[?25l[?1c7[ ok 8[?25h[?0c.
[   57.255646] audit: type=1800 audit(1540006610.305:25): pid=6062 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[   57.275046] audit: type=1800 audit(1540006610.305:26): pid=6062 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[   57.294820] audit: type=1800 audit(1540006610.325:27): pid=6062 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.7' (ECDSA) to the list of known hosts.
2018/10/20 03:37:05 fuzzer started
2018/10/20 03:37:10 dialing manager at 10.128.0.26:43193
2018/10/20 03:37:11 syscalls: 1
2018/10/20 03:37:11 code coverage: enabled
2018/10/20 03:37:11 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled
2018/10/20 03:37:11 setuid sandbox: enabled
2018/10/20 03:37:11 namespace sandbox: enabled
2018/10/20 03:37:11 Android sandbox: /sys/fs/selinux/policy does not exist
2018/10/20 03:37:11 fault injection: enabled
2018/10/20 03:37:11 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2018/10/20 03:37:11 net packed injection: enabled
2018/10/20 03:37:11 net device setup: enabled
03:39:44 executing program 0:

syzkaller login: [  232.185459] IPVS: ftp: loaded support on port[0] = 21
[  234.636567] bridge0: port 1(bridge_slave_0) entered blocking state
[  234.643191] bridge0: port 1(bridge_slave_0) entered disabled state
[  234.651791] device bridge_slave_0 entered promiscuous mode
[  234.801035] bridge0: port 2(bridge_slave_1) entered blocking state
[  234.807595] bridge0: port 2(bridge_slave_1) entered disabled state
[  234.816233] device bridge_slave_1 entered promiscuous mode
[  234.960416] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  235.114789] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
03:39:48 executing program 1:

[  235.562384] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  235.868060] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  236.087922] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[  236.095277] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  236.278156] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[  236.285315] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  236.360008] IPVS: ftp: loaded support on port[0] = 21
[  236.966903] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  236.975240] team0: Port device team_slave_0 added
[  237.148192] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  237.156406] team0: Port device team_slave_1 added
[  237.367708] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[  237.374972] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  237.384026] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  237.530168] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[  237.537330] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  237.546362] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  237.743684] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  237.751289] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  237.760512] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  237.983688] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  237.991278] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  238.000388] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  240.054063] bridge0: port 1(bridge_slave_0) entered blocking state
[  240.060536] bridge0: port 1(bridge_slave_0) entered disabled state
[  240.069348] device bridge_slave_0 entered promiscuous mode
[  240.268742] bridge0: port 2(bridge_slave_1) entered blocking state
[  240.275324] bridge0: port 2(bridge_slave_1) entered disabled state
[  240.283794] device bridge_slave_1 entered promiscuous mode
[  240.543079] bridge0: port 2(bridge_slave_1) entered blocking state
[  240.549580] bridge0: port 2(bridge_slave_1) entered forwarding state
[  240.556698] bridge0: port 1(bridge_slave_0) entered blocking state
[  240.563227] bridge0: port 1(bridge_slave_0) entered forwarding state
[  240.572104] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  240.589110] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  240.840064] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  241.102326] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  241.544021] bond0: Enslaving bond_slave_0 as an active interface with an up link
03:39:54 executing program 2:

[  241.888124] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  242.220085] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[  242.227425] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  242.573600] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[  242.580649] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  242.689339] IPVS: ftp: loaded support on port[0] = 21
[  243.447623] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  243.456314] team0: Port device team_slave_0 added
[  243.806602] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  243.814830] team0: Port device team_slave_1 added
[  244.046004] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[  244.054962] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  244.063769] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  244.410289] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[  244.417583] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  244.426452] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  244.466884] ip (6433) used greatest stack depth: 53152 bytes left
[  244.749441] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  244.757251] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  244.766393] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  245.125166] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  245.133652] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  245.142710] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  247.354737] bridge0: port 1(bridge_slave_0) entered blocking state
[  247.361247] bridge0: port 1(bridge_slave_0) entered disabled state
[  247.369989] device bridge_slave_0 entered promiscuous mode
[  247.648910] bridge0: port 2(bridge_slave_1) entered blocking state
[  247.655519] bridge0: port 2(bridge_slave_1) entered disabled state
[  247.664016] device bridge_slave_1 entered promiscuous mode
[  247.994638] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  248.315459] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  248.518824] bridge0: port 2(bridge_slave_1) entered blocking state
[  248.525357] bridge0: port 2(bridge_slave_1) entered forwarding state
[  248.532386] bridge0: port 1(bridge_slave_0) entered blocking state
[  248.538868] bridge0: port 1(bridge_slave_0) entered forwarding state
[  248.547776] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  249.102184] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  249.178206] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  249.572802] bond0: Enslaving bond_slave_1 as an active interface with an up link
03:40:02 executing program 3:

[  249.923476] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[  249.930550] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  250.223342] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[  250.230391] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  251.110135] IPVS: ftp: loaded support on port[0] = 21
[  251.254636] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  251.262914] team0: Port device team_slave_0 added
[  251.623608] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  251.631638] team0: Port device team_slave_1 added
[  251.968301] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[  251.975519] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  251.984473] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  252.311974] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[  252.319075] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  252.328198] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  252.661983] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  252.669538] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  252.678530] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  253.090422] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  253.098181] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  253.107562] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  253.392879] 8021q: adding VLAN 0 to HW filter on device bond0
[  254.792867] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  256.358800] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  256.365326] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  256.373361] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  257.449214] bridge0: port 1(bridge_slave_0) entered blocking state
[  257.456110] bridge0: port 1(bridge_slave_0) entered disabled state
[  257.464551] device bridge_slave_0 entered promiscuous mode
[  257.506550] bridge0: port 2(bridge_slave_1) entered blocking state
[  257.513087] bridge0: port 2(bridge_slave_1) entered forwarding state
[  257.519996] bridge0: port 1(bridge_slave_0) entered blocking state
[  257.526597] bridge0: port 1(bridge_slave_0) entered forwarding state
[  257.535835] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  257.612928] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  257.671594] 8021q: adding VLAN 0 to HW filter on device team0
[  257.857185] bridge0: port 2(bridge_slave_1) entered blocking state
[  257.863946] bridge0: port 2(bridge_slave_1) entered disabled state
[  257.872485] device bridge_slave_1 entered promiscuous mode
[  258.198110] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  258.585012] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  259.725813] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  260.078225] bond0: Enslaving bond_slave_1 as an active interface with an up link
03:40:13 executing program 4:

[  260.433245] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[  260.440324] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  260.809941] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[  260.817079] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  261.898705] IPVS: ftp: loaded support on port[0] = 21
[  262.058979] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  262.067301] team0: Port device team_slave_0 added
[  262.521453] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  262.529656] team0: Port device team_slave_1 added
[  262.926935] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[  262.934190] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  262.943349] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  263.318543] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[  263.325771] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  263.334595] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  263.775478] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  263.783097] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  263.792299] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  263.851758] 8021q: adding VLAN 0 to HW filter on device bond0
[  264.232164] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  264.239806] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  264.248720] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  265.355435] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  266.992177] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  266.998535] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  267.006770] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
03:40:20 executing program 0:

03:40:21 executing program 0:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
fremovexattr(r1, &(0x7f00000001c0)=ANY=[@ANYBLOB="0055a05ce8e9be80714773792e004dd711a81cee3bdf0d0a3cdad3b29ed1e24b3d627766d8d1c4a17b853798e1b6022e847129ffa1525a09783e9584d62a8e72647caf52ec9cb7a142384a380a6601c7aff9cc71e38c0af3fce976325e75f5c81007075e096566381f0e51075b017eb0d5c477b51168147e8a463c"])
close(r1)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x2000, 0x0)
ioctl$EVIOCGKEYCODE_V2(r2, 0x80284504, &(0x7f00000000c0)=""/33)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GINFO(r3, 0xc0f85403, &(0x7f0000000280)={{0x3, 0x2, 0xe2, 0x0, 0x51}, 0x8, 0x100, 'id1\x00', 'timer0\x00', 0x0, 0x60000000000000, 0x5, 0x1, 0x1f})
io_setup(0x8, &(0x7f0000000100)=<r4=>0x0)
socket(0x1, 0x1, 0x0)
io_submit(r4, 0x0, &(0x7f0000000640))
io_submit(r4, 0x1400, &(0x7f0000000600)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000140), 0x380}])

[  268.611755] 8021q: adding VLAN 0 to HW filter on device team0
03:40:21 executing program 0:
r0 = syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x201, 0x8000000100079)
ioctl$KVM_SET_CPUID(r0, 0x4004551e, &(0x7f0000000080)=ANY=[])
ioctl$sock_inet_SIOCRTMSG(r0, 0xc00c5512, &(0x7f00000000c0)={0x0, {0x2, 0x0, @dev}, {}, {0x2, 0x0, @multicast1}, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)='ip6gre0\x00'})
mq_open(&(0x7f0000000080)='-wlan1\x00', 0x0, 0xa0, &(0x7f0000000140)={0x7fff, 0x7, 0x3e, 0xf9e, 0x1f, 0x0, 0x0, 0x1})

[  268.852865] bridge0: port 1(bridge_slave_0) entered blocking state
[  268.859357] bridge0: port 1(bridge_slave_0) entered disabled state
[  268.868055] device bridge_slave_0 entered promiscuous mode
03:40:22 executing program 0:
r0 = socket(0x1e, 0x1, 0x0)
r1 = syz_open_dev$adsp(&(0x7f0000000140)='/dev/adsp#\x00', 0x2, 0x300)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000100)='\x00', r1}, 0x10)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3f9}, 0x10)
r2 = fcntl$dupfd(r0, 0x406, r0)
ioctl$BLKDISCARD(r2, 0x1277, &(0x7f00000000c0)=0x6)
r3 = dup2(r0, r0)
ioctl$LOOP_GET_STATUS(r3, 0x4c03, &(0x7f0000000000))
bind$packet(r0, &(0x7f00004a9000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local={[], 0xffffffffffffffff}}, 0x0)

[  269.276694] bridge0: port 2(bridge_slave_1) entered blocking state
[  269.283280] bridge0: port 2(bridge_slave_1) entered forwarding state
[  269.290199] bridge0: port 1(bridge_slave_0) entered blocking state
[  269.296767] bridge0: port 1(bridge_slave_0) entered forwarding state
[  269.305567] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  269.369000] bridge0: port 2(bridge_slave_1) entered blocking state
[  269.376170] bridge0: port 2(bridge_slave_1) entered disabled state
[  269.384661] device bridge_slave_1 entered promiscuous mode
03:40:22 executing program 0:
unshare(0x20040600)
r0 = syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x638, 0x0)
ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r0, 0xc0305710, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, [0xfffffffe]})
accept4$vsock_stream(r0, &(0x7f0000000000)={0x28, 0x0, 0xffffffff}, 0x10, 0x800)

[  269.773192] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  269.917746] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
03:40:23 executing program 0:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = syz_open_procfs(0x0, &(0x7f0000000140)='net/packet\x00')
ioctl$sock_kcm_SIOCKCMUNATTACH(r1, 0x89e1, &(0x7f0000000180)={r0})
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000100)=@req3={0xffff, 0x7fff}, 0x1c)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={<r2=>0x0, 0xffffffffffffff9c, 0x0, 0x12, &(0x7f0000000000)='(.trustedcpuset{\\\x00', 0xffffffffffffffff}, 0x30)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x200, 0x0)
write$FUSE_NOTIFY_INVAL_ENTRY(r3, &(0x7f00000000c0)={0x21, 0x3, 0x0, {0x4}}, 0x21)
prctl$setptracer(0x59616d61, r2)

[  270.375816] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
03:40:23 executing program 0:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0)
r0 = userfaultfd(0x0)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000003fe8))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x4000)=nil, 0x4000}, 0x1})
socketpair(0x2, 0xa, 0x5, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$KVM_SET_VAPIC_ADDR(r1, 0x4008ae93, &(0x7f0000000040)=0x2005)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r3, 0x84, 0x8, &(0x7f0000013e95), 0x4)
getsockopt$inet_sctp6_SCTP_NODELAY(r3, 0x84, 0x3, &(0x7f0000000100), &(0x7f0000000140)=0x4)
mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0xfffffffffffffffb, 0x32, 0xffffffffffffffff, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00')
sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x41400}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x30, r4, 0x9b63e3cc9658ca32, 0x70bd29, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_SERVICE={0x14, 0x1, [@IPVS_SVC_ATTR_AF={0x8, 0x1, 0xa}, @IPVS_SVC_ATTR_PORT={0x8, 0x4, 0x4e22}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0xd0}]}, 0x30}, 0x1, 0x0, 0x0, 0x8000}, 0x11)
close(r0)

[  270.793017] syz-executor0 uses obsolete (PF_INET,SOCK_PACKET)
03:40:24 executing program 0:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0)
r0 = userfaultfd(0x0)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000003fe8))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x4000)=nil, 0x4000}, 0x1})
socketpair(0x2, 0xa, 0x5, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$KVM_SET_VAPIC_ADDR(r1, 0x4008ae93, &(0x7f0000000040)=0x2005)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r3, 0x84, 0x8, &(0x7f0000013e95), 0x4)
getsockopt$inet_sctp6_SCTP_NODELAY(r3, 0x84, 0x3, &(0x7f0000000100), &(0x7f0000000140)=0x4)
mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0xfffffffffffffffb, 0x32, 0xffffffffffffffff, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00')
sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x41400}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x30, r4, 0x9b63e3cc9658ca32, 0x70bd29, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_SERVICE={0x14, 0x1, [@IPVS_SVC_ATTR_AF={0x8, 0x1, 0xa}, @IPVS_SVC_ATTR_PORT={0x8, 0x4, 0x4e22}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0xd0}]}, 0x30}, 0x1, 0x0, 0x0, 0x8000}, 0x11)
close(r0)

[  271.626308] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  272.051653] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  272.425659] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[  272.432814] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  272.800836] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[  272.808333] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  273.874907] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  273.883180] team0: Port device team_slave_0 added
[  274.079430] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  274.089121] team0: Port device team_slave_1 added
[  274.355235] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[  274.362424] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  274.370991] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  274.590486] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[  274.597700] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  274.606476] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  274.833707] 8021q: adding VLAN 0 to HW filter on device bond0
[  274.879239] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  274.886903] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  274.895751] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  275.227575] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  275.235299] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  275.244248] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  275.979307] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  277.058321] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  277.064869] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  277.072896] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
03:40:30 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000080), 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000040)="b9800000c00f3235001000000f30f24c0f2c49e8426dc4027d3493b80800003626660f7e676d660f1678b06cc403f9dfbeb70000000bc7442400f5000000c744240284d178bcff1c24f2f347dbe1", 0x4e}], 0x1, 0x48, &(0x7f00000000c0), 0x10000000000003e9)
openat$md(0xffffffffffffff9c, &(0x7f0000000140)='/dev/md0\x00', 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff]})
r3 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r3)
socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  277.298336] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html for details.
[  278.072164] 8021q: adding VLAN 0 to HW filter on device team0
[  278.726111] bridge0: port 2(bridge_slave_1) entered blocking state
[  278.732672] bridge0: port 2(bridge_slave_1) entered forwarding state
[  278.739579] bridge0: port 1(bridge_slave_0) entered blocking state
[  278.746186] bridge0: port 1(bridge_slave_0) entered forwarding state
[  278.754939] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  278.761496] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  281.439243] 8021q: adding VLAN 0 to HW filter on device bond0
[  282.297597] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
03:40:36 executing program 2:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x100000001, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000300)=ANY=[@ANYBLOB="01000000000000000a00000000000000ff010000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000a004e2300000100fe8000000000000000000000000000bb80000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a004e24a381ffffff01000000000000000000000000000100010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000010000000000000000000000000ffffe000000267050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00000000000000fe8000000000000000000000000000aa0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d000000000000000000000000000000000006e78d8a5c841d020abb59bacc2de8c3ad5ac70d6a91a8345b8f09af6b387c4096f7e6fd6b80029251eda6ad683e6234887cad6a4a217f3c8615e50b088e03ad2572aeb6ad8dd25c329edf68eff61cf1cdc1ff8bf76b7228d6f60de4737c949ed83a8f4289b81a7590d50e2de8e519cb50e2e9eba213ea8b5b646b503e40f254c393e8b6b6c16254c1a0dfce77522bcd512c7a0d31f0ce085e3ec7923c53a"], 0x1)
dup2(r1, r0)

[  283.211293] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  283.217859] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  283.225999] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  283.904778] 8021q: adding VLAN 0 to HW filter on device team0
[  286.590408] 8021q: adding VLAN 0 to HW filter on device bond0
[  287.167784] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
03:40:40 executing program 3:
r0 = socket(0x50000000010, 0x2, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000040)='mountinfo\x00')
sendfile(r0, r1, &(0x7f0000000140), 0x80000002)

[  287.693944] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  287.700374] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  287.708265] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  288.127711] 8021q: adding VLAN 0 to HW filter on device team0
03:40:43 executing program 4:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000080)='./file1\x00', 0x0)
fallocate(r1, 0x10, 0x0, 0x7f)

03:40:43 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={&(0x7f0000000040)={0x10, 0xfffffff0}, 0xc, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="c40e00002800ff0a000000000000000013000400000031d093d9be7d2cb44dd07f53ba80e2c509bc8b1c71d3f77dcfbdb1fd9447fd25c3517eb02f76cc0efc959c3ee4484f5f859e5e4b14880822dec656e2e5eb40ba1e0ece994d08e945c6836876553aa23421d1ee0f681b4e3b7de4492f719a98637955b6a66a9aaf63788c852f9b8a24e5b25a465f1a38d8b9ad869d19f30355bce863d489e8629882ba5cf5b0ff9b4de0b2ef034d0dfabb0b03d7c0cb7a01ea58c425399cf5ddc8520d049ced48d560cee0eacb5b1b37cd6c4b797f657340dd0288246dba25e2a9f0ca47104d2a53e64f19c6667c4e25ba370817f8f43a219ceaf2694d72f8143f6b4358f0a2411a2dd985da6cf4566f915cac9f1488d794c73790bffce389429e7cfb2d8b7bb5df429e0e931a8a776a9dbfd7b88c2681c294c0b63240694dfbfb22b4511b92994cca93e2000c4d1defe3317f3ce8f61830d493869030e4cef615e8d3ebae4f799b9c73e0cfecb50ee60ee0c2b27c9794fe7cb850cbe9104c4c9003b72dd2365122186b925a0ce861cc238987056819a200616d3a4b726519c72fef14b400f0147a2dde96d3690b3b5b7998971d0c376e6e5ee0957a1ac42f58addbfa899737ae6b2c2ca5cae0155610a6155f03b412f30f0eb8e91260b85c8009f1b695bbe94d80149823685e2c746f6f02d6a0a043f4ea942303ac3f023a0d6ffa222e25c7dc2b79b039791f495e5dc1921f176627487430344866308019a2b8a7f602006b1625e256d3dfe748a708f1b55e5992418921e577371b463887a58b8c21778cd36e4702738f2416f2a7c45234da6ab4ca38650ba3c7f293b47beebacd2e3e69ef855e9955c14dc5f98a6e9c31e5af32e6f09900ce4473a8aa323b9b5bb04206371876c48574dce85ae443c960c1692b667e4e47dcbc100b3b5f2eda1f1e24444c62f260e60b989687ee21e90db56a97e5dc54344ced656cb61324a0401b0094617110a37fb1838a83e07e942abf44b908d147cfa6815c714bb006741fa2e433509c17f5c1122f727af0343ab77854afaeeda33dfdfbf8f2478f0cf12a5fcb50a0de41cb461206f94dfcf61973d2e3faa0c8c6833dd67315152626b0ce96bc04aefda943101f14c14cb7e60f0421766773acf3276a7b419a0c2b51f8bbfd6ea6bd957071fe3e9d97955d41dc94a41a6bc7f50a31f5dddc970f07e72f968cca0df5e5653f907e34e7e9230c4b676d42c640834d952a15be304f3b28eb975f712ae8c532370f615efd1f14d0fa73143c6888faac377ab8b4463555e0667eb2dcfbc4b348e229ddc85e282b425f5a5c071a5d7c3685e6773b7d647d0309bdf964ba118178c8141bd91a7b9d220463f398982860eec8f34a9a93d7cf71824c58917a0a2beab262008e45d217d38ffb250afed551fe842f0c85958b4120234e6c7844c3281b82d4d065032da309a489486b02be0e3c2260c12dca29a6aad114fc691aa90cf5f22908b7896b26cc3c10d24bcef7bd0c622d2380cc1dccc1d8c599dd60b5f4c08c4bd3d96d0e7b9b54cf5b9db29aa7299374ab7ea0d1a3cc3cfec3cae148f36fbb6b6efd25f56dc8794fadf2f2556a159a87f6aeb4008cdcb4416a6daedd6666a46909fd07d8572ddd4af0f2b3b30aaba96f2aa89684c4a05c1ceba010d6d0fd20c69fcea6edf9a71441e866a6342abeeba91c707cda16e60f8e98c5f7a0bb168c46333c3407d31935ef6c2c4baaaa81470d88c3834db6387db5a5fad0b09f25733cd032f5781a99d143b583f7f85872c66e720bcaa401f1f3ae1f6a5760c8b1e58fc7a30c83ad2b2ed8b8045e21185d676f393d1b17514449c089dccd74ceb2bbd4e34cb0aaa83bd59058b572ecf0db9b74867a0239719aecdef5059b6b0fb2cd745c95fbbc5107795119498b4d5931bd8743c520fc1a6dc6b39bab3d90dc7370a67aa4cb9dc7bc400ee1bd6baa0e77ad91de84124c1c1e96100bb1a1f0ffae25b99cb8fb6ce79be0d6b8d1e15bd08ed11faaa409322950e8dbb997af48237ba9e70dc23df4c5a1340036576706e102f2fea237deadd5293da10cf55c8b99694f69dd0359a0e7624d7dd05e057bed5141a104648c702fbfb19460961510dce290a86b86e2981db1ac91f20e82ca5dd6a02bf016684a5881178420b148ab413a9ca337d133f6e6614c4fb63ac7d4964d975cca44078a87b7e8283d7315df9ae172834954b8b93956a73d5921042e6296a5066e7723801b2a872d22d3bf9dd6a33d9b03cb4d190d019611e9f3dbec6993e1dafaf1213cdd7555e5c95e0db469db058eec47f2c405bff60e1f9e6a4cccfed332d345cd724799d13c78fc66779f01a0b64968f03819582e695bd9a95efc61db493a68d6c82dc0617ab31887d51c5dd9a4f918b385ce7d2044786b315772b7ef5565ad93e0c1029ff8ca189f5b759d6d61fbc82c4c764f79eb94fe4bc6a134f146189204e67c9ca4b7eb7f3c6ce192ba4b9e0b3de49d0d0aa186144a1fbc8652ba50020aa7387acd973203e452c77d9c40fa970461f26dc200eac7e5726a2ce3b913b3ac4adcf6efe414adda83eb2294cb99ff4cdba3bca65454881dc060e1eefa46cda26ff2b70c4c3729d1a454d6d2763964ef3e19ed6e3db11acc18109c12b0a7ce6f4e0b00b0b67b4053a49d4f23a97d0675ce680b4e0eea28802512d04b3fcb085f44084f807feaed1238fe88d2b77e84f075ad1c2929f2eae857533b7627304ba162d30537236ef745b811cad538df352528cfa7117bc33f65e007d9e41d691a15cdf29431bbf0b6fb0ecae25d6af9314a5b9d011081b535c2aed2232f4ce60d15486a0c5f849c35ef4a75c6ee8dff13feec825c725c89ccda0dfab2b265efa83e663586e8c338365c6e9a666e5f7d8ef6d0486d7a03ee9a09c654ba7c3f77d945d98b300fcef646537fdcba96c1bd6d5393ac2a74c0431a28c8d42cc4993025707b9a555107eb6a99faa2f18a5a802965bf209e49fe5abaf42e7af501c38da1ae48bf30728eeefac50d53ad3f4982dac456af575066f04214eaf235abeeee8590fc8550338b81ff071a078453949384c2989aaf8dd9a0ef1c75cfa48f412ea2040ba035494bfcb288befb90d779f27d64af64691720174ae3af4bf3a5d02a0072029d248cdbd9d0f3cebb0d68d1655bde1a8de9a250595a02c80c9e1431afc7a492f56f3d887e1cad62b072d978b4d6462ea09976bb5e4594ebab501028f6d5dc2bade3d6257410a2f66ad456ab7da22e0ce455ca612f6a8dce258abbd40d106fb8d2e865451c8ef57f63c11b7708a325bb29041ca3cd410df4b3cd00af53c253cf3050e15f407f87095a8f7763a56d0a0d88a4f7d81b35895580f5acda5d8bd09e3aed357b013f0cbcac1735fc5b9203a1b582305c55d46c2f39376653fc2e24a14c9f3b6513cbc5ff0d860044ed3a6034b82ca588149fc068fbf57e9a6135f3b44fa7fcc5037293704ca11bc8a51ee01df90f72fb65c8ca985b0d417e4862cc6faf142092616aee81fe6e9d22d69fcfda0eeb3376035af6069f064c34dac49fe76a0d688d3d6c930151df5593b59f3d51ae1e9830736674009e269a0ac355381a34d8bde5b2a3fea6b68188ef5d1cfdabd3be5e9a64daf0aad04ff2c0c6927021a11510bb172a7857b182f4b406586c0db9e36a1b7ade3cc7a2920d01851eec90c88889b8d9bc8c82bba25a00c351aed52ca2ac6b2c1a8c81bc0cf4670ce4d33f947168300e78a324bbef542969545c190bb4f124160a0661762857add5a06b8ed2c45026a3a85348e9d0f823c150c2d1cbc05f7e803b939a2cd120306a5db6fb890a3490f2ad99635a8550ffc3c6f5135298a5577ff7a10e654e65a86a5466a04e6b9e61f52bd51e459b57c3590db87cc7007a10d57655e0b6aa5c8ba8679b552b4177b5760b74fd8af39be0b89c5d3a96f8e7097c5ae262a6e0218435baabde87f86a95e2fb256f9075a08c8827049c844bf9d42f955349995c51b2efcf1e9bcf5f9a386b58a9acb73920571ba5adfe0a446669161af385f5c5b3a37caaea617cf76be8382841ec3a7c0ac2d8cc4c8d293e43e7fe6da838d3cbca51d59f7d5bb903c7217bcf11f65512b871093bf1b8945fd2979a9b47c8ae76c4623ad80c2e0171fa0db20c8a692392a06050fb5b9592ee671e68b19d0716ea7f4ce51420f221ad209ffd0745ed29a335c59d746b3ea081e250c67c031a580660ad8a946430018814a7968cb34d269b4ac03a6df61b227fc8f435625a0f55acef54f27dae051b02658ddb9b766267b6ef4ac6089b5481d0c98b54367370f3098dfc16ab50ace193bdea7c10ca2e04c1a9c7a216d8a5edf9f4d05ead94817dd2f4e8ef5497b4b1a4dd5a3f1e1651b8367f2852bfa92d8603d69d92615e48b3036dfb1cbb8c180b73d1a4d6a91c44654b596943b9fc99801527de4eac28df13d486cd1711e68165e723f68bfc145fb95cba276dd34a501a189e2bfb6c79e24547d37f047a5c92cea41ae9c213f3f84ba32bcabaa7e6c5126c8d75ebefd32cfc3193257e3d8b231d1ba741daf43458a971ea439d94ea4c94ce184cba8a8802fa1e0b41a971b4ffb008b1f1c869a0be09ac30ca01e6ad70e5f2ac2bb29ced2a767d482060a6fbc9e073a66c9d88aa44e04ecfb0a4b54f7ac67a81e5c96f35a23487e759a87c04255fb661bc38ed99cef6430851c30cbfa34587ea3ce21d1e307c6a69131c08b626108b5ae9fc34cbd91cd5954df5a8d05eb42bb5b3d194fecdfb15c2278fed14d46efdb84da8075fe83c4ee4259879f62310f37d4efeb80cc22487cf8e23ee978392ebab0ada741cb855b3610ef51cae6bcc5ebb538bde46adbb0b0faaf78c6e1ab0b4510984a519301b669fee24b17867d6350e3004b599e9beff47a775a50962bc7d54c59d2ddb0ea806f36cf2cbcab5626103a5af832c072373c2c0e21befa4505cf0941bcc80de15b390157c9a2a485e829f4b8d10324f35cd0f6ba30d15afe2dfff5f373c0610bc16de991bbc3b8eb748910e1d3a8fc12f5f9ab5c4c5a77127e61a7fec0f5daf46694d84ce13bba4a6420627383c07f1d456f192e5283cc02c5a2e81c8966b44cbc62aa4801324d8a6d97f8f4b564321860b2988cba4aeeb611ab8914e47f76683ea6088302b4296a538890c841c7752f2ca4afad1e925d8b6cddef95fc9e61083cd4f72a5fb93857c87bc09b76ef59a8b499c51628dd15f10aab9fb71a230ffe43a346169a1b9f51d8751e36ae2eecc348861bbaabefcc353408e1bff20f9fe3417688a61713f8978e45ca371c50ceee32ed40b7dd94c2f9c86578fa2c3e2000000"], 0xec4}}, 0x0)

03:40:43 executing program 5:
r0 = socket(0x9, 0x0, 0x5)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000000)={0xe98c, 0x1, 0x7c, 0xfffffffffffffffe, 0xf0e, 0x1, 0x0, 0x89, 0xffff, 0x66ee}, 0xb)
openat$userio(0xffffffffffffff9c, &(0x7f0000000040)='/dev/userio\x00', 0x400000, 0x0)
r1 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0)
ioctl$EVIOCGABS0(r1, 0x80184540, &(0x7f0000000080)=""/4096)
getsockopt$bt_rfcomm_RFCOMM_CONNINFO(r0, 0x12, 0x2, &(0x7f0000001080)=""/73, &(0x7f0000001100)=0x49)
getsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f0000001140), &(0x7f0000001180)=0x4)
r2 = syz_open_dev$amidi(&(0x7f00000011c0)='/dev/amidi#\x00', 0x5, 0x0)
getsockopt$inet_sctp_SCTP_MAXSEG(r2, 0x84, 0xd, &(0x7f0000001200)=@assoc_value={<r3=>0x0, 0x3f}, &(0x7f0000001240)=0x8)
setsockopt$inet_sctp_SCTP_SET_PEER_PRIMARY_ADDR(r0, 0x84, 0x5, &(0x7f0000001280)={r3, @in6={{0xa, 0x4e23, 0x6, @local, 0x3}}}, 0x84)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r2, 0x40045542, &(0x7f0000001340)=0x3)
setsockopt$IP_VS_SO_SET_DEL(r0, 0x0, 0x484, &(0x7f0000001380)={0xff, @broadcast, 0x4e20, 0x2, 'none\x00', 0x1, 0x0, 0x4c}, 0x2c)
getcwd(&(0x7f00000013c0)=""/204, 0xcc)
setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX(r1, 0x84, 0x6e, &(0x7f00000014c0)=[@in6={0xa, 0x4e22, 0x5, @dev={0xfe, 0x80, [], 0x13}, 0xffffffffffffffff}, @in6={0xa, 0x4e24, 0x3, @loopback, 0x7}, @in={0x2, 0x4e22, @multicast2}, @in6={0xa, 0x4e24, 0xfffffffffffffffa, @ipv4, 0x2df753a9}, @in6={0xa, 0x4e21, 0x2, @empty, 0x7ff}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x18}}, @in6={0xa, 0x4e23, 0x7fff, @dev={0xfe, 0x80, [], 0x11}, 0x1000}, @in6={0xa, 0x4e22, 0x9, @mcast1, 0x3ff}, @in={0x2, 0x4e24, @remote}], 0xd8)
socketpair$inet6_udplite(0xa, 0x2, 0x88, &(0x7f00000015c0))
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r1, 0x6, 0x21, &(0x7f0000001600)="11c106ccf8e47f169cab9d9eca23eedd", 0x10)
setsockopt$bt_BT_SNDMTU(r0, 0x112, 0xc, &(0x7f0000001640)=0xffffffff00000000, 0x2)
ioctl$KVM_GET_PIT(r1, 0xc048ae65, &(0x7f0000001680))
ioctl$KVM_ASSIGN_PCI_DEVICE(r1, 0x8040ae69, &(0x7f0000001700)={0x40, 0x2, 0x7, 0x4, 0x3})
socket$pptp(0x18, 0x1, 0x2)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000001740)={0x100002, 0xc8923d6cdcbc0dcb})
fsetxattr$trusted_overlay_nlink(r0, &(0x7f0000001780)='trusted.overlay.nlink\x00', &(0x7f00000017c0)={'U+', 0xfffffffffffffff9}, 0x28, 0x3)
setsockopt$inet_sctp_SCTP_SET_PEER_PRIMARY_ADDR(r2, 0x84, 0x5, &(0x7f0000001800)={r3, @in6={{0xa, 0x4e24, 0x7, @mcast1, 0x687d}}}, 0x84)
setsockopt$inet6_MRT6_ADD_MFC(r2, 0x29, 0xcc, &(0x7f00000018c0)={{0xa, 0x4e20, 0xc5ea, @mcast2, 0xfffffffffffffff8}, {0xa, 0x4e23, 0x9, @loopback, 0x5}, 0x9, [0x8001, 0x6, 0xffffffffffffffff, 0x6, 0x4, 0x1ff, 0x40, 0x5]}, 0x5c)
getsockopt$inet_mtu(r1, 0x0, 0xa, &(0x7f0000001940), &(0x7f0000001980)=0x4)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000001a00)={r2, 0x28, &(0x7f00000019c0)={0x0, <r4=>0x0}}, 0x10)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000001a40)={r4, 0x0, 0x10}, 0xc)
ioctl$SNDRV_CTL_IOCTL_TLV_COMMAND(r2, 0xc008551c, &(0x7f0000001a80)={0x100000001, 0x8, [0x274c, 0x1]})
getpeername$netlink(r2, &(0x7f0000001ac0), &(0x7f0000001b00)=0xc)
ioctl$KVM_ASSIGN_SET_MSIX_NR(r1, 0x4008ae73, &(0x7f0000001b40)={0x1, 0x8000})

03:40:43 executing program 2:
perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = getpgrp(0x0)
syz_open_procfs(r0, &(0x7f0000000040)='attr/keycreate\x00')

03:40:43 executing program 1:
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='maps\x00')
close(r0)

03:40:43 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000080), 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000040)="b9800000c00f3235001000000f30f24c0f2c49e8426dc4027d3493b80800003626660f7e676d660f1678b06cc403f9dfbeb70000000bc7442400f5000000c744240284d178bcff1c24f2f347dbe1", 0x4e}], 0x1, 0x48, &(0x7f00000000c0), 0x10000000000003e9)
openat$md(0xffffffffffffff9c, &(0x7f0000000140)='/dev/md0\x00', 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
setsockopt$inet_mreq(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000180)={@remote}, 0xfffffffffffffed3)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb544]})
r3 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r3)
socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

03:40:43 executing program 1:

[  290.544244] ==================================================================
[  290.551661] BUG: KMSAN: kernel-infoleak in _copy_to_user+0x15d/0x1f0
[  290.558177] CPU: 1 PID: 7575 Comm: syz-executor3 Not tainted 4.19.0-rc8+ #70
[  290.565389] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  290.574755] Call Trace:
[  290.577375]  dump_stack+0x306/0x460
[  290.581061]  ? _copy_to_user+0x15d/0x1f0
[  290.585178]  kmsan_report+0x1a2/0x2e0
[  290.589023]  kmsan_internal_check_memory+0x2cd/0x460
[  290.594192]  kmsan_copy_to_user+0x89/0xe0
[  290.598371]  _copy_to_user+0x15d/0x1f0
[  290.602300]  kvm_vcpu_ioctl+0xe2a/0x20b0
[  290.606414]  ? do_vfs_ioctl+0x187/0x2ca0
[  290.610504]  ? __se_sys_ioctl+0x1da/0x270
[  290.614685]  ? kvm_vm_release+0x90/0x90
[  290.618684]  do_vfs_ioctl+0xf28/0x2ca0
[  290.622617]  ? security_file_ioctl+0x92/0x200
[  290.627150]  __se_sys_ioctl+0x1da/0x270
[  290.631169]  __x64_sys_ioctl+0x4a/0x70
[  290.635109]  do_syscall_64+0xbe/0x100
[  290.638944]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[  290.644162] RIP: 0033:0x4573d7
[  290.647391] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  290.666310] RSP: 002b:00007fd3d3329098 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  290.674057] RAX: ffffffffffffffda RBX: 0000000000000018 RCX: 00000000004573d7
[  290.681391] RDX: 00007fd3d33296f0 RSI: 000000008138ae83 RDI: 0000000000000005
[  290.688705] RBP: 0000000020017000 R08: 0000000000000001 R09: 0000000000000048
[  290.696003] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000fec00000
[  290.703313] R13: 00000000ffffffff R14: 00000000004d7cf8 R15: 00000000ffffffff
[  290.710635] 
[  290.712272] Uninit was stored to memory at:
[  290.716624]  kmsan_internal_chain_origin+0x136/0x240
[  290.721778]  __msan_chain_origin+0x75/0xd0
[  290.726063]  __get_sregs+0x949/0xff0
[  290.729821]  kvm_arch_vcpu_ioctl_get_sregs+0x71/0xb0
[  290.734978]  kvm_vcpu_ioctl+0x40d/0x20b0
[  290.739078]  do_vfs_ioctl+0xf28/0x2ca0
[  290.742992]  __se_sys_ioctl+0x1da/0x270
[  290.747015]  __x64_sys_ioctl+0x4a/0x70
[  290.751027]  do_syscall_64+0xbe/0x100
[  290.754885]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[  290.760094] 
[  290.761746] Uninit was stored to memory at:
[  290.766093]  kmsan_internal_chain_origin+0x136/0x240
[  290.771221]  __msan_chain_origin+0x75/0xd0
[  290.775481]  kvm_inject_page_fault+0x2d7/0x6f0
[  290.780105]  handle_vmwrite+0xdac/0x3220
[  290.784201]  vmx_handle_exit+0x20f5/0xb900
[  290.788475]  kvm_arch_vcpu_ioctl_run+0xa22b/0x10ab0
[  290.793528]  kvm_vcpu_ioctl+0x11a7/0x20b0
[  290.797711]  do_vfs_ioctl+0xf28/0x2ca0
[  290.801650]  __se_sys_ioctl+0x1da/0x270
[  290.805654]  __x64_sys_ioctl+0x4a/0x70
[  290.809568]  do_syscall_64+0xbe/0x100
[  290.813396]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[  290.818597] 
[  290.820239] Local variable description: ----e@handle_vmwrite
[  290.826071] Variable was created at:
[  290.829857]  handle_vmwrite+0x1f6/0x3220
[  290.833952]  vmx_handle_exit+0x20f5/0xb900
[  290.838193] 
[  290.839840] Bytes 232-239 of 312 are uninitialized
[  290.844779] Memory access of size 312 starts at ffff8801a6a2f400
[  290.850938] ==================================================================
[  290.858308] Disabling lock debugging due to kernel taint
[  290.863775] Kernel panic - not syncing: panic_on_warn set ...
[  290.863775] 
[  290.871216] CPU: 1 PID: 7575 Comm: syz-executor3 Tainted: G    B             4.19.0-rc8+ #70
[  290.879810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  290.889187] Call Trace:
[  290.891824]  dump_stack+0x306/0x460
[  290.895510]  panic+0x54c/0xafa
[  290.898776]  ? __msan_metadata_ptr_for_store_1+0x13/0x20
[  290.904773]  kmsan_report+0x2d3/0x2e0
[  290.908629]  kmsan_internal_check_memory+0x2cd/0x460
[  290.913786]  kmsan_copy_to_user+0x89/0xe0
[  290.917970]  _copy_to_user+0x15d/0x1f0
[  290.921896]  kvm_vcpu_ioctl+0xe2a/0x20b0
[  290.926011]  ? do_vfs_ioctl+0x187/0x2ca0
[  290.930112]  ? __se_sys_ioctl+0x1da/0x270
[  290.934290]  ? kvm_vm_release+0x90/0x90
[  290.938326]  do_vfs_ioctl+0xf28/0x2ca0
[  290.942269]  ? security_file_ioctl+0x92/0x200
[  290.946805]  __se_sys_ioctl+0x1da/0x270
[  290.950833]  __x64_sys_ioctl+0x4a/0x70
[  290.954749]  do_syscall_64+0xbe/0x100
[  290.958581]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[  290.963789] RIP: 0033:0x4573d7
[  290.967009] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  290.985939] RSP: 002b:00007fd3d3329098 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  290.993668] RAX: ffffffffffffffda RBX: 0000000000000018 RCX: 00000000004573d7
[  291.000956] RDX: 00007fd3d33296f0 RSI: 000000008138ae83 RDI: 0000000000000005
[  291.008242] RBP: 0000000020017000 R08: 0000000000000001 R09: 0000000000000048
[  291.015526] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000fec00000
[  291.022818] R13: 00000000ffffffff R14: 00000000004d7cf8 R15: 00000000ffffffff
[  291.030964] Kernel Offset: disabled
[  291.034603] Rebooting in 86400 seconds..