b8 00 00 00 00 00 fc ff df 48 8d 7b 78 48 89 fa 48 c1 ea 03 <0f> b6 04 02 84 c0 74 08 3c 03 0f 8e 39 48 00 00 8b 5b 78 31 ff 89
[  144.436745][ T7940] RSP: 0018:ffff888065177a00 EFLAGS: 00010006
[  144.442829][ T7940] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffc9000a40c000
[  144.450827][ T7940] RDX: 000000000000000f RSI: ffffffff810cd7b2 RDI: 0000000000000078
[  144.458816][ T7940] RBP: ffff888065177b10 R08: ffff88808a12a140 R09: ffffed1015d26be0
[  144.466796][ T7940] R10: ffffed1015d26bdf R11: ffff8880ae935efb R12: ffff8880650400ac
[  144.474783][ T7940] R13: 0000000000000000 R14: ffff8880650400b0 R15: ffff888065040080
[  144.482770][ T7940] FS:  00007f010884f700(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000
[  144.491710][ T7940] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  144.498299][ T7940] CR2: 00007f212212ad90 CR3: 0000000089f6f000 CR4: 00000000001426e0
[  144.506325][ T7940] Kernel panic - not syncing: Fatal exception
[  144.513664][ T7940] Kernel Offset: disabled
[  144.518011][ T7940] Rebooting in 86400 seconds..