[   54.737072] audit: type=1800 audit(1538649787.783:27): pid=6003 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[   56.235673] random: sshd: uninitialized urandom read (32 bytes read)
[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c[   56.607097] random: sshd: uninitialized urandom read (32 bytes read)
.
[   57.258631] random: sshd: uninitialized urandom read (32 bytes read)

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   59.438212] random: sshd: uninitialized urandom read (32 bytes read)
Warning: Permanently added '10.128.10.22' (ECDSA) to the list of known hosts.
[   65.296791] random: sshd: uninitialized urandom read (32 bytes read)
2018/10/04 10:43:20 fuzzer started
[   69.696284] random: cc1: uninitialized urandom read (8 bytes read)
2018/10/04 10:43:25 dialing manager at 10.128.0.26:36867
2018/10/04 10:43:25 syscalls: 1
2018/10/04 10:43:25 code coverage: enabled
2018/10/04 10:43:25 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled
2018/10/04 10:43:25 setuid sandbox: enabled
2018/10/04 10:43:25 namespace sandbox: enabled
2018/10/04 10:43:25 Android sandbox: /sys/fs/selinux/policy does not exist
2018/10/04 10:43:25 fault injection: enabled
2018/10/04 10:43:25 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2018/10/04 10:43:25 net packed injection: enabled
2018/10/04 10:43:25 net device setup: enabled
[   74.568910] random: crng init done
10:45:27 executing program 0:
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2)
write$binfmt_elf64(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="7f454c460000040000000000000000008711d400000000000000000000e4ff38000000000018b7074db0cb"], 0x2b)

[  194.779385] IPVS: ftp: loaded support on port[0] = 21
[  197.088034] bridge0: port 1(bridge_slave_0) entered blocking state
[  197.094660] bridge0: port 1(bridge_slave_0) entered disabled state
[  197.103273] device bridge_slave_0 entered promiscuous mode
[  197.242783] bridge0: port 2(bridge_slave_1) entered blocking state
[  197.249258] bridge0: port 2(bridge_slave_1) entered disabled state
[  197.257822] device bridge_slave_1 entered promiscuous mode
[  197.397495] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  197.535223] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
10:45:31 executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000780)={0xa, 0x4e22}, 0x1c)
listen(r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, &(0x7f0000000100), 0x1b5, 0x20000004, &(0x7f000031e000)={0xa, 0x4e22}, 0x1c)
r2 = accept4$packet(r0, &(0x7f000000d800)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f000000d840)=0x14, 0x0)
ioctl$sock_inet6_udp_SIOCOUTQ(r2, 0x5411, &(0x7f0000000040))

[  197.950720] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  198.163487] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  198.676348] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[  198.683536] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  198.697991] IPVS: ftp: loaded support on port[0] = 21
[  199.278762] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  199.286934] team0: Port device team_slave_0 added
[  199.494673] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  199.502892] team0: Port device team_slave_1 added
[  199.673980] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[  199.681045] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  199.690114] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  199.832214] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[  199.839278] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  199.848735] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  200.045156] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  200.052787] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  200.061974] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  200.296140] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  200.303903] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  200.313190] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  202.344480] bridge0: port 1(bridge_slave_0) entered blocking state
[  202.350959] bridge0: port 1(bridge_slave_0) entered disabled state
[  202.359507] device bridge_slave_0 entered promiscuous mode
[  202.534844] bridge0: port 2(bridge_slave_1) entered blocking state
[  202.541322] bridge0: port 2(bridge_slave_1) entered disabled state
[  202.549847] device bridge_slave_1 entered promiscuous mode
[  202.775456] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  202.923224] bridge0: port 2(bridge_slave_1) entered blocking state
[  202.929716] bridge0: port 2(bridge_slave_1) entered forwarding state
[  202.936734] bridge0: port 1(bridge_slave_0) entered blocking state
[  202.943254] bridge0: port 1(bridge_slave_0) entered forwarding state
[  202.952443] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  203.021814] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
10:45:36 executing program 2:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
rt_sigqueueinfo(0x0, 0x0, &(0x7f0000000100)={0x4, 0x0, 0xb})

[  203.533074] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  203.602472] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  203.796910] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  204.143582] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[  204.150634] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  204.363339] IPVS: ftp: loaded support on port[0] = 21
[  204.378765] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[  204.385944] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  205.232199] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  205.240188] team0: Port device team_slave_0 added
[  205.573180] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  205.581148] team0: Port device team_slave_1 added
[  205.813906] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[  205.820966] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  205.830115] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  206.075494] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[  206.082723] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  206.091503] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  206.335142] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  206.342769] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  206.351898] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  206.669559] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  206.677208] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  206.686302] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  208.852554] bridge0: port 1(bridge_slave_0) entered blocking state
[  208.859024] bridge0: port 1(bridge_slave_0) entered disabled state
[  208.867493] device bridge_slave_0 entered promiscuous mode
[  209.154755] bridge0: port 2(bridge_slave_1) entered blocking state
[  209.161235] bridge0: port 2(bridge_slave_1) entered disabled state
[  209.169680] device bridge_slave_1 entered promiscuous mode
[  209.495814] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  209.768659] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  209.966152] bridge0: port 2(bridge_slave_1) entered blocking state
[  209.972720] bridge0: port 2(bridge_slave_1) entered forwarding state
[  209.979631] bridge0: port 1(bridge_slave_0) entered blocking state
[  209.986204] bridge0: port 1(bridge_slave_0) entered forwarding state
[  209.995221] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  210.658117] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  210.882458] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  210.935134] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  211.313441] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[  211.320478] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  211.561456] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[  211.568590] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
10:45:44 executing program 3:
r0 = open(&(0x7f0000000140)='./bus\x00', 0x40, 0x0)
close(r0)
request_key(&(0x7f0000000380)='keyring\x00', &(0x7f00000003c0)={'syz'}, &(0x7f0000000400)='wlan1%wlan1vboxnet1\x00', 0xfffffffffffffffe)
r1 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082)
r2 = memfd_create(&(0x7f0000000100)="000000008c00000001000000008000", 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x4001fe)
pwritev(r2, &(0x7f0000000080)=[{&(0x7f00000000c0)="a8", 0x1}], 0x1, 0x81003)
ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r2)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r0, 0x0)
readv(r1, &(0x7f0000000180)=[{&(0x7f0000001200)=""/4096, 0xfffffe19}], 0x1)

[  212.432401] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  212.440352] team0: Port device team_slave_0 added
[  212.788927] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  212.798805] team0: Port device team_slave_1 added
[  213.009029] IPVS: ftp: loaded support on port[0] = 21
[  213.250406] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[  213.257595] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  213.266636] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  213.610822] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[  213.618036] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  213.626786] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  213.949030] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  213.956722] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  213.965826] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  214.339692] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  214.347391] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  214.356477] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  215.036609] 8021q: adding VLAN 0 to HW filter on device bond0
[  216.268108] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  217.766321] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  217.773070] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  217.781173] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  218.206156] bridge0: port 2(bridge_slave_1) entered blocking state
[  218.212718] bridge0: port 2(bridge_slave_1) entered forwarding state
[  218.219616] bridge0: port 1(bridge_slave_0) entered blocking state
[  218.226232] bridge0: port 1(bridge_slave_0) entered forwarding state
[  218.235266] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  218.773924] ip (6654) used greatest stack depth: 53056 bytes left
[  219.038848] bridge0: port 1(bridge_slave_0) entered blocking state
[  219.046932] bridge0: port 1(bridge_slave_0) entered disabled state
[  219.057429] device bridge_slave_0 entered promiscuous mode
[  219.122545] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  219.159240] 8021q: adding VLAN 0 to HW filter on device team0
[  219.457949] bridge0: port 2(bridge_slave_1) entered blocking state
[  219.465685] bridge0: port 2(bridge_slave_1) entered disabled state
[  219.474372] device bridge_slave_1 entered promiscuous mode
[  219.858349] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  220.215041] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  221.237571] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  221.581443] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  221.912994] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[  221.920039] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
10:45:55 executing program 4:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0)
flistxattr(r0, &(0x7f0000000040)=""/166, 0xa6)

[  222.337358] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[  222.344607] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  223.389483] IPVS: ftp: loaded support on port[0] = 21
[  223.718613] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  223.726766] team0: Port device team_slave_0 added
[  224.104140] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  224.112376] team0: Port device team_slave_1 added
[  224.341279] 8021q: adding VLAN 0 to HW filter on device bond0
[  224.566985] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[  224.574209] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  224.583073] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  224.923668] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[  224.930748] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  224.939886] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  225.298947] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  225.307021] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  225.316154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  225.667249] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  225.675103] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  225.684277] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  226.015154] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  227.640429] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  227.646999] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  227.655408] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  228.137985] sg_write: data in/out 262108/1 bytes for SCSI command 0x0-- guessing data in;
[  228.137985]    program syz-executor0 not setting count and/or reply_len properly
10:46:01 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f00000000c0)={&(0x7f0000000200)={0x14, r1, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

10:46:02 executing program 0:
r0 = syz_open_dev$evdev(&(0x7f0000000600)='/dev/input/event#\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = syz_open_dev$evdev(&(0x7f00000001c0)='/dev/input/event#\x00', 0x5, 0x2000)
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffe, 0x32, 0xffffffffffffffff, 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000200)=0xe36)
ioctl$EVIOCGKEYCODE(r0, 0x80084504, &(0x7f0000000000)=""/202)
r3 = openat$audio(0xffffffffffffff9c, &(0x7f0000000100)='/dev/audio\x00', 0x200000, 0x0)
ioctl$KVM_IRQ_LINE_STATUS(r3, 0xc008ae67, &(0x7f0000000140)={0xab71, 0x7})

10:46:02 executing program 0:
r0 = socket$kcm(0x11, 0x3, 0x0)
recvmsg(0xffffffffffffffff, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000007c0), 0x0, &(0x7f0000000840)=""/176, 0xb0}, 0x0)
sendmsg(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000140)}], 0x1}, 0x0)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IP_VS_SO_SET_ADDDEST(r1, 0x0, 0x487, &(0x7f0000000240)={{0x2c, @multicast2, 0x4e22, 0x0, 'sed\x00', 0x10, 0x4, 0x60}, {@remote, 0x4e23, 0x4, 0x8, 0x1, 0xffff}}, 0x44)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000140)=@ipx={0x4, 0x80000001, 0x0, "0950fe4adba7"}, 0x16, &(0x7f0000000000), 0x0, &(0x7f0000000240)}, 0x0)
sendmsg(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f00000001c0)=@sco={0x1f, {0x8, 0x0, 0x2}}, 0x80, &(0x7f0000000300)}, 0x0)
setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f0000000000), 0x2b5)
fremovexattr(r0, &(0x7f0000000080)=@random={'trusted.', '\x00'})
sendmsg$kcm(r0, &(0x7f0000000480)={&(0x7f00000000c0)=@in6={0x31100, 0x894f, 0x5, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x329]}}, 0x80, &(0x7f0000000340), 0x0, &(0x7f0000000940)=[{0xc0, 0x102, 0x8, "bda5cbe5e36a0b3601043bfc07b79c3ef58dbeaed021abd4961b36f9b63dddb7cdbae8d06c812ca44195c543dcd0a20196f3d4932799cd1e97bc5b3896a1c07b6c3283e97af96035383b47508f4537bdce59fe9f132c730e9adf1af4aacf4027d3ee669ff2e80df6f10349968e759ce89e6b764a002026481d58c00413cdb287d57fcd81b01278b676566627cc9f00f172f224a146a0937107156d63ded88d8df7e233a85a558e6975"}, {0x10, 0x11b, 0xfffffffffffffff7}, {0x1010, 0x10a, 0x5, "8596f3ee3e59fcc5a0488803fad19eba8eda21fc2e49b57368f715d6a77a0e4716eb36457fcd320c5e8fe0c54d71967c459f699cccef5bbaf02634f9f1b34017baefac61bbfe343e6d74a87a2e0116618dd90e774ea21ca0d03476895301168f261875b8322119223ea43695c9a17311d33f9ddf98dbf9c10d935e1706590bddc9dce701679e47d472da6ae6f9b657086f0975735a318a36ab9d72474627453725222205fccdfb380447db469edbcae8cf619c484bc298d825d3be5cfa52c3dae220c09a19f637f0541c24902157adee176cbeb96a70fe92534db2c5cffd8d38742685132eae115a959921174a496b297bfb0c65d8bcb3439bb2dc3a4e5eb65a609a0782b4dc94c5f4b88783f690683254fe3fd9c4be7b597b7c95caab5d1f4556cf07e73cabb26bbb825c33fb1dee94f8c28b4db7b160a89508aea78784058423d9b4266d382ee027424306f060137acc69fd1d1cc6c61a7462f138611f164947b1a4744a45dfb36458dc17dd527549946329f76876c77b0c97f5b591c869883ba10c484a47ad3286585f2fcc78ad1f6a30c669ad39743263ca79f18fb65c22ee537480aa5c36c532b2550e863bb403e6f644ceda92e83231bb85b9fe6c95b2b83ce2c8ec8d575d1b02a4605e9145976d09ba8eb9b0b29228ebbee50c8d8a30d791651feea2ab46e3e292ea839d578bd88852f821c88d2c4f3f69613e1d38d1c86ee41a5cc9bffcd92a277923ecc92ca560bb2dcbd13454c908853a0bcb1035b30411b7903b14e180481b96bc1e5043e69d6f9b5843c01fcf995be9c0f200223c53171ab72c0790ada4f4d71dc4a956a7df39069041b8f26d89b704a2af929811c0583b76188b6762fd65eb0900daa42368add2bdffb947ab7a2f8492eb998b34caa8a8c59a83260bed5c43262844ae28a53dd937a6029d59bb5251e20c8f680e16928268e178e1a60b44a7f3a617eafcfccac323c6fc06faa93ba8109ccada1c5bae76f0f4b526d768504f5b717e69f1551b7aa4e64e64f17a19aab9696e0e74540b212c0085256d92d1b79c6496fa3a4c04c05079d956e35529d911c8d57caefb8e4fc51d0092732a85083d0805073264b62fdcf5a2e5d0978722cbe6c7ac4d65fbd42403c28971ee99a691b8ba27a272bd7b288ecd672e330deb934a56c56a6cb19e49699e55b9f0b0a5332b1b7b1e49b8f0d66a6fa2438adf4236d31f09f0ae61eee32407acaaf50cad950ae1e69751991df9f17206e3f8c81049294530742b50ea7e706a74ca08ae2aa28080914ec0185f592542192eba94e3c72cad6888ddcbaa11658729df9cc242b2f5875cd20b33af482efbec449844a6c609ef5f9ba0711509027a615fd7c019fb86e55f3d465317edb770c2becc1de217c4fab90afe9e66c25119d5bd51a9e6236689d83f3bbeb85ba132e8efe684616ef986854daecdae1c863f0c083964b015c5ccbb73f3c968e2ae50324df9e48474d2babd43152da3bc3353bde874f7e5b3107e35b607f3b485d795eb7430d4a6341ce891b80791ac1dd3d4b14ac11d9089ead62f4dbd64d266d696ed942252eec26bfde4ea026314ba956749cd6b03022fff00c46aacdc2dc01779d0b4302f1779a54094eba8092a580ed3f24efe8e852e996d2ccee3c6a82e3e903a0d25f16e1ca2a2bde565dad08c61b6f0bd2292b2a870825447c2e35cecc958f5b397a164f1448e991d2b47aac7d3965eeaa9834da6a0ae12c849732f14c24a25db8e5c530494111a2ae6ee18b170dd7baf1a0f440b5c73235e47d8d50dc4ee729110a28cf3b3cf97efd1bd269ad383d9f4348e770786e383821871f175198d39b544e1754ce09fe817226aba5c98d5279a9e483ff6f23bac135f90d1890b984437011fb14f221ff38ac12920b40afc027e46e7700acb1622debdc8e226f729b806739a2f595e67852adb0d2af067690a181a2a8ff6c8733048a1323f095c7b38e0548dcfe9f7ac4e2a6580003082a1eabf4ed7c0d033cde207a92331b8267601255cea22cf855fd8987f820f12cc93492abdcb259a381ec0069d56b13afc04fa7b9d65c886c7797303a9b0c781f37603eac044376fd32a25eab748419c39d97957b3bacc77ecd1223d1834f19f7f36152d8ab8fed3852660db4345483ef4890c3544fed770b8c4fc002af2e93b94eece0f545254817a10a1a32281055596c0c77238da5581f6e57f24f32d7af4ef7aec10765ddcfb323fdd2e6b395771cd5a93f4b8806004f0ac46abb1c65323a2e05596e1e84318d8fa5e2e497a85c2e7f3ebe903a75669915063d1ac6be469650332f16b24b0f4251ada78f444efd9409ab603fd9e9f61b186b7457644ee725c1963add73941e0682d62561d1906d8c66e161a93f40cdcb8c585e9985541048dd7c0c243ed730ca6b4ac95fd52e9e6a8ba286b7cab8e91981c08c369b21046a145d1657ea095c8868be41fdfd670defac42a3319d8bddcaf6815cdf3e1a04f6f2c2878e638e866e419a00604c0623030b9433b1ff9d4a176420bc5b513d2aaf4e5472fc8f6a647f30d0cbee486dfb39389a165b0b844990f132dcdeacd48d9ebf4ab71f58680f62f08adc99823423d3f15567a6dc962710d4d6ac31d83eac84f4809ae04fd8bbc77130b8e8387d31812157265386ddbf6e770e930ec6f145946c1e71f787aaedd4d14d27c439ee0fdf69fb977d3e07090940e31fce2aea188ae6835544c3c94929d5e9a16d648cdfa0aa15165cc888863ff5bb723803ecd11d4c8ec5c0203fed7f3dba443b17b7c382e46dd345d7246d1732cdf88a32843504fb2d242960ba15604c865a9f5a9bc6cc2da2526f34e898c74d5b549a0e007f380e583780adaa8f1aa916fbef12499c6c67152856208086ec5bcb11f8813d32ec379e4000645930dbf3749a91c674dcfafee60e494907c6ec16610b56fab07d229967361aae72817c335fee4152b6982b3654c5f2bc2fd6dc85246c6fd8ac3c2735543e0326b9ce7986d28ad0966c2df525c7e4dacdb6d4480741435806dc26806e024c6b88def560689130cb1f1c5ab1a0e3320f9cefca4c3cd39c6a9be93d078e2b02fd4b0dba3d0723d9c353a206ee2415ceed5ac41853ee4094bdc296b70da6037334d10a1615e5d89009e0501b504c0b2ef03596d8f2856ac51ae96e4e23c613749580d676beb4ea4d3cc920184eb06b6cfe1356d53ddbb0edbeee41b19852587fd5f342ef1b9d62bd363a6b8cd619600166c16b761b62f7b08143229279d86339572d514ae237252af7271fa7ce8ebe461ac94d62c29c8fab25b2cadef148054df85295803faa685f08ce08a029654ca8d3968c4d77fd903f2c5b57bd9afdbdd32971329e18669584b865fbaf37cb69062d9070d132aa333dec0dc11b6c59a8b4644532361518c33f8bc5f2056f1a846d57ffc26ff6a3456fedafacbb1a0c67f28a67ac52bad7096d1e9ecfbd3e5ce5d1df83721e9f03a355b20200370b7ecf060eb6068b9994a728dd2b0417d854cc670a0280688d1488e7570b35f4776ecdf2b6ab136bba4fbd3efef8f94da81f5d80a29c99efc7a1d4a87826e1ab0ec215b030c76c70bb177d2e423bbde26bbd78a5486e8982d4d71faab1231b78d964df2031a6bedaa3c5a732d83916b586d7bbb9108b9a788da02faf5d8b5c2492ebb2e7b6d4eebdaf48f72f05c189870c93aa7472d0eb6cdd8b0ef25d193d30ae81accd467e2596e69ef97f4165f7c414a0160403aa082ef9e3888e05f5a8e7d6c60b796a76d14cc4a734c4f450eabc0a5257f1fd7c1c1e5c76242a2a4c43249ed650af1bda714e93468186b2a447d7e16ec25aaeba3e88d7df437945bacae6e2828ae8f89951fba5619e83ec1e20055cc35399c3c59a4e92dad7ff2fb9518485ea9137ffd907f0d12e5543f67365e7a55a90cd9f96656f988ddc17cad835f0cbd3225adbb056c6e6eb7ba80c2a2ddfdf2490f30af4dfc06efbbc2af0d8f2cb987f20ad764274af68bd67298b113e6bb4d493df65c88fb1601e8ab21c36773a8b9a5c4139f702593d67fd6c788da39ad50e58b10b0daa1c896026b60d477321e955137077b5c006fa3048353cc8a6035a1e83139eb1e43109ee4f7ac27408619c87e96d3154f4fa562f0e8fb5259d6776951c1642b7e993e944526a87bf3febf41f905044930c4bc8b4d52ce832ec6c99eb8f24459817e94c3375add21a51d2c5af41ebcbe15856ef6d63fbef315a02a25b88b889796a8495d89f8a91ad299c5f0577c7df05fbaf67660a63c521bec0af0a57e927c238fe94168e32f3a32e7fe40d5d2b254be92046a1faeab68a95645da1a501de5ddee5da9a312dba0c51294e9e2a9fa91180795506148955f4f0cb1064e63ab006ab01b3f194ce24b115a5ca82c74a7a893439f11d4d89bb15841f59e92b0eddd3d6c9fb021075836a38a25ceabe8988678e6523f68e78e1cb29eedf61fa5beef14894de19eaf96848317f78393ec4ba5d9c97f6b11127a3d9398f494830f9f8cbcd72aa85ce6c0b014a3053298cc2eb216588ecd063682c11463c8fae8403312fffd9d6c7a7324625639afe36a8c5a26b3f0e7835b2c713c9de6682dba34585d410423a77fb69f1882930c8bdd4f33f5ab63f3bdaad83eb8c6923feb6f76543eb2448158b9034a008565da70fa963b39900dc3515ad40d73b7b0fdea6580bd563c4c0ff9a1b30a5817187e6e89a9d9b30497447791e2d4bea11bdeca237fe55336023442d054432b78976a5a19cd603c7f78c2009459b318aa8bb005b4066e0efe8dcc7dd251861e1164ff27c3406bf34aabdb566ba1c9fa13a07c6edddc98e6837fd60d0217f51d486c26e000f709e63a0b1524533661a96a3f6440c08948d4a0efca681633d6e2b13b52995997ae0fb14fadaa7e246e9ae9c2f3ebbea87d0953deef9138670afaf332f91932efbc8f136fa1a1f0ce3faec38cda9715a4777969c38fcc7b0753b2c3b7afe6c48d49a7ace666148f7a08f8eff9fd5e4c417ab18feaf739e4535431b685d339f073bf85036ecfcfab888679c74f0392633ff0bdb725d1fbac37f6b290e40af109223ed3dbab43e6395fa61ff8413d37f91140705c4df4ce6f3bfda757660b3647a06f450e2c7995e90da75f1883870fd9ab4a84cb68ba2be4c394e6ffa8cb85d7675b2da003f8eb2c7eb92f75563e1977e02548e1a8557f6946428f0da88a5e18d86eb1ed18d038569877442af9727543acf77496554a2f7035827204c6e791b46831dc1740009e41b2e52e24a6d9e5494774ec7b5000ceb1d65b11250f909fd3562ff6f0a61e5778c783bd99e02818bff0dfd11961503f518652c2c5ba0f6e8360495042e92ea1def545e74bb74c32f6641a067fd68ec3fa4f2b1d9bf52c952a7bf4900a1db8fe6f671468957f80bc7a2486bf83a1da4a42cfeaddb276326e1fbd65a3ae9fa82c271e749499f912c526617f7fd8ff52c39cd87829b305cd1b862d07ecd3500b9fa6aef3c33a97517aac9cdf218a8f853298330d2dc5f3f382a615e4da928fba1400f2364b97fd93310595bd9879b0fc999e36d6d148f4c5c8c2519429df261fe7613d04e3aaec72adddfe2ca4b4215ba18d9ac3efdb95548c43a3e877ec5956de88244e2cfdb4cb9b9722763069e3bed3efc7d1f69223ce9c25b43abe9857a76c707bd16eb2a17e6e7c6c3cb275c6b4206f6de5cc29c0c12910c8d619dc2e85a376b230bc0229facff7cc34ea400c5145d4b4d8f6229d51a5c9a573cb562c800ce868ea14df8fe0ea3ea885486ff9aef0667a"}], 0x10e0}, 0x0)

[  229.300750] 8021q: adding VLAN 0 to HW filter on device team0
[  229.491995] IPVS: set_ctl: invalid protocol: 44 224.0.0.2:20002
[  229.553131] IPVS: set_ctl: invalid protocol: 44 224.0.0.2:20002
10:46:03 executing program 0:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.stat\x00', 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
mmap(&(0x7f0000013000/0x1000)=nil, 0x1000, 0x4, 0x32, 0xffffffffffffffff, 0x0)
r1 = userfaultfd(0x0)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000003fe8))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1})
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r2, 0x84, 0x8, &(0x7f0000013e95), 0x4)
write$nbd(r0, &(0x7f0000000100)={0x67446698, 0x0, 0x2, 0x3, 0x2, "7263a42e378d28b4e0a6843ba11c0a4ed5c93aa303f34f163461ceea51a9f7464dd13c457d4afd1c66edd610b2b30adf163c009647ea1d2acb45fe0bb8e6b10fc69c3504d6073c6d6f275df5d9f9253482e9baaf3729a84c2b40ab93f8bae2fc9dfc829aec3e91ef1b57fb32e3437a0f246f2eb4406d9e75ef8d5127b8ea37fbe9c3a758a28a08cdfb7e6595526a44436878fb91a85de879b996df491979621bf0977bd53b6d768903f5030e3269c26c5c4e468e955192e9b48fc9f9560763752ac9ca4b66742ba4846ba4a000a5fc5f4baf37a5142839813ba88fb1"}, 0xec)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000300)={r0, &(0x7f0000000200)="0e726e0ad4e0a1b2ece1f0944083739b3d15221ef49b2fcf552e6ecdca56604f78bb62bfcf66e64a441c68bb439abb842dd868", &(0x7f0000000280)=""/104}, 0x18)
getsockopt$IP_VS_SO_GET_DAEMON(r2, 0x0, 0x60, &(0x7f0000000240), &(0x7f0000000040)=0x30)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
close(r2)
ioctl$TIOCSBRK(r0, 0x5427)
close(r1)

[  230.535743] bridge0: port 1(bridge_slave_0) entered blocking state
[  230.542318] bridge0: port 1(bridge_slave_0) entered disabled state
[  230.550666] device bridge_slave_0 entered promiscuous mode
10:46:03 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000580)={&(0x7f0000000140), 0xc, &(0x7f0000000540)={&(0x7f0000000600)=@ipv4_newroute={0x1c, 0x18, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}}, 0x1c}}, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x0, 0x0)
ioctl$KDGKBLED(r2, 0xc004510e, &(0x7f0000a07fff))

[  230.736986] bridge0: port 2(bridge_slave_1) entered blocking state
[  230.743549] bridge0: port 2(bridge_slave_1) entered forwarding state
[  230.750438] bridge0: port 1(bridge_slave_0) entered blocking state
[  230.757040] bridge0: port 1(bridge_slave_0) entered forwarding state
[  230.765803] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  230.980076] bridge0: port 2(bridge_slave_1) entered blocking state
[  230.986731] bridge0: port 2(bridge_slave_1) entered disabled state
[  230.995169] device bridge_slave_1 entered promiscuous mode
10:46:04 executing program 0:
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x21, &(0x7f0000000080), 0x1)
r1 = openat$md(0xffffffffffffff9c, &(0x7f0000000000)='/dev/md0\x00', 0x8000, 0x0)
ioctl$BLKROGET(r1, 0x125e, &(0x7f0000000040))

[  231.424591] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
10:46:04 executing program 0:
r0 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x0, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000e40), 0xffc, 0x0, &(0x7f00000004c0)={0x2, 0x0, @loopback}, 0x10)
r1 = syz_open_dev$mice(&(0x7f0000000040)='/dev/input/mice\x00', 0x0, 0x200)
ioctl$KVM_SET_MSRS(r1, 0x4008ae89, &(0x7f00000001c0)=ANY=[@ANYBLOB="fdff9901e26380305ac9c836bd227d5466ec59f74a3c4bf7a1bfa7ccc32c55f8d5879f19bb8507002aef6cff5ad9dfd990ba37fafeb3cb78c860ca7266961dc06c2cc4dd1d3c7711fe2729871b6e2590de8855bca8e117b8681fcd02077bd25998443b044e85a25acf875d67f5b278f78ec566d174035801ecb13715f7973313e06aee43382ad8ae61ff036b94c09f5849f049496005d1725fd04a01a8032475fbec23f2884622c48f73ffd365455210fe465cb017f24d4362161cd3751fb894c868b13925"])
ioctl$SG_SET_TIMEOUT(r1, 0x2201, &(0x7f0000000080)=0x7)

[  231.763422] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  231.851647] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
10:46:05 executing program 0:
timer_create(0x7, &(0x7f0000000540)={0x0, 0x16, 0x2}, 0x0)

[  233.028710] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  233.414922] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  233.813138] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[  233.820205] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  234.140654] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[  234.148008] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  234.902023] 8021q: adding VLAN 0 to HW filter on device bond0
[  235.059583] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  235.067769] team0: Port device team_slave_0 added
[  235.377795] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  235.385994] team0: Port device team_slave_1 added
[  235.666380] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[  235.673530] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  235.682291] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  235.839086] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  236.036705] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[  236.044063] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  236.053010] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  236.340993] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  236.348754] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  236.357848] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  236.512381] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  236.520074] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  236.529138] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  236.811922] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  236.818310] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  236.826427] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  237.599983] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
10:46:10 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f0000000380)={0x2, 0x0, [0x40000084]})

[  237.913529] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html for details.
[  237.999209] 8021q: adding VLAN 0 to HW filter on device team0
[  238.053774] ==================================================================
[  238.061219] BUG: KMSAN: uninit-value in loaded_vmcs_init+0x343/0x590
[  238.067754] CPU: 1 PID: 7146 Comm: syz-executor1 Not tainted 4.19.0-rc4+ #63
[  238.074959] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  238.084346] Call Trace:
[  238.086958]  dump_stack+0x306/0x460
[  238.090608]  ? loaded_vmcs_init+0x343/0x590
[  238.094973]  kmsan_report+0x1a3/0x2d0
[  238.098811]  __msan_warning+0x7c/0xe0
[  238.102654]  loaded_vmcs_init+0x343/0x590
[  238.106854]  __loaded_vmcs_clear+0x2fb/0x3c0
[  238.111340]  generic_exec_single+0x17b/0x500
[  238.115774]  ? vmx_get_msr_feature+0x180/0x180
[  238.120392]  smp_call_function_single+0x290/0x500
[  238.125267]  ? vmx_get_msr_feature+0x180/0x180
[  238.129905]  vmx_free_vcpu+0x582/0x8a0
[  238.133821]  ? vmx_create_vcpu+0x7920/0x7920
[  238.138260]  kvm_arch_destroy_vm+0x727/0xcd0
[  238.142699]  kvm_put_kvm+0x100b/0x1cf0
[  238.146646]  kvm_vcpu_release+0xad/0x100
[  238.150738]  ? kvm_vcpu_mmap+0x80/0x80
[  238.154663]  __fput+0x4e8/0xda0
[  238.157995]  ____fput+0x37/0x40
[  238.161297]  ? fput+0x3e0/0x3e0
[  238.164606]  task_work_run+0x467/0x500
[  238.168547]  prepare_exit_to_usermode+0x364/0x470
[  238.173433]  syscall_return_slowpath+0x112/0x880
[  238.178214]  ? __close_fd+0x465/0x4c0
[  238.182057]  ? __se_sys_close+0x72/0x140
[  238.186155]  do_syscall_64+0xe4/0x100
[  238.189990]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[  238.195196] RIP: 0033:0x411051
[  238.198404] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 34 19 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01
[  238.217330] RSP: 002b:0000000000a3fd90 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  238.225061] RAX: 0000000000000000 RBX: 000000000000000a RCX: 0000000000411051
[  238.232346] RDX: 0000000000000000 RSI: 0000000000730e10 RDI: 0000000000000009
[  238.239632] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  238.246919] R10: 0000000000a3fcb0 R11: 0000000000000293 R12: 0000000000000000
[  238.254199] R13: 0000000000000001 R14: 0000000000000001 R15: 0000000000000001
[  238.261504] 
[  238.263143] Local variable description: ----error.i@loaded_vmcs_init
[  238.269650] Variable was created at:
[  238.273391]  loaded_vmcs_init+0x8a/0x590
[  238.277472]  __loaded_vmcs_clear+0x2fb/0x3c0
[  238.281898] ==================================================================
[  238.289278] Disabling lock debugging due to kernel taint
[  238.294745] Kernel panic - not syncing: panic_on_warn set ...
[  238.294745] 
[  238.302142] CPU: 1 PID: 7146 Comm: syz-executor1 Tainted: G    B             4.19.0-rc4+ #63
[  238.310730] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  238.320096] Call Trace:
[  238.322719]  dump_stack+0x306/0x460
[  238.326395]  panic+0x54c/0xafa
[  238.329659]  ? __msan_metadata_ptr_for_store_1+0x13/0x20
[  238.335136]  kmsan_report+0x2cd/0x2d0
[  238.338974]  __msan_warning+0x7c/0xe0
[  238.342808]  loaded_vmcs_init+0x343/0x590
[  238.346994]  __loaded_vmcs_clear+0x2fb/0x3c0
[  238.351437]  generic_exec_single+0x17b/0x500
[  238.355874]  ? vmx_get_msr_feature+0x180/0x180
[  238.360492]  smp_call_function_single+0x290/0x500
[  238.365369]  ? vmx_get_msr_feature+0x180/0x180
[  238.369991]  vmx_free_vcpu+0x582/0x8a0
[  238.374571]  ? vmx_create_vcpu+0x7920/0x7920
[  238.379008]  kvm_arch_destroy_vm+0x727/0xcd0
[  238.383463]  kvm_put_kvm+0x100b/0x1cf0
[  238.387404]  kvm_vcpu_release+0xad/0x100
[  238.391499]  ? kvm_vcpu_mmap+0x80/0x80
[  238.395414]  __fput+0x4e8/0xda0
[  238.398759]  ____fput+0x37/0x40
[  238.402078]  ? fput+0x3e0/0x3e0
[  238.405389]  task_work_run+0x467/0x500
[  238.409323]  prepare_exit_to_usermode+0x364/0x470
[  238.414203]  syscall_return_slowpath+0x112/0x880
[  238.418990]  ? __close_fd+0x465/0x4c0
[  238.422841]  ? __se_sys_close+0x72/0x140
[  238.426943]  do_syscall_64+0xe4/0x100
[  238.430802]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[  238.436010] RIP: 0033:0x411051
[  238.439224] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 34 19 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01
[  238.458144] RSP: 002b:0000000000a3fd90 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  238.465883] RAX: 0000000000000000 RBX: 000000000000000a RCX: 0000000000411051
[  238.473177] RDX: 0000000000000000 RSI: 0000000000730e10 RDI: 0000000000000009
[  238.480458] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  238.487826] R10: 0000000000a3fcb0 R11: 0000000000000293 R12: 0000000000000000
[  238.495122] R13: 0000000000000001 R14: 0000000000000001 R15: 0000000000000001
[  238.503348] Kernel Offset: disabled
[  238.506987] Rebooting in 86400 seconds..