Warning: Permanently added '10.128.10.4' (ECDSA) to the list of known hosts.
2018/11/11 21:25:53 fuzzer started
syzkaller login: [   72.501924] cc1 (6628) used greatest stack depth: 54384 bytes left
2018/11/11 21:25:58 dialing manager at 10.128.0.26:42475
[   74.536966] ld (6631) used greatest stack depth: 53904 bytes left
2018/11/11 21:25:58 syscalls: 1
2018/11/11 21:25:58 code coverage: enabled
2018/11/11 21:25:58 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled
2018/11/11 21:25:58 setuid sandbox: enabled
2018/11/11 21:25:58 namespace sandbox: enabled
2018/11/11 21:25:58 Android sandbox: /sys/fs/selinux/policy does not exist
2018/11/11 21:25:58 fault injection: enabled
2018/11/11 21:25:58 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2018/11/11 21:25:58 net packed injection: enabled
2018/11/11 21:25:58 net device setup: enabled
21:28:11 executing program 0:

[  208.669548] IPVS: ftp: loaded support on port[0] = 21
[  209.683460] ip (6653) used greatest stack depth: 53664 bytes left
[  210.827563] bridge0: port 1(bridge_slave_0) entered blocking state
[  210.834318] bridge0: port 1(bridge_slave_0) entered disabled state
[  210.843111] device bridge_slave_0 entered promiscuous mode
[  210.969617] bridge0: port 2(bridge_slave_1) entered blocking state
[  210.976261] bridge0: port 2(bridge_slave_1) entered disabled state
[  210.985092] device bridge_slave_1 entered promiscuous mode
[  211.108830] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  211.236606] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  211.623490] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  211.754233] bond0: Enslaving bond_slave_1 as an active interface with an up link
21:28:15 executing program 1:

[  212.543186] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  212.551103] team0: Port device team_slave_0 added
[  212.665014] IPVS: ftp: loaded support on port[0] = 21
[  212.758949] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  212.767003] team0: Port device team_slave_1 added
[  212.966160] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  213.121616] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  213.314001] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  213.321605] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  213.330823] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  213.497606] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  213.505396] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  213.514625] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  214.402219] ip (6735) used greatest stack depth: 53648 bytes left
[  215.739742] bridge0: port 2(bridge_slave_1) entered blocking state
[  215.746309] bridge0: port 2(bridge_slave_1) entered forwarding state
[  215.753353] bridge0: port 1(bridge_slave_0) entered blocking state
[  215.759803] bridge0: port 1(bridge_slave_0) entered forwarding state
[  215.768479] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  216.192728] bridge0: port 1(bridge_slave_0) entered blocking state
[  216.199205] bridge0: port 1(bridge_slave_0) entered disabled state
[  216.207994] device bridge_slave_0 entered promiscuous mode
[  216.253845] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  216.396926] bridge0: port 2(bridge_slave_1) entered blocking state
[  216.403565] bridge0: port 2(bridge_slave_1) entered disabled state
[  216.412205] device bridge_slave_1 entered promiscuous mode
[  216.693056] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  216.922167] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
21:28:21 executing program 2:

[  217.453902] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  217.729188] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  217.957094] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[  217.965843] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  218.247212] IPVS: ftp: loaded support on port[0] = 21
[  219.029707] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  219.037865] team0: Port device team_slave_0 added
[  219.196416] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  219.204751] team0: Port device team_slave_1 added
[  219.504024] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[  219.511144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  219.519952] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  219.769519] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[  219.776761] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  219.786035] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  220.010463] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  220.018609] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  220.027521] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  220.190149] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  220.197896] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  220.206972] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  220.372020] ip (6861) used greatest stack depth: 53616 bytes left
[  222.845689] bridge0: port 1(bridge_slave_0) entered blocking state
[  222.852338] bridge0: port 1(bridge_slave_0) entered disabled state
[  222.860756] device bridge_slave_0 entered promiscuous mode
[  223.029706] bridge0: port 2(bridge_slave_1) entered blocking state
[  223.036293] bridge0: port 2(bridge_slave_1) entered forwarding state
[  223.043316] bridge0: port 1(bridge_slave_0) entered blocking state
[  223.049762] bridge0: port 1(bridge_slave_0) entered forwarding state
[  223.058494] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  223.124738] bridge0: port 2(bridge_slave_1) entered blocking state
[  223.131211] bridge0: port 2(bridge_slave_1) entered disabled state
[  223.140163] device bridge_slave_1 entered promiscuous mode
[  223.413549] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  223.532370] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  223.618813] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  224.409111] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  224.671577] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  224.953191] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[  224.960302] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
21:28:29 executing program 3:

[  225.259773] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[  225.267247] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  226.083005] IPVS: ftp: loaded support on port[0] = 21
[  226.314748] 8021q: adding VLAN 0 to HW filter on device bond0
[  226.337934] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  226.346485] team0: Port device team_slave_0 added
[  226.669304] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  226.677501] team0: Port device team_slave_1 added
[  227.019410] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[  227.026750] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  227.035543] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  227.353805] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[  227.361198] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  227.370299] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  227.564277] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  227.680246] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  227.688036] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  227.697030] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  227.912181] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  227.919780] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  227.928919] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  228.847975] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  228.854650] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  228.862689] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  230.039188] 8021q: adding VLAN 0 to HW filter on device team0
[  230.216916] ip (7102) used greatest stack depth: 53504 bytes left
[  231.371424] bridge0: port 2(bridge_slave_1) entered blocking state
[  231.378167] bridge0: port 2(bridge_slave_1) entered forwarding state
[  231.385187] bridge0: port 1(bridge_slave_0) entered blocking state
[  231.391747] bridge0: port 1(bridge_slave_0) entered forwarding state
[  231.400341] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  231.685100] bridge0: port 1(bridge_slave_0) entered blocking state
[  231.691574] bridge0: port 1(bridge_slave_0) entered disabled state
[  231.700337] device bridge_slave_0 entered promiscuous mode
[  231.937157] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  232.058355] bridge0: port 2(bridge_slave_1) entered blocking state
[  232.065121] bridge0: port 2(bridge_slave_1) entered disabled state
[  232.073706] device bridge_slave_1 entered promiscuous mode
[  232.445282] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  232.699790] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  233.509684] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  233.863551] bond0: Enslaving bond_slave_1 as an active interface with an up link
21:28:38 executing program 4:

[  234.234449] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[  234.241523] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  234.591446] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[  234.600063] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  235.326543] IPVS: ftp: loaded support on port[0] = 21
[  235.860659] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  235.868916] team0: Port device team_slave_0 added
[  236.239195] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  236.247321] team0: Port device team_slave_1 added
[  236.349967] 8021q: adding VLAN 0 to HW filter on device bond0
[  236.633873] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[  236.640980] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  236.649777] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  237.066469] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[  237.073847] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  237.082927] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  237.477704] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  237.485661] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  237.494779] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  237.769515] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  237.865067] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  237.874428] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  237.883155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
21:28:42 executing program 0:

21:28:42 executing program 0:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket(0x2, 0x1, 0x0)
r2 = fcntl$dupfd(r0, 0x0, r1)
fstatfs(r2, &(0x7f0000000000)=""/186)
setsockopt$inet_group_source_req(r2, 0x0, 0x2e, &(0x7f0000000280)={0x0, {{0x2, 0x0, @multicast1}}}, 0x108)

21:28:43 executing program 0:
r0 = socket$inet(0x10, 0x80000000003, 0x40000000000010)
sendmsg(r0, &(0x7f0000002c40)={0x0, 0x0, &(0x7f0000017000), 0x1, 0x0, 0xea, 0x40}, 0x0)
recvmmsg(r0, &(0x7f0000002a80)=[{{&(0x7f0000000040)=@in={0x2, 0x0, @multicast2}, 0x0, &(0x7f0000000300)=[{&(0x7f00000001c0)=""/68}, {&(0x7f0000000140)=""/60}, {&(0x7f0000000240)=""/35}, {&(0x7f0000000280)=""/92}], 0x0, &(0x7f0000000340)=""/224, 0x0, 0x2}, 0x1ead4851}, {{&(0x7f0000000440)=@sco, 0x0, &(0x7f0000000680)=[{&(0x7f00000004c0)=""/213}, {&(0x7f00000005c0)=""/162}], 0x0, &(0x7f00000006c0)=""/136, 0x0, 0x7f}, 0x1}, {{&(0x7f0000000780)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast2}}}, 0x0, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/251}, {&(0x7f0000000900)=""/81}, {&(0x7f0000000980)=""/168}, {&(0x7f0000000a40)=""/219}], 0x0, 0x0, 0x0, 0x76}, 0xfff}, {{&(0x7f0000000b80)=@vsock={0x28, 0x0, 0x0, @my}, 0x0, &(0x7f00000020c0)=[{&(0x7f0000000c00)=""/150}, {&(0x7f0000000cc0)=""/75}, {&(0x7f0000000d40)=""/211}, {&(0x7f0000000e40)=""/195}, {&(0x7f0000000f40)=""/4096}, {&(0x7f0000001f40)=""/47}, {&(0x7f0000001f80)=""/13}, {&(0x7f0000001fc0)=""/247}], 0x0, &(0x7f0000002140)=""/44, 0x0, 0x2}, 0x8001}, {{&(0x7f0000002180)=@ax25, 0x0, &(0x7f0000002440)=[{&(0x7f0000002200)=""/174}, {&(0x7f00000022c0)=""/179}, {&(0x7f0000002380)=""/187}], 0x0, &(0x7f0000002480)=""/69, 0x0, 0x1}, 0x36a9}, {{&(0x7f0000002500)=@l2, 0x0, &(0x7f0000002780)=[{&(0x7f0000002580)=""/218}, {&(0x7f0000002680)=""/249}], 0x0, &(0x7f00000027c0)=""/85, 0x0, 0x5}, 0x8}, {{&(0x7f0000002840)=@l2, 0x0, &(0x7f0000002940)=[{&(0x7f00000028c0)=""/78}], 0x0, &(0x7f0000002980)=""/199, 0x0, 0x7}}], 0x421, 0x2, &(0x7f0000000000)={0x77359400})

[  239.205622] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  239.212503] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  239.220272] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
21:28:44 executing program 0:
r0 = socket$inet(0x10, 0x80000000003, 0x40000000000010)
sendmsg(r0, &(0x7f0000002c40)={0x0, 0x0, &(0x7f0000017000), 0x1, 0x0, 0xea, 0x40}, 0x0)
recvmmsg(r0, &(0x7f0000002a80)=[{{&(0x7f0000000040)=@in={0x2, 0x0, @multicast2}, 0x0, &(0x7f0000000300)=[{&(0x7f00000001c0)=""/68}, {&(0x7f0000000140)=""/60}, {&(0x7f0000000240)=""/35}, {&(0x7f0000000280)=""/92}], 0x0, &(0x7f0000000340)=""/224, 0x0, 0x2}, 0x1ead4851}, {{&(0x7f0000000440)=@sco, 0x0, &(0x7f0000000680)=[{&(0x7f00000004c0)=""/213}, {&(0x7f00000005c0)=""/162}], 0x0, &(0x7f00000006c0)=""/136, 0x0, 0x7f}, 0x1}, {{&(0x7f0000000780)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast2}}}, 0x0, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/251}, {&(0x7f0000000900)=""/81}, {&(0x7f0000000980)=""/168}, {&(0x7f0000000a40)=""/219}], 0x0, 0x0, 0x0, 0x76}, 0xfff}, {{&(0x7f0000000b80)=@vsock={0x28, 0x0, 0x0, @my}, 0x0, &(0x7f00000020c0)=[{&(0x7f0000000c00)=""/150}, {&(0x7f0000000cc0)=""/75}, {&(0x7f0000000d40)=""/211}, {&(0x7f0000000e40)=""/195}, {&(0x7f0000000f40)=""/4096}, {&(0x7f0000001f40)=""/47}, {&(0x7f0000001f80)=""/13}, {&(0x7f0000001fc0)=""/247}], 0x0, &(0x7f0000002140)=""/44, 0x0, 0x2}, 0x8001}, {{&(0x7f0000002180)=@ax25, 0x0, &(0x7f0000002440)=[{&(0x7f0000002200)=""/174}, {&(0x7f00000022c0)=""/179}, {&(0x7f0000002380)=""/187}], 0x0, &(0x7f0000002480)=""/69, 0x0, 0x1}, 0x36a9}, {{&(0x7f0000002500)=@l2, 0x0, &(0x7f0000002780)=[{&(0x7f0000002580)=""/218}, {&(0x7f0000002680)=""/249}], 0x0, &(0x7f00000027c0)=""/85, 0x0, 0x5}, 0x8}, {{&(0x7f0000002840)=@l2, 0x0, &(0x7f0000002940)=[{&(0x7f00000028c0)=""/78}], 0x0, &(0x7f0000002980)=""/199, 0x0, 0x7}}], 0x421, 0x2, &(0x7f0000000000)={0x77359400})

[  240.667149] 8021q: adding VLAN 0 to HW filter on device team0
[  241.414971] bridge0: port 1(bridge_slave_0) entered blocking state
[  241.421444] bridge0: port 1(bridge_slave_0) entered disabled state
[  241.430205] device bridge_slave_0 entered promiscuous mode
21:28:45 executing program 0:
gettid()
r0 = getpgid(0x0)
r1 = syz_open_procfs(r0, &(0x7f0000000080)='cmdline\x00')
ioctl$VT_WAITACTIVE(r1, 0x5607)
exit(0x0)
pread64(r1, &(0x7f00000000c0)=""/100, 0x245, 0x0)
ioctl$KVM_ARM_SET_DEVICE_ADDR(r1, 0x4010aeab, &(0x7f0000000000)={0x5, 0x1})
ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04)

[  241.842279] bridge0: port 2(bridge_slave_1) entered blocking state
[  241.848832] bridge0: port 2(bridge_slave_1) entered disabled state
[  241.857346] device bridge_slave_1 entered promiscuous mode
[  242.155089] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  242.267595] bridge0: port 2(bridge_slave_1) entered blocking state
[  242.274171] bridge0: port 2(bridge_slave_1) entered forwarding state
[  242.281091] bridge0: port 1(bridge_slave_0) entered blocking state
[  242.287680] bridge0: port 1(bridge_slave_0) entered forwarding state
[  242.296237] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  242.476885] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
21:28:46 executing program 0:
socket$inet_udp(0x2, 0x2, 0x0)
creat(&(0x7f0000000200)='./file0\x00', 0x0)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff)
mount(&(0x7f00000004c0)=@nullb='/dev/nullb0\x00', &(0x7f0000000500)='./file0\x00', &(0x7f0000000540)='pstore\x00', 0x0, &(0x7f0000000580)='dummy0\x00')
socketpair(0x0, 0x0, 0x0, &(0x7f0000000340)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r0, 0xc058534b, &(0x7f0000000040)={0x7f, 0x33, 0xfffffffffffffffc, 0x25, 0x8, 0x8001})
socket$inet(0x2, 0x0, 0x0)

21:28:47 executing program 0:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
r1 = syz_open_dev$dmmidi(&(0x7f00000001c0)='/dev/dmmidi#\x00', 0x995, 0x8000)
connect(r1, &(0x7f0000000200)=@alg={0x26, 'skcipher\x00', 0x0, 0x0, 'fpu(pcbc(aes-aesni))\x00'}, 0x80)
r2 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x100, 0x600442)
read(r2, &(0x7f0000000140)=""/115, 0x73)
ioctl$VIDIOC_G_EXT_CTRLS(r2, 0xc0205647, &(0x7f0000000100)={0xa00000, 0x5, 0x5580, [], &(0x7f0000000040)={0xbb0bff, 0x2, [], @value=0x784}})

[  243.300895] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  243.658064] bond0: Enslaving bond_slave_0 as an active interface with an up link
21:28:47 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000003c0)={'bond0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00 ', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000240), 0xc, &(0x7f00000002c0)={&(0x7f0000000540)=@ipmr_delroute={0x13c, 0x19, 0x400, 0x70bd29, 0x25dfdbfb, {0x80, 0x94, 0x90, 0x3, 0xfe, 0x4, 0xfe, 0xf, 0x200}, [@RTA_FLOW={0x8, 0xb, 0xc5fd}, @RTA_FLOW={0x8, 0xb, 0x2}, @RTA_METRICS={0xb8, 0x8, "578590a645cbd101cbffe22f094aa4aaa34b94116b48cdd1d3c24327a78d20661648d50fb1488039518850e501d9fd1a9d0be0199eccd207d5789545a5c0f48a339102b8fd44951bf4f17e8eb085ff7dd470e34c4a3ea1fb2938fe007af86cfc3dfe7e49e8c9f2af94c7809169ec28ee53b8bd66dfb8c4d23151eae39a559461dab6969759cb263430a7a2a0dc24c9ae38f0931b0f47d843df7538ecaab34d4213104f37e6bacde2358a1a9fb164368a32309a2c"}, @RTA_METRICS={0x38, 0x8, "de3f51f9c8234f6a644502ee800530c1b690c41005bd95f09fff246279565ee4f766575587e64dd29d8b97c6a022d11861bddeb4"}, @RTA_FLOW={0x8}, @RTA_GATEWAY={0x8, 0x5, @dev={0xac, 0x14, 0x14, 0x1a}}, @RTA_OIF={0x8, 0x4, r2}, @RTA_MARK={0x8, 0x10, 0x4}]}, 0x13c}, 0x1, 0x0, 0x0, 0x2}, 0x0)

[  244.094308] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  244.496611] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[  244.503860] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  244.796541] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[  244.803745] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  245.730428] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  245.738796] team0: Port device team_slave_0 added
[  245.981237] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  245.989480] team0: Port device team_slave_1 added
[  246.300945] 8021q: adding VLAN 0 to HW filter on device bond0
[  246.358087] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[  246.367300] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  246.376046] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  246.647123] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[  246.654392] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  246.663066] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  246.897455] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  246.905268] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  246.914216] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  247.160846] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  247.168590] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  247.177547] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  247.284809] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
21:28:52 executing program 1:
socketpair$unix(0x1, 0x803, 0x0, &(0x7f0000000780)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x8)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x523, 0x0)

[  248.360214] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  248.366784] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  248.374766] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  249.202125] 8021q: adding VLAN 0 to HW filter on device team0
[  249.782276] bridge0: port 2(bridge_slave_1) entered blocking state
[  249.788762] bridge0: port 2(bridge_slave_1) entered forwarding state
[  249.795782] bridge0: port 1(bridge_slave_0) entered blocking state
[  249.802292] bridge0: port 1(bridge_slave_0) entered forwarding state
[  249.810697] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  249.817879] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  252.779138] 8021q: adding VLAN 0 to HW filter on device bond0
[  253.499538] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
21:28:57 executing program 2:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'rfc4309(morus1280)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140), 0x0)

[  254.207973] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  254.214592] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  254.222627] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  254.713686] 8021q: adding VLAN 0 to HW filter on device team0
[  256.556045] 8021q: adding VLAN 0 to HW filter on device bond0
[  257.038953] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  257.532963] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  257.541364] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  257.549450] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
21:29:01 executing program 3:
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x40000000000009)
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendfile(r0, r0, &(0x7f00000000c0)=0x2a, 0x1)
ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f0000000280)={0x3, &(0x7f00000001c0)=[{0x0, 0x9, 0x0, 0x40}, {0x0, 0x8, 0x0, 0xffffffffffff2add}, {0x780, 0xb010, 0x8000, 0x10000}]})
r1 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r1)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000006c0)='/dev/net/tun\x00', 0x2, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000080)={"0000000000000000000000000200", 0x5002})
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000100)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0xfffffffffffffffe}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="030000000000000008001b0000000000"], 0x1}}, 0x0)
accept$inet6(0xffffffffffffffff, &(0x7f0000000340), &(0x7f0000000380)=0x1c)
r4 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r4, 0x2007fff)
write$tun(r4, &(0x7f0000000700)=ANY=[@ANYBLOB="00000004abbc8643b6676c7d1a9568d052c388975461448607a8e2e5c712443cf58818afa753d8c52dc4beae7a3a0c70937a0081005acd9cae07db2b4ede6c09df71cb4fcf67c601c613a4406134f71533f3dc33b214db34d5cd0b1a3f7d0b2873cc4f19bc4a893af767b5b26363ee53240c9f7e91dafad84abedeaa05ef42c00e22c7b048004de7993da786b5edd7b356691268ddbf5a896ad586c31dc75ae15d1dc5a3cac0fd6a322f737411086e8b718aaca3ce3bb1dc607be7d9150c5dd171c819cbc9cdb811953c5a787ac9c39ca0a3fb063863fa4c3e8255a18eb8e24d3d574dbb3ec7fa80b5c028d70e01bfa8987e37c2f06055643e74ec4f587317f59772a98fa04c338fea917b90156b8b6c7e6695d0eb7c6783c7e046cb88a495872c8150fc03605437a52931f412ee63ba27717e421c7b29847e81969e460fad4d1c712b1372cc01135f5480fc9404c729f4b853339020e4d667aea25f32baf462ac0f5e6f6a5df08586b3af94fc8f787fa5a2c8b2a3eb61ad8e0978a631ef6f2556f156202a399a54f23f30c7b4dbf4d90ab146b9fac727280d2f83c9e7d879a4b80375be5f9cfb9e3cae42fa66f00003d486d89e52fb37b419e71dc1b17bfe67965b77b23c60f715119f9e66e9a425aa5e83d17384264593e2297c5d7cd06779cd4e0fb0802a9101c108d904d858ceaee5abaaf3a1d744850b470420085f"], 0x1)
write$P9_RXATTRCREATE(r4, &(0x7f0000000200)={0x383}, 0xfffffffffffffd25)
write$P9_RSETATTR(r4, &(0x7f0000000040)={0x7}, 0x7)

[  258.033895] 8021q: adding VLAN 0 to HW filter on device team0
21:29:03 executing program 4:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
syslog(0x2, &(0x7f00000000c0)=""/23, 0x17)

21:29:03 executing program 0:
r0 = socket$inet6(0xa, 0x3, 0x800000000000004)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000000)=0x7, 0x4)
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x804, 0x31, 0xffffffffffffffff, 0x0)
setsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000200), 0x4)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000240), 0x0)

21:29:03 executing program 5:
lsetxattr$trusted_overlay_redirect(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='trusted.overlay.redirect\x00', &(0x7f0000000080)='./file0\x00', 0x8, 0x2)
r0 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x7f, 0x200000)
ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f0000000100)=""/212)
ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, &(0x7f0000000200)={0x9, [0x9, 0x5, 0x8000, 0x8001, 0xbf, 0x7fff, 0x8, 0x9, 0x1]})
ioctl$sock_inet6_tcp_SIOCOUTQ(r0, 0x5411, &(0x7f0000000280))
setsockopt$inet6_MRT6_DEL_MFC(r0, 0x29, 0xcd, &(0x7f00000002c0)={{0xa, 0x4e24, 0xfffffffffffffffb, @local, 0x8}, {0xa, 0x4e24, 0xfac, @ipv4={[], [], @multicast1}, 0x2}, 0x80, [0x0, 0x7, 0x3, 0x7, 0x5, 0x1, 0x5, 0x4]}, 0x5c)
getsockopt$inet_udp_int(r0, 0x11, 0xb, &(0x7f0000000340), &(0x7f0000000380)=0x4)
socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
epoll_create(0x100)
r3 = fcntl$getown(r1, 0x9)
r4 = syz_open_procfs(r3, &(0x7f0000000400)='net/dev_mcast\x00')
r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000480)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_SERVICE(r0, &(0x7f0000000540)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x24, r5, 0x400, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x1ff}]}, 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x10)
ptrace$pokeuser(0x6, r3, 0x100000001, 0x6cd)
ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f0000000580)={0x3, 0xffffffff80000001, 0x1, 0x2, 0xa, [{0x1, 0x2, 0x3, 0x0, 0x0, 0x8}, {0x5, 0x7, 0x0, 0x0, 0x0, 0x400}, {0x9a, 0x4, 0x6, 0x0, 0x0, 0x802}, {0x101, 0x6, 0x4, 0x0, 0x0, 0x3809}, {0x7, 0x42f3, 0x1b27, 0x0, 0x0, 0x2982}, {0x7191, 0xffffffff, 0x7, 0x0, 0x0, 0x100}, {0xf36, 0x0, 0x3, 0x0, 0x0, 0x100}, {0x0, 0x7f, 0x1}, {0x29, 0x1, 0x8, 0x0, 0x0, 0x880}, {0x32980b77, 0x40, 0x6, 0x0, 0x0, 0x1001}]})
ioctl$EVIOCGKEY(r0, 0x80404518, &(0x7f0000000800)=""/199)
ioctl$DRM_IOCTL_SET_MASTER(r4, 0x641e)
setsockopt$inet6_MRT6_ADD_MFC(r4, 0x29, 0xcc, &(0x7f0000000900)={{0xa, 0x4e24, 0xe9, @ipv4={[], [], @local}, 0x207c}, {0xa, 0x4e22, 0xffffffff, @ipv4, 0x7b333afa}, 0x1, [0xfff, 0x9, 0x0, 0xfffffffffffeffff, 0xd503, 0x2, 0x0, 0x7a8]}, 0x5c)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000980)={'vcan0\x00', <r6=>0x0})
bind$can_raw(r0, &(0x7f00000009c0)={0x1d, r6}, 0x10)
r7 = add_key(&(0x7f0000000a00)='keyring\x00', &(0x7f0000000a40)={'syz', 0x0}, &(0x7f0000000a80)="bd7c96d9a35f2373212df297ed6e7b1acc5b6fd1c9d406214876b8d116cffdff40d52e583ccbcd9d0e2394a46c51c86cdb5577", 0x33, 0xfffffffffffffffd)
keyctl$get_keyring_id(0x0, r7, 0x43)
write$FUSE_WRITE(r4, &(0x7f0000000ac0)={0x18, 0x0, 0x2, {0xf9b}}, 0x18)
pivot_root(&(0x7f0000000b00)='./file0\x00', &(0x7f0000000b40)='./file0\x00')
recvmsg(r1, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000e40)=[{&(0x7f0000000b80)=""/254, 0xfe}, {&(0x7f0000000c80)=""/5, 0x5}, {&(0x7f0000000cc0)=""/178, 0xb2}, {&(0x7f0000000d80)=""/70, 0x46}, {&(0x7f0000000e00)=""/63, 0x3f}], 0x5, &(0x7f0000000ec0)=""/153, 0x99, 0x401}, 0x40000001)
openat$vnet(0xffffffffffffff9c, &(0x7f0000000fc0)='/dev/vhost-net\x00', 0x2, 0x0)
getsockopt$inet_sctp_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000001000)={<r8=>0x0, 0x8e48}, &(0x7f0000001040)=0x8)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x9, &(0x7f0000001080)={r8, @in6={{0xa, 0x4e21, 0x0, @mcast2, 0x7}}, 0x0, 0x6, 0x7, 0x20e, 0x5}, &(0x7f0000001140)=0x98)
connect(r2, &(0x7f0000001180)=@un=@file={0x1, './file0\x00'}, 0x80)
fsetxattr$security_smack_entry(r0, &(0x7f0000001200)='security.SMACK64IPOUT\x00', &(0x7f0000001240)='vboxnet1\x00', 0x9, 0x1)

21:29:03 executing program 1:
socketpair$unix(0x1, 0x803, 0x0, &(0x7f0000000780)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x8)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x523, 0x0)

21:29:03 executing program 2:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x10000000013, &(0x7f0000d06000)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000140)={0x2, 0x0, @rand_addr}, 0x10)
setsockopt$inet_tcp_int(r1, 0x6, 0x4000000000014, &(0x7f0000000180)=0x1, 0x4)
sendto$inet(r1, &(0x7f0000000500)='\x00', 0x1, 0x0, &(0x7f0000000040)={0x2, 0x0, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r1, 0x6, 0x1d, &(0x7f0000000080), 0x14)
recvmsg(r1, &(0x7f00000000c0)={&(0x7f00000003c0)=@can, 0x80, &(0x7f0000001700)=[{&(0x7f0000000200)=""/241, 0xf1}], 0x1, &(0x7f00000017c0)=""/70, 0x46}, 0x22)

21:29:03 executing program 3:
ioctl$TCXONC(0xffffffffffffffff, 0x540a, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount(&(0x7f0000000640)=ANY=[], &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, &(0x7f000000a000))
mount(&(0x7f0000d04000), &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x100000, &(0x7f0000444000))

21:29:04 executing program 0:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f000014f000)={&(0x7f00003c7ff4), 0xc, &(0x7f00000bfff0)={&(0x7f0000006440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in6=@mcast1, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0xffffff80}}}, 0xb8}}, 0x0)

21:29:04 executing program 2:
socket$inet(0x2, 0x0, 0x10000)
writev(0xffffffffffffffff, &(0x7f00000017c0)=[{&(0x7f0000000680)}], 0x1)
r0 = gettid()
timer_create(0x0, &(0x7f0000000000)={0x0, 0x7, 0x4, @tid=r0}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000100)={{0x0, 0x1}, {0x0, 0x1c9c380}}, &(0x7f00000000c0))
ioctl$SCSI_IOCTL_SYNC(0xffffffffffffffff, 0x4)
rt_sigreturn()

21:29:04 executing program 3:
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000008000)={0x0, 0x0, &(0x7f0000001fe8)=ANY=[], &(0x7f0000003ff6)='syzkaller\x00', 0x0, 0x8ba8426c0e53450c, &(0x7f0000009f3d)=""/195, 0x41100}, 0x18)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0)
openat$cgroup(r0, &(0x7f0000000000)='syz0\x00', 0x200002, 0x0)
close(0xffffffffffffffff)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)="2f02726f75702e7374617000", 0x2761, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)=ANY=[], &(0x7f00000004c0)="01100000", 0x0, 0xfb, &(0x7f0000000340)=""/251, 0x41100}, 0x1e)
r2 = socket$kcm(0xa, 0x5, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, r0, 0xf, 0x2}, 0x14)
ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x890b, &(0x7f0000000000)={r2})
ioctl$PERF_EVENT_IOC_ID(r1, 0x80082407, &(0x7f0000000780))
r3 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000180)="2f67726f75702e73746174003c23fb572a1f0294e6f378b41ad54b4d9d9a1f63f8785ad188a7e1c88875e05b18a4cb3a9cd12dcea440d899c22c652b3a471b4a7fa2f3fdf6e034d804e5f0df4b1dee483b157624c59c0100e89e6a357c000000", 0x2761, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000200)={'bridge0\x00'})
write$cgroup_int(r4, &(0x7f0000000080)=0xee970200, 0x1a000)
r5 = socket$kcm(0xa, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r4, 0x89e0, &(0x7f0000000840)={r4})
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f00000006c0)=']\x00')
ioctl$TUNSETVNETLE(0xffffffffffffffff, 0x400454dc, &(0x7f0000000680))
close(r4)
perf_event_open(&(0x7f0000000100)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x200, 0x4, 0x0, 0x80008, 0x0, 0x8, 0x80000000, 0x0, 0x0, 0x1, 0x0, 0x0, 0xa0, 0x9, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x7ffffffd, 0x0, @perf_bp={&(0x7f00000000c0), 0x4}, 0x0, 0x79f7bf0a, 0x0, 0x0, 0x0, 0x0, 0x9d8}, 0x0, 0x9, r3, 0x100000009)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x2400, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f00000008c0)={'ifb0\x00', 0x8000})
perf_event_open(&(0x7f0000001f00)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5849, 0x0, 0x3, 0x7, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x3, 0x3, 0x8, 0x0, 0x0, 0x6, 0x5, 0x0, 0x0, 0x80000000000000, 0x0, 0x0, 0x5, 0x9, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000440)}, 0x1004, 0x0, 0x8, 0x0, 0x100000000, 0x0, 0x1}, 0x0, 0xd, 0xffffffffffffff9c, 0xb)
perf_event_open$cgroup(&(0x7f0000000800)={0x2, 0x70, 0x4, 0xb023, 0x5, 0x61, 0x0, 0x101, 0x40, 0x8, 0x2, 0x6, 0x4, 0x7, 0x7, 0x3, 0x100, 0x4, 0x9, 0x1ff, 0x78f0, 0x5, 0x0, 0x6, 0x0, 0x4, 0x3, 0xff, 0x1, 0x401, 0x8, 0x0, 0xc45, 0x49, 0x9, 0x2, 0x4, 0x0, 0x0, 0x8000, 0x2, @perf_config_ext={0x8, 0x6000000000}, 0x22, 0x0, 0x2, 0x8, 0xfff, 0x6, 0x6d}, r1, 0x1, r1, 0x0)
r6 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x4000000000000000, 0x0, 0x0, 0x0, 0x100000000000, 0x0, 0x6f84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x9, 0x40000, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket$kcm(0x29, 0x7, 0x0)
close(r6)
socket$kcm(0x2, 0x5, 0x2)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r6, 0x4008240b, &(0x7f0000000040)={0x0, 0x70, 0x6a, 0x0, 0x0, 0x5, 0x0, 0x0, 0x80808, 0x8, 0x7, 0x8000, 0x1, 0x1, 0x391a, 0x40, 0x3c, 0xfffffffffffffff8, 0x0, 0x80000000, 0x80000000, 0x400, 0x8001, 0x7, 0x10001, 0x9, 0xffffffffffff7fff, 0xffffffffffffff4b, 0x0, 0x26d0676, 0x87, 0xe8, 0x7, 0xffffffffffffc75b, 0x7f, 0x7, 0x390, 0x7fff, 0x0, 0x0, 0x2, @perf_config_ext={0xffff, 0xfffffffffffffffd}, 0x100, 0xcc, 0x0, 0x7, 0x7, 0x10000, 0xfff})

21:29:04 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c)
sendmmsg(r0, &(0x7f00000002c0), 0x400000000000174, 0x7ffffff7)

21:29:04 executing program 4:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'cbcmac(des3_ede)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000100)="de75e1fe7d0e7634b214a3765ba0017995103a08917fc2a1", 0x18)
r1 = accept(r0, 0x0, &(0x7f00000001c0))
sendto$packet(r1, &(0x7f00000002c0)="9bc04cfba1933926", 0x8, 0x0, 0x0, 0x0)

[  260.466901] PANIC: double fault, error_code: 0x0
[  260.471797] CPU: 0 PID: 8004 Comm: syz-executor2 Not tainted 4.19.0+ #82
[  260.478693] ==================================================================
[  260.486188] BUG: KMSAN: uninit-value in irq_work_claim+0x153/0x390
[  260.492560] CPU: 0 PID: 8004 Comm: syz-executor2 Not tainted 4.19.0+ #82
[  260.499417] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  260.509140] Call Trace:
[  260.511737]  <#DF>
[  260.513908]  dump_stack+0x32d/0x480
[  260.517559]  ? irq_work_claim+0x153/0x390
[  260.521746]  kmsan_report+0x19f/0x300
[  260.525584]  kmsan_internal_check_memory+0x35f/0x450
[  260.531581]  ? __msan_poison_alloca+0x1e0/0x2b0
[  260.536280]  kmsan_check_memory+0xd/0x10
[  260.540361]  irq_work_claim+0x153/0x390
[  260.544362]  irq_work_queue+0x44/0x280
[  260.548267]  vprintk_emit+0x693/0x790
[  260.552097]  vprintk_default+0x90/0xa0
[  260.556001]  vprintk_func+0x26b/0x2a0
[  260.559827]  printk+0x1a3/0x1f0
[  260.563149]  dump_stack_print_info+0x2c4/0x3c0
[  260.567766]  show_regs_print_info+0x37/0x40
[  260.572103]  show_regs+0x38/0x170
[  260.575575]  df_debug+0x86/0xb0
[  260.578871]  do_double_fault+0x362/0x480
[  260.582956]  double_fault+0x1e/0x30
[  260.586602] RIP: 0010:kmsan_get_origin_address+0xa/0x370
[  260.592068] Code: eb fe 0f 0b 66 90 66 2e 0f 1f 84 00 00 00 00 00 eb fe 0f 1f 40 00 66 2e 0f 1f 84 00 00 00 00 00 55 48 89 e5 41 57 41 56 41 55 <41> 54 53 48 83 ec 10 48 89 75 c8 48 89 fb 49 bc 00 00 00 00 00 78
[  260.610991] RSP: 0018:fffffe0000002000 EFLAGS: 00010086
[  260.616373] RAX: 00000000000001a8 RBX: 0000000000000000 RCX: 0000000000000001
[  260.623660] RDX: 0000000000000001 RSI: 0000000000000088 RDI: fffffe0000002150
[  260.630944] RBP: fffffe0000002018 R08: 0000000000000000 R09: 0000000000000000
[  260.638219] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000088
[  260.645503] R13: fffffe00000021c0 R14: fffffe00000021a8 R15: fffffe00000021a8
[  260.652800]  </#DF>
[  260.655042]  <ENTRY_TRAMPOLINE>
[  260.658351]  kmsan_memmove_origins+0xbd/0x1d0
[  260.662875]  ? kmsan_memmove_shadow+0xad/0xe0
[  260.667393]  __msan_memmove+0x6c/0x80
[  260.671209]  fixup_bad_iret+0x9b/0x130
[  260.675114]  error_entry+0xad/0xc0
[  260.678658] RIP: 0000:          (null)
[  260.682579] Code: Bad RIP value.
[  260.686049] RSP: a3fb7f:00007f8475a889c0 EFLAGS: 00000000 ORIG_RAX: 0000000000000000
[  260.693955] RAX: 0000000000000000 RBX: ffffffff8ae00e58 RCX: 000000000040393c
[  260.701240] RDX: fbea8bfb5cb77300 RSI: 0000000000000000 RDI: 0000000000000000
[  260.708530] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000072bf08
[  260.715812] R10: 000000000072bf00 R11: 000000000072bf0c R12: 0000000000000000
[  260.723096] R13: 000000000072bf08 R14: 000000000072bf00 R15: 000000000072bf0c
[  260.730402]  ? general_protection+0x8/0x30
[  260.734669]  ? general_protection+0x8/0x30
[  260.738937]  </ENTRY_TRAMPOLINE>
[  260.742309] 
[  260.743958] Local variable description: ----__ai_ptr@irq_work_claim
[  260.750362] Variable was created at:
[  260.754100]  irq_work_claim+0x4b/0x390
[  260.758010]  irq_work_queue+0x44/0x280
[  260.761895] 
[  260.763524] Byte 7 of 8 is uninitialized
[  260.767592] Memory access of size 8 starts at fffffe000000aa38
[  260.773566] ==================================================================
[  260.780928] Disabling lock debugging due to kernel taint
[  260.786390] Kernel panic - not syncing: panic_on_warn set ...
[  260.786390] 
[  260.793787] CPU: 0 PID: 8004 Comm: syz-executor2 Tainted: G    B             4.19.0+ #82
[  260.802025] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  260.811389] Call Trace:
[  260.813984]  <#DF>
[  260.816156]  dump_stack+0x32d/0x480
[  260.819817]  panic+0x57e/0xb28
[  260.823059]  ? __msan_metadata_ptr_for_store_1+0x13/0x20
[  260.828536]  kmsan_report+0x300/0x300
[  260.832364]  kmsan_internal_check_memory+0x35f/0x450
[  260.837494]  ? __msan_poison_alloca+0x1e0/0x2b0
[  260.842190]  kmsan_check_memory+0xd/0x10
[  260.846269]  irq_work_claim+0x153/0x390
[  260.850275]  irq_work_queue+0x44/0x280
[  260.854186]  vprintk_emit+0x693/0x790
[  260.858024]  vprintk_default+0x90/0xa0
[  260.861928]  vprintk_func+0x26b/0x2a0
[  260.865755]  printk+0x1a3/0x1f0
[  260.869083]  dump_stack_print_info+0x2c4/0x3c0
[  260.873701]  show_regs_print_info+0x37/0x40
[  260.878051]  show_regs+0x38/0x170
[  260.881530]  df_debug+0x86/0xb0
[  260.884827]  do_double_fault+0x362/0x480
[  260.888920]  double_fault+0x1e/0x30
[  260.892572] RIP: 0010:kmsan_get_origin_address+0xa/0x370
[  260.898037] Code: eb fe 0f 0b 66 90 66 2e 0f 1f 84 00 00 00 00 00 eb fe 0f 1f 40 00 66 2e 0f 1f 84 00 00 00 00 00 55 48 89 e5 41 57 41 56 41 55 <41> 54 53 48 83 ec 10 48 89 75 c8 48 89 fb 49 bc 00 00 00 00 00 78
[  260.916956] RSP: 0018:fffffe0000002000 EFLAGS: 00010086
[  260.922344] RAX: 00000000000001a8 RBX: 0000000000000000 RCX: 0000000000000001
[  260.929634] RDX: 0000000000000001 RSI: 0000000000000088 RDI: fffffe0000002150
[  260.936926] RBP: fffffe0000002018 R08: 0000000000000000 R09: 0000000000000000
[  260.944207] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000088
[  260.951489] R13: fffffe00000021c0 R14: fffffe00000021a8 R15: fffffe00000021a8
[  260.958782]  </#DF>
[  260.961023]  <ENTRY_TRAMPOLINE>
[  260.964327]  kmsan_memmove_origins+0xbd/0x1d0
[  260.968848]  ? kmsan_memmove_shadow+0xad/0xe0
[  260.973373]  __msan_memmove+0x6c/0x80
[  260.977197]  fixup_bad_iret+0x9b/0x130
[  260.981118]  error_entry+0xad/0xc0
[  260.984664] RIP: 0000:          (null)
[  260.988611] Code: Bad RIP value.
[  260.991982] RSP: a3fb7f:00007f8475a889c0 EFLAGS: 00000000 ORIG_RAX: 0000000000000000
[  260.999882] RAX: 0000000000000000 RBX: ffffffff8ae00e58 RCX: 000000000040393c
[  261.007167] RDX: fbea8bfb5cb77300 RSI: 0000000000000000 RDI: 0000000000000000
[  261.011933] hrtimer: interrupt took 325624 ns
[  261.014444] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000072bf08
[  261.014470] R10: 000000000072bf00 R11: 000000000072bf0c R12: 0000000000000000
[  261.033666] R13: 000000000072bf08 R14: 000000000072bf00 R15: 000000000072bf0c
[  261.040974]  ? general_protection+0x8/0x30
[  261.045229]  ? general_protection+0x8/0x30
[  261.049486]  </ENTRY_TRAMPOLINE>
[  261.053871] Kernel Offset: disabled
[  261.057496] Rebooting in 86400 seconds..