[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   43.213492] kauditd_printk_skb: 4 callbacks suppressed
[   43.213513] audit: type=1800 audit(1538724550.269:29): pid=5628 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0
[   43.238434] audit: type=1800 audit(1538724550.269:30): pid=5628 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   44.743347] random: sshd: uninitialized urandom read (32 bytes read)
[   45.029591] random: sshd: uninitialized urandom read (32 bytes read)
[   46.145019] random: sshd: uninitialized urandom read (32 bytes read)
Warning: Permanently added '10.128.0.20' (ECDSA) to the list of known hosts.
[   51.958416] random: sshd: uninitialized urandom read (32 bytes read)
2018/10/05 07:29:20 fuzzer started
[   55.661864] random: cc1: uninitialized urandom read (8 bytes read)
2018/10/05 07:29:24 dialing manager at 10.128.0.26:36867
2018/10/05 07:29:24 syscalls: 1
2018/10/05 07:29:24 code coverage: enabled
2018/10/05 07:29:24 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled
2018/10/05 07:29:24 setuid sandbox: enabled
2018/10/05 07:29:24 namespace sandbox: enabled
2018/10/05 07:29:24 Android sandbox: /sys/fs/selinux/policy does not exist
2018/10/05 07:29:24 fault injection: enabled
2018/10/05 07:29:24 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2018/10/05 07:29:24 net packed injection: enabled
2018/10/05 07:29:24 net device setup: enabled
[   60.860790] random: crng init done
07:30:56 executing program 0:
r0 = syz_open_dev$ndb(&(0x7f00000000c0)='/dev/nbd#\x00', 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$NBD_DISCONNECT(r0, 0x1261)

[  149.643942] IPVS: ftp: loaded support on port[0] = 21
[  151.409776] bridge0: port 1(bridge_slave_0) entered blocking state
[  151.416713] bridge0: port 1(bridge_slave_0) entered disabled state
[  151.424605] device bridge_slave_0 entered promiscuous mode
[  151.531509] bridge0: port 2(bridge_slave_1) entered blocking state
[  151.538274] bridge0: port 2(bridge_slave_1) entered disabled state
[  151.546351] device bridge_slave_1 entered promiscuous mode
[  151.651497] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  151.754017] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  152.077206] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  152.184481] bond0: Enslaving bond_slave_1 as an active interface with an up link
07:30:59 executing program 1:
pipe(&(0x7f0000000d40)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$inet6(0xa, 0x3, 0x2)
ioctl(r1, 0x8912, &(0x7f0000000040)="153f6234150f0000766070")
vmsplice(r0, &(0x7f0000000540)=[{&(0x7f0000000380)="8e", 0x1}], 0x1, 0x0)

[  152.338175] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[  152.355275] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  152.706988] IPVS: ftp: loaded support on port[0] = 21
[  153.017241] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  153.025132] team0: Port device team_slave_0 added
[  153.270508] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  153.278345] team0: Port device team_slave_1 added
[  153.466269] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[  153.473372] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  153.481850] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  153.639202] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[  153.646310] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  153.654849] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  153.835461] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  153.843065] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  153.851540] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  153.960033] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  153.967671] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  153.976248] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  155.230137] ip (5910) used greatest stack depth: 53056 bytes left
[  155.717681] bridge0: port 1(bridge_slave_0) entered blocking state
[  155.724244] bridge0: port 1(bridge_slave_0) entered disabled state
[  155.732244] device bridge_slave_0 entered promiscuous mode
[  155.746217] bridge0: port 2(bridge_slave_1) entered blocking state
[  155.752689] bridge0: port 2(bridge_slave_1) entered forwarding state
[  155.759468] bridge0: port 1(bridge_slave_0) entered blocking state
[  155.765955] bridge0: port 1(bridge_slave_0) entered forwarding state
[  155.773987] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  155.835449] bridge0: port 2(bridge_slave_1) entered blocking state
[  155.842027] bridge0: port 2(bridge_slave_1) entered disabled state
[  155.849924] device bridge_slave_1 entered promiscuous mode
[  156.011894] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  156.050827] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  156.295441] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
07:31:03 executing program 2:
r0 = syz_open_dev$ndb(&(0x7f00000000c0)='/dev/nbd#\x00', 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$NBD_DISCONNECT(r0, 0x125d)

[  156.786350] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  157.012121] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  157.115406] IPVS: ftp: loaded support on port[0] = 21
[  157.237534] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[  157.244752] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  157.427734] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[  157.434861] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  158.140418] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  158.148323] team0: Port device team_slave_0 added
[  158.361539] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  158.369476] team0: Port device team_slave_1 added
[  158.567839] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[  158.575050] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  158.584029] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  158.781550] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[  158.788621] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  158.797249] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  159.054746] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  159.062513] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  159.071016] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  159.345921] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  159.353474] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  159.362145] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  160.409986] bridge0: port 1(bridge_slave_0) entered blocking state
[  160.416908] bridge0: port 1(bridge_slave_0) entered disabled state
[  160.424883] device bridge_slave_0 entered promiscuous mode
[  160.587937] bridge0: port 2(bridge_slave_1) entered blocking state
[  160.594588] bridge0: port 2(bridge_slave_1) entered disabled state
[  160.602537] device bridge_slave_1 entered promiscuous mode
[  160.836026] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  161.006200] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  161.610247] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  161.857378] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  161.909813] bridge0: port 2(bridge_slave_1) entered blocking state
[  161.916328] bridge0: port 2(bridge_slave_1) entered forwarding state
[  161.923389] bridge0: port 1(bridge_slave_0) entered blocking state
[  161.929810] bridge0: port 1(bridge_slave_0) entered forwarding state
[  161.938307] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  162.142662] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  162.294517] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[  162.301525] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  162.927104] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  162.934960] team0: Port device team_slave_0 added
07:31:10 executing program 3:
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/tcp6\x00')
readv(r0, &(0x7f00000f9000)=[{&(0x7f0000242000)=""/2560, 0xa00}], 0x1)

[  163.195010] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  163.203030] team0: Port device team_slave_1 added
[  163.465243] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[  163.472380] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  163.480687] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  163.769496] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[  163.776648] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  163.785137] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  164.056741] IPVS: ftp: loaded support on port[0] = 21
[  164.064504] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  164.072048] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  164.080658] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  164.399441] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  164.407187] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  164.416003] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  165.092462] 8021q: adding VLAN 0 to HW filter on device bond0
[  166.176425] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  167.135545] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  167.143548] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  167.153566] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  167.731153] bridge0: port 2(bridge_slave_1) entered blocking state
[  167.738440] bridge0: port 2(bridge_slave_1) entered forwarding state
[  167.745315] bridge0: port 1(bridge_slave_0) entered blocking state
[  167.751773] bridge0: port 1(bridge_slave_0) entered forwarding state
[  167.759836] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  168.032515] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  168.153082] 8021q: adding VLAN 0 to HW filter on device team0
[  168.417004] bridge0: port 1(bridge_slave_0) entered blocking state
[  168.425407] bridge0: port 1(bridge_slave_0) entered disabled state
[  168.435659] device bridge_slave_0 entered promiscuous mode
[  168.742369] bridge0: port 2(bridge_slave_1) entered blocking state
[  168.748806] bridge0: port 2(bridge_slave_1) entered disabled state
[  168.757076] device bridge_slave_1 entered promiscuous mode
[  169.071753] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  169.355531] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  170.201173] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  170.485881] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  170.765178] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[  170.772348] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  171.052889] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[  171.060019] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
07:31:18 executing program 4:
r0 = socket$inet6(0xa, 0x100000002, 0x0)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast1}, 0x1c)

[  171.899136] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  171.907014] team0: Port device team_slave_0 added
[  172.189449] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  172.197278] team0: Port device team_slave_1 added
[  172.489458] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[  172.496641] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  172.505131] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  172.693736] IPVS: ftp: loaded support on port[0] = 21
[  172.769298] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[  172.776554] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  172.784937] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  173.130407] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  173.138016] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  173.146769] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  173.412149] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  173.420156] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  173.428854] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  173.546365] 8021q: adding VLAN 0 to HW filter on device bond0
[  174.682674] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
07:31:22 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000240)={{{@in=@remote, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0xa, 0x80}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@dev, 0x0, 0x2b}, 0x0, @in=@broadcast}}, 0xe8)
sendto$inet6(r0, &(0x7f0000000280), 0x0, 0x200408d4, &(0x7f000072e000)={0xa, 0x0, 0x0, @loopback}, 0x1c)

07:31:22 executing program 0:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000140)={<r1=>0x0, @in={{0x2, 0x4e20, @local}}, 0x400, 0x20}, &(0x7f0000000040)=0x90)
getsockopt$inet_sctp6_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000280)={r1, 0x8, 0x8001, 0xca}, &(0x7f0000000200)=0x10)
socketpair$inet6_udplite(0xa, 0x2, 0x88, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$inet6(r2, &(0x7f0000000080)={0xa, 0x4e24, 0x0, @ipv4={[], [], @loopback}}, 0x1c)
sendmmsg(r0, &(0x7f00000092c0), 0x4ff, 0x0)

[  176.090411] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  176.096907] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  176.104695] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  177.424733] 8021q: adding VLAN 0 to HW filter on device team0
07:31:24 executing program 0:
r0 = request_key(&(0x7f00000000c0)='.dead\x00', &(0x7f0000000100)={'syz', 0x2}, &(0x7f00000001c0)=':\x00', 0xfffffffffffffffb)
inotify_init()
add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000200)={'syz', 0x1}, 0x0, 0x0, r0)

[  177.477700] bridge0: port 2(bridge_slave_1) entered blocking state
[  177.484231] bridge0: port 2(bridge_slave_1) entered forwarding state
[  177.491087] bridge0: port 1(bridge_slave_0) entered blocking state
[  177.497642] bridge0: port 1(bridge_slave_0) entered forwarding state
[  177.505750] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
07:31:24 executing program 0:
r0 = socket$inet6(0xa, 0x80003, 0x800000000000006)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x100064800, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
syz_open_procfs(0x0, &(0x7f0000000080)="636c6561725f72656673007edb")
writev(r1, &(0x7f0000000000)=[{&(0x7f0000000180)='4', 0xffce}], 0x1)

[  178.171946] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
07:31:25 executing program 0:
r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x82)
r1 = memfd_create(&(0x7f0000000380)="000000000000000000000000000000768e05f7c155ad7dc6947c573e5a69244e76382c0aa63d575ea3597f8b1728277ef76b30254d7ba92dcf978f1f81dc1b7f8f7b3451dada02ecb4f1ddcc8b5241da8945666e0073c25a6287c64dbea37a", 0x0)
pwritev(r1, &(0x7f0000000340)=[{&(0x7f0000000100)='\'', 0x1}], 0x1, 0x81806)
ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x0)
setsockopt(r1, 0x1, 0x5, &(0x7f0000000000)="62159c85464d3e351c0cd3a3c8", 0xd)
sendfile(r0, r2, &(0x7f0000000240), 0x20000102000007)
setsockopt$inet6_MCAST_JOIN_GROUP(r1, 0x29, 0x2a, &(0x7f0000000140)={0xffffffff, {{0xa, 0x4e21, 0x0, @local, 0x3}}}, 0x88)
dup3(r1, r0, 0x0)

07:31:25 executing program 0:
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
socketpair(0x0, 0x8000e, 0xfff, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000040)={<r2=>0x0, 0x4, 0x1000, 0x0, 0x1, 0xff}, &(0x7f0000000080)=0x14)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f00000000c0)={r2, 0x4}, &(0x7f0000000100)=0x8)
setsockopt(r0, 0x10d, 0x10, &(0x7f00001c9fff), 0x91)
ioctl$UI_SET_LEDBIT(r1, 0x40045569, 0xb)

[  178.836940] bridge0: port 1(bridge_slave_0) entered blocking state
[  178.843599] bridge0: port 1(bridge_slave_0) entered disabled state
[  178.851838] device bridge_slave_0 entered promiscuous mode
[  179.224075] bridge0: port 2(bridge_slave_1) entered blocking state
[  179.230566] bridge0: port 2(bridge_slave_1) entered disabled state
[  179.238938] device bridge_slave_1 entered promiscuous mode
07:31:26 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000580)={&(0x7f0000000000), 0xc, &(0x7f0000000540)={&(0x7f00000003c0)=@newlink={0x48, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, @veth={{0xc, 0x1, 'veth\x00'}, {0x18, 0x2, @VETH_INFO_PEER={0x14, 0x1, {0x0, 0x0, 0x0, 0x0, 0x4800, 0x201}}}}}]}, 0x48}}, 0x0)
r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000040)='/dev/full\x00', 0x20002, 0x0)
ioctl$KVM_SET_MP_STATE(r1, 0x4004ae99, &(0x7f0000000080)=0x6)

07:31:26 executing program 0:
recvmmsg(0xffffffffffffffff, &(0x7f000000bf40)=[{{&(0x7f0000007700)=@pptp={0x18, 0x2, {0x0, @remote}}, 0x80, &(0x7f00000088c0)=[{&(0x7f0000007780)=""/6, 0x6}], 0x1, &(0x7f0000008900)=""/205, 0xcd}}], 0x1, 0x0, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @remote}, 0x10)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000080)=0xc)
process_vm_readv(r1, &(0x7f0000000240)=[{&(0x7f00000000c0)=""/34, 0x22}, {&(0x7f0000000100)=""/184, 0xb8}, {&(0x7f00000001c0)=""/79, 0x4f}], 0x3, &(0x7f0000002540)=[{&(0x7f0000000280)=""/96, 0x60}, {&(0x7f0000000300)=""/101, 0x65}, {&(0x7f0000000380)=""/192, 0xc0}, {&(0x7f0000000440)=""/2, 0x2}, {&(0x7f0000000480)=""/4096, 0x1000}, {&(0x7f0000001480)=""/179, 0xb3}, {&(0x7f0000001540)=""/4096, 0x1000}], 0x7, 0x0)
sendmmsg(r0, &(0x7f0000007fc0), 0x4000000000001a8, 0x200096dc)

[  179.717427] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  180.107289] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  181.008035] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  181.308396] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  181.505550] 8021q: adding VLAN 0 to HW filter on device bond0
[  181.634917] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[  181.642147] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  181.974905] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[  181.982183] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  182.647736] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  182.688751] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  182.696806] team0: Port device team_slave_0 added
[  182.937973] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  182.946149] team0: Port device team_slave_1 added
[  183.139895] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[  183.149349] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  183.157976] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  183.426904] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[  183.434269] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  183.442771] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  183.598600] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  183.607540] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  183.616122] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  183.688726] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  183.695180] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  183.703017] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  183.890250] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  183.897859] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  183.906494] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  184.581053] 8021q: adding VLAN 0 to HW filter on device team0
07:31:32 executing program 1:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f000001f000)={0x26, 'aead\x00', 0x0, 0x0, 'authencesn(sha3-224-generic,cbc-camellia-asm)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000)="3fd24529", 0x4)

[  186.460654] bridge0: port 2(bridge_slave_1) entered blocking state
[  186.467188] bridge0: port 2(bridge_slave_1) entered forwarding state
[  186.474141] bridge0: port 1(bridge_slave_0) entered blocking state
[  186.480584] bridge0: port 1(bridge_slave_0) entered forwarding state
[  186.488744] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  186.495455] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  188.698947] 8021q: adding VLAN 0 to HW filter on device bond0
07:31:36 executing program 2:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f0000d06000)=0x1, 0x4)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000300)='veth1\x00', 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_int(r0, 0x6, 0x4000000000014, &(0x7f0000000180)=0x80000000002, 0x93)
connect$inet(0xffffffffffffffff, &(0x7f0000000280)={0x2, 0x0, @multicast1}, 0x10)
sendto$inet(r0, &(0x7f0000000000)="cfa353b0b8eb6dbb639c69e4487374d9e6241210f935a2a5c307b2759285cad29bdb984b176fb6c4c5e072f5c6e0ddcdd07e563c3c7bee2f9920ef10249361e4778d3c10c10986e7ccfcb80ae4b7ff9c6f671a536207172d35f05af22f01e7ef4089e98d9eee25d6409edf737a30858d6784a5e8a934f5705e6fe8e089e41928ee4557eeddc9caa27c1473f3d3f8b12f63f7982d7c0761aeeddfcd3eb60c50622acc033a4342c407", 0xa8, 0xffffffffe, &(0x7f0000000140)={0x2, 0x200000000200000, @broadcast}, 0x10)

[  189.392256] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  189.857446] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  189.863915] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  189.871763] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  190.352126] 8021q: adding VLAN 0 to HW filter on device team0
[  192.538888] 8021q: adding VLAN 0 to HW filter on device bond0
[  192.937985] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
07:31:40 executing program 3:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000180)='./file0\x00', 0x0)
syncfs(r1)

[  193.330135] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  193.336600] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  193.344176] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  193.579391] 8021q: adding VLAN 0 to HW filter on device team0
07:31:42 executing program 4:
setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(0xffffffffffffffff, 0x6, 0x21, &(0x7f0000000340)="ae0fc121f1b41ea9cc5a2615cd649643", 0x10)
pipe(&(0x7f0000000440)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, &(0x7f0000000240)='trusted.overlay.redirect\x00', &(0x7f0000000280)='./file0\x00', 0x8, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
timerfd_create(0x0, 0x0)
bind$inet6(r1, &(0x7f0000d84000)={0xa, 0x2}, 0x1c)
sendto$inet6(r1, &(0x7f0000000100), 0xfffffffffffffffa, 0x20000001, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
splice(r1, 0x0, r0, 0x0, 0x3cceb664, 0x0)
setsockopt$inet6_MRT6_DEL_MFC(r1, 0x29, 0xcd, &(0x7f0000000080)={{0xa, 0x0, 0x0, @local}, {0xa, 0x0, 0x100000000, @mcast1}, 0x401, [0xffffffff, 0x50, 0x0, 0x1, 0x7, 0x4, 0x100000001]}, 0x5c)

07:31:42 executing program 5:
socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
r1 = semget$private(0x0, 0x7, 0x20)
semctl$GETPID(r1, 0x4, 0xb, &(0x7f0000000040)=""/184)
setsockopt$IP_VS_SO_SET_EDIT(r0, 0x0, 0x483, &(0x7f0000000100)={0x2b, @rand_addr=0x101, 0x4e22, 0x2, 'none\x00', 0x0, 0x7, 0x7f}, 0x2c)
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snapshot\x00', 0x40c100, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000240)={r2, 0x10, &(0x7f0000000200)={&(0x7f0000000180)=""/108, 0x6c}}, 0x10)
shmget(0x3, 0x1000, 0x0, &(0x7f0000fff000/0x1000)=nil)
ioctl$UI_SET_SNDBIT(r2, 0x4004556a, 0x0)
r3 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000280)='/dev/rfkill\x00', 0x400, 0x0)
socketpair$inet_udplite(0x2, 0x2, 0x88, &(0x7f00000002c0)={<r4=>0xffffffffffffffff})
fcntl$notify(r0, 0x402, 0x2)
ioctl$BLKIOOPT(r2, 0x1279, &(0x7f0000000300))
r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_SERVICE(r2, &(0x7f00000004c0)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x5000000}, 0xc, &(0x7f0000000480)={&(0x7f00000003c0)={0xa0, r5, 0x0, 0x70bd2d, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_DEST={0x30, 0x2, [@IPVS_DEST_ATTR_PORT={0x8, 0x2, 0x4e21}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x4}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@local}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x3f}]}, @IPVS_CMD_ATTR_DEST={0x38, 0x2, [@IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x9}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x269}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x1}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x9}]}, @IPVS_CMD_ATTR_DEST={0x14, 0x2, [@IPVS_DEST_ATTR_PORT={0x8, 0x2, 0x4e21}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x5}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0xffffffffffffff28}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x80}]}, 0xa0}, 0x1, 0x0, 0x0, 0x4040000}, 0x1)
io_setup(0x0, &(0x7f0000000500)=<r6=>0x0)
io_destroy(r6)
getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r3, 0x84, 0xa, &(0x7f0000000540)={0x3f, 0x5d3, 0x2, 0x2c57, 0x2, 0x1, 0x4, 0x2, <r7=>0x0}, &(0x7f0000000580)=0x20)
getsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, &(0x7f00000005c0)={r7, 0xd998}, &(0x7f0000000600)=0x8)
write$cgroup_subtree(r2, &(0x7f0000000640)={[{0x0, 'cpu'}, {0x0, 'pids'}, {0x2f, 'cpu'}, {0x2d, 'memory'}, {0x2f, 'rdma'}]}, 0x1e)
setsockopt$inet6_MRT6_ADD_MFC_PROXY(r2, 0x29, 0xd2, &(0x7f0000000680)={{0xa, 0x4e24, 0x3, @loopback}, {0xa, 0x4e24, 0xf42, @remote, 0x3}, 0x2, [0xb415, 0x1, 0xf0a0, 0x0, 0x0, 0x8, 0x3, 0x8]}, 0x5c)
bind$alg(r4, &(0x7f0000000700)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes256\x00'}, 0x58)
getsockopt$EBT_SO_GET_INIT_ENTRIES(r2, 0x0, 0x83, &(0x7f0000000840)={'filter\x00', 0x0, 0x4, 0x7d, [], 0x4, &(0x7f0000000780)=[{}, {}, {}, {}], &(0x7f00000007c0)=""/125}, &(0x7f00000008c0)=0x78)
ioctl$TUNGETFILTER(r2, 0x801054db, &(0x7f0000000900)=""/4096)
ioctl$ASHMEM_GET_SIZE(r2, 0x7704, 0x0)
syz_open_dev$sndctrl(&(0x7f0000001900)='/dev/snd/controlC#\x00', 0x100000001, 0x0)
shmget$private(0x0, 0x2000, 0x800, &(0x7f0000ffe000/0x2000)=nil)
r8 = add_key$user(&(0x7f0000001940)='user\x00', &(0x7f0000001980)={'syz', 0x3}, &(0x7f00000019c0)="da6b8dd96e2248ce6bb972a77cb2f461f5ac3fb717fc39ef2a180030a75244e642094326279c91a35f51c7da44414b7acb3c870b8af76cdc060a124699ebefb370dd26d85ec84485795aa31ccf8354a3acad16281c20ca0771c255585fdad6a9e28a4073bce6a6dc16ad4ed5d20a94b0a0e79a9f361a80d24c37bf5f758c589de0a577728dedf45e4f8aaa788746cc79baf5783e351a4be3c5ce68846ba5165638ac29d74740a33604a19ab696996ed0c7931fdce2b453fb989a56ae7eb45335822b9151b785f3b3", 0xc8, 0xfffffffffffffff8)
r9 = add_key$keyring(&(0x7f0000001ac0)='keyring\x00', &(0x7f0000001b00)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffff8)
keyctl$reject(0x13, r8, 0x1f, 0x9, r9)
setsockopt$RDS_CONG_MONITOR(r2, 0x114, 0x6, &(0x7f0000001b40)=0x1, 0x4)

07:31:42 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x4e20}, 0x10)
sendto$inet(r0, &(0x7f0000000200), 0xfffffffffffffeb4, 0x20008005, &(0x7f0000db4ff0)={0x2, 0x4e20, @loopback}, 0x10)
shutdown(r0, 0x0)
recvfrom$inet(r0, &(0x7f0000000200)=""/179, 0xb3, 0x40000003, &(0x7f00000002c0)={0x2, 0x0, @local}, 0x70a000)

07:31:42 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0)
r1 = memfd_create(&(0x7f00000002c0)='vboxnet1&\x00', 0x2)
ioctl$PPPOEIOCDFWD(r1, 0xb101, 0x0)
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f00003b9fdc))
syz_open_pts(r0, 0x0)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000006cc0)={{{@in=@loopback, @in=@rand_addr}}, {{@in=@remote}, 0x0, @in=@multicast1}}, &(0x7f0000002900)=0xe8)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000006e40)={{{@in=@remote, @in=@loopback}}, {{@in=@remote}, 0x0, @in6=@mcast1}}, &(0x7f0000005800)=0xe8)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000006f40), &(0x7f0000006f80)=0xc)
lstat(&(0x7f0000008140)='./file0\x00', &(0x7f0000008180))
openat$ashmem(0xffffffffffffff9c, &(0x7f0000008200)='/dev/ashmem\x00', 0x0, 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
getgid()
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000008440))
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000008480)={{{@in6=@mcast2, @in6=@dev}}, {{@in6=@loopback}, 0x0, @in6=@mcast1}}, &(0x7f0000008580)=0xe8)
fcntl$getownex(r1, 0x10, &(0x7f0000008a80))
lstat(&(0x7f0000008ac0)='./file0\x00', &(0x7f0000008b00))
fstat(r1, &(0x7f0000008d80))
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000008e00), &(0x7f0000008e40)=0xc)
fstat(r2, &(0x7f0000008fc0))
getgroups(0x2, &(0x7f0000009340)=[0xffffffffffffffff, 0xee01])
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000009380))
getgroups(0x2, &(0x7f0000009680)=[0xee01, 0xffffffffffffffff])

07:31:42 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat$rfkill(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/rfkill\x00', 0x1, 0x0)
ioctl$DRM_IOCTL_AGP_BIND(0xffffffffffffffff, 0x40106436, &(0x7f0000000340))
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000180)="660f0f370cd1ca66b8eb0000000f23d00f21f86635200000020f23f80fd45700bad00466b85722000066ef0f229966f43e0f300f01c9baf80c66b8b00f5d8b66efbafc0c66b80400000066ef", 0x4c}], 0x1, 0x0, &(0x7f0000000080), 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, &(0x7f00000000c0)="baa100b004ee363ef20f1af8baf80c66b898fad88e66efbafc0ced2e64660f7c6a090f217566b9900000400f320f01dfb880058ed00f215cbaf80c66b8c055b38966efbafc0c66b80010000066ef", 0x4e}], 0x1, 0x1b, &(0x7f0000000240), 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000010000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000380)="0f2250650eb8c8000f00d0660f3a17090eeac7007e000f0018b8ff008ed00f08f30f017be4673e0fc72b", 0x2a}], 0x1, 0x0, &(0x7f0000000340), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

07:31:42 executing program 0:
r0 = syz_open_dev$sg(&(0x7f0000001000)='/dev/sg#\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff})
ioctl(r0, 0x5386, &(0x7f0000979fff))
flock(r1, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x101000)
setsockopt$inet_sctp6_SCTP_EVENTS(r2, 0x84, 0xb, &(0x7f0000000040)={0x3, 0xffffffffffffffc0, 0x4, 0x4, 0x1ff, 0x4, 0x3f, 0x5, 0x7, 0xfffffffffffffffb, 0x5}, 0xb)

[  195.237879] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html for details.
[  195.308213] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based  firewall rule not found. Use the iptables CT target to attach helpers instead.
[  195.383121] ==================================================================
[  195.390714] BUG: KMSAN: uninit-value in __vmx_flush_tlb+0x755/0x790
[  195.397121] CPU: 0 PID: 7151 Comm: syz-executor3 Not tainted 4.19.0-rc4+ #63
[  195.404309] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  195.413869] Call Trace:
[  195.416470]  dump_stack+0x306/0x460
[  195.420108]  ? __vmx_flush_tlb+0x755/0x790
[  195.424361]  kmsan_report+0x1a3/0x2d0
[  195.428186]  __msan_warning+0x7c/0xe0
[  195.432016]  __vmx_flush_tlb+0x755/0x790
[  195.436115]  vmx_flush_tlb+0x94/0xb0
[  195.439856]  ? vmx_set_rflags+0x740/0x740
[  195.444119]  kvm_mmu_load+0x1656/0x3460
[  195.448114]  ? vmx_set_cr0+0x3510/0x3510
[  195.452198]  kvm_arch_vcpu_ioctl_run+0x879e/0x10a20
[  195.457294]  ? task_kmsan_context_state+0x6b/0x120
[  195.462233]  ? __msan_get_context_state+0x9/0x30
[  195.466995]  ? INIT_INT+0xc/0x30
[  195.470371]  ? task_kmsan_context_state+0x6b/0x120
[  195.475312]  ? __msan_metadata_ptr_for_store_1+0x13/0x20
[  195.480772]  ? kmsan_set_origin_inline+0x6b/0x120
[  195.485641]  ? __msan_poison_alloca+0x17a/0x210
[  195.490324]  ? put_pid+0x71/0x410
[  195.493791]  ? kvm_vcpu_ioctl+0x20a4/0x20b0
[  195.498144]  ? put_pid+0x1a9/0x410
[  195.501728]  ? __msan_metadata_ptr_for_load_8+0x10/0x20
[  195.507099]  ? get_task_pid+0x17b/0x270
[  195.511088]  kvm_vcpu_ioctl+0x11a7/0x20b0
[  195.515266]  ? do_vfs_ioctl+0x18a/0x2810
[  195.519347]  ? __se_sys_ioctl+0x1da/0x270
[  195.523502]  ? kvm_vm_release+0x90/0x90
[  195.527493]  do_vfs_ioctl+0xcf3/0x2810
[  195.531397]  ? security_file_ioctl+0x92/0x200
[  195.535906]  __se_sys_ioctl+0x1da/0x270
[  195.539911]  __x64_sys_ioctl+0x4a/0x70
[  195.543810]  do_syscall_64+0xbe/0x100
[  195.547644]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[  195.552837] RIP: 0033:0x457579
[  195.556034] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  195.574940] RSP: 002b:00007fa9bfa5ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  195.582915] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457579
[  195.590219] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  195.597492] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000
[  195.604765] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa9bfa5f6d4
[  195.612045] R13: 00000000004c003b R14: 00000000004d0108 R15: 00000000ffffffff
[  195.619326] 
[  195.620950] Local variable description: ----error.i.i.i@__vmx_flush_tlb
[  195.627710] Variable was created at:
[  195.631430]  __vmx_flush_tlb+0x103/0x790
[  195.635500]  vmx_flush_tlb+0x94/0xb0
[  195.639207] ==================================================================
[  195.646788] Disabling lock debugging due to kernel taint
[  195.652243] Kernel panic - not syncing: panic_on_warn set ...
[  195.652243] 
[  195.659625] CPU: 0 PID: 7151 Comm: syz-executor3 Tainted: G    B             4.19.0-rc4+ #63
[  195.668198] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  195.677561] Call Trace:
[  195.680161]  dump_stack+0x306/0x460
[  195.683832]  panic+0x54c/0xafa
[  195.687059]  ? __msan_metadata_ptr_for_store_1+0x13/0x20
[  195.692553]  kmsan_report+0x2cd/0x2d0
[  195.696385]  __msan_warning+0x7c/0xe0
[  195.700196]  __vmx_flush_tlb+0x755/0x790
[  195.704292]  vmx_flush_tlb+0x94/0xb0
[  195.708012]  ? vmx_set_rflags+0x740/0x740
[  195.712161]  kvm_mmu_load+0x1656/0x3460
[  195.716169]  ? vmx_set_cr0+0x3510/0x3510
[  195.720247]  kvm_arch_vcpu_ioctl_run+0x879e/0x10a20
[  195.725360]  ? task_kmsan_context_state+0x6b/0x120
[  195.730396]  ? __msan_get_context_state+0x9/0x30
[  195.735159]  ? INIT_INT+0xc/0x30
[  195.738528]  ? task_kmsan_context_state+0x6b/0x120
[  195.743467]  ? __msan_metadata_ptr_for_store_1+0x13/0x20
[  195.748923]  ? kmsan_set_origin_inline+0x6b/0x120
[  195.753776]  ? __msan_poison_alloca+0x17a/0x210
[  195.758460]  ? put_pid+0x71/0x410
[  195.761919]  ? kvm_vcpu_ioctl+0x20a4/0x20b0
[  195.766246]  ? put_pid+0x1a9/0x410
[  195.769786]  ? __msan_metadata_ptr_for_load_8+0x10/0x20
[  195.775160]  ? get_task_pid+0x17b/0x270
[  195.779167]  kvm_vcpu_ioctl+0x11a7/0x20b0
[  195.783350]  ? do_vfs_ioctl+0x18a/0x2810
[  195.787409]  ? __se_sys_ioctl+0x1da/0x270
[  195.791565]  ? kvm_vm_release+0x90/0x90
[  195.795567]  do_vfs_ioctl+0xcf3/0x2810
[  195.799494]  ? security_file_ioctl+0x92/0x200
[  195.804003]  __se_sys_ioctl+0x1da/0x270
[  195.807993]  __x64_sys_ioctl+0x4a/0x70
[  195.809140] IPVS: ftp: loaded support on port[0] = 21
[  195.811882]  do_syscall_64+0xbe/0x100
[  195.811904]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[  195.811917] RIP: 0033:0x457579
[  195.811930] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  195.811949] RSP: 002b:00007fa9bfa5ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  195.855869] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457579
[  195.863149] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  195.870429] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000
[  195.877703] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa9bfa5f6d4
[  195.884976] R13: 00000000004c003b R14: 00000000004d0108 R15: 00000000ffffffff
[  195.893590] Kernel Offset: disabled
[  195.897226] Rebooting in 86400 seconds..