[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 37.654101] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 41.181075] random: sshd: uninitialized urandom read (32 bytes read) [ 41.438674] random: sshd: uninitialized urandom read (32 bytes read) [ 42.603655] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.10.29' (ECDSA) to the list of known hosts. [ 48.292492] random: sshd: uninitialized urandom read (32 bytes read) 2018/08/26 09:15:43 fuzzer started [ 49.630728] random: cc1: uninitialized urandom read (8 bytes read) 2018/08/26 09:15:46 dialing manager at 10.128.0.26:41751 2018/08/26 09:15:48 syscalls: 1 2018/08/26 09:15:48 code coverage: enabled 2018/08/26 09:15:48 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled 2018/08/26 09:15:48 setuid sandbox: enabled 2018/08/26 09:15:48 namespace sandbox: enabled 2018/08/26 09:15:48 fault injection: enabled 2018/08/26 09:15:48 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2018/08/26 09:15:48 net packed injection: enabled 2018/08/26 09:15:48 net device setup: enabled [ 55.288961] random: crng init done 09:17:31 executing program 0: r0 = socket(0x10, 0x2, 0x0) mkdir(&(0x7f00000004c0)='./file0\x00', 0x0) mount(&(0x7f000000a000)='./file0\x00', &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000080)='ramfs\x00', 0x0, &(0x7f0000000140)="37e0") mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x100000, &(0x7f0000444000)) mount(&(0x7f0000fb6000)='./file0\x00', &(0x7f0000d78000)='.', &(0x7f0000fdb000)='ubifs\x00', 0x1003, 0x0) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x5010, &(0x7f00000000c0)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x5010, &(0x7f00000e7000)) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='mountinfo\x00') sendfile(r0, r1, &(0x7f0000000000), 0x80000002) 09:17:31 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) connect$inet(r0, &(0x7f0000000180), 0x10) 09:17:31 executing program 7: ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000280)) r0 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r0, &(0x7f00000000c0)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @rand_addr}, 0x4, 0x1}}, 0x2e) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x2, 0x32, 0xffffffffffffffff, 0x0) ioctl$SIOCGIFMTU(r0, 0x8921, &(0x7f0000000000)) 09:17:31 executing program 4: 09:17:31 executing program 2: 09:17:31 executing program 3: 09:17:31 executing program 5: 09:17:31 executing program 6: [ 157.528796] IPVS: ftp: loaded support on port[0] = 21 [ 157.551911] IPVS: ftp: loaded support on port[0] = 21 [ 157.590177] IPVS: ftp: loaded support on port[0] = 21 [ 157.600818] IPVS: ftp: loaded support on port[0] = 21 [ 157.639260] IPVS: ftp: loaded support on port[0] = 21 [ 157.644771] IPVS: ftp: loaded support on port[0] = 21 [ 157.677155] IPVS: ftp: loaded support on port[0] = 21 [ 157.719075] IPVS: ftp: loaded support on port[0] = 21 [ 160.115778] ip (4632) used greatest stack depth: 53712 bytes left [ 162.251708] ip (4750) used greatest stack depth: 53432 bytes left [ 162.594846] bridge0: port 1(bridge_slave_0) entered blocking state [ 162.601388] bridge0: port 1(bridge_slave_0) entered disabled state [ 162.646802] device bridge_slave_0 entered promiscuous mode [ 162.766744] bridge0: port 1(bridge_slave_0) entered blocking state [ 162.773234] bridge0: port 1(bridge_slave_0) entered disabled state [ 162.834290] device bridge_slave_0 entered promiscuous mode [ 162.884865] bridge0: port 1(bridge_slave_0) entered blocking state [ 162.891369] bridge0: port 1(bridge_slave_0) entered disabled state [ 162.919424] device bridge_slave_0 entered promiscuous mode [ 162.937664] bridge0: port 1(bridge_slave_0) entered blocking state [ 162.944142] bridge0: port 1(bridge_slave_0) entered disabled state [ 162.959536] device bridge_slave_0 entered promiscuous mode [ 162.967136] bridge0: port 1(bridge_slave_0) entered blocking state [ 162.973601] bridge0: port 1(bridge_slave_0) entered disabled state [ 162.995306] device bridge_slave_0 entered promiscuous mode [ 163.012014] bridge0: port 1(bridge_slave_0) entered blocking state [ 163.018590] bridge0: port 1(bridge_slave_0) entered disabled state [ 163.056337] device bridge_slave_0 entered promiscuous mode [ 163.093528] bridge0: port 1(bridge_slave_0) entered blocking state [ 163.100099] bridge0: port 1(bridge_slave_0) entered disabled state [ 163.128356] device bridge_slave_0 entered promiscuous mode [ 163.144617] bridge0: port 2(bridge_slave_1) entered blocking state [ 163.151125] bridge0: port 2(bridge_slave_1) entered disabled state [ 163.178746] device bridge_slave_1 entered promiscuous mode [ 163.199556] bridge0: port 2(bridge_slave_1) entered blocking state [ 163.206104] bridge0: port 2(bridge_slave_1) entered disabled state [ 163.223787] device bridge_slave_1 entered promiscuous mode [ 163.231842] bridge0: port 1(bridge_slave_0) entered blocking state [ 163.238306] bridge0: port 1(bridge_slave_0) entered disabled state [ 163.250918] device bridge_slave_0 entered promiscuous mode [ 163.284349] bridge0: port 2(bridge_slave_1) entered blocking state [ 163.290845] bridge0: port 2(bridge_slave_1) entered disabled state [ 163.329465] device bridge_slave_1 entered promiscuous mode [ 163.345986] bridge0: port 2(bridge_slave_1) entered blocking state [ 163.352480] bridge0: port 2(bridge_slave_1) entered disabled state [ 163.363879] device bridge_slave_1 entered promiscuous mode [ 163.407572] bridge0: port 2(bridge_slave_1) entered blocking state [ 163.414149] bridge0: port 2(bridge_slave_1) entered disabled state [ 163.426229] device bridge_slave_1 entered promiscuous mode [ 163.440458] bridge0: port 2(bridge_slave_1) entered blocking state [ 163.446950] bridge0: port 2(bridge_slave_1) entered disabled state [ 163.478746] device bridge_slave_1 entered promiscuous mode [ 163.502149] bridge0: port 2(bridge_slave_1) entered blocking state [ 163.508622] bridge0: port 2(bridge_slave_1) entered disabled state [ 163.532329] device bridge_slave_1 entered promiscuous mode [ 163.549789] bridge0: port 2(bridge_slave_1) entered blocking state [ 163.556277] bridge0: port 2(bridge_slave_1) entered disabled state [ 163.575611] device bridge_slave_1 entered promiscuous mode [ 163.594209] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 163.603411] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 163.621272] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 163.633473] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 163.641811] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 163.763901] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 163.777231] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 163.882550] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 163.903951] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 163.923208] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 163.931817] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 163.947389] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 163.956427] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 164.041477] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 164.108569] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 164.183259] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 164.840833] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 164.852819] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 164.865220] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 164.954434] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 164.988613] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 165.006010] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 165.059660] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 165.070762] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 165.175750] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 165.192598] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 165.207370] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 165.260885] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 165.338446] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 165.352230] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 165.402303] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 165.428655] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 165.514236] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 165.521333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 165.538822] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 165.546338] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 165.589715] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 165.596777] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 165.622207] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 165.629183] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 165.693563] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 165.700605] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 165.730211] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 165.737209] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 165.763442] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 165.770465] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 165.801899] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 165.808904] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 165.835025] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 165.842447] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 165.888312] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 165.895290] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 165.948923] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 165.955921] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 165.978704] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 165.985712] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 166.035474] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 166.042495] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 166.089822] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 166.096874] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 166.143218] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 166.150266] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 166.179909] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 166.186918] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 166.890295] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 166.919666] team0: Port device team_slave_0 added [ 166.963800] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 166.983510] team0: Port device team_slave_0 added [ 167.009244] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 167.028639] team0: Port device team_slave_0 added [ 167.043798] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 167.060977] team0: Port device team_slave_0 added [ 167.073702] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 167.092369] team0: Port device team_slave_0 added [ 167.112795] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 167.134212] team0: Port device team_slave_0 added [ 167.161733] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 167.185261] team0: Port device team_slave_0 added [ 167.218574] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 167.243133] team0: Port device team_slave_0 added [ 167.264737] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 167.294083] team0: Port device team_slave_1 added [ 167.311210] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 167.333113] team0: Port device team_slave_1 added [ 167.360441] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 167.378417] team0: Port device team_slave_1 added [ 167.397901] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 167.411715] team0: Port device team_slave_1 added [ 167.436996] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 167.449808] team0: Port device team_slave_1 added [ 167.476842] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 167.505013] team0: Port device team_slave_1 added [ 167.544808] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 167.573320] team0: Port device team_slave_1 added [ 167.586950] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 167.614214] team0: Port device team_slave_1 added [ 167.638144] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 167.649245] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 167.657000] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 167.668706] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 167.716109] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 167.750343] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 167.793835] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 167.802454] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 167.825567] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 167.853684] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 167.862264] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 167.882310] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 167.905503] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 167.916404] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 167.923975] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 167.940738] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 167.954451] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 167.998530] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 168.022518] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 168.048494] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 168.076422] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 168.104762] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 168.114270] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 168.125253] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 168.132464] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 168.157969] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 168.183255] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 168.201732] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 168.221926] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 168.241263] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 168.269485] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 168.286699] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 168.295841] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 168.312113] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 168.319783] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 168.328874] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 168.344661] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 168.352333] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 168.359877] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 168.368344] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 168.375880] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 168.393809] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 168.435850] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 168.485805] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 168.524803] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 168.568341] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 168.604926] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 168.628638] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 168.637495] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 168.645957] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 168.653745] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 168.662241] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 168.670540] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 168.678980] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 168.702668] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 168.725462] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 168.737186] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 168.752112] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 168.760669] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 168.773366] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 168.786706] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 168.796016] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 168.805762] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 168.817783] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 168.825664] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 168.833277] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 168.869739] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 168.914915] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 168.954721] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 168.990101] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 169.011826] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 169.028435] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 169.045351] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 169.057466] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 169.065974] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 169.074887] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 169.085714] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 169.095066] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 169.131413] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 169.139793] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 169.149589] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 169.157863] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 169.180826] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 169.188578] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 169.222591] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 169.267471] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 169.309970] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 169.346122] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 169.373331] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 169.394995] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 169.412416] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 169.420680] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 169.429157] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 169.483473] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 169.491130] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 169.513898] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 172.482895] bridge0: port 2(bridge_slave_1) entered blocking state [ 172.489394] bridge0: port 2(bridge_slave_1) entered forwarding state [ 172.496325] bridge0: port 1(bridge_slave_0) entered blocking state [ 172.502790] bridge0: port 1(bridge_slave_0) entered forwarding state [ 172.579111] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 172.587477] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 172.604476] bridge0: port 2(bridge_slave_1) entered blocking state [ 172.610933] bridge0: port 2(bridge_slave_1) entered forwarding state [ 172.617772] bridge0: port 1(bridge_slave_0) entered blocking state [ 172.624215] bridge0: port 1(bridge_slave_0) entered forwarding state [ 172.633239] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 172.657220] bridge0: port 2(bridge_slave_1) entered blocking state [ 172.663720] bridge0: port 2(bridge_slave_1) entered forwarding state [ 172.670575] bridge0: port 1(bridge_slave_0) entered blocking state [ 172.677075] bridge0: port 1(bridge_slave_0) entered forwarding state [ 172.722712] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 172.731302] bridge0: port 2(bridge_slave_1) entered blocking state [ 172.737764] bridge0: port 2(bridge_slave_1) entered forwarding state [ 172.744604] bridge0: port 1(bridge_slave_0) entered blocking state [ 172.751126] bridge0: port 1(bridge_slave_0) entered forwarding state [ 172.781536] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 172.793277] bridge0: port 2(bridge_slave_1) entered blocking state [ 172.799718] bridge0: port 2(bridge_slave_1) entered forwarding state [ 172.806569] bridge0: port 1(bridge_slave_0) entered blocking state [ 172.813022] bridge0: port 1(bridge_slave_0) entered forwarding state [ 172.861621] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 172.898902] bridge0: port 2(bridge_slave_1) entered blocking state [ 172.905383] bridge0: port 2(bridge_slave_1) entered forwarding state [ 172.912286] bridge0: port 1(bridge_slave_0) entered blocking state [ 172.918729] bridge0: port 1(bridge_slave_0) entered forwarding state [ 172.975723] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 172.982594] bridge0: port 2(bridge_slave_1) entered blocking state [ 172.989124] bridge0: port 2(bridge_slave_1) entered forwarding state [ 172.995961] bridge0: port 1(bridge_slave_0) entered blocking state [ 173.002423] bridge0: port 1(bridge_slave_0) entered forwarding state [ 173.014458] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 173.029024] bridge0: port 2(bridge_slave_1) entered blocking state [ 173.035522] bridge0: port 2(bridge_slave_1) entered forwarding state [ 173.042371] bridge0: port 1(bridge_slave_0) entered blocking state [ 173.048826] bridge0: port 1(bridge_slave_0) entered forwarding state [ 173.101835] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 173.600243] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 173.614973] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 173.648149] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 173.671802] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 173.680599] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 173.689877] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 173.698932] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 185.199517] 8021q: adding VLAN 0 to HW filter on device bond0 [ 185.409692] 8021q: adding VLAN 0 to HW filter on device bond0 [ 185.485076] 8021q: adding VLAN 0 to HW filter on device bond0 [ 185.546805] 8021q: adding VLAN 0 to HW filter on device bond0 [ 185.582310] 8021q: adding VLAN 0 to HW filter on device bond0 [ 185.633541] 8021q: adding VLAN 0 to HW filter on device bond0 [ 185.770795] 8021q: adding VLAN 0 to HW filter on device bond0 [ 186.296768] 8021q: adding VLAN 0 to HW filter on device bond0 [ 186.493891] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 186.537364] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 186.638086] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 186.702488] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 186.765819] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 186.820887] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 186.985929] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 187.456277] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 187.687962] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 187.694238] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 187.710914] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 187.780685] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 187.786940] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 187.795912] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 187.847399] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 187.866273] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 187.886482] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 187.935596] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 187.941908] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 187.954958] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 188.039845] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 188.046219] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 188.054103] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 188.073191] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 188.085574] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 188.117984] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 188.174299] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 188.180603] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 188.192844] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 188.751135] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 188.757457] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 188.772954] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 188.895613] 8021q: adding VLAN 0 to HW filter on device team0 [ 189.107138] 8021q: adding VLAN 0 to HW filter on device team0 [ 189.160595] 8021q: adding VLAN 0 to HW filter on device team0 [ 189.184356] 8021q: adding VLAN 0 to HW filter on device team0 [ 189.198451] 8021q: adding VLAN 0 to HW filter on device team0 [ 189.303511] 8021q: adding VLAN 0 to HW filter on device team0 [ 189.430303] 8021q: adding VLAN 0 to HW filter on device team0 [ 189.975563] 8021q: adding VLAN 0 to HW filter on device team0 09:18:11 executing program 6: 09:18:11 executing program 5: 09:18:11 executing program 2: 09:18:11 executing program 6: 09:18:11 executing program 5: 09:18:11 executing program 3: 09:18:12 executing program 2: 09:18:12 executing program 4: 09:18:12 executing program 0: r0 = socket(0x10, 0x2, 0x0) mkdir(&(0x7f00000004c0)='./file0\x00', 0x0) mount(&(0x7f000000a000)='./file0\x00', &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000080)='ramfs\x00', 0x0, &(0x7f0000000140)="37e0") mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x100000, &(0x7f0000444000)) mount(&(0x7f0000fb6000)='./file0\x00', &(0x7f0000d78000)='.', &(0x7f0000fdb000)='ubifs\x00', 0x1003, 0x0) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x5010, &(0x7f00000000c0)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x5010, &(0x7f00000e7000)) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='mountinfo\x00') sendfile(r0, r1, &(0x7f0000000000), 0x80000002) 09:18:12 executing program 6: 09:18:12 executing program 1: 09:18:12 executing program 7: 09:18:12 executing program 3: 09:18:12 executing program 5: 09:18:12 executing program 4: 09:18:12 executing program 2: 09:18:12 executing program 6: 09:18:12 executing program 4: 09:18:12 executing program 3: 09:18:12 executing program 7: 09:18:12 executing program 2: 09:18:12 executing program 5: 09:18:12 executing program 1: 09:18:13 executing program 4: 09:18:13 executing program 0: 09:18:13 executing program 6: 09:18:13 executing program 7: 09:18:13 executing program 3: 09:18:13 executing program 2: 09:18:13 executing program 5: 09:18:13 executing program 1: 09:18:13 executing program 4: 09:18:13 executing program 6: 09:18:13 executing program 2: 09:18:13 executing program 7: 09:18:13 executing program 0: 09:18:13 executing program 5: 09:18:13 executing program 3: 09:18:13 executing program 7: 09:18:13 executing program 1: 09:18:13 executing program 5: 09:18:13 executing program 4: 09:18:13 executing program 2: 09:18:13 executing program 6: 09:18:13 executing program 3: 09:18:13 executing program 0: 09:18:14 executing program 7: 09:18:14 executing program 5: 09:18:14 executing program 6: 09:18:14 executing program 1: 09:18:14 executing program 2: 09:18:14 executing program 0: 09:18:14 executing program 4: 09:18:14 executing program 3: 09:18:14 executing program 7: 09:18:14 executing program 1: 09:18:14 executing program 6: 09:18:14 executing program 2: 09:18:14 executing program 5: 09:18:14 executing program 0: 09:18:14 executing program 4: 09:18:14 executing program 7: 09:18:14 executing program 3: 09:18:14 executing program 6: 09:18:14 executing program 1: 09:18:14 executing program 2: 09:18:14 executing program 0: perf_event_open(&(0x7f00000004c0)={0x2, 0x70, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$sndseq(&(0x7f0000000380)='/dev/snd/seq\x00', 0x0, 0x101801) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r0, 0x404c534a, &(0x7f00000001c0)={0x0, 0xfff}) 09:18:14 executing program 5: perf_event_open(&(0x7f00000004c0)={0x2, 0x70, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = memfd_create(&(0x7f000000e000)='\x00 ', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000380)='/dev/snd/seq\x00', 0x0, 0x0) dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r0, 0xc0605345, &(0x7f00000001c0)={0x0, 0x0, {0x0, 0x0, 0x1, 0x3, 0x1ff}}) 09:18:15 executing program 6: r0 = socket$inet_sctp(0x2, 0x1, 0x84) sendto$inet(r0, &(0x7f0000000240)="b1", 0x1, 0x0, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10) 09:18:15 executing program 7: perf_event_open(&(0x7f00000004c0)={0x2, 0x70, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = memfd_create(&(0x7f000000e000)='\x00 ', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000380)='/dev/snd/seq\x00', 0x0, 0x0) dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r0, 0xc0605345, &(0x7f00000001c0)) 09:18:15 executing program 4: r0 = add_key$keyring(&(0x7f00000003c0)='keyring\x00', &(0x7f00000000c0), 0x0, 0x0, 0xfffffffffffffffb) r1 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000280), 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f0000000540)='keyring\x00', &(0x7f0000000140), 0x0, 0x0, r1) add_key(&(0x7f0000000000)='dns_resolver\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a, 0x3}, &(0x7f0000000180)="c6a34e987940ea478d9bd365b9e4621e334652733324b7773a3df8a7504d9e18e2e4a839fcd9030000000000000028945d12a9caae603ff81c4dc32ed3d70fb5d4c5b866305249060000005277822d0e0616a2e5b74c48e38b9936f298c6feec95ad327c724ec507bd34b94e99623f014bf81ea54900ac54a99aa04e1a7f000000e8d3bfa2f3abce9736aac3e0b19d5a697bc438cd49bc1cf3af72c2180bbee78e9a7237c02e10ac77e3a4fd8a6e2bdca6a9a1d7da1a3e559fdafb6703c73b3c4c10865302fb324f16327996273625d9f0a54ef16bdb08f22ed11fd80b74eb861aebe51b0912c0f79486c25c49524ffe4f00", 0xf2, r2) request_key(&(0x7f0000000940)="646e735f7265736f6c766572000f083f7605beb89ebb55f56950196fd8b8a6ebddf637ee27ef0fabbbad7523dacb0ab4baaf14787b652566f6eaf50a9d4cff3e30f2d07fd0118cf06573e05f283ef26ec0cc75cf93fe4c95c7185cb70df302c4c08871883fc063c014d46b8b27fd88a01e760bee664a475d69d12e2fc7e3dc680e3bb87b71d301fbf92cadf5537bc8774141ee7d7152d16c9ee5ef389b527a9b31679b1560e4680fcfd95743ed5305a984645fb4371e5e363f7df35cb72f6d9c953cd2ea3167c037567f7f99399e92ba02db513f40a4d44e072bf5ea9495287934a503a032610a0235c3530cfc99e27a1e10e28ed49beb223bbe910fd417a48e64dbdf97edb9363e6b5853e1323d6f78d0fb80969de2f5fec97acbb11c1ae97f54b74e3ef9d50e1fbc43cc27e537d18452001232814ac3970ee2938175a91f4e0ca28b803a350dbea3b68d6a71bc65b011a81834b809f86919e4499a53ff8a35993b333b9b2761a44bb4a888a90c078d0b923e28cdbf76aa3fb68394de930dddf27c48926ab9c66951b70ebd4063b510ae453059ff71853bcf5942b5140a111d4a2afbaf612c6415aceb9578cb0d1decc8001f6dfc9d6829dbed2a8dbbc4bc9391960c1bb3fb451d52778143fb3c2f4d17df3c295117e13889037aff061ff283cac330aa03e7d189f01bfd03e68532d5594ef0e4bf1d584c7eacfd53a7ae8ccecc1901c89f4db4a3f1925610f22dac4570169b7f9f4cbf3fa1376f0ce4ab31605a16aff95c1bda1b96b9ded911a38594c3d9b42e7712ac377f377cd30eda00efd15d718e20dba3e76c4850966353c04a178e3b857719f9d81dc0ef8776c46c47d38aad73498289bc0240", &(0x7f0000000040)={0x73, 0x79, 0x7a, 0x3, 0x29138c2e}, &(0x7f0000000300)="af2019dcc2380b4623dc8c7a581973a96d57452035fca47b18e7992f4c82e608a92c436783ee4e3264245238b946a4a11d39b7873e5f3296185625d49ae13974d13940d0c01a5029b35aec2234860f6525f00000000000000000", 0x0) 09:18:15 executing program 3: r0 = socket$inet(0x2, 0x6, 0x0) getsockopt$inet_mreqsrc(r0, 0x10d, 0xc, &(0x7f0000000040)={@dev, @local, @broadcast}, &(0x7f0000005800)=0xa9) 09:18:15 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000040)={0x26, 'hash\x00', 0x0, 0x0, 'sha3-224\x00'}, 0x58) r1 = accept4(r0, 0x0, &(0x7f00000000c0), 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote, 0x3}, 0x1c) r3 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r3, &(0x7f0000000180)=@pppol2tp={0x18, 0x1, {0x0, r2, {0x2, 0x4e24, @loopback}, 0x2}}, 0x26) recvfrom(r3, &(0x7f0000000480)=""/116, 0x74, 0x40, &(0x7f0000000500)=@ethernet={0x6, @local}, 0x80) r4 = syz_open_dev$mouse(&(0x7f00000000c0)='/dev/input/mouse#\x00', 0x5, 0x400000) r5 = getpgrp(0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r4, 0xc1105517, &(0x7f00000001c0)={{0x6, 0x1, 0x100, 0x8000, 'syz1\x00', 0x7f}, 0x6, 0x102, 0x1, r5, 0x0, 0x5, 'syz0\x00', &(0x7f0000000100), 0x0, [], [0x7, 0x1, 0xffffffffffffffe8, 0x3ff]}) socket$packet(0x11, 0x3, 0x300) sendto$unix(r4, &(0x7f0000000140)="51f8143cbf229d471234b2ae502f1e69bdc49a4e1c6f5cf4cbc7261e965742ac0d08f46821b2e9aa012efeafd495db94d9d9cd92933159974fccc9e91420dcbc", 0x40, 0x240400c0, &(0x7f0000000380)=@abs={0x0, 0x0, 0x4e20}, 0x6e) connect$inet6(r2, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={[], [], @multicast2}}, 0x1c) sendmmsg(r3, &(0x7f0000004340)=[{{&(0x7f0000003fc0)=@llc={0x1a, 0x315, 0x100, 0x2840, 0x3, 0x7, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xf}}, 0x80, &(0x7f0000004100)=[{&(0x7f0000004040)="b3068345a3cbe5682a123159a29f0d33da63cbfb73e659f493cd750821cb4ca4d0efe22e927eaae43c48bb6b955f59c80829ec4a1329f8f27889201bbe78ac2b92a4e7c59e940b46fca80ed40278a100870ae4d7ba331b0a4f222f418ebe9484c0b577508ad70b39c1e56605f236e6f05e3a648643ccef1e3e7364646178fcec0e9f9f44e5451dab", 0x88}], 0x1, &(0x7f0000004140), 0x0, 0x20000000}, 0x3}], 0x1, 0x0) connect(r2, &(0x7f0000000300)=@sco={0x1f, {0x80000001, 0x1, 0x6, 0x80000001, 0x6, 0x101}}, 0x80) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f0000000040)=0x0) setpriority(0x0, r6, 0x80000001) ioctl$sock_SIOCSIFBR(r2, 0x8941, &(0x7f0000004400)=@add_del={0x2, &(0x7f00000043c0)="73797a6b616c6c65723007140300", 0x8}) sendmsg$kcm(r4, &(0x7f0000003b40)={&(0x7f0000000400)=@vsock, 0x80, &(0x7f0000002740)=[{&(0x7f00000026c0)="bfe231101bedb63ba783039aea8e97cc4d190d0d254985b6549adbcf428af1dd4651060528dc79c017220dddbad602e0dd6ec369de78e7178baaa9a37420b7eb8efc8dd8758a20930505adee897975c863d08450e048fb02eb9a49f1fcc3c109f184b1f874b6368d4e94ac685a4aa023a3ad5faa", 0x74}], 0x1, &(0x7f00000027c0), 0x0, 0x24000000}, 0x8000) r7 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ipv6_route\x00') sendfile(r1, r7, &(0x7f00000002c0)=0xe00, 0x1000007ffff000) 09:18:15 executing program 2: r0 = openat$uhid(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uhid\x00', 0x0, 0x0) r1 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000080)='/dev/uhid\x00', 0x0, 0x0) dup2(r1, r0) 09:18:15 executing program 0: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snapshot\x00', 0x201, 0x0) ioctl$TIOCGLCKTRMIOS(r0, 0x5456, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x6}) write$P9_RVERSION(r0, &(0x7f0000000000)=ANY=[@ANYRES32=0x0], 0xfffffffffffffec5) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000640)={{{@in6=@mcast2, @in6=@mcast1, 0x0, 0x5, 0x4e20, 0x0, 0xa, 0x80}, {0x7, 0x100000000, 0xa86, 0x0, 0xfffffffffffffe00, 0x0, 0x0, 0x7ff}, {0x0, 0x10000, 0x0, 0x6}, 0x0, 0x0, 0x0, 0x1, 0x91fe40bb80f468e0}, {{@in=@loopback, 0x4d5, 0xff}, 0x2, @in=@local, 0x0, 0x0, 0x3, 0x0, 0xdf, 0x0, 0x3}}, 0xe8) close(r0) socket$inet(0x2, 0x4000000000000001, 0x0) process_vm_writev(0x0, &(0x7f0000000440), 0x0, &(0x7f0000000040)=[{&(0x7f0000000580)=""/56, 0x38}], 0x1, 0x0) [ 200.350086] hrtimer: interrupt took 63957 ns 09:18:15 executing program 5: r0 = perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x71}, 0x0, 0x0, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0x7, &(0x7f0000000300), &(0x7f00000001c0)) r1 = memfd_create(&(0x7f0000000040)='procselfvboxnet0\x00', 0x0) r2 = dup(r0) ioctl$sock_inet_tcp_SIOCATMARK(r2, 0x8905, &(0x7f0000000240)) getsockopt$inet_tcp_buf(r1, 0x6, 0x0, &(0x7f0000000080)=""/106, &(0x7f0000000100)=0x6a) r3 = syz_open_dev$sndseq(&(0x7f00000001c0)='/dev/snd/seq\x00', 0x0, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup/syz0\x00', 0x1ff) getsockname$inet6(r2, &(0x7f0000000280)={0xa, 0x0, 0x0, @mcast2}, &(0x7f00000002c0)=0x1c) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r3, 0x40505331, &(0x7f0000000140)={{0x0, 0x938}}) 09:18:15 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) r1 = syz_open_dev$audion(&(0x7f0000000040)='/dev/audio#\x00', 0x0, 0x569080) ioctl$VHOST_VSOCK_SET_RUNNING(0xffffffffffffffff, 0x4004af61, &(0x7f0000000200)) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @dev}, 0x10) sendto$inet(r0, &(0x7f0000000000), 0x0, 0x200007fa, &(0x7f0000000140)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000015c0)='ip6_vti0\x00', 0x10) ioctl$SIOCSIFMTU(r1, 0x8922, &(0x7f0000000440)={'veth0_to_bond\x00', 0x6}) syz_open_dev$sndtimer(&(0x7f00000007c0)='/dev/snd/timer\x00', 0x0, 0x0) r2 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xd, 0xffffffffffffffff, 0x0) r3 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x4, 0x105082) prctl$setfpexc(0xc, 0x0) r4 = getpgrp(0xffffffffffffffff) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.net/syz1\x00', 0x200002, 0x0) bind$rds(r1, &(0x7f0000000740)={0x2, 0x4e24, @remote}, 0x10) ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f0000000780)=0x0) tgkill(r4, r5, 0x3) syz_open_dev$vcsa(&(0x7f0000000240)='/dev/vcsa#\x00', 0x7, 0x0) ptrace$setregset(0x4205, r5, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)="c9ea86453eb03e4380f598b87ffedab4ca75db160c7e8fe64b117ed69291a47051302cf432458327017bb1e69fd9bcba3e391280772adae6c71620b1df88626da931d14f034d516fd8df", 0x4a}) r6 = shmget(0x1, 0x3000, 0x4, &(0x7f0000ffb000/0x3000)=nil) shmat(r6, &(0x7f0000ffb000/0x2000)=nil, 0x5000) perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x4, 0x7f, 0x6, 0x20, 0x0, 0x0, 0x0, 0x4, 0x8000, 0x3, 0x3, 0x7, 0xc688, 0x0, 0x3, 0x26c, 0x7, 0x7ff, 0x2, 0x4, 0xfffffffffffffffd, 0x9, 0x4, 0x0, 0x5, 0xffffffffffffffec, 0xfffffffffffffff8, 0xed, 0x4, 0x2, 0x2, 0x3f, 0x8, 0xffffffff, 0xfffffffffffffffc, 0x7, 0x0, 0xffffffffffffffc0, 0x4, @perf_config_ext={0x20, 0xe9}, 0x0, 0x7fff, 0xffffffffffff88e4, 0x7, 0x1, 0x2, 0x9d2}, r4, 0x6, r2, 0x0) r7 = memfd_create(&(0x7f00000000c0)="000000008c00000000000000000000", 0x0) pwritev(r7, &(0x7f0000f50f90)=[{&(0x7f0000000100)="a8", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r7) ioctl$IOC_PR_RELEASE(0xffffffffffffffff, 0x401070ca, &(0x7f0000000380)={0x7fffffff, 0xffff}) sendfile(r0, r3, &(0x7f00000ddff8), 0x102000002) write$RDMA_USER_CM_CMD_CREATE_ID(r7, &(0x7f00000006c0)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000680), 0x111}}, 0x20) 09:18:15 executing program 6: r0 = syz_open_procfs(0x0, &(0x7f00000004c0)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424ada75af1f02acc7edbcd7a061fb35331ce39c5a00000000") fsetxattr(r0, &(0x7f0000000280)=@known='user.syz\x00', &(0x7f00000002c0)="2f0409004bddd9de91be10eebf000ee9a90f798058439ed554af1f02acc7edbcd7a071fb35331ce39c5a0000000000000000080000000000000000000aaad955a3c93f9d248b46a7c99eb35b406bf918ff01739e56187b2db8f1074424745271062042fb3808186e0a837132f9108c583073a4ca94b3e4e58717fe2b659fa3903c7b73bd66b83f5ecc0a7361257896883f1b43ff4ec0a1e336b92f705461af0b60825a7834ffd0a7339d85c51b8db7b4c0e4f40953dd2d9f2110f04c9fdf8489eaa996", 0xc3, 0x0) 09:18:15 executing program 7: perf_event_open(&(0x7f00000004c0)={0x2, 0x70, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = memfd_create(&(0x7f0000000080)='\x00 ', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000380)='/dev/snd/seq\x00', 0x0, 0x0) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000600)={0x0, 0x0, 0x0, "71756575653100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c700"}) 09:18:15 executing program 3: r0 = socket$inet6(0xa, 0x803, 0x2000000003) ioctl(r0, 0x1000008912, &(0x7f0000000080)="0a5c2d0252926285717070") r1 = socket$inet(0x2, 0x200000002, 0x0) setsockopt$inet_mreqn(r1, 0x0, 0x27, &(0x7f0000000080)={@multicast1, @local}, 0xc) setsockopt$inet_msfilter(r1, 0x0, 0x29, &(0x7f0000000100)={@multicast1, @local, 0x0, 0x1, [@rand_addr=0xfffffffffffffffd]}, 0x14) bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e21}, 0x10) syz_emit_ethernet(0x2a, &(0x7f00003f3fd5)={@broadcast, @empty=[0x0, 0x0, 0x14], [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @multicast1}, @udp={0x0, 0x4e21, 0x8}}}}}, 0x0) 09:18:15 executing program 2: perf_event_open(&(0x7f00000004c0)={0x2, 0x70, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$sndseq(&(0x7f0000000380)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_SYSTEM_INFO(r0, 0xc0305302, &(0x7f0000000000)={0x46, 0x0, 0x0, 0x4}) 09:18:15 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) r1 = socket$packet(0x11, 0x800000000002, 0x300) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @local}, 0x10) sendto$inet(r0, &(0x7f0000762fff), 0xfdc7, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1}, 0x10) 09:18:15 executing program 5: [ 201.004582] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. 09:18:16 executing program 5: 09:18:16 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000480)='/dev/ptmx\x00', 0x1, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc)) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_open_pts(r0, 0x0) write(r0, &(0x7f0000c34fff), 0xffffff0b) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x5c831, 0xffffffffffffffff, 0x0) [ 201.818207] syz-executor4 (6809) used greatest stack depth: 52664 bytes left [ 342.048325] watchdog: BUG: soft lockup - CPU#0 stuck for 123s! [syz-executor4:6776] [ 342.056209] Modules linked in: [ 342.059471] CPU: 0 PID: 6776 Comm: syz-executor4 Not tainted 4.18.0-rc8+ #34 [ 342.066795] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 342.076239] RIP: 0010:smp_call_function_single+0x367/0x4e0 [ 342.081889] Code: fe ff ff 8b 3a e8 59 8e 6b 00 45 85 f6 0f 84 6d ff ff ff 41 89 de eb 10 90 66 2e 0f 1f 84 00 00 00 00 00 e8 3b 32 12 00 f3 90 <8b> 5c 24 78 4c 89 e7 e8 bd 84 6b 00 8b 00 83 e0 01 83 e3 01 85 c0 [ 342.102187] RSP: 0018:ffff88012f14f440 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13 [ 342.109958] RAX: ffffffff81535185 RBX: 0000000000000001 RCX: 0000000000040000 [ 342.117277] RDX: ffffc90001e96000 RSI: 000000000003ffff RDI: 0000000000040000 [ 342.124593] RBP: ffff88012f14f510 R08: 0000000000000000 R09: 0000000000000002 [ 342.131911] R10: 0000000000000000 R11: ffffffff81174df0 R12: ffff88012f14f4b8 [ 342.139266] R13: 0000000000000000 R14: 0000000000000000 R15: ffff88013006a678 [ 342.146586] FS: 00007fe6b5924700(0000) GS:ffff88021fc00000(0000) knlGS:0000000000000000 [ 342.154850] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 342.160771] CR2: 00007fe5758c6000 CR3: 00000001a5118000 CR4: 00000000001406f0 [ 342.168079] Call Trace: [ 342.170758] ? has_bh_in_lru+0x520/0x520 [ 342.174873] ? has_bh_in_lru+0x520/0x520 [ 342.178999] smp_call_function_many+0x658/0xdb0 [ 342.183774] ? has_bh_in_lru+0x520/0x520 [ 342.187909] ? has_bh_in_lru+0x520/0x520 [ 342.192030] on_each_cpu_cond+0x322/0x3f0 [ 342.196267] ? invalidate_bh_lrus+0x60/0x60 [ 342.200690] ? has_bh_in_lru+0x520/0x520 [ 342.204849] invalidate_bh_lrus+0x54/0x60 [ 342.209094] __blkdev_put+0x3bf/0xcb0 [ 342.212972] ? __msan_get_context_state+0x9/0x30 [ 342.217854] ? mutex_unlock+0x15/0x80 [ 342.221729] blkdev_put+0x431/0x560 [ 342.225438] blkdev_close+0xa6/0xf0 [ 342.229118] __fput+0x458/0xa30 [ 342.232489] ? fput+0x2e0/0x2e0 [ 342.235798] ____fput+0x37/0x40 [ 342.239113] task_work_run+0x22e/0x2b0 [ 342.243049] get_signal+0x1d3d/0x1ef0 [ 342.246930] ? touch_atime+0x228/0x410 [ 342.250871] ? kmsan_set_origin_inline+0x6b/0x120 [ 342.255762] ? kmsan_set_origin_inline+0x6b/0x120 [ 342.260674] do_signal+0x120/0x2090 [ 342.264422] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 342.269855] ? task_work_add+0x255/0x2f0 [ 342.273999] ? fput+0x29e/0x2e0 [ 342.277342] ? kmsan_set_origin_inline+0x6b/0x120 [ 342.282248] ? __msan_poison_alloca+0x173/0x200 [ 342.286984] ? prepare_exit_to_usermode+0x46/0x410 [ 342.291978] prepare_exit_to_usermode+0x273/0x410 [ 342.296889] syscall_return_slowpath+0xdb/0x700 [ 342.301691] ? __se_sys_sendfile64+0x254/0x380 [ 342.306356] ? __x64_sys_sendfile64+0x11e/0x170 [ 342.311127] do_syscall_64+0x1ab/0x220 [ 342.315063] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 342.320327] RIP: 0033:0x457089 [ 342.323547] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 342.343285] RSP: 002b:00007fe6b5923c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 342.351057] RAX: 0000000000010000 RBX: 00007fe6b59246d4 RCX: 0000000000457089 [ 342.358363] RDX: 00000000200ddff8 RSI: 0000000000000006 RDI: 0000000000000004 [ 342.365660] RBP: 00000000009300a0 R08: 0000000000000000 R09: 0000000000000000 [ 342.372960] R10: 0000000102000002 R11: 0000000000000246 R12: 00000000ffffffff [ 342.380274] R13: 00000000004d3d80 R14: 00000000004c87e4 R15: 0000000000000000 [ 342.387601] Sending NMI from CPU 0 to CPUs 1: [ 342.392166] ------------[ cut here ]------------ [ 342.396938] kernel BUG at mm/kmsan/kmsan_entry.c:81! [ 342.402055] invalid opcode: 0000 [#1] SMP PTI [ 342.406561] CPU: 1 PID: 6769 Comm: syz-executor1 Not tainted 4.18.0-rc8+ #34 [ 342.413763] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 342.423135] RIP: 0010:kmsan_nmi_enter+0x42/0x70 [ 342.427808] Code: 00 74 27 65 8b 04 25 80 90 03 00 83 c0 01 83 f8 08 7d 27 65 89 04 25 80 90 03 00 65 c6 04 25 15 6e 0b 00 ff c3 0f 0b 90 eb fe <0f> 0b 66 90 66 2e 0f 1f 84 00 00 00 00 00 eb fe 0f 0b 66 90 66 2e [ 342.447249] RSP: 0018:fffffe0000049ea8 EFLAGS: 00010046 [ 342.452618] RAX: 0000000000000200 RBX: 0000000000000001 RCX: 00000000c0000101 [ 342.459891] RDX: 00000000ffff8802 RSI: ffffffff88c0136c RDI: 00000000000004c0 [ 342.467166] RBP: fffffe0000049ef9 R08: 0000000000000000 R09: 0000000000000000 [ 342.474434] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 342.481707] R13: 0000000000000000 R14: 000000012f7fc000 R15: 0000000000000000 [ 342.488995] FS: 00007f1f87180700(0000) GS:ffff88021fd00000(0000) knlGS:0000000000000000 [ 342.497222] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 342.503114] CR2: 00000000013b4e80 CR3: 000000012f7fc000 CR4: 00000000001406e0 [ 342.510401] Call Trace: [ 342.512992] [ 342.515154] ? end_repeat_nmi+0x19/0x8e [ 342.519167] ? end_repeat_nmi+0x7/0x8e [ 342.523071] ? kmsan_get_origin_address+0x87/0x3d0 [ 342.528015] ? kmsan_get_origin_address+0x87/0x3d0 [ 342.532959] ? kmsan_get_origin_address+0x87/0x3d0 [ 342.537902] [ 342.540158] ? kmsan_memmove_origins+0xbd/0x1d0 [ 342.544858] ? __msan_memmove+0xda/0x130 [ 342.548936] ? widen_string+0x580/0x6c0 [ 342.552931] ? string+0x32a/0x340 [ 342.556406] ? vsnprintf+0x10aa/0x31a0 [ 342.560336] ? seq_printf+0x2cb/0x460 [ 342.564197] ? ipv6_route_seq_show+0x431/0x520 [ 342.568812] ? seq_read+0x1744/0x2240 [ 342.572643] ? ipv6_route_seq_next+0x11d0/0x11d0 [ 342.577419] ? seq_open+0x360/0x360 [ 342.581056] ? proc_reg_read+0x1e1/0x2f0 [ 342.585145] ? do_iter_read+0xb87/0xd80 [ 342.589131] ? proc_reg_llseek+0x270/0x270 [ 342.593389] ? vfs_readv+0x1d9/0x250 [ 342.597145] ? default_file_splice_read+0xa80/0x10e0 [ 342.602305] ? __ia32_sys_tee+0x160/0x160 [ 342.606477] ? splice_direct_to_actor+0x4af/0xfb0 [ 342.611341] ? do_splice_direct+0x540/0x540 [ 342.615702] ? do_splice_direct+0x332/0x540 [ 342.620061] ? do_sendfile+0x1090/0x1df0 [ 342.624175] ? __se_sys_sendfile64+0x1c2/0x380 [ 342.628784] ? __x64_sys_sendfile64+0x11e/0x170 [ 342.633472] ? __ia32_sys_sendfile+0x160/0x160 [ 342.638092] ? do_syscall_64+0x15b/0x220 [ 342.642198] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 342.647576] Modules linked in: [ 342.650792] Dumping ftrace buffer: [ 342.654357] (ftrace buffer empty) [ 342.658120] ---[ end trace 6a92ba628b96fe72 ]--- [ 342.662901] RIP: 0010:kmsan_nmi_enter+0x42/0x70 [ 342.667567] Code: 00 74 27 65 8b 04 25 80 90 03 00 83 c0 01 83 f8 08 7d 27 65 89 04 25 80 90 03 00 65 c6 04 25 15 6e 0b 00 ff c3 0f 0b 90 eb fe <0f> 0b 66 90 66 2e 0f 1f 84 00 00 00 00 00 eb fe 0f 0b 66 90 66 2e [ 342.686996] RSP: 0018:fffffe0000049ea8 EFLAGS: 00010046 [ 342.692370] RAX: 0000000000000200 RBX: 0000000000000001 RCX: 00000000c0000101 [ 342.699647] RDX: 00000000ffff8802 RSI: ffffffff88c0136c RDI: 00000000000004c0 [ 342.706921] RBP: fffffe0000049ef9 R08: 0000000000000000 R09: 0000000000000000 [ 342.714686] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 342.721960] R13: 0000000000000000 R14: 000000012f7fc000 R15: 0000000000000000 [ 342.729249] FS: 00007f1f87180700(0000) GS:ffff88021fd00000(0000) knlGS:0000000000000000 [ 342.737486] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 342.743381] CR2: 00000000013b4e80 CR3: 000000012f7fc000 CR4: 00000000001406e0 [ 342.750675] Kernel panic - not syncing: Fatal exception in interrupt [ 344.293584] Shutting down cpus with NMI [ 344.297707] ------------[ cut here ]------------ [ 344.302502] kernel BUG at mm/kmsan/kmsan_entry.c:81! [ 344.307660] invalid opcode: 0000 [#2] SMP PTI [ 344.312206] CPU: 0 PID: 6776 Comm: syz-executor4 Tainted: G D 4.18.0-rc8+ #34 [ 344.313538] Dumping ftrace buffer: [ 344.320812] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 344.324359] (ftrace buffer empty) [ 344.333754] RIP: 0010:kmsan_nmi_enter+0x42/0x70 [ 344.337432] Kernel Offset: disabled [[ 343444.3.3445755175] 1R]e Rboeobtooitnig ngi ni 8n 6846400 seconds.. [ 344.352519] 65 8b 04 25 80 90 03 00 83 c0 01 83 f8 08 7d 27 65 89 04 25 80 90 03 00 65 c6 04 25 15 6e 0b 00 ff c3 0f 0b 90 eb fe <0f> 0b 66 90 66 2e 0f 1f 84 00 00 00 00 00 eb fe 0f 0b 66 90 66 2e [ 344.370969] RSP: 0018:fffffe000000eea8 EFLAGS: 00010046 [ 344.376374] RAX: 0000000000010000 RBX: 0000000000000001 RCX: 00000000c0000101 [ 344.383676] RDX: 00000000ffff8802 RSI: ffffffff88c0136c RDI: 0000000000231854 [ 344.390978] RBP: fffffe000000eef9 R08: 0000000000000000 R09: 0000000000000000 [ 344.398284] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 344.405589] R13: 0000000000000000 R14: 00000001a5118000 R15: 0000000000000000 [ 344.412898] FS: 00007fe6b5924700(0000) GS:ffff88021fc00000(0000) knlGS:0000000000000000 [ 344.421154] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 344.427069] CR2: 00007fe5758c6000 CR3: 00000001a5118000 CR4: 00000000001406f0 [ 344.434358] Call Trace: [ 344.437010] [ 344.439209] ? end_repeat_nmi+0x19/0x8e [ 344.443223] ? end_repeat_nmi+0x7/0x8e [ 344.447158] ? delay_loop+0x50/0x50 [ 344.450825] ? delay_tsc+0xb4/0xe0 [ 344.454403] ? delay_tsc+0xb4/0xe0 [ 344.457986] ? delay_tsc+0xb4/0xe0 [ 344.461538] [ 344.463790] [ 344.465980] ? delay_loop+0x50/0x50 [ 344.469696] ? __const_udelay+0xb2/0xe0 [ 344.473779] ? nmi_trigger_cpumask_backtrace+0x439/0x4b0 [ 344.479295] ? arch_trigger_cpumask_backtrace+0x40/0x40 [ 344.484744] ? arch_trigger_cpumask_backtrace+0x2c/0x40 [ 344.490188] ? watchdog_timer_fn+0x6bd/0x760 [ 344.494643] ? watchdog_disable+0xe0/0xe0 [ 344.498836] ? __hrtimer_run_queues+0xbfc/0x15b0 [ 344.503667] ? hrtimer_interrupt+0x458/0x13d0 [ 344.508256] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 344.513784] ? __msan_poison_alloca+0x173/0x200 [ 344.518517] ? hrtimer_init+0x5b0/0x5b0 [ 344.522546] ? local_apic_timer_interrupt+0x6b/0x250 [ 344.527708] ? smp_apic_timer_interrupt+0x5a/0x90 [ 344.532601] ? apic_timer_interrupt+0xf/0x20 [ 344.537038] [ 344.539320] ? native_apic_mem_read+0x60/0x60 [ 344.543865] ? smp_call_function_single+0x365/0x4e0 [ 344.548930] ? smp_call_function_single+0x367/0x4e0 [ 344.554000] ? has_bh_in_lru+0x520/0x520 [ 344.558098] ? has_bh_in_lru+0x520/0x520 [ 344.562208] ? smp_call_function_many+0x658/0xdb0 [ 344.567135] ? has_bh_in_lru+0x520/0x520 [ 344.571247] ? has_bh_in_lru+0x520/0x520 [ 344.575357] ? on_each_cpu_cond+0x322/0x3f0 [ 344.579758] ? invalidate_bh_lrus+0x60/0x60 [ 344.584157] ? has_bh_in_lru+0x520/0x520 [ 344.588310] ? invalidate_bh_lrus+0x54/0x60 [ 344.592712] ? __blkdev_put+0x3bf/0xcb0 [ 344.596746] ? __msan_get_context_state+0x9/0x30 [ 344.601575] ? mutex_unlock+0x15/0x80 [ 344.605427] ? blkdev_put+0x431/0x560 [ 344.609279] ? blkdev_close+0xa6/0xf0 [ 344.613125] ? __fput+0x458/0xa30 [ 344.616671] ? fput+0x2e0/0x2e0 [ 344.619989] ? ____fput+0x37/0x40 [ 344.623485] ? task_work_run+0x22e/0x2b0 [ 344.627600] ? get_signal+0x1d3d/0x1ef0 [ 344.631671] ? touch_atime+0x228/0x410 [ 344.635613] ? kmsan_set_origin_inline+0x6b/0x120 [ 344.640496] ? kmsan_set_origin_inline+0x6b/0x120 [ 344.645410] ? do_signal+0x120/0x2090 [ 344.649310] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 344.654746] ? task_work_add+0x255/0x2f0 [ 344.658879] ? fput+0x29e/0x2e0 [ 344.662195] ? kmsan_set_origin_inline+0x6b/0x120 [ 344.667094] ? __msan_poison_alloca+0x173/0x200 [ 344.671804] ? prepare_exit_to_usermode+0x46/0x410 [ 344.676775] ? prepare_exit_to_usermode+0x273/0x410 [ 344.681832] ? syscall_return_slowpath+0xdb/0x700 [ 344.686745] ? __se_sys_sendfile64+0x254/0x380 [ 344.691375] ? __x64_sys_sendfile64+0x11e/0x170 [ 344.696095] ? do_syscall_64+0x1ab/0x220 [ 344.700207] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 344.705610] Modules linked in: [ 344.708834] Dumping ftrace buffer: [ 344.713413] (ftrace buffer empty) [ 344.717151] ---[ end trace 6a92ba628b96fe73 ]--- [ 344.721958] RIP: 0010:kmsan_nmi_enter+0x42/0x70 [ 344.726650] Code: 00 74 27 65 8b 04 25 80 90 03 00 83 c0 01 83 f8 08 7d 27 65 89 04 25 80 90 03 00 65 c6 04 25 15 6e 0b 00 ff c3 0f 0b 90 eb fe <0f> 0b 66 90 66 2e 0f 1f 84 00 00 00 00 00 eb fe 0f 0b 66 90 66 2e [ 344.746441] RSP: 0018:fffffe0000049ea8 EFLAGS: 00010046 [ 344.751879] RAX: 0000000000000200 RBX: 0000000000000001 RCX: 00000000c0000101 [ 344.759180] RDX: 00000000ffff8802 RSI: ffffffff88c0136c RDI: 00000000000004c0 [ 344.766475] RBP: fffffe0000049ef9 R08: 0000000000000000 R09: 0000000000000000 [ 344.773783] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 344.781077] R13: 0000000000000000 R14: 000000012f7fc000 R15: 0000000000000000 [ 344.788381] FS: 00007fe6b5924700(0000) GS:ffff88021fc00000(0000) knlGS:0000000000000000 [ 344.796631] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 344.802541] CR2: 00007fe5758c6000 CR3: 00000001a5118000 CR4: 00000000001406f0