[ 39.552617][ T26] audit: type=1800 audit(1552594778.144:25): pid=7715 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[ 39.580778][ T26] audit: type=1800 audit(1552594778.144:26): pid=7715 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[ 39.636295][ T26] audit: type=1800 audit(1552594778.144:27): pid=7715 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[ 39.671417][ T26] audit: type=1800 audit(1552594778.144:28): pid=7715 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="ssh" dev="sda1" ino=2417 res=0
[....] Starting periodic command scheduler: cron�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
[....] Starting OpenBSD Secure Shell server: sshd�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
Debian GNU/Linux 7 syzkaller ttyS0
Warning: Permanently added '10.128.0.19' (ECDSA) to the list of known hosts.
2019/03/14 20:19:48 fuzzer started
2019/03/14 20:19:51 dialing manager at 10.128.0.26:34935
2019/03/14 20:19:54 syscalls: 1
2019/03/14 20:19:54 code coverage: enabled
2019/03/14 20:19:54 comparison tracing: enabled
2019/03/14 20:19:54 extra coverage: extra coverage is not supported by the kernel
2019/03/14 20:19:54 setuid sandbox: enabled
2019/03/14 20:19:54 namespace sandbox: enabled
2019/03/14 20:19:54 Android sandbox: /sys/fs/selinux/policy does not exist
2019/03/14 20:19:54 fault injection: enabled
2019/03/14 20:19:54 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2019/03/14 20:19:54 net packet injection: enabled
2019/03/14 20:19:54 net device setup: enabled
20:20:54 executing program 0:
utimes(0x0, &(0x7f0000000140)={{0x2, 0xfffffffffffffe01}, {0x7f, 0x1}})
syzkaller login: [ 116.413065][ T7880] IPVS: ftp: loaded support on port[0] = 21
20:20:55 executing program 1:
r0 = syz_open_dev$sndtimer(&(0x7f0000000000)='/dev/snd/timer\x00', 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000080)={0xfdffffffffffffff})
[ 116.525044][ T7880] chnl_net:caif_netlink_parms(): no params data found
[ 116.626512][ T7880] bridge0: port 1(bridge_slave_0) entered blocking state
[ 116.644648][ T7880] bridge0: port 1(bridge_slave_0) entered disabled state
[ 116.664669][ T7880] device bridge_slave_0 entered promiscuous mode
[ 116.685085][ T7880] bridge0: port 2(bridge_slave_1) entered blocking state
[ 116.692305][ T7880] bridge0: port 2(bridge_slave_1) entered disabled state
[ 116.700502][ T7880] device bridge_slave_1 entered promiscuous mode
20:20:55 executing program 2:
r0 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r0, 0x1000)
r1 = accept4(r0, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x6c, &(0x7f0000000100), &(0x7f0000000140)=0x8)
[ 116.725946][ T7884] IPVS: ftp: loaded support on port[0] = 21
[ 116.739453][ T7880] bond0: Enslaving bond_slave_0 as an active interface with an up link
[ 116.765974][ T7880] bond0: Enslaving bond_slave_1 as an active interface with an up link
[ 116.817568][ T7880] team0: Port device team_slave_0 added
[ 116.845415][ T7880] team0: Port device team_slave_1 added
[ 116.924486][ T7884] chnl_net:caif_netlink_parms(): no params data found
[ 116.945934][ T7887] IPVS: ftp: loaded support on port[0] = 21
20:20:55 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x5, 0x0, 0xf000, 0x2000, &(0x7f0000ff7000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000240)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x8000})
ioctl$KVM_NMI(r2, 0xae9a)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$VIDIOC_QUERYSTD(0xffffffffffffffff, 0x8008563f, &(0x7f0000000280))
r3 = socket$inet(0x2, 0x2000000002, 0x0)
ioctl$VIDIOC_G_MODULATOR(r3, 0xc0445636, &(0x7f00000001c0)={0x0, "c1f8e2e4c54ec3733b65fa0c402795de7e0872568ac0de1ee88ba55969d3e73d", 0x210, 0xa1a, 0x40, 0x10, 0x5})
prctl$PR_SET_MM_MAP_SIZE(0x23, 0xf, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r3, 0x0, 0x482, &(0x7f00000002c0)={0x0, @local, 0x0, 0x0, 'lblcr\x00'}, 0x2c)
ioctl$IMHOLD_L1(0xffffffffffffffff, 0x80044948, &(0x7f0000000340)=0x1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
[ 117.056416][ T7880] device hsr_slave_0 entered promiscuous mode
[ 117.093987][ T7880] device hsr_slave_1 entered promiscuous mode
[ 117.125397][ T7889] IPVS: ftp: loaded support on port[0] = 21
[ 117.209658][ T7884] bridge0: port 1(bridge_slave_0) entered blocking state
[ 117.219008][ T7884] bridge0: port 1(bridge_slave_0) entered disabled state
[ 117.228140][ T7884] device bridge_slave_0 entered promiscuous mode
[ 117.238937][ T7884] bridge0: port 2(bridge_slave_1) entered blocking state
[ 117.246771][ T7884] bridge0: port 2(bridge_slave_1) entered disabled state
[ 117.255128][ T7884] device bridge_slave_1 entered promiscuous mode
[ 117.281330][ T7880] bridge0: port 2(bridge_slave_1) entered blocking state
[ 117.288640][ T7880] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 117.296680][ T7880] bridge0: port 1(bridge_slave_0) entered blocking state
[ 117.303793][ T7880] bridge0: port 1(bridge_slave_0) entered forwarding state
20:20:55 executing program 4:
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
userfaultfd(0x0)
perf_event_open(&(0x7f00000006c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x8040, 0x80000001}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nullb0\x00', 0x4000000004002, 0x0)
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x200000e, 0x13, r0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='maps\x00')
preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x0)
[ 117.381416][ T7884] bond0: Enslaving bond_slave_0 as an active interface with an up link
[ 117.407360][ T7884] bond0: Enslaving bond_slave_1 as an active interface with an up link
[ 117.488211][ T7889] chnl_net:caif_netlink_parms(): no params data found
[ 117.559300][ T12] bridge0: port 1(bridge_slave_0) entered disabled state
[ 117.570590][ T7893] IPVS: ftp: loaded support on port[0] = 21
[ 117.582620][ T12] bridge0: port 2(bridge_slave_1) entered disabled state
20:20:56 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x200000002, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
r3 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r3, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r2, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
connect$l2tp(r1, &(0x7f0000000080)=@pppol2tpv3in6={0x18, 0x1, {0x4000000, r0, 0x3, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast2}}}, 0x3a)
getsockopt$IP_VS_SO_GET_SERVICE(0xffffffffffffffff, 0x0, 0x483, 0x0, 0x0)
[ 117.659554][ T7884] team0: Port device team_slave_0 added
[ 117.692624][ T7884] team0: Port device team_slave_1 added
[ 117.699625][ T7887] chnl_net:caif_netlink_parms(): no params data found
[ 117.801899][ T7889] bridge0: port 1(bridge_slave_0) entered blocking state
[ 117.813371][ T7889] bridge0: port 1(bridge_slave_0) entered disabled state
[ 117.821712][ T7889] device bridge_slave_0 entered promiscuous mode
[ 117.836536][ T7896] IPVS: ftp: loaded support on port[0] = 21
[ 117.886570][ T7884] device hsr_slave_0 entered promiscuous mode
[ 117.943971][ T7884] device hsr_slave_1 entered promiscuous mode
[ 118.003034][ T7889] bridge0: port 2(bridge_slave_1) entered blocking state
[ 118.011159][ T7889] bridge0: port 2(bridge_slave_1) entered disabled state
[ 118.018787][ T7889] device bridge_slave_1 entered promiscuous mode
[ 118.037721][ T7887] bridge0: port 1(bridge_slave_0) entered blocking state
[ 118.045299][ T7887] bridge0: port 1(bridge_slave_0) entered disabled state
[ 118.052879][ T7887] device bridge_slave_0 entered promiscuous mode
[ 118.060584][ T7887] bridge0: port 2(bridge_slave_1) entered blocking state
[ 118.067759][ T7887] bridge0: port 2(bridge_slave_1) entered disabled state
[ 118.075475][ T7887] device bridge_slave_1 entered promiscuous mode
[ 118.117833][ T7887] bond0: Enslaving bond_slave_0 as an active interface with an up link
[ 118.128060][ T7889] bond0: Enslaving bond_slave_0 as an active interface with an up link
[ 118.138098][ T7889] bond0: Enslaving bond_slave_1 as an active interface with an up link
[ 118.155860][ T7880] 8021q: adding VLAN 0 to HW filter on device bond0
[ 118.165172][ T7887] bond0: Enslaving bond_slave_1 as an active interface with an up link
[ 118.216472][ T7889] team0: Port device team_slave_0 added
[ 118.223454][ T7889] team0: Port device team_slave_1 added
[ 118.315319][ T7889] device hsr_slave_0 entered promiscuous mode
[ 118.373984][ T7889] device hsr_slave_1 entered promiscuous mode
[ 118.425378][ T7887] team0: Port device team_slave_0 added
[ 118.460960][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 118.469910][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 118.479973][ T7887] team0: Port device team_slave_1 added
[ 118.556777][ T7887] device hsr_slave_0 entered promiscuous mode
[ 118.614042][ T7887] device hsr_slave_1 entered promiscuous mode
[ 118.666561][ T7880] 8021q: adding VLAN 0 to HW filter on device team0
[ 118.683894][ T7893] chnl_net:caif_netlink_parms(): no params data found
[ 118.736098][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 118.746412][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 118.754911][ T12] bridge0: port 1(bridge_slave_0) entered blocking state
[ 118.761955][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 118.769736][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 118.779182][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 118.787701][ T12] bridge0: port 2(bridge_slave_1) entered blocking state
[ 118.794793][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 118.802275][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 118.814213][ T7883] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 118.848405][ T7893] bridge0: port 1(bridge_slave_0) entered blocking state
[ 118.856309][ T7893] bridge0: port 1(bridge_slave_0) entered disabled state
[ 118.864340][ T7893] device bridge_slave_0 entered promiscuous mode
[ 118.910872][ T7896] chnl_net:caif_netlink_parms(): no params data found
[ 118.923273][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 118.932319][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 118.944297][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 118.952687][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 118.963369][ T7893] bridge0: port 2(bridge_slave_1) entered blocking state
[ 118.971125][ T7893] bridge0: port 2(bridge_slave_1) entered disabled state
[ 118.979027][ T7893] device bridge_slave_1 entered promiscuous mode
[ 119.006328][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 119.014521][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 119.022703][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 119.052563][ T7893] bond0: Enslaving bond_slave_0 as an active interface with an up link
[ 119.075364][ T7880] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 119.089056][ T7880] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 119.104973][ T7884] 8021q: adding VLAN 0 to HW filter on device bond0
[ 119.114406][ T7893] bond0: Enslaving bond_slave_1 as an active interface with an up link
[ 119.125033][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 119.133353][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 119.170092][ T7896] bridge0: port 1(bridge_slave_0) entered blocking state
[ 119.178241][ T7896] bridge0: port 1(bridge_slave_0) entered disabled state
[ 119.189255][ T7896] device bridge_slave_0 entered promiscuous mode
[ 119.197259][ T7896] bridge0: port 2(bridge_slave_1) entered blocking state
[ 119.205256][ T7896] bridge0: port 2(bridge_slave_1) entered disabled state
[ 119.212823][ T7896] device bridge_slave_1 entered promiscuous mode
[ 119.238674][ T7896] bond0: Enslaving bond_slave_0 as an active interface with an up link
[ 119.255686][ T7893] team0: Port device team_slave_0 added
[ 119.268068][ T7896] bond0: Enslaving bond_slave_1 as an active interface with an up link
[ 119.288526][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 119.296226][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 119.307191][ T7884] 8021q: adding VLAN 0 to HW filter on device team0
[ 119.316235][ T7893] team0: Port device team_slave_1 added
[ 119.338088][ T7896] team0: Port device team_slave_0 added
[ 119.352605][ T7889] 8021q: adding VLAN 0 to HW filter on device bond0
[ 119.362817][ T7887] 8021q: adding VLAN 0 to HW filter on device bond0
[ 119.376887][ T7883] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 119.385994][ T7883] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 119.395181][ T7883] bridge0: port 1(bridge_slave_0) entered blocking state
[ 119.402237][ T7883] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 119.410056][ T7883] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 119.418613][ T7883] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 119.427115][ T7883] bridge0: port 2(bridge_slave_1) entered blocking state
[ 119.434218][ T7883] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 119.441972][ T7883] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 119.451188][ T7896] team0: Port device team_slave_1 added
[ 119.516314][ T7896] device hsr_slave_0 entered promiscuous mode
[ 119.553998][ T7896] device hsr_slave_1 entered promiscuous mode
[ 119.603415][ T7883] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 119.632627][ T7889] 8021q: adding VLAN 0 to HW filter on device team0
[ 119.648500][ T7887] 8021q: adding VLAN 0 to HW filter on device team0
[ 119.665982][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 119.677204][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 119.685202][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 119.692741][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 119.700562][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 119.708984][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 119.717629][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 119.726773][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 119.796500][ T7893] device hsr_slave_0 entered promiscuous mode
[ 119.834079][ T7893] device hsr_slave_1 entered promiscuous mode
[ 119.927267][ T7880] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 119.934921][ T7883] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 119.944471][ T7883] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 119.955053][ T7883] bridge0: port 1(bridge_slave_0) entered blocking state
[ 119.962084][ T7883] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 119.970162][ T7883] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 119.978899][ T7883] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 119.987573][ T7883] bridge0: port 1(bridge_slave_0) entered blocking state
[ 119.994690][ T7883] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 120.002686][ T7883] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 120.011665][ T7883] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 120.020069][ T7883] bridge0: port 2(bridge_slave_1) entered blocking state
[ 120.027150][ T7883] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 120.035723][ T7883] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 120.043788][ T7883] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 120.070731][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 120.079462][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 120.088459][ T12] bridge0: port 2(bridge_slave_1) entered blocking state
[ 120.095584][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 120.103688][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 120.112248][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 120.120876][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 120.129408][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 120.137870][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 120.146715][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 120.155222][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 120.163477][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 120.171762][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 120.180537][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 120.190242][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 120.221614][ T7884] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 120.234607][ T7884] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 120.261970][ T7897] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 120.271943][ T7897] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 120.283386][ T7897] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 120.295399][ T7897] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 120.304045][ T7897] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 120.312216][ T7897] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 120.320546][ T7897] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 120.328903][ T7897] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 120.337175][ T7897] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 120.345863][ T7897] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 120.354513][ T7897] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 120.362717][ T7897] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 120.370978][ T7897] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 120.384249][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 120.392594][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 120.420026][ T7889] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 120.433222][ T7889] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 120.445406][ T7887] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 120.463172][ T7897] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
20:20:59 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'ghash-clmulni\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x407f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$IP_VS_SO_GET_SERVICES(0xffffffffffffffff, 0x0, 0x482, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000200)="ad56b6c50400aeb995298992ea5400c2", 0x10)
sendmmsg(r1, &(0x7f0000006740)=[{{&(0x7f0000000100)=@ax25={{0x3, @rose, 0x7}, [@null, @null, @remote, @remote, @rose, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose, @default]}, 0x80, 0x0, 0x0, &(0x7f0000001540)=[{0xc, 0x13e}], 0xc}, 0x4}, {{0x0, 0x0, 0x0}}], 0x2, 0x4)
[ 120.472493][ T7897] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 120.502917][ T7896] 8021q: adding VLAN 0 to HW filter on device bond0
[ 120.542581][ T7887] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 120.592079][ T7884] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 120.615976][ T7897] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 120.630908][ T7897] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 120.648304][ T7896] 8021q: adding VLAN 0 to HW filter on device team0
[ 120.705416][ T7889] 8021q: adding VLAN 0 to HW filter on device batadv0
20:20:59 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'ghash-clmulni\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x407f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$IP_VS_SO_GET_SERVICES(0xffffffffffffffff, 0x0, 0x482, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000200)="ad56b6c50400aeb995298992ea5400c2", 0x10)
sendmmsg(r1, &(0x7f0000006740)=[{{&(0x7f0000000100)=@ax25={{0x3, @rose, 0x7}, [@null, @null, @remote, @remote, @rose, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose, @default]}, 0x80, 0x0, 0x0, &(0x7f0000001540)=[{0xc, 0x13e}], 0xc}, 0x4}, {{0x0, 0x0, 0x0}}], 0x2, 0x4)
[ 120.745665][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 120.772038][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 120.810541][ T22] bridge0: port 1(bridge_slave_0) entered blocking state
[ 120.817717][ T22] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 120.822384][ C0] hrtimer: interrupt took 46809 ns
20:20:59 executing program 1:
r0 = syz_open_dev$sndtimer(&(0x7f0000000000)='/dev/snd/timer\x00', 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000080)={0xfdffffffffffffff})
[ 120.857047][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 120.870670][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
20:20:59 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'ghash-clmulni\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x407f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$IP_VS_SO_GET_SERVICES(0xffffffffffffffff, 0x0, 0x482, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000200)="ad56b6c50400aeb995298992ea5400c2", 0x10)
sendmmsg(r1, &(0x7f0000006740)=[{{&(0x7f0000000100)=@ax25={{0x3, @rose, 0x7}, [@null, @null, @remote, @remote, @rose, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose, @default]}, 0x80, 0x0, 0x0, &(0x7f0000001540)=[{0xc, 0x13e}], 0xc}, 0x4}, {{0x0, 0x0, 0x0}}], 0x2, 0x4)
[ 120.897653][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 120.912300][ T22] bridge0: port 2(bridge_slave_1) entered blocking state
[ 120.919451][ T22] bridge0: port 2(bridge_slave_1) entered forwarding state
20:20:59 executing program 2:
r0 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r0, 0x1000)
r1 = accept4(r0, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x6c, &(0x7f0000000100), &(0x7f0000000140)=0x8)
20:20:59 executing program 1:
r0 = syz_open_dev$sndtimer(&(0x7f0000000000)='/dev/snd/timer\x00', 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000080)={0xfdffffffffffffff})
[ 120.968975][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 120.993052][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
20:20:59 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'ghash-clmulni\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x407f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$IP_VS_SO_GET_SERVICES(0xffffffffffffffff, 0x0, 0x482, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000200)="ad56b6c50400aeb995298992ea5400c2", 0x10)
sendmmsg(r1, &(0x7f0000006740)=[{{&(0x7f0000000100)=@ax25={{0x3, @rose, 0x7}, [@null, @null, @remote, @remote, @rose, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose, @default]}, 0x80, 0x0, 0x0, &(0x7f0000001540)=[{0xc, 0x13e}], 0xc}, 0x4}, {{0x0, 0x0, 0x0}}], 0x2, 0x4)
[ 121.052881][ T7893] 8021q: adding VLAN 0 to HW filter on device bond0
[ 121.118968][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 121.134596][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 121.143128][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
20:20:59 executing program 2:
r0 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r0, 0x1000)
r1 = accept4(r0, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x6c, &(0x7f0000000100), &(0x7f0000000140)=0x8)
20:20:59 executing program 1:
r0 = syz_open_dev$sndtimer(&(0x7f0000000000)='/dev/snd/timer\x00', 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000080)={0xfdffffffffffffff})
[ 121.165496][ T7948] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html for details.
[ 121.185783][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 121.200186][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 121.223881][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 121.254604][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 121.280701][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 121.305010][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 121.316637][ T7893] 8021q: adding VLAN 0 to HW filter on device team0
[ 121.327232][ T7897] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 121.336125][ T7897] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 121.351865][ T7896] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 121.364881][ T7948] IPVS: set_ctl: invalid protocol: 0 172.20.20.170:0
[ 121.373443][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 121.395256][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 121.414750][ T22] bridge0: port 1(bridge_slave_0) entered blocking state
[ 121.421829][ T22] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 121.442681][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 121.457455][ T7962] IPVS: set_ctl: invalid protocol: 0 172.20.20.170:0
[ 121.466771][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 121.479273][ T22] bridge0: port 2(bridge_slave_1) entered blocking state
[ 121.486407][ T22] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 121.507413][ T7897] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 121.545751][ T7896] 8021q: adding VLAN 0 to HW filter on device batadv0
20:21:00 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x5, 0x0, 0xf000, 0x2000, &(0x7f0000ff7000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000240)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x8000})
ioctl$KVM_NMI(r2, 0xae9a)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$VIDIOC_QUERYSTD(0xffffffffffffffff, 0x8008563f, &(0x7f0000000280))
r3 = socket$inet(0x2, 0x2000000002, 0x0)
ioctl$VIDIOC_G_MODULATOR(r3, 0xc0445636, &(0x7f00000001c0)={0x0, "c1f8e2e4c54ec3733b65fa0c402795de7e0872568ac0de1ee88ba55969d3e73d", 0x210, 0xa1a, 0x40, 0x10, 0x5})
prctl$PR_SET_MM_MAP_SIZE(0x23, 0xf, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r3, 0x0, 0x482, &(0x7f00000002c0)={0x0, @local, 0x0, 0x0, 'lblcr\x00'}, 0x2c)
ioctl$IMHOLD_L1(0xffffffffffffffff, 0x80044948, &(0x7f0000000340)=0x1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
[ 121.553093][ T7897] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 121.562061][ T7897] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 121.579892][ T7897] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 121.599097][ T7897] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 121.614369][ T7897] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 121.631408][ T7897] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 121.640554][ T7897] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 121.661176][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 121.676782][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 121.690008][ T7893] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 121.721765][ T7893] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 121.722960][ T7965] IPVS: set_ctl: invalid protocol: 0 172.20.20.170:0
[ 121.741820][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 121.752645][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 121.812451][ T7893] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 121.971658][ T7965] kvm: emulating exchange as write
20:21:00 executing program 4:
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
userfaultfd(0x0)
perf_event_open(&(0x7f00000006c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x8040, 0x80000001}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nullb0\x00', 0x4000000004002, 0x0)
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x200000e, 0x13, r0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='maps\x00')
preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x0)
20:21:00 executing program 0:
r0 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r0, 0x1000)
r1 = accept4(r0, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x6c, &(0x7f0000000100), &(0x7f0000000140)=0x8)
20:21:00 executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0}, 0x48)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
r0 = memfd_create(&(0x7f0000000140)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02\x05\x00\x00\x00\xac', 0x0)
ioctl$SG_SET_DEBUG(0xffffffffffffffff, 0x227e, &(0x7f0000000400)=0x1)
syz_open_dev$mice(&(0x7f0000000340)='/dev/input/mice\x00', 0x0, 0x0)
r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x802102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f000000a000)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0xa00000400, 0x0, 0x8000010004}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='nfs\x00', 0x0, &(0x7f000000a000))
ioctl$UI_DEV_SETUP(r1, 0x405c5503, &(0x7f0000000480)={{0x2, 0xfff, 0x336e690d, 0x3}, 'syz0\x00', 0x37})
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, 0x0)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000440))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r1, 0x84, 0x12, &(0x7f00000001c0)=0x5, 0x4)
syz_open_dev$mouse(&(0x7f0000000080)='/dev/input/mouse#\x00', 0x3, 0x18800)
openat$zero(0xffffffffffffff9c, 0x0, 0x3b, 0x0)
fstat(0xffffffffffffffff, &(0x7f0000000500))
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
close(0xffffffffffffffff)
dup3(0xffffffffffffffff, r0, 0x0)
20:21:00 executing program 2:
r0 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r0, 0x1000)
r1 = accept4(r0, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x6c, &(0x7f0000000100), &(0x7f0000000140)=0x8)
20:21:00 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x200000002, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
r3 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r3, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r2, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
connect$l2tp(r1, &(0x7f0000000080)=@pppol2tpv3in6={0x18, 0x1, {0x4000000, r0, 0x3, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast2}}}, 0x3a)
getsockopt$IP_VS_SO_GET_SERVICE(0xffffffffffffffff, 0x0, 0x483, 0x0, 0x0)
20:21:00 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x5, 0x0, 0xf000, 0x2000, &(0x7f0000ff7000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000240)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x8000})
ioctl$KVM_NMI(r2, 0xae9a)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$VIDIOC_QUERYSTD(0xffffffffffffffff, 0x8008563f, &(0x7f0000000280))
r3 = socket$inet(0x2, 0x2000000002, 0x0)
ioctl$VIDIOC_G_MODULATOR(r3, 0xc0445636, &(0x7f00000001c0)={0x0, "c1f8e2e4c54ec3733b65fa0c402795de7e0872568ac0de1ee88ba55969d3e73d", 0x210, 0xa1a, 0x40, 0x10, 0x5})
prctl$PR_SET_MM_MAP_SIZE(0x23, 0xf, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r3, 0x0, 0x482, &(0x7f00000002c0)={0x0, @local, 0x0, 0x0, 'lblcr\x00'}, 0x2c)
ioctl$IMHOLD_L1(0xffffffffffffffff, 0x80044948, &(0x7f0000000340)=0x1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
20:21:00 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x5, 0x0, 0xf000, 0x2000, &(0x7f0000ff7000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000240)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x8000})
ioctl$KVM_NMI(r2, 0xae9a)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$VIDIOC_QUERYSTD(0xffffffffffffffff, 0x8008563f, &(0x7f0000000280))
r3 = socket$inet(0x2, 0x2000000002, 0x0)
ioctl$VIDIOC_G_MODULATOR(r3, 0xc0445636, &(0x7f00000001c0)={0x0, "c1f8e2e4c54ec3733b65fa0c402795de7e0872568ac0de1ee88ba55969d3e73d", 0x210, 0xa1a, 0x40, 0x10, 0x5})
prctl$PR_SET_MM_MAP_SIZE(0x23, 0xf, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r3, 0x0, 0x482, &(0x7f00000002c0)={0x0, @local, 0x0, 0x0, 'lblcr\x00'}, 0x2c)
ioctl$IMHOLD_L1(0xffffffffffffffff, 0x80044948, &(0x7f0000000340)=0x1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
20:21:00 executing program 0:
r0 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r0, 0x1000)
r1 = accept4(r0, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x6c, &(0x7f0000000100), &(0x7f0000000140)=0x8)
20:21:01 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x200000002, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
r3 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r3, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r2, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
connect$l2tp(r1, &(0x7f0000000080)=@pppol2tpv3in6={0x18, 0x1, {0x4000000, r0, 0x3, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast2}}}, 0x3a)
getsockopt$IP_VS_SO_GET_SERVICE(0xffffffffffffffff, 0x0, 0x483, 0x0, 0x0)
20:21:01 executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0}, 0x48)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
r0 = memfd_create(&(0x7f0000000140)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02\x05\x00\x00\x00\xac', 0x0)
ioctl$SG_SET_DEBUG(0xffffffffffffffff, 0x227e, &(0x7f0000000400)=0x1)
syz_open_dev$mice(&(0x7f0000000340)='/dev/input/mice\x00', 0x0, 0x0)
r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x802102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f000000a000)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0xa00000400, 0x0, 0x8000010004}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='nfs\x00', 0x0, &(0x7f000000a000))
ioctl$UI_DEV_SETUP(r1, 0x405c5503, &(0x7f0000000480)={{0x2, 0xfff, 0x336e690d, 0x3}, 'syz0\x00', 0x37})
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, 0x0)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000440))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r1, 0x84, 0x12, &(0x7f00000001c0)=0x5, 0x4)
syz_open_dev$mouse(&(0x7f0000000080)='/dev/input/mouse#\x00', 0x3, 0x18800)
openat$zero(0xffffffffffffff9c, 0x0, 0x3b, 0x0)
fstat(0xffffffffffffffff, &(0x7f0000000500))
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
close(0xffffffffffffffff)
dup3(0xffffffffffffffff, r0, 0x0)
20:21:01 executing program 4:
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
userfaultfd(0x0)
perf_event_open(&(0x7f00000006c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x8040, 0x80000001}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nullb0\x00', 0x4000000004002, 0x0)
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x200000e, 0x13, r0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='maps\x00')
preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x0)
[ 122.455796][ T7998] IPVS: set_ctl: invalid protocol: 0 172.20.20.170:0
[ 122.527119][ T7999] IPVS: set_ctl: invalid protocol: 0 172.20.20.170:0
20:21:01 executing program 0:
r0 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r0, 0x1000)
r1 = accept4(r0, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x6c, &(0x7f0000000100), &(0x7f0000000140)=0x8)
20:21:01 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x200000002, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
r3 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r3, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r2, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
connect$l2tp(r1, &(0x7f0000000080)=@pppol2tpv3in6={0x18, 0x1, {0x4000000, r0, 0x3, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast2}}}, 0x3a)
getsockopt$IP_VS_SO_GET_SERVICE(0xffffffffffffffff, 0x0, 0x483, 0x0, 0x0)
20:21:01 executing program 4:
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
userfaultfd(0x0)
perf_event_open(&(0x7f00000006c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x8040, 0x80000001}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nullb0\x00', 0x4000000004002, 0x0)
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x200000e, 0x13, r0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='maps\x00')
preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x0)
20:21:01 executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0}, 0x48)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
r0 = memfd_create(&(0x7f0000000140)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02\x05\x00\x00\x00\xac', 0x0)
ioctl$SG_SET_DEBUG(0xffffffffffffffff, 0x227e, &(0x7f0000000400)=0x1)
syz_open_dev$mice(&(0x7f0000000340)='/dev/input/mice\x00', 0x0, 0x0)
r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x802102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f000000a000)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0xa00000400, 0x0, 0x8000010004}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='nfs\x00', 0x0, &(0x7f000000a000))
ioctl$UI_DEV_SETUP(r1, 0x405c5503, &(0x7f0000000480)={{0x2, 0xfff, 0x336e690d, 0x3}, 'syz0\x00', 0x37})
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, 0x0)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000440))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r1, 0x84, 0x12, &(0x7f00000001c0)=0x5, 0x4)
syz_open_dev$mouse(&(0x7f0000000080)='/dev/input/mouse#\x00', 0x3, 0x18800)
openat$zero(0xffffffffffffff9c, 0x0, 0x3b, 0x0)
fstat(0xffffffffffffffff, &(0x7f0000000500))
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
close(0xffffffffffffffff)
dup3(0xffffffffffffffff, r0, 0x0)
20:21:01 executing program 0:
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$inet6(0xa, 0x40000080806, 0x0)
bind$inet6(r1, &(0x7f000047b000)={0xa, 0x4e20}, 0x1c)
listen(r1, 0x20000000)
r2 = socket$inet6(0xa, 0x6, 0x0)
connect$inet6(r2, &(0x7f0000419000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x7, 0x7, 0x0, 0x6, 0x9, 0x7, 0x16, 0x33e, 0x0, 0x0, 0x0, 0xc58, 0x1000, 0x0, 0xffffffffffffff6b, 0x101, 0x0, 0x7, 0x80, 0x2, 0x200, 0x3fb, 0x3, 0x0, 0x4, 0x6, 0x1ff, 0x0, 0x2, 0x0, @perf_bp={0x0, 0x3}, 0x800, 0x4000000005, 0xffff, 0x0, 0x8, 0x0, 0x71}, 0x0, 0xd, r0, 0x1)
r3 = accept4(r1, 0x0, &(0x7f0000000000), 0x0)
setsockopt$inet6_int(r3, 0x29, 0x33, &(0x7f0000000040)=0x100000000001f, 0x87)
sendmmsg(r3, &(0x7f0000003d40)=[{{&(0x7f0000001b00)=@l2={0x1f, 0x0, {0x1ea}}, 0x80, 0x0, 0x0, &(0x7f0000001d40)}}, {{&(0x7f0000002300)=@nl, 0x80, &(0x7f0000003740), 0x0, &(0x7f00000037c0)}}], 0x2, 0x0)
pkey_alloc(0x0, 0x2)
ioctl$EVIOCGABS20(0xffffffffffffffff, 0x80184560, &(0x7f00000001c0)=""/235)
r4 = dup2(r2, r1)
getsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, 0x0, &(0x7f0000000180))
syz_open_dev$video4linux(&(0x7f0000000500)='/dev/v4l-subdev#\x00', 0x6, 0x28000)
write$cgroup_pid(r4, &(0x7f0000000380), 0x12)
20:21:01 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x5, 0x0, 0xf000, 0x2000, &(0x7f0000ff7000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000240)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x8000})
ioctl$KVM_NMI(r2, 0xae9a)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$VIDIOC_QUERYSTD(0xffffffffffffffff, 0x8008563f, &(0x7f0000000280))
r3 = socket$inet(0x2, 0x2000000002, 0x0)
ioctl$VIDIOC_G_MODULATOR(r3, 0xc0445636, &(0x7f00000001c0)={0x0, "c1f8e2e4c54ec3733b65fa0c402795de7e0872568ac0de1ee88ba55969d3e73d", 0x210, 0xa1a, 0x40, 0x10, 0x5})
prctl$PR_SET_MM_MAP_SIZE(0x23, 0xf, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r3, 0x0, 0x482, &(0x7f00000002c0)={0x0, @local, 0x0, 0x0, 'lblcr\x00'}, 0x2c)
ioctl$IMHOLD_L1(0xffffffffffffffff, 0x80044948, &(0x7f0000000340)=0x1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
20:21:01 executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0}, 0x48)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
r0 = memfd_create(&(0x7f0000000140)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02\x05\x00\x00\x00\xac', 0x0)
ioctl$SG_SET_DEBUG(0xffffffffffffffff, 0x227e, &(0x7f0000000400)=0x1)
syz_open_dev$mice(&(0x7f0000000340)='/dev/input/mice\x00', 0x0, 0x0)
r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x802102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f000000a000)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0xa00000400, 0x0, 0x8000010004}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='nfs\x00', 0x0, &(0x7f000000a000))
ioctl$UI_DEV_SETUP(r1, 0x405c5503, &(0x7f0000000480)={{0x2, 0xfff, 0x336e690d, 0x3}, 'syz0\x00', 0x37})
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, 0x0)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000440))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r1, 0x84, 0x12, &(0x7f00000001c0)=0x5, 0x4)
syz_open_dev$mouse(&(0x7f0000000080)='/dev/input/mouse#\x00', 0x3, 0x18800)
openat$zero(0xffffffffffffff9c, 0x0, 0x3b, 0x0)
fstat(0xffffffffffffffff, &(0x7f0000000500))
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
close(0xffffffffffffffff)
dup3(0xffffffffffffffff, r0, 0x0)
[ 123.189470][ T8040] IPVS: set_ctl: invalid protocol: 0 172.20.20.170:0
[ 123.194027][ C0] ==================================================================
[ 123.204462][ C0] BUG: KASAN: use-after-free in ccid_hc_tx_delete+0xde/0x100
[ 123.211856][ C0] Read of size 8 at addr ffff88806413d640 by task syz-executor.0/8032
[ 123.220008][ C0]
[ 123.222359][ C0] CPU: 0 PID: 8032 Comm: syz-executor.0 Not tainted 5.0.0+ #22
[ 123.230074][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 123.230079][ C0] Call Trace:
[ 123.230086][ C0]
[ 123.230109][ C0] dump_stack+0x172/0x1f0
[ 123.230127][ C0] ? ccid_hc_tx_delete+0xde/0x100
[ 123.230156][ C0] print_address_description.cold+0x7c/0x20d
[ 123.261669][ C0] ? ccid_hc_tx_delete+0xde/0x100
[ 123.267356][ C0] ? ccid_hc_tx_delete+0xde/0x100
[ 123.272391][ C0] kasan_report.cold+0x1b/0x40
[ 123.277174][ C0] ? ccid_hc_tx_delete+0xde/0x100
[ 123.282209][ C0] __asan_report_load8_noabort+0x14/0x20
[ 123.287850][ C0] ccid_hc_tx_delete+0xde/0x100
[ 123.292705][ C0] dccp_sk_destruct+0x3f/0x90
[ 123.297379][ C0] ? dccp_init_sock+0x3f0/0x3f0
[ 123.302319][ C0] __sk_destruct+0x55/0x6d0
[ 123.306826][ C0] ? proto_unregister+0x4e0/0x4e0
[ 123.311866][ C0] rcu_core+0x928/0x1390
[ 123.316112][ C0] ? rcu_check_gp_start_stall+0x250/0x250
[ 123.321833][ C0] ? sched_clock+0x2e/0x50
[ 123.326277][ C0] __do_softirq+0x266/0x95a
[ 123.330785][ C0] ? sched_clock_cpu+0x1b/0x1b0
[ 123.335641][ C0] irq_exit+0x180/0x1d0
[ 123.339796][ C0] smp_apic_timer_interrupt+0x14a/0x570
[ 123.345336][ C0] apic_timer_interrupt+0xf/0x20
[ 123.350260][ C0]
[ 123.353195][ C0] RIP: 0010:memset_erms+0x9/0x10
[ 123.358127][ C0] Code: c1 e9 03 40 0f b6 f6 48 b8 01 01 01 01 01 01 01 01 48 0f af c6 f3 48 ab 89 d1 f3 aa 4c 89 c8 c3 90 49 89 f9 40 88 f0 48 89 d1 aa 4c 89 c8 c3 90 49 89 fa 40 0f b6 ce 48 b8 01 01 01 01 01 01
[ 123.377732][ C0] RSP: 0018:ffff888065a07468 EFLAGS: 00010206 ORIG_RAX: ffffffffffffff13
[ 123.386147][ C0] RAX: dffffc00000000ff RBX: 0000000000000200 RCX: 0000000000006ac0
[ 123.395507][ C0] RDX: 0000000000040000 RSI: 00000000000000ff RDI: ffffed100c9b9540
[ 123.403566][ C0] RBP: ffff888065a07470 R08: 1ffff1100c980000 R09: ffffed100c980000
[ 123.411715][ C0] R10: 0000000000000000 R11: 0000000000000000 R12: ffffea0001930000
[ 123.419694][ C0] R13: 0000000000064c00 R14: ffff888064c00000 R15: 0000000000064c00
[ 123.427702][ C0] ? kasan_free_pages+0x59/0x60
[ 123.432570][ C0] __free_pages_ok+0x275/0xda0
[ 123.437337][ C0] free_compound_page+0x6a/0x90
[ 123.442187][ C0] free_transhuge_page+0x230/0x310
[ 123.447307][ C0] __put_compound_page+0x96/0xe0
[ 123.452249][ C0] release_pages+0x5d5/0x1940
[ 123.456932][ C0] ? put_pages_list+0x2e0/0x2e0
[ 123.461787][ C0] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 123.468021][ C0] ? lru_add_drain_cpu+0x1c4/0x520
[ 123.473133][ C0] free_pages_and_swap_cache+0x2a0/0x3d0
[ 123.478777][ C0] tlb_flush_mmu_free+0x4e/0x120
[ 123.483722][ C0] unmap_page_range+0x180e/0x2330
[ 123.488763][ C0] ? vm_normal_page_pmd+0x400/0x400
[ 123.493957][ C0] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 123.500195][ C0] ? uprobe_munmap+0xad/0x2b0
[ 123.504882][ C0] unmap_single_vma+0x19d/0x300
[ 123.509733][ C0] unmap_vmas+0x115/0x250
[ 123.514062][ C0] ? zap_vma_ptes+0x110/0x110
[ 123.518734][ C0] ? get_kernel_page+0xb0/0xb0
[ 123.523501][ C0] ? kasan_check_write+0x14/0x20
[ 123.528888][ C0] exit_mmap+0x2c2/0x530
[ 123.533126][ C0] ? __ia32_sys_munmap+0x80/0x80
[ 123.538066][ C0] ? __sanitizer_cov_trace_const_cmp1+0x11/0x20
[ 123.544316][ C0] ? rcu_read_lock_sched_held+0x110/0x130
[ 123.550037][ C0] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 123.556279][ C0] ? __khugepaged_exit+0xcf/0x400
[ 123.561317][ C0] mmput+0x15f/0x4c0
[ 123.565212][ C0] do_exit+0x816/0x2fa0
[ 123.569371][ C0] ? get_signal+0x331/0x1d50
[ 123.573957][ C0] ? mm_update_next_owner+0x640/0x640
[ 123.579330][ C0] ? kasan_check_write+0x14/0x20
[ 123.584271][ C0] ? _raw_spin_unlock_irq+0x28/0x90
[ 123.589460][ C0] ? get_signal+0x331/0x1d50
[ 123.594042][ C0] ? _raw_spin_unlock_irq+0x28/0x90
[ 123.599242][ C0] do_group_exit+0x135/0x370
[ 123.603830][ C0] get_signal+0x399/0x1d50
[ 123.608254][ C0] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 123.614506][ C0] do_signal+0x87/0x1940
[ 123.618754][ C0] ? _copy_to_user+0xc9/0x120
[ 123.623427][ C0] ? setup_sigcontext+0x7d0/0x7d0
[ 123.628458][ C0] ? exit_to_usermode_loop+0x43/0x2c0
[ 123.633824][ C0] ? do_fast_syscall_32+0xa9d/0xc98
[ 123.639022][ C0] ? exit_to_usermode_loop+0x43/0x2c0
[ 123.644399][ C0] ? lockdep_hardirqs_on+0x418/0x5d0
[ 123.649677][ C0] ? trace_hardirqs_on+0x67/0x230
[ 123.654731][ C0] exit_to_usermode_loop+0x244/0x2c0
[ 123.660018][ C0] do_fast_syscall_32+0xa9d/0xc98
[ 123.665046][ C0] entry_SYSENTER_compat+0x70/0x7f
[ 123.670156][ C0] RIP: 0023:0xf7f8c869
[ 123.674233][ C0] Code: Bad RIP value.
[ 123.678291][ C0] RSP: 002b:00000000f5d880cc EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[ 123.686795][ C0] RAX: 0000000000000002 RBX: 0000000000000008 RCX: 0000000020003d40
[ 123.694764][ C0] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000
[ 123.702729][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 123.710717][ C0] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 123.718699][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 123.726683][ C0]
[ 123.729011][ C0] Allocated by task 8032:
[ 123.733341][ C0] save_stack+0x45/0xd0
[ 123.737495][ C0] __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 123.743122][ C0] kasan_slab_alloc+0xf/0x20
[ 123.747882][ C0] kmem_cache_alloc+0x11a/0x6f0
[ 123.752729][ C0] ccid_new+0x256/0x3f0
[ 123.756879][ C0] dccp_hdlr_ccid+0x27/0x150
[ 123.761460][ C0] __dccp_feat_activate+0x17a/0x270
[ 123.766654][ C0] dccp_feat_activate_values+0x33a/0x766
[ 123.772292][ C0] dccp_rcv_state_process+0x116f/0x1935
[ 123.777835][ C0] dccp_v6_do_rcv+0x269/0xbf0
[ 123.782516][ C0] __release_sock+0x12e/0x3a0
[ 123.787187][ C0] release_sock+0x59/0x1c0
[ 123.791597][ C0] __inet_stream_connect+0x59f/0xea0
[ 123.796875][ C0] inet_stream_connect+0x58/0xa0
[ 123.801805][ C0] __sys_connect+0x266/0x330
[ 123.806394][ C0] __ia32_sys_connect+0x72/0xb0
[ 123.811241][ C0] do_fast_syscall_32+0x281/0xc98
[ 123.816260][ C0] entry_SYSENTER_compat+0x70/0x7f
[ 123.821357][ C0]
[ 123.823673][ C0] Freed by task 8036:
[ 123.827651][ C0] save_stack+0x45/0xd0
[ 123.831799][ C0] __kasan_slab_free+0x102/0x150
[ 123.836733][ C0] kasan_slab_free+0xe/0x10
[ 123.841231][ C0] kmem_cache_free+0x86/0x260
[ 123.845905][ C0] ccid_hc_tx_delete+0xc1/0x100
[ 123.850746][ C0] dccp_hdlr_ccid+0x7d/0x150
[ 123.855333][ C0] __dccp_feat_activate+0x17a/0x270
[ 123.860529][ C0] dccp_feat_activate_values+0x33a/0x766
[ 123.866161][ C0] dccp_create_openreq_child+0x40c/0x570
[ 123.871785][ C0] dccp_v6_request_recv_sock+0x214/0x1da0
[ 123.877497][ C0] dccp_check_req+0x35c/0x6f0
[ 123.882169][ C0] dccp_v6_rcv+0x6d7/0x191e
[ 123.886669][ C0] ip6_protocol_deliver_rcu+0x303/0x16c0
[ 123.892293][ C0] ip6_input_finish+0x84/0x170
[ 123.897050][ C0] ip6_input+0xe4/0x3f0
[ 123.901198][ C0] ip6_rcv_finish+0x1e7/0x320
[ 123.905870][ C0] ipv6_rcv+0x10e/0x420
[ 123.910039][ C0] __netif_receive_skb_one_core+0x115/0x1a0
[ 123.915927][ C0] __netif_receive_skb+0x2c/0x1c0
[ 123.920944][ C0] process_backlog+0x206/0x750
[ 123.925700][ C0] net_rx_action+0x4fa/0x1070
[ 123.930370][ C0] __do_softirq+0x266/0x95a
[ 123.934861][ C0]
[ 123.937183][ C0] The buggy address belongs to the object at ffff88806413d640
[ 123.937183][ C0] which belongs to the cache ccid2_hc_tx_sock of size 1240
[ 123.951761][ C0] The buggy address is located 0 bytes inside of
[ 123.951761][ C0] 1240-byte region [ffff88806413d640, ffff88806413db18)
[ 123.964948][ C0] The buggy address belongs to the page:
[ 123.970588][ C0] page:ffffea0001904f00 count:1 mapcount:0 mapping:ffff888216f9ecc0 index:0x0 compound_mapcount: 0
[ 123.981278][ C0] flags: 0x1fffc0000010200(slab|head)
[ 123.986662][ C0] raw: 01fffc0000010200 ffff88809b374048 ffff88809b374048 ffff888216f9ecc0
[ 123.995248][ C0] raw: 0000000000000000 ffff88806413c040 0000000100000005 0000000000000000
[ 124.003826][ C0] page dumped because: kasan: bad access detected
[ 124.010235][ C0]
[ 124.012556][ C0] Memory state around the buggy address:
[ 124.018188][ C0] ffff88806413d500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 124.026247][ C0] ffff88806413d580: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 124.034306][ C0] >ffff88806413d600: fc fc fc fc fc fc fc fc fb fb fb fb fb fb fb fb
[ 124.042363][ C0] ^
[ 124.048510][ C0] ffff88806413d680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 124.056563][ C0] ffff88806413d700: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 124.064615][ C0] ==================================================================
[ 124.072674][ C0] Disabling lock debugging due to kernel taint
[ 124.078896][ C0] Kernel panic - not syncing: panic_on_warn set ...
[ 124.085492][ C0] CPU: 0 PID: 8032 Comm: syz-executor.0 Tainted: G B 5.0.0+ #22
[ 124.090640][ T8040] kobject: 'kvm' (00000000b3cd8262): kobject_uevent_env
[ 124.094416][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 124.094421][ C0] Call Trace:
[ 124.094427][ C0]
[ 124.094449][ C0] dump_stack+0x172/0x1f0
[ 124.094466][ C0] panic+0x2cb/0x65c
[ 124.094491][ C0] ? __warn_printk+0xf3/0xf3
[ 124.101542][ T8040] kobject: 'kvm' (00000000b3cd8262): fill_kobj_path: path = '/devices/virtual/misc/kvm'
[ 124.111472][ C0] ? retint_kernel+0x2d/0x2d
[ 124.111490][ C0] ? trace_hardirqs_on+0x5e/0x230
[ 124.111506][ C0] ? ccid_hc_tx_delete+0xde/0x100
[ 124.111516][ C0] end_report+0x47/0x4f
[ 124.111527][ C0] ? ccid_hc_tx_delete+0xde/0x100
[ 124.111536][ C0] kasan_report.cold+0xe/0x40
[ 124.111548][ C0] ? ccid_hc_tx_delete+0xde/0x100
[ 124.111570][ C0] __asan_report_load8_noabort+0x14/0x20
[ 124.115038][ T7996] kobject: 'kvm' (00000000b3cd8262): fill_kobj_path: path = '/devices/virtual/misc/kvm'
[ 124.117695][ C0] ccid_hc_tx_delete+0xde/0x100
[ 124.117710][ C0] dccp_sk_destruct+0x3f/0x90
[ 124.117723][ C0] ? dccp_init_sock+0x3f0/0x3f0
[ 124.117746][ C0] __sk_destruct+0x55/0x6d0
[ 124.210054][ C0] ? proto_unregister+0x4e0/0x4e0
[ 124.215078][ C0] rcu_core+0x928/0x1390
[ 124.219314][ C0] ? rcu_check_gp_start_stall+0x250/0x250
[ 124.225026][ C0] ? sched_clock+0x2e/0x50
[ 124.229439][ C0] __do_softirq+0x266/0x95a
[ 124.233979][ C0] ? sched_clock_cpu+0x1b/0x1b0
[ 124.248209][ C0] irq_exit+0x180/0x1d0
[ 124.252360][ C0] smp_apic_timer_interrupt+0x14a/0x570
[ 124.257900][ C0] apic_timer_interrupt+0xf/0x20
[ 124.262818][ C0]
[ 124.265766][ C0] RIP: 0010:memset_erms+0x9/0x10
[ 124.270703][ C0] Code: c1 e9 03 40 0f b6 f6 48 b8 01 01 01 01 01 01 01 01 48 0f af c6 f3 48 ab 89 d1 f3 aa 4c 89 c8 c3 90 49 89 f9 40 88 f0 48 89 d1 aa 4c 89 c8 c3 90 49 89 fa 40 0f b6 ce 48 b8 01 01 01 01 01 01
[ 124.290308][ C0] RSP: 0018:ffff888065a07468 EFLAGS: 00010206 ORIG_RAX: ffffffffffffff13
[ 124.298717][ C0] RAX: dffffc00000000ff RBX: 0000000000000200 RCX: 0000000000006ac0
[ 124.306682][ C0] RDX: 0000000000040000 RSI: 00000000000000ff RDI: ffffed100c9b9540
[ 124.314651][ C0] RBP: ffff888065a07470 R08: 1ffff1100c980000 R09: ffffed100c980000
[ 124.322617][ C0] R10: 0000000000000000 R11: 0000000000000000 R12: ffffea0001930000
[ 124.330582][ C0] R13: 0000000000064c00 R14: ffff888064c00000 R15: 0000000000064c00
[ 124.338577][ C0] ? kasan_free_pages+0x59/0x60
[ 124.343417][ C0] __free_pages_ok+0x275/0xda0
[ 124.348202][ C0] free_compound_page+0x6a/0x90
[ 124.353050][ C0] free_transhuge_page+0x230/0x310
[ 124.358159][ C0] __put_compound_page+0x96/0xe0
[ 124.363086][ C0] release_pages+0x5d5/0x1940
[ 124.367755][ C0] ? put_pages_list+0x2e0/0x2e0
[ 124.372598][ C0] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 124.378830][ C0] ? lru_add_drain_cpu+0x1c4/0x520
[ 124.384048][ C0] free_pages_and_swap_cache+0x2a0/0x3d0
[ 124.389678][ C0] tlb_flush_mmu_free+0x4e/0x120
[ 124.394608][ C0] unmap_page_range+0x180e/0x2330
[ 124.399633][ C0] ? vm_normal_page_pmd+0x400/0x400
[ 124.404844][ C0] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 124.411088][ C0] ? uprobe_munmap+0xad/0x2b0
[ 124.415758][ C0] unmap_single_vma+0x19d/0x300
[ 124.420601][ C0] unmap_vmas+0x115/0x250
[ 124.424926][ C0] ? zap_vma_ptes+0x110/0x110
[ 124.429593][ C0] ? get_kernel_page+0xb0/0xb0
[ 124.434353][ C0] ? kasan_check_write+0x14/0x20
[ 124.439282][ C0] exit_mmap+0x2c2/0x530
[ 124.443516][ C0] ? __ia32_sys_munmap+0x80/0x80
[ 124.448449][ C0] ? __sanitizer_cov_trace_const_cmp1+0x11/0x20
[ 124.454684][ C0] ? rcu_read_lock_sched_held+0x110/0x130
[ 124.460396][ C0] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 124.466626][ C0] ? __khugepaged_exit+0xcf/0x400
[ 124.471642][ C0] mmput+0x15f/0x4c0
[ 124.475528][ C0] do_exit+0x816/0x2fa0
[ 124.479679][ C0] ? get_signal+0x331/0x1d50
[ 124.484261][ C0] ? mm_update_next_owner+0x640/0x640
[ 124.489624][ C0] ? kasan_check_write+0x14/0x20
[ 124.494573][ C0] ? _raw_spin_unlock_irq+0x28/0x90
[ 124.499762][ C0] ? get_signal+0x331/0x1d50
[ 124.504350][ C0] ? _raw_spin_unlock_irq+0x28/0x90
[ 124.509548][ C0] do_group_exit+0x135/0x370
[ 124.514138][ C0] get_signal+0x399/0x1d50
[ 124.518555][ C0] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 124.524794][ C0] do_signal+0x87/0x1940
[ 124.529033][ C0] ? _copy_to_user+0xc9/0x120
[ 124.533703][ C0] ? setup_sigcontext+0x7d0/0x7d0
[ 124.538729][ C0] ? exit_to_usermode_loop+0x43/0x2c0
[ 124.544093][ C0] ? do_fast_syscall_32+0xa9d/0xc98
[ 124.549282][ C0] ? exit_to_usermode_loop+0x43/0x2c0
[ 124.554648][ C0] ? lockdep_hardirqs_on+0x418/0x5d0
[ 124.559923][ C0] ? trace_hardirqs_on+0x67/0x230
[ 124.564941][ C0] exit_to_usermode_loop+0x244/0x2c0
[ 124.570220][ C0] do_fast_syscall_32+0xa9d/0xc98
[ 124.575243][ C0] entry_SYSENTER_compat+0x70/0x7f
[ 124.580342][ C0] RIP: 0023:0xf7f8c869
[ 124.584411][ C0] Code: Bad RIP value.
[ 124.588461][ C0] RSP: 002b:00000000f5d880cc EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[ 124.596871][ C0] RAX: 0000000000000002 RBX: 0000000000000008 RCX: 0000000020003d40
[ 124.604830][ C0] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000
[ 124.612798][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 124.620761][ C0] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 124.628719][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 124.637437][ C0] Kernel Offset: disabled
[ 124.641757][ C0] Rebooting in 86400 seconds..