[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   34.526261][   T26] audit: type=1800 audit(1571182989.582:25): pid=6937 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2447 res=0
[   34.547026][   T26] audit: type=1800 audit(1571182989.592:26): pid=6937 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2490 res=0
[   34.615520][   T26] audit: type=1800 audit(1571182989.672:27): pid=6937 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2469 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.15' (ECDSA) to the list of known hosts.
2019/10/15 23:43:18 fuzzer started
2019/10/15 23:43:19 dialing manager at 10.128.0.105:34737
2019/10/15 23:43:19 syscalls: 2524
2019/10/15 23:43:19 code coverage: enabled
2019/10/15 23:43:19 comparison tracing: enabled
2019/10/15 23:43:19 extra coverage: extra coverage is not supported by the kernel
2019/10/15 23:43:19 setuid sandbox: enabled
2019/10/15 23:43:19 namespace sandbox: enabled
2019/10/15 23:43:19 Android sandbox: /sys/fs/selinux/policy does not exist
2019/10/15 23:43:19 fault injection: enabled
2019/10/15 23:43:19 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2019/10/15 23:43:19 net packet injection: enabled
2019/10/15 23:43:19 net device setup: enabled
2019/10/15 23:43:19 concurrency sanitizer: enabled
23:43:20 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xff7d)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x40, 0x0, 0xfffffffffffffdd4)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

23:43:20 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10)
r1 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10)
sendto$inet(r0, 0x0, 0x3bd, 0x200007fd, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='hybla\x00', 0x6)
sendmmsg$inet(r0, &(0x7f0000000b40)=[{{0x0, 0xfffffffffffffcfb, &(0x7f0000000200)=[{&(0x7f0000000100)="8cb08f70aca1f2e24e7dc4636db1607852800ad7239bfbb123065f68cd67943bc81a1d56defee801abbb295542689614ad3cf075062ecc8fff703998f05b4a75cd21c51a0cdf5c1d22ec6c88b2f328c35d2284ce373751008f2fe11265fc7b892d9211b9f2b8d60d65de6a11b376b8379dea0e24d9d54997f9b0c35fdbb691b6a85b1dd235877eaf2c6b56cdebc12feefdd198891969cc07ec80aa29bcc95a7fa0866e97a784c0ac21edab15d06cfb51b0f47e5f4404000000000000", 0xbc}, {&(0x7f0000000340)="4520d8c1ee8e08b9ee293229", 0x28c}], 0x2}}, {{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000500)='B', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000640)="6704848d55e654ad6f06f85d5c8caed968361a080c9a53252ca10c8e9f2257b4300eccf6f7e8f49e10382d24c8e304851ba9f674097b80c63dc396090a3762753a1400aba6fc2b7dcec89c4c03bb4f4a995e7f0d40", 0x55}], 0x1}}], 0x3, 0x40000)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xda9, 0x4)
sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba7860f46ef65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95c25a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x1472, 0x11, 0x0, 0x1d)

syzkaller login: [   45.439884][ T7103] IPVS: ftp: loaded support on port[0] = 21
[   45.573878][ T7103] chnl_net:caif_netlink_parms(): no params data found
[   45.662917][ T7103] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.677708][ T7103] bridge0: port 1(bridge_slave_0) entered disabled state
[   45.685675][ T7103] device bridge_slave_0 entered promiscuous mode
[   45.694148][ T7103] bridge0: port 2(bridge_slave_1) entered blocking state
[   45.701643][ T7103] bridge0: port 2(bridge_slave_1) entered disabled state
[   45.710070][ T7103] device bridge_slave_1 entered promiscuous mode
[   45.723626][ T7106] IPVS: ftp: loaded support on port[0] = 21
[   45.732526][ T7103] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   45.743363][ T7103] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   45.772598][ T7103] team0: Port device team_slave_0 added
[   45.782253][ T7103] team0: Port device team_slave_1 added
23:43:20 executing program 2:
r0 = syz_open_dev$usbmon(&(0x7f00008be000)='/dev/usbmon#\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(r1, r0)

[   45.870833][ T7103] device hsr_slave_0 entered promiscuous mode
[   45.938682][ T7103] device hsr_slave_1 entered promiscuous mode
[   46.054854][ T7108] IPVS: ftp: loaded support on port[0] = 21
[   46.059317][ T7103] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.067941][ T7103] bridge0: port 2(bridge_slave_1) entered forwarding state
[   46.075309][ T7103] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.082444][ T7103] bridge0: port 1(bridge_slave_0) entered forwarding state
23:43:21 executing program 3:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x80000000000a01, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f00000013c0)={0x0, 0x0, 0x0}, 0x0)
ioctl$TCSETS(r0, 0x5402, &(0x7f0000000000))
write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[], 0xffffff78)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000200))
r1 = syz_open_pts(r0, 0x0)
readv(r1, &(0x7f0000000400)=[{&(0x7f0000000440)=""/165, 0x10}, {&(0x7f0000000280)=""/243}, {&(0x7f00000001c0)=""/20}, {&(0x7f0000000380)=""/124}], 0x2c0)

[   46.183630][ T7106] chnl_net:caif_netlink_parms(): no params data found
[   46.275346][ T7103] 8021q: adding VLAN 0 to HW filter on device bond0
[   46.365289][ T7106] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.372550][ T7106] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.384441][ T7106] device bridge_slave_0 entered promiscuous mode
[   46.397809][ T7113] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   46.417406][ T7113] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.425860][ T7113] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.435958][ T7113] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   46.452449][ T7108] chnl_net:caif_netlink_parms(): no params data found
[   46.469997][ T7106] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.477150][ T7106] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.486677][ T7106] device bridge_slave_1 entered promiscuous mode
[   46.514377][ T7103] 8021q: adding VLAN 0 to HW filter on device team0
[   46.523815][ T7106] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   46.535346][ T7106] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   46.572196][ T7114] IPVS: ftp: loaded support on port[0] = 21
[   46.580404][ T2851] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   46.589795][ T2851] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.596929][ T2851] bridge0: port 1(bridge_slave_0) entered forwarding state
[   46.605933][ T2851] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   46.614838][ T2851] bridge0: port 2(bridge_slave_1) entered blocking state
23:43:21 executing program 4:
sendmmsg(0xffffffffffffffff, &(0x7f0000004680)=[{{0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000000180)="e6cc39d64e5b987596da1475c4f0fc2213fca074e4", 0x15}], 0x1}}], 0x1, 0x0)
ioctl$FS_IOC_FSGETXATTR(0xffffffffffffffff, 0x801c581f, &(0x7f0000000180)={0x6})
pipe(&(0x7f00000015c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x401c5820, &(0x7f0000000140)={0x4a5, 0x10})
close(r2)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syz_tun\x00', <r4=>0x0})
bind$packet(r3, &(0x7f0000000080)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @local}, 0x14)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r5=>0xffffffffffffffff})
r6 = fcntl$dupfd(r5, 0x0, r5)
ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200)
write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0)
setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f00000000c0)=0x5, 0x4)
splice(r0, 0x0, r2, 0x0, 0x10003, 0x0)

[   46.621953][ T2851] bridge0: port 2(bridge_slave_1) entered forwarding state
[   46.648583][ T7106] team0: Port device team_slave_0 added
[   46.658001][ T7113] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   46.669654][ T7113] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   46.679136][ T7113] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   46.691391][ T7113] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   46.700355][ T7113] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   46.712208][ T7113] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   46.721176][ T7113] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   46.753628][ T7103] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   46.766251][ T7103] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   46.778027][ T7106] team0: Port device team_slave_1 added
[   46.798120][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   46.811379][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   46.838715][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   46.858430][ T7108] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.865512][ T7108] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.876361][ T7108] device bridge_slave_0 entered promiscuous mode
[   46.907136][ T7103] 8021q: adding VLAN 0 to HW filter on device batadv0
[   46.917026][ T7117] IPVS: ftp: loaded support on port[0] = 21
[   46.934713][ T7108] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.942824][ T7108] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.954017][ T7108] device bridge_slave_1 entered promiscuous mode
23:43:22 executing program 5:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
socket$kcm(0x29, 0x5, 0x0)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket(0x40000000015, 0x5, 0x0)
setsockopt$SO_RDS_TRANSPORT(r1, 0x114, 0x8, 0x0, 0x0)
bind$inet(r1, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
syz_open_dev$mice(&(0x7f0000000140)='/dev/input/mice\x00', 0x0, 0x1)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_PIT2(r4, 0x4040ae77, &(0x7f0000000040))
dup3(r2, r4, 0x0)
fchdir(r4)
sendto$inet(r1, &(0x7f0000000a00)="ba", 0x1, 0x0, &(0x7f000069affb)={0x2, 0x0, @loopback}, 0x10)

[   47.101071][ T7106] device hsr_slave_0 entered promiscuous mode
[   47.138055][ T7106] device hsr_slave_1 entered promiscuous mode
[   47.188683][ T7106] debugfs: Directory 'hsr0' with parent '/' already present!
[   47.198018][ T7108] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   47.229994][ T7108] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   47.282947][ T7108] team0: Port device team_slave_0 added
[   47.293753][ T7108] team0: Port device team_slave_1 added
[   47.334846][ T7123] IPVS: ftp: loaded support on port[0] = 21
[   47.380816][ T7108] device hsr_slave_0 entered promiscuous mode
[   47.396755][ T7127] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   47.430197][ T7108] device hsr_slave_1 entered promiscuous mode
[   47.467695][ T7108] debugfs: Directory 'hsr0' with parent '/' already present!
[   47.497349][    C1] hrtimer: interrupt took 30544 ns
[   47.503586][ T7114] chnl_net:caif_netlink_parms(): no params data found
[   47.563200][ T7106] 8021q: adding VLAN 0 to HW filter on device bond0
[   47.596963][ T7108] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.604185][ T7108] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.611513][ T7108] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.618576][ T7108] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.645476][ T2851] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.654401][ T2851] bridge0: port 2(bridge_slave_1) entered disabled state
23:43:22 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xff7d)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x40, 0x0, 0xfffffffffffffdd4)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[   47.721951][ T2851] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   47.730308][ T2851] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   47.739942][ T7106] 8021q: adding VLAN 0 to HW filter on device team0
[   47.764260][ T7117] chnl_net:caif_netlink_parms(): no params data found
[   47.797713][ T2851] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   47.806898][ T2851] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   47.817339][ T2851] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.824529][ T2851] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.836754][ T2851] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   47.845636][ T2851] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   47.857898][ T2851] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.865072][ T2851] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.876828][ T2851] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   47.886333][ T2851] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   47.899402][ T2851] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
23:43:23 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xff7d)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x40, 0x0, 0xfffffffffffffdd4)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[   47.912601][ T2851] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   47.922330][ T2851] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   47.934279][ T2851] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   47.943937][ T2851] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   47.956023][ T2851] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   47.997074][ T7114] bridge0: port 1(bridge_slave_0) entered blocking state
[   48.005385][ T7114] bridge0: port 1(bridge_slave_0) entered disabled state
[   48.038563][ T7114] device bridge_slave_0 entered promiscuous mode
[   48.047514][ T7114] bridge0: port 2(bridge_slave_1) entered blocking state
[   48.057186][ T7114] bridge0: port 2(bridge_slave_1) entered disabled state
[   48.066561][ T7114] device bridge_slave_1 entered promiscuous mode
[   48.096981][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   48.106599][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   48.121913][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   48.136970][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
23:43:23 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xff7d)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x40, 0x0, 0xfffffffffffffdd4)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[   48.165557][ T7106] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   48.243154][ T7106] 8021q: adding VLAN 0 to HW filter on device batadv0
[   48.263098][ T7114] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   48.280936][ T7114] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   48.309030][ T7108] 8021q: adding VLAN 0 to HW filter on device bond0
[   48.319803][ T7113] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   48.328355][ T7113] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   48.345270][ T7117] bridge0: port 1(bridge_slave_0) entered blocking state
[   48.352980][ T7117] bridge0: port 1(bridge_slave_0) entered disabled state
[   48.361775][ T7117] device bridge_slave_0 entered promiscuous mode
[   48.376585][ T7117] bridge0: port 2(bridge_slave_1) entered blocking state
[   48.394518][ T7117] bridge0: port 2(bridge_slave_1) entered disabled state
[   48.408821][ T7117] device bridge_slave_1 entered promiscuous mode
[   48.429095][ T7108] 8021q: adding VLAN 0 to HW filter on device team0
[   48.451553][ T7123] chnl_net:caif_netlink_parms(): no params data found
[   48.470027][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   48.479070][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   48.488094][   T17] bridge0: port 1(bridge_slave_0) entered blocking state
[   48.495190][   T17] bridge0: port 1(bridge_slave_0) entered forwarding state
[   48.505423][ T7114] team0: Port device team_slave_0 added
[   48.516805][ T7114] team0: Port device team_slave_1 added
[   48.546139][ T7117] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   48.585966][ T7117] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
23:43:23 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xff7d)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x40, 0x0, 0xfffffffffffffdd4)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[   48.615788][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   48.631012][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   48.643788][    T5] bridge0: port 2(bridge_slave_1) entered blocking state
[   48.650931][    T5] bridge0: port 2(bridge_slave_1) entered forwarding state
[   48.673219][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   48.684379][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   48.745473][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   48.768750][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   48.795329][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
23:43:23 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xff7d)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x40, 0x0, 0xfffffffffffffdd4)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[   48.870898][ T7114] device hsr_slave_0 entered promiscuous mode
[   48.898205][ T7114] device hsr_slave_1 entered promiscuous mode
[   48.937765][ T7114] debugfs: Directory 'hsr0' with parent '/' already present!
[   48.953977][ T7123] bridge0: port 1(bridge_slave_0) entered blocking state
[   48.965689][ T7123] bridge0: port 1(bridge_slave_0) entered disabled state
[   48.985116][ T7123] device bridge_slave_0 entered promiscuous mode
[   48.997153][ T7117] team0: Port device team_slave_0 added
[   49.006097][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   49.020792][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   49.032863][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   49.044569][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   49.061754][ T7108] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   49.075805][ T7108] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   49.100329][ T7123] bridge0: port 2(bridge_slave_1) entered blocking state
[   49.107507][ T7123] bridge0: port 2(bridge_slave_1) entered disabled state
[   49.131164][ T7123] device bridge_slave_1 entered promiscuous mode
23:43:24 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xff7d)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x40, 0x0, 0xfffffffffffffdd4)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[   49.161044][ T7117] team0: Port device team_slave_1 added
[   49.174241][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   49.199311][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
23:43:24 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10)
r1 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10)
sendto$inet(r0, 0x0, 0x3bd, 0x200007fd, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='hybla\x00', 0x6)
sendmmsg$inet(r0, &(0x7f0000000b40)=[{{0x0, 0xfffffffffffffcfb, &(0x7f0000000200)=[{&(0x7f0000000100)="8cb08f70aca1f2e24e7dc4636db1607852800ad7239bfbb123065f68cd67943bc81a1d56defee801abbb295542689614ad3cf075062ecc8fff703998f05b4a75cd21c51a0cdf5c1d22ec6c88b2f328c35d2284ce373751008f2fe11265fc7b892d9211b9f2b8d60d65de6a11b376b8379dea0e24d9d54997f9b0c35fdbb691b6a85b1dd235877eaf2c6b56cdebc12feefdd198891969cc07ec80aa29bcc95a7fa0866e97a784c0ac21edab15d06cfb51b0f47e5f4404000000000000", 0xbc}, {&(0x7f0000000340)="4520d8c1ee8e08b9ee293229", 0x28c}], 0x2}}, {{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000500)='B', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000640)="6704848d55e654ad6f06f85d5c8caed968361a080c9a53252ca10c8e9f2257b4300eccf6f7e8f49e10382d24c8e304851ba9f674097b80c63dc396090a3762753a1400aba6fc2b7dcec89c4c03bb4f4a995e7f0d40", 0x55}], 0x1}}], 0x3, 0x40000)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xda9, 0x4)
sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba7860f46ef65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95c25a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x1472, 0x11, 0x0, 0x1d)

[   49.243443][ T7108] 8021q: adding VLAN 0 to HW filter on device batadv0
[   49.331299][ T7123] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   49.385285][ T7123] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
23:43:24 executing program 0:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10)
r1 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10)
sendto$inet(r0, 0x0, 0x3bd, 0x200007fd, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='hybla\x00', 0x6)
sendmmsg$inet(r0, &(0x7f0000000b40)=[{{0x0, 0xfffffffffffffcfb, &(0x7f0000000200)=[{&(0x7f0000000100)="8cb08f70aca1f2e24e7dc4636db1607852800ad7239bfbb123065f68cd67943bc81a1d56defee801abbb295542689614ad3cf075062ecc8fff703998f05b4a75cd21c51a0cdf5c1d22ec6c88b2f328c35d2284ce373751008f2fe11265fc7b892d9211b9f2b8d60d65de6a11b376b8379dea0e24d9d54997f9b0c35fdbb691b6a85b1dd235877eaf2c6b56cdebc12feefdd198891969cc07ec80aa29bcc95a7fa0866e97a784c0ac21edab15d06cfb51b0f47e5f4404000000000000", 0xbc}, {&(0x7f0000000340)="4520d8c1ee8e08b9ee293229", 0x28c}], 0x2}}, {{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000500)='B', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000640)="6704848d55e654ad6f06f85d5c8caed968361a080c9a53252ca10c8e9f2257b4300eccf6f7e8f49e10382d24c8e304851ba9f674097b80c63dc396090a3762753a1400aba6fc2b7dcec89c4c03bb4f4a995e7f0d40", 0x55}], 0x1}}], 0x3, 0x40000)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xda9, 0x4)
sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba7860f46ef65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95c25a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x1472, 0x11, 0x0, 0x1d)

[   49.470739][ T7117] device hsr_slave_0 entered promiscuous mode
[   49.508263][ T7117] device hsr_slave_1 entered promiscuous mode
[   49.567690][ T7117] debugfs: Directory 'hsr0' with parent '/' already present!
[   49.591884][ T7114] 8021q: adding VLAN 0 to HW filter on device bond0
[   49.606794][ T7114] 8021q: adding VLAN 0 to HW filter on device team0
[   49.621901][ T7123] team0: Port device team_slave_0 added
[   49.644048][ T7123] team0: Port device team_slave_1 added
[   49.685285][ T7109] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   49.713210][ T7109] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   49.744309][ T7109] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   49.762960][ T7109] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   49.778705][ T7109] bridge0: port 1(bridge_slave_0) entered blocking state
[   49.785833][ T7109] bridge0: port 1(bridge_slave_0) entered forwarding state
[   49.819282][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   49.827553][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   49.853224][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   49.872498][    T5] bridge0: port 2(bridge_slave_1) entered blocking state
[   49.879600][    T5] bridge0: port 2(bridge_slave_1) entered forwarding state
[   49.905475][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
23:43:25 executing program 2:
r0 = syz_open_dev$usbmon(&(0x7f00008be000)='/dev/usbmon#\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup2(r1, r0)

[   49.920586][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   49.933421][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   49.944258][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   49.956849][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   49.967285][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   49.986742][ T7117] 8021q: adding VLAN 0 to HW filter on device bond0
[   50.040253][ T7123] device hsr_slave_0 entered promiscuous mode
[   50.077847][    C0] ==================================================================
[   50.085977][    C0] BUG: KCSAN: data-race in add_timer / run_timer_softirq
[   50.092982][    C0] 
[   50.095312][    C0] read to 0xffff88812be1b6c8 of 8 bytes by task 21 on cpu 1:
[   50.102909][    C0]  add_timer+0x16f/0x550
[   50.107158][    C0]  __queue_delayed_work+0x13b/0x1d0
[   50.112356][    C0]  queue_delayed_work_on+0xf3/0x110
[   50.117589][    C0]  bond_netdev_notify_work+0x150/0x160
[   50.123053][    C0]  process_one_work+0x3d4/0x890
[   50.127919][    C0]  worker_thread+0xa0/0x800
[   50.132439][    C0]  kthread+0x1d4/0x200
[   50.136505][    C0]  ret_from_fork+0x1f/0x30
[   50.141064][    C0] 
[   50.143395][    C0] write to 0xffff88812be1b6c8 of 8 bytes by interrupt on cpu 0:
[   50.151050][    C0]  run_timer_softirq+0xcc0/0xd20
[   50.155995][    C0]  __do_softirq+0x115/0x33f
[   50.160499][    C0]  irq_exit+0xbb/0xe0
[   50.164592][    C0]  smp_apic_timer_interrupt+0xe6/0x280
[   50.170255][    C0]  apic_timer_interrupt+0xf/0x20
[   50.175192][    C0]  __kcsan_setup_watchpoint+0x282/0x510
[   50.180739][    C0]  __tsan_read8+0x2c/0x30
[   50.185079][    C0]  vm_normal_page+0x30/0x220
[   50.189680][    C0]  unmap_page_range+0x8e3/0x18d0
[   50.194691][    C0]  unmap_single_vma+0x144/0x200
[   50.199548][    C0]  unmap_vmas+0xda/0x1a0
[   50.203803][    C0]  exit_mmap+0x13e/0x300
[   50.208203][    C0]  mmput+0xea/0x280
[   50.212003][    C0] 
[   50.214342][    C0] Reported by Kernel Concurrency Sanitizer on:
[   50.220500][    C0] CPU: 0 PID: 7181 Comm: syz-executor.2 Not tainted 5.4.0-rc3+ #0
[   50.228300][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   50.238443][    C0] ==================================================================
[   50.246502][    C0] Kernel panic - not syncing: panic_on_warn set ...
[   50.253091][    C0] CPU: 0 PID: 7181 Comm: syz-executor.2 Not tainted 5.4.0-rc3+ #0
[   50.261066][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   50.271125][    C0] Call Trace:
[   50.274419][    C0]  <IRQ>
[   50.277281][    C0]  dump_stack+0xf5/0x159
[   50.281529][    C0]  panic+0x210/0x640
[   50.285436][    C0]  ? unmap_page_range+0x8e3/0x18d0
[   50.290550][    C0]  ? vprintk_func+0x8d/0x140
[   50.295142][    C0]  kcsan_report.cold+0xc/0x1b
[   50.299823][    C0]  __kcsan_setup_watchpoint+0x3ee/0x510
[   50.305364][    C0]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[   50.311101][    C0]  ? __next_timer_interrupt+0x190/0x190
[   50.316654][    C0]  __tsan_write8+0x32/0x40
[   50.321082][    C0]  run_timer_softirq+0xcc0/0xd20
[   50.326028][    C0]  ? sched_clock+0x34/0x40
[   50.330448][    C0]  ? sched_clock_cpu+0x15/0xe0
[   50.335242][    C0]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   50.341510][    C0]  __do_softirq+0x115/0x33f
[   50.346029][    C0]  irq_exit+0xbb/0xe0
[   50.350024][    C0]  smp_apic_timer_interrupt+0xe6/0x280
[   50.355488][    C0]  ? smp_reschedule_interrupt+0x71/0x1d0
[   50.361127][    C0]  apic_timer_interrupt+0xf/0x20
[   50.366062][    C0]  </IRQ>
[   50.369017][    C0] RIP: 0010:__kcsan_setup_watchpoint+0x282/0x510
[   50.375413][    C0] Code: 00 00 e8 a1 fc e0 ff 65 8b 05 32 a8 ae 7e 85 c0 0f 84 34 02 00 00 48 83 3d ba 9f 52 04 00 0f 84 24 02 00 00 48 8b 7d d0 57 9d <0f> 1f 44 00 00 e9 cb fd ff ff 49 83 fc 08 0f 85 dc 00 00 00 65 8b
[   50.396359][    C0] RSP: 0018:ffffc90000d77878 EFLAGS: 00000282 ORIG_RAX: ffffffffffffff13
[   50.404828][    C0] RAX: 0000000080000001 RBX: 0000000000000000 RCX: 0000000000000000
[   50.412871][    C0] RDX: 0000000000000002 RSI: ffffffff86045cd0 RDI: 0000000000000282
[   50.420842][    C0] RBP: ffffc90000d778b8 R08: ffff888103e520c0 R09: 00000000aaaaaaab
[   50.428824][    C0] R10: 0000000000000000 R11: ffffffff86045cc8 R12: 0000000000000008
[   50.436910][    C0] R13: ffffffff85a564a0 R14: ffff8881038a0d48 R15: ffffffff811e0910
[   50.444895][    C0]  ? __paravirt_pgd_alloc+0x10/0x10
[   50.450112][    C0]  __tsan_read8+0x2c/0x30
[   50.454446][    C0]  vm_normal_page+0x30/0x220
[   50.459117][    C0]  unmap_page_range+0x8e3/0x18d0
[   50.464065][    C0]  ? __tsan_read8+0x2c/0x30
[   50.468591][    C0]  unmap_single_vma+0x144/0x200
[   50.473533][    C0]  unmap_vmas+0xda/0x1a0
[   50.477782][    C0]  exit_mmap+0x13e/0x300
[   50.482038][    C0]  mmput+0xea/0x280
[   50.486078][    C0]  do_exit+0x4c9/0x18f0
[   50.490262][    C0]  ? constant_test_bit+0x12/0x30
[   50.495266][    C0]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[   50.501592][    C0]  ? futex_wait+0x33f/0x3f0
[   50.506095][    C0]  ? __kcsan_setup_watchpoint+0x96/0x510
[   50.511736][    C0]  ? __sanitizer_cov_trace_switch+0x49/0x80
[   50.517816][    C0]  do_group_exit+0xb4/0x1c0
[   50.522322][    C0]  get_signal+0x2a2/0x1320
[   50.526838][    C0]  ? do_futex+0xf6/0x18d0
[   50.531360][    C0]  do_signal+0x3b/0xc00
[   50.535537][    C0]  ? __kcsan_setup_watchpoint+0x96/0x510
[   50.542704][    C0]  ? __kcsan_setup_watchpoint+0x96/0x510
[   50.548600][    C0]  ? __tsan_read8+0x2c/0x30
[   50.553097][    C0]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[   50.558824][    C0]  exit_to_usermode_loop+0x250/0x2c0
[   50.564156][    C0]  do_syscall_64+0x353/0x370
[   50.568891][    C0]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   50.574782][    C0] RIP: 0033:0x459a59
[   50.578679][    C0] Code: Bad RIP value.
[   50.582809][    C0] RSP: 002b:00007f4e3546fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[   50.591393][    C0] RAX: fffffffffffffe00 RBX: 000000000075bf28 RCX: 0000000000459a59
[   50.599475][    C0] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000075bf28
[   50.607447][    C0] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[   50.615453][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000075bf2c
[   50.623425][    C0] R13: 00007fffe637a63f R14: 00007f4e354709c0 R15: 000000000075bf2c
[   50.633058][    C0] Kernel Offset: disabled
[   50.637616][    C0] Rebooting in 86400 seconds..