[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   57.761222] audit: type=1800 audit(1540805620.813:25): pid=6175 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[   57.780251] audit: type=1800 audit(1540805620.833:26): pid=6175 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[   57.799706] audit: type=1800 audit(1540805620.843:27): pid=6175 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.123' (ECDSA) to the list of known hosts.
2018/10/29 09:33:55 fuzzer started
2018/10/29 09:34:00 dialing manager at 10.128.0.26:34337
2018/10/29 09:34:00 syscalls: 1
2018/10/29 09:34:00 code coverage: enabled
2018/10/29 09:34:00 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled
2018/10/29 09:34:00 setuid sandbox: enabled
2018/10/29 09:34:00 namespace sandbox: enabled
2018/10/29 09:34:00 Android sandbox: /sys/fs/selinux/policy does not exist
2018/10/29 09:34:00 fault injection: enabled
2018/10/29 09:34:00 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2018/10/29 09:34:00 net packed injection: enabled
2018/10/29 09:34:00 net device setup: enabled
09:36:38 executing program 0:

syzkaller login: [  236.133965] IPVS: ftp: loaded support on port[0] = 21
[  238.508277] bridge0: port 1(bridge_slave_0) entered blocking state
[  238.514894] bridge0: port 1(bridge_slave_0) entered disabled state
[  238.523533] device bridge_slave_0 entered promiscuous mode
[  238.680707] bridge0: port 2(bridge_slave_1) entered blocking state
[  238.687257] bridge0: port 2(bridge_slave_1) entered disabled state
[  238.695813] device bridge_slave_1 entered promiscuous mode
[  238.834011] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  238.969933] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  239.395775] bond0: Enslaving bond_slave_0 as an active interface with an up link
09:36:42 executing program 1:

[  239.599235] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  239.893389] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[  239.900443] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  240.111224] IPVS: ftp: loaded support on port[0] = 21
[  240.242607] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[  240.249719] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  240.858159] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  240.866283] team0: Port device team_slave_0 added
[  241.044623] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  241.052855] team0: Port device team_slave_1 added
[  241.236733] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[  241.243876] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  241.252879] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  241.437490] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[  241.444620] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  241.453612] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  241.694719] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  241.702476] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  241.711247] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  241.937128] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  241.948009] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  241.957137] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  244.166268] bridge0: port 1(bridge_slave_0) entered blocking state
[  244.172862] bridge0: port 1(bridge_slave_0) entered disabled state
[  244.181314] device bridge_slave_0 entered promiscuous mode
[  244.378399] bridge0: port 2(bridge_slave_1) entered blocking state
[  244.384999] bridge0: port 2(bridge_slave_1) entered disabled state
[  244.393624] device bridge_slave_1 entered promiscuous mode
[  244.658032] bridge0: port 2(bridge_slave_1) entered blocking state
[  244.664595] bridge0: port 2(bridge_slave_1) entered forwarding state
[  244.671516] bridge0: port 1(bridge_slave_0) entered blocking state
[  244.678085] bridge0: port 1(bridge_slave_0) entered forwarding state
[  244.686863] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  244.698311] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  244.938042] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  244.972278] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
09:36:48 executing program 2:

[  245.885845] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  246.161219] IPVS: ftp: loaded support on port[0] = 21
[  246.198631] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  246.540847] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[  246.548070] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  246.822172] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[  246.829226] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  247.713974] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  247.722210] team0: Port device team_slave_0 added
[  247.996079] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  248.004311] team0: Port device team_slave_1 added
[  248.266003] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[  248.273131] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  248.282074] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  248.602100] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[  248.609170] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  248.618599] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  248.883431] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  248.891026] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  248.900009] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  249.135356] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  249.143178] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  249.152384] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  251.511011] bridge0: port 1(bridge_slave_0) entered blocking state
[  251.517689] bridge0: port 1(bridge_slave_0) entered disabled state
[  251.526115] device bridge_slave_0 entered promiscuous mode
[  251.869075] bridge0: port 2(bridge_slave_1) entered blocking state
[  251.875716] bridge0: port 2(bridge_slave_1) entered disabled state
[  251.884426] device bridge_slave_1 entered promiscuous mode
[  252.110197] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
09:36:55 executing program 3:

[  252.390952] bridge0: port 2(bridge_slave_1) entered blocking state
[  252.397505] bridge0: port 2(bridge_slave_1) entered forwarding state
[  252.404543] bridge0: port 1(bridge_slave_0) entered blocking state
[  252.411005] bridge0: port 1(bridge_slave_0) entered forwarding state
[  252.419696] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  252.450278] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  253.291896] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  253.521699] IPVS: ftp: loaded support on port[0] = 21
[  253.550566] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  254.018206] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  254.375273] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[  254.382563] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  254.760418] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[  254.767566] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  255.868860] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  255.877041] team0: Port device team_slave_0 added
[  256.121882] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  256.129918] team0: Port device team_slave_1 added
[  256.457964] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[  256.465225] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  256.474076] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  256.818951] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[  256.826952] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  256.835868] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  257.125238] 8021q: adding VLAN 0 to HW filter on device bond0
[  257.255425] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  257.263232] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  257.272380] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  257.654864] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  257.662647] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  257.671849] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  258.585530] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  259.291326] bridge0: port 1(bridge_slave_0) entered blocking state
[  259.298059] bridge0: port 1(bridge_slave_0) entered disabled state
[  259.306564] device bridge_slave_0 entered promiscuous mode
[  259.699164] bridge0: port 2(bridge_slave_1) entered blocking state
[  259.705777] bridge0: port 2(bridge_slave_1) entered disabled state
[  259.714465] device bridge_slave_1 entered promiscuous mode
[  259.952886] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  259.959244] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  259.967429] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  260.015430] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  260.356581] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  261.426927] 8021q: adding VLAN 0 to HW filter on device team0
[  261.521690] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  261.532735] bridge0: port 2(bridge_slave_1) entered blocking state
[  261.539176] bridge0: port 2(bridge_slave_1) entered forwarding state
[  261.546174] bridge0: port 1(bridge_slave_0) entered blocking state
[  261.552708] bridge0: port 1(bridge_slave_0) entered forwarding state
[  261.561021] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  261.741931] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  261.848971] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  262.165391] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[  262.172569] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  262.552919] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[  262.559970] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
09:37:05 executing program 4:

[  263.805586] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  263.813736] team0: Port device team_slave_0 added
[  264.183023] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  264.190991] team0: Port device team_slave_1 added
[  264.400545] IPVS: ftp: loaded support on port[0] = 21
[  264.668966] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[  264.676166] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  264.685103] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  265.157112] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[  265.164345] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  265.173295] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  265.598487] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  265.606280] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  265.615396] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  266.036701] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  266.044374] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  266.053437] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  268.590266] 8021q: adding VLAN 0 to HW filter on device bond0
[  270.197617] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  270.626257] bridge0: port 2(bridge_slave_1) entered blocking state
[  270.632814] bridge0: port 2(bridge_slave_1) entered forwarding state
[  270.639725] bridge0: port 1(bridge_slave_0) entered blocking state
[  270.646784] bridge0: port 1(bridge_slave_0) entered forwarding state
[  270.655286] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
09:37:13 executing program 0:

09:37:14 executing program 0:
clone(0x2102001fc0, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff)
r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0x0, 0x0)
read(r0, &(0x7f0000000140)=""/42, 0x2a)
r1 = socket(0xffffffffffffffff, 0x0, 0x3)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='pagemap\x00')
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000180)={<r3=>0xffffffffffffffff}, 0x13f, 0x8}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r2, &(0x7f0000000340)={0x3, 0x40, 0xfa00, {{0xa, 0x4e20, 0x6, @loopback, 0x8}, {0xa, 0x4e21, 0x62e8, @mcast1, 0xfdf1}, r3, 0x1000}}, 0x48)
exit(0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000440)="66642f330057f64a657c481005f1abc44d4acb50ed40e8e339d2eaaa70f91a544d1f8e8663b454de10f6a189ea2936ca00a204e67daad4f67ed0046271e5a299743b7a7a5615745b66169d4ce3c9f851f33c989a1bb98740e92399d6b8a4b154dde093d0d5d80f1179eff1520bd68197a9362c71d035331a11564547289318f2bc171fd7894628471853da99dbeba0c92abdb43d593ba8edd2a9a287a0fb0df749315d3ad13b68c6e24df20035969bd1920438b202f143dfa6c2b21d0a3a6d6e4f385ca17f92729596da37ea85c88ca85eb71f800503bbef3943cb289b460b404657041dc74c6b57b2e9dd17e82586d1480d52af581fea8947f77ba9f87debc068628c0c7c34fb9bd5ec3121526b66744ea36a57e811c4de14b668ba4f80bc2b37a123544e88e480ebe3444956ea29aba019b32293464f7a2671d26472a089581d3251440d6334ed66036cc379281b590689f1032fa3f0ab715ee71ef3a7ebc52fad490c8b01599077227f7b99fc89c7180ccef8bde92a3112275b94729c4fd8cb109666e155cf430b41cae0f2ee034a3c08046b7d2951ecefbb4cdcb96ceb6c5d532b0451698db873642e63f268918f2c2b34bcfa16405e03dd7393c0ee3611b62183538703349aeb7ff0b57653c2b502a5991d96649377b7e835306d01d89e0ab42d6f81b6ba36ff8732")
pread64(r4, &(0x7f0000000240)=""/252, 0xfc, 0x0)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f00000000c0)={0x2, &(0x7f0000000040)=[{0x2d1d352b8000000, 0x0, 0x8000, 0x4}, {0x8e2, 0x3, 0x1, 0x3}]}, 0x10)

[  271.372184] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  271.667987] bridge0: port 1(bridge_slave_0) entered blocking state
[  271.674629] bridge0: port 1(bridge_slave_0) entered disabled state
[  271.683105] device bridge_slave_0 entered promiscuous mode
[  271.725780] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  271.732233] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  271.739962] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  272.041511] bridge0: port 2(bridge_slave_1) entered blocking state
[  272.048090] bridge0: port 2(bridge_slave_1) entered disabled state
[  272.056548] device bridge_slave_1 entered promiscuous mode
09:37:15 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00', 0x101})
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000000180)={{{@in=@broadcast, @in=@loopback}}, {{@in6}, 0x0, @in=@dev}}, &(0x7f0000000280)=0xe8)
setxattr$security_capability(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000140)='security.capability\x00', &(0x7f0000000400)=@v2={0x2000000, [{0x7ff, 0x3}, {0x2040000000000000, 0x1ff}]}, 0x14, 0x2)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='syzkaller0\x00', 0x10)
r1 = socket$inet6(0xa, 0x2100000000000002, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r2, &(0x7f0000000140)={0x10, 0x0, 0x0, 0x1}, 0xc)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e27, 0x0, @ipv4={[], [], @loopback}}, 0x1c)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@remote, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x400000000002}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@mcast2, 0x0, 0x33}, 0x0, @in6=@loopback, 0x0, 0x0, 0x0, 0x90, 0x5b}}, 0xe8)
sendmsg(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000006c0), 0x6}, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000080)={@multicast2, @remote}, 0xc)

[  272.401982] device lo entered promiscuous mode
[  272.529194] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
09:37:15 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r2, &(0x7f0000000180)={0x2, 0x4e20, @remote}, 0x10)
r3 = fcntl$dupfd(r0, 0x406, r1)
write$sndseq(r3, &(0x7f0000000340)=[{0x0, 0x8, 0x0, 0x2, @tick=0x6, {0x800000000000, 0x8001}, {0x6, 0x5}, @ext={0x8c, &(0x7f0000000280)="493ed4ceb2b05d892c150a207ac3402ca7582413869e5e4e0b02e9ea305392e64f313400e4fd8ba781937fd36ae330367cc323a02cdccdedb7390893201957056753b24e40b764ab86f85f3be7730a91a407661acc5c2e694ea8b83ef6711dcaaebdca194fd8b752a66b383cd85bd90b33be5a46983c4c799970f4187210cb70f690d41fe7f948b3d18a6a3d"}}, {0x44b5, 0x977, 0x81, 0x3, @tick=0x5505, {0x2, 0x5}, {0x5, 0x20}, @raw8={"cd116ed6c3f06edc591c84f1"}}, {0x7, 0x7, 0x582f, 0xbcd, @time={0x77359400}, {0x3ff, 0x3}, {0x1, 0x1}, @time=@time={0x0, 0x989680}}], 0x90)
setsockopt$inet_tcp_int(r2, 0x6, 0x2, &(0x7f00000000c0)=0x17f, 0x163)
setsockopt$sock_int(r2, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
setsockopt$inet_tcp_int(r3, 0x6, 0x22, &(0x7f0000000240)=0x1, 0x4)
sendto$inet(r2, &(0x7f0000000100)="1b", 0x1, 0x20048045, &(0x7f00000001c0)={0x2, 0x4e20}, 0x10)
sendto$inet(r2, &(0x7f0000000100), 0x229f, 0x4008000, 0x0, 0xb4)

[  272.913044] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based  firewall rule not found. Use the iptables CT target to attach helpers instead.
[  272.998759] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  273.268744] 8021q: adding VLAN 0 to HW filter on device team0
09:37:16 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x30)
ioctl$VIDIOC_G_CROP(r0, 0xc014563b, &(0x7f00000000c0)={0xb, {0x2, 0x9, 0x8000, 0x5}})
getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r0, 0x84, 0x70, &(0x7f00000001c0)={<r1=>0x0, @in={{0x2, 0x4e23, @broadcast}}, [0x3, 0x80, 0x100, 0x1e, 0x8, 0x3, 0x0, 0x1, 0x0, 0x6, 0x4, 0x3, 0x3, 0x1ff]}, &(0x7f0000000140)=0x100)
getsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f00000002c0)={r1, 0x10001, 0x7, 0x6}, &(0x7f0000000300)=0x10)
ioctl$VIDIOC_G_STD(r0, 0x80085617, &(0x7f0000000100))
r2 = syz_open_dev$video(&(0x7f0000000180)='/dev/video#\x00', 0x0, 0x0)
ioctl$VIDIOC_PREPARE_BUF(r2, 0xc058565d, &(0x7f0000000000)={0x0, 0x2, 0x4, 0x0, {0x0, 0x7530}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "f6dc9afe"}, 0x0, 0x0, @offset, 0x4})

09:37:16 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
recvmmsg(r0, &(0x7f0000001d00)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f00000000c0)=""/22, 0x16}], 0x1, &(0x7f0000000280)=""/210, 0xd2}}], 0x1, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
shutdown(r1, 0x0)
r4 = fcntl$dupfd(r3, 0x406, r1)
ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000000)={0x800, <r5=>0x0, 0x10001, 0xffffffff})
ioctl$DRM_IOCTL_AGP_ALLOC(r4, 0xc0206434, &(0x7f0000000080)={0x2, r5, 0x0, 0x9})

[  274.233644] bond0: Enslaving bond_slave_0 as an active interface with an up link
09:37:17 executing program 5:
r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x100, 0x0)
ioctl$KDGETKEYCODE(r0, 0x4b4c, &(0x7f0000000040)={0x1, 0x1})
write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000080)={0x1, 0x2747}, 0x2)
ioctl$TCSETAF(r0, 0x5408, &(0x7f00000000c0)={0xfffffffffffffffb, 0x8001, 0x28272a0c, 0x200, 0x2, 0x9, 0x1, 0x6f, 0x3, 0x3})
getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r0, 0x84, 0x70, &(0x7f0000000100)={<r1=>0x0, @in={{0x2, 0x4e20, @remote}}, [0x9c53, 0x0, 0x11d5, 0xfffffffffffeffff, 0x5, 0x3, 0x9, 0x1ff, 0x2458, 0x4, 0x1, 0x7, 0x2, 0x1, 0x401]}, &(0x7f0000000200)=0x100)
setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r0, 0x84, 0x79, &(0x7f0000000240)={r1, 0x7ff, 0x7f}, 0x8)
r2 = dup3(r0, r0, 0x80000)
fcntl$F_GET_FILE_RW_HINT(r0, 0x40d, &(0x7f0000000280))
socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$EVIOCGEFFECTS(r0, 0x80044584, &(0x7f00000002c0)=""/174)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00')
sendmsg$IPVS_CMD_DEL_DEST(r0, &(0x7f00000004c0)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x64, r3, 0x500, 0x70bd28, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_SERVICE={0xc, 0x1, [@IPVS_SVC_ATTR_PORT={0x8, 0x4, 0x4e24}]}, @IPVS_CMD_ATTR_SERVICE={0x24, 0x1, [@IPVS_SVC_ATTR_AF={0x8, 0x1, 0x2}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x4}, @IPVS_SVC_ATTR_PORT={0x8, 0x4, 0x4e22}, @IPVS_SVC_ATTR_PROTOCOL={0x8, 0x2, 0x7f}]}, @IPVS_CMD_ATTR_SERVICE={0x20, 0x1, [@IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@mcast1}, @IPVS_SVC_ATTR_PORT={0x8, 0x4, 0x4e21}]}]}, 0x64}, 0x1, 0x0, 0x0, 0x4000}, 0x4048000)
write$P9_RLERRORu(r0, &(0x7f0000000500)={0x12, 0x7, 0x2, {{0x5, 'IPVS\x00'}, 0x2}}, 0x12)
socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000540)={<r4=>0xffffffffffffffff})
setsockopt$SO_TIMESTAMPING(r4, 0x1, 0x25, &(0x7f0000000580)=0x800, 0x4)
write$binfmt_misc(r4, &(0x7f00000005c0)={'syz0', "4a09ffb7997a43f89bfb1bf82a8c557d38286e65cb75e6ddd09d29c05bc9c438a6ce9c25f2fe9a112d093ccfe371038369676cc80e7c181ace2b617e96199bb597065bf5be272661be9f71c0ccf1f13dfaaaf8748966d4178746c43ecef8aa0e6ff3cba2e0d69a344d2c2e3ec3a40ef1637cd2264abca734d17e5a82dcbfb63a04072182b33ff99ad2cc9851fa84f063271d17ec28fc384ce93ebe2d532f70d20c57b9f8195d"}, 0xaa)
ioctl$KVM_HYPERV_EVENTFD(r2, 0x4018aebd, &(0x7f0000000680)={0x2, r0})
setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f00000006c0)=[@in={0x2, 0x4e24, @loopback}, @in={0x2, 0x4e24, @loopback}, @in={0x2, 0x4e20, @local}, @in={0x2, 0x4e23, @multicast1}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xe}}, @in6={0xa, 0x4e23, 0x3ff, @loopback}], 0x6c)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000900)={0x3, 0x1, &(0x7f0000000740)=""/143, &(0x7f0000000800)=""/188, &(0x7f00000008c0)=""/9, 0x6000})
sendmsg$IPVS_CMD_NEW_DAEMON(r2, &(0x7f0000000ac0)={&(0x7f0000000940)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000a80)={&(0x7f0000000980)={0xd4, r3, 0xb00, 0x70bd26, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_SERVICE={0x20, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x1, 0x22}}, @IPVS_SVC_ATTR_AF={0x8, 0x1, 0xa}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}]}, @IPVS_CMD_ATTR_DAEMON={0x64, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP={0x8}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x40}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'gre0\x00'}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x2}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @dev={0xac, 0x14, 0x14, 0x1e}}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e23}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @dev}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0xfff}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x1200000}]}, @IPVS_CMD_ATTR_DEST={0x3c, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0xfffffffffffff9d8}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x8000}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x62bead5ae04d0b9d}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x3}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x4}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x5}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x2}]}]}, 0xd4}, 0x1, 0x0, 0x0, 0x24000000}, 0x800)
ioctl$sock_SIOCSIFBR(r5, 0x8941, &(0x7f0000000b40)=@get={0x1, &(0x7f0000000b00)=""/11, 0x9})
sysfs$2(0x2, 0xd4, &(0x7f0000000b80))
fcntl$setsig(r2, 0xa, 0x31)
setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT(r2, 0x28, 0x6, &(0x7f0000000bc0)={0x77359400}, 0x10)
getsockopt$packet_buf(r2, 0x107, 0xf, &(0x7f0000000c00)=""/175, &(0x7f0000000cc0)=0xaf)
r6 = fcntl$getown(r2, 0x9)
ptrace$PTRACE_SECCOMP_GET_METADATA(0x420d, r6, 0x10, &(0x7f0000000d00)={0x9})
ioctl$EVIOCSMASK(r0, 0x40104593, &(0x7f0000000e00)={0x17, 0x8e, &(0x7f0000000d40)="cedcddf98fa205e0ab79a6e272813e8bb135698a8b22aea9394ae346fe6d3ff20c42429f3c85cb339013ccf8509a6b8d248fc29522db32c43feaed11a212bad06b3a4918ffc1bb0b0534ef642c8d9d166720ea62ce2a514f5f1930acdbe50f9df70197b3fe9ca806215e8141dac6d7a4f7ddeafe56fcac9dc96d03f97183d91791b96e7098811c885398e3c65b29"})
getsockopt$IP6T_SO_GET_ENTRIES(r0, 0x29, 0x41, &(0x7f0000000e40)={'mangle\x00', 0xc0, "76c0fffabd748556f65396e034e93c0dd268a27e12ee115c5bb7ad40baf805c53c33dec97d46096eda5ef101811e9c5fb7cfbc765e9f90161c90e15f1a3346198023e2ba695b9f15502d6bc0c0c815eb625ce44c43e570ed39ec0be1f9ae256098b8875fc4342b9986872d3aa3da60d2fd2c85ea89e6d80bf347b4f44634ffb2f2de8721c02cc4da94db4ac6cb8a15217ee482d531c6da81d4d2fabf42227e9a892708ec35745a21f624bbbc1f3237c5431d8cca1621c788f94ff41f106bedaf"}, &(0x7f0000000f40)=0xe4)

[  274.570119] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  275.038240] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[  275.045401] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
09:37:18 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
setrlimit(0x0, &(0x7f00000000c0)={0x0, 0x4})
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$key(0xf, 0x3, 0x2)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f00000001c0), 0xfa)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000e15000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr(blowfish)\x00'}, 0x58)
accept4$alg(r2, 0x0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000380)="7026f2c5", 0x4)
sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="0273ec3759151342cfd90700005756ebb73ceb2f1e"], 0x15}}, 0x0)
sendmsg$key(r1, &(0x7f00000040c0)={0x0, 0x0, &(0x7f0000001700)={&(0x7f0000000100)=ANY=[@ANYBLOB="0200000000000000000000000000000011edc1cb727a1cdc3501dfbda9b87df6d06f31c47b09a492a7ffccf65567"], 0x2e}}, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote, 0x3}, 0x1c)
r4 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r4, &(0x7f00000009c0)=@pppol2tpv3={0x18, 0x1, {0x0, r3, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
ioctl$sock_SIOCBRDELBR(r3, 0x89a1, &(0x7f0000000040)='irlan0\x00')
setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x1, 0x800000000000000a}, {}, {0x0, 0x0, 0x2}, 0x0, 0x0, 0x1}, {{@in=@multicast1, 0x0, 0x2b}, 0x2, @in, 0x0, 0x4}}, 0xe8)
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
r5 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f0000000400)={'vcan0\x00', <r6=>0x0})
r7 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r7, 0x11b, 0x3, &(0x7f00000000c0)=0x2, 0x4)
setsockopt$XDP_UMEM_REG(r7, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/17, 0x10000, 0x1000}, 0x18)
setsockopt$XDP_UMEM_FILL_RING(r7, 0x11b, 0x5, &(0x7f00000008c0)=0x8, 0x4)
setsockopt$XDP_UMEM_COMPLETION_RING(r7, 0x11b, 0x6, &(0x7f00000002c0)=0x80, 0x4)
bind$xdp(r7, &(0x7f0000000300)={0x2c, 0x0, r6}, 0x10)
write$binfmt_elf64(r7, &(0x7f0000000800)=ANY=[], 0x0)
socketpair$inet(0x2, 0x0, 0x7, &(0x7f0000000740))

[  275.279048] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html for details.
[  275.470638] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[  275.480341] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  275.562739] hrtimer: interrupt took 52702 ns
[  275.758338] IPVS: ftp: loaded support on port[0] = 21
[  277.068624] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  277.076863] team0: Port device team_slave_0 added
[  277.455308] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  277.463634] team0: Port device team_slave_1 added
[  277.752017] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[  277.759051] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  277.767851] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  278.138129] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[  278.145355] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  278.154659] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  278.539046] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  278.547536] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  278.556421] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  278.907613] 8021q: adding VLAN 0 to HW filter on device bond0
[  278.922056] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  278.929581] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  278.938436] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  280.131859] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  281.472211] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  281.478563] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  281.486489] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  281.931088] bridge0: port 1(bridge_slave_0) entered blocking state
[  281.938118] bridge0: port 1(bridge_slave_0) entered disabled state
[  281.946661] device bridge_slave_0 entered promiscuous mode
[  282.284358] bridge0: port 2(bridge_slave_1) entered blocking state
[  282.290833] bridge0: port 2(bridge_slave_1) entered disabled state
[  282.299287] device bridge_slave_1 entered promiscuous mode
09:37:25 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
setrlimit(0x0, &(0x7f00000000c0)={0x0, 0x4})
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$key(0xf, 0x3, 0x2)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f00000001c0), 0xfa)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000e15000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr(blowfish)\x00'}, 0x58)
accept4$alg(r2, 0x0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000380)="7026f2c5", 0x4)
sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="0273ec3759151342cfd90700005756ebb73ceb2f1e"], 0x15}}, 0x0)
sendmsg$key(r1, &(0x7f00000040c0)={0x0, 0x0, &(0x7f0000001700)={&(0x7f0000000100)=ANY=[@ANYBLOB="0200000000000000000000000000000011edc1cb727a1cdc3501dfbda9b87df6d06f31c47b09a492a7ffccf65567"], 0x2e}}, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote, 0x3}, 0x1c)
r4 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r4, &(0x7f00000009c0)=@pppol2tpv3={0x18, 0x1, {0x0, r3, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
ioctl$sock_SIOCBRDELBR(r3, 0x89a1, &(0x7f0000000040)='irlan0\x00')
setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x1, 0x800000000000000a}, {}, {0x0, 0x0, 0x2}, 0x0, 0x0, 0x1}, {{@in=@multicast1, 0x0, 0x2b}, 0x2, @in, 0x0, 0x4}}, 0xe8)
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
r5 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f0000000400)={'vcan0\x00', <r6=>0x0})
r7 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r7, 0x11b, 0x3, &(0x7f00000000c0)=0x2, 0x4)
setsockopt$XDP_UMEM_REG(r7, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/17, 0x10000, 0x1000}, 0x18)
setsockopt$XDP_UMEM_FILL_RING(r7, 0x11b, 0x5, &(0x7f00000008c0)=0x8, 0x4)
setsockopt$XDP_UMEM_COMPLETION_RING(r7, 0x11b, 0x6, &(0x7f00000002c0)=0x80, 0x4)
bind$xdp(r7, &(0x7f0000000300)={0x2c, 0x0, r6}, 0x10)
write$binfmt_elf64(r7, &(0x7f0000000800)=ANY=[], 0x0)
socketpair$inet(0x2, 0x0, 0x7, &(0x7f0000000740))

[  282.629847] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  283.008720] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  283.106419] 8021q: adding VLAN 0 to HW filter on device team0
[  283.152345] bridge0: port 2(bridge_slave_1) entered blocking state
[  283.158806] bridge0: port 2(bridge_slave_1) entered forwarding state
[  283.165838] bridge0: port 1(bridge_slave_0) entered blocking state
[  283.172367] bridge0: port 1(bridge_slave_0) entered forwarding state
[  283.180960] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  283.187809] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  284.195155] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  284.521209] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  284.728654] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[  284.736161] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  285.052486] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[  285.059981] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  286.038403] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  286.046869] team0: Port device team_slave_0 added
[  286.376396] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  286.384589] team0: Port device team_slave_1 added
[  286.462985] 8021q: adding VLAN 0 to HW filter on device bond0
[  286.630908] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[  286.638095] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  286.646921] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  286.922882] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[  286.929932] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  286.939090] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  287.235605] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  287.243381] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  287.252307] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  287.495915] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  287.505550] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  287.515208] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  287.649544] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  288.808010] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  288.816045] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  288.824059] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  289.923030] 8021q: adding VLAN 0 to HW filter on device team0
09:37:33 executing program 2:
r0 = socket$inet6(0xa, 0x1, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl(r1, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070")
setsockopt$sock_int(r0, 0x1, 0x4000000000000002, &(0x7f0000000040)=0x4cfe480a, 0x7d)
listen(r0, 0x0)

[  290.617036] bridge0: port 2(bridge_slave_1) entered blocking state
[  290.623587] bridge0: port 2(bridge_slave_1) entered forwarding state
[  290.630495] bridge0: port 1(bridge_slave_0) entered blocking state
[  290.637051] bridge0: port 1(bridge_slave_0) entered forwarding state
[  290.645702] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  290.652378] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  294.574853] 8021q: adding VLAN 0 to HW filter on device bond0
09:37:38 executing program 3:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @broadcast}, 0x10)
sendto$inet(r0, &(0x7f0000000080), 0x0, 0x20000801, &(0x7f0000000080)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1c}}, 0x10)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000440)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000400), 0x100000000000000c)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil})
openat$zero(0xffffffffffffff9c, &(0x7f0000000100)='/dev/zero\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0x0, @empty=0x500000000000000}, 0x6)

[  295.438957] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  296.165901] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  296.172408] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  296.180199] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  296.735016] 8021q: adding VLAN 0 to HW filter on device team0
[  298.581882] 8021q: adding VLAN 0 to HW filter on device bond0
[  299.139918] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  299.691249] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  299.697843] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  299.705874] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
09:37:43 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="ea"])
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000440)=[@textreal={0x8, &(0x7f0000000000)="0f01c8f20f35ba2000b000ee0f2336360fc76df20f2054440f20c0663504000000440f22c064f3e10a660f3a63a63c6700baf80c66b8bd08428766efbafc0cb066ee", 0x42}], 0x1, 0x0, &(0x7f0000000400), 0x100000000000000c)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil})
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:37:43 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
setrlimit(0x0, &(0x7f00000000c0)={0x0, 0x4})
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$key(0xf, 0x3, 0x2)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f00000001c0), 0xfa)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000e15000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr(blowfish)\x00'}, 0x58)
accept4$alg(r2, 0x0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000380)="7026f2c5", 0x4)
sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="0273ec3759151342cfd90700005756ebb73ceb2f1e"], 0x15}}, 0x0)
sendmsg$key(r1, &(0x7f00000040c0)={0x0, 0x0, &(0x7f0000001700)={&(0x7f0000000100)=ANY=[@ANYBLOB="0200000000000000000000000000000011edc1cb727a1cdc3501dfbda9b87df6d06f31c47b09a492a7ffccf65567"], 0x2e}}, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote, 0x3}, 0x1c)
r4 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r4, &(0x7f00000009c0)=@pppol2tpv3={0x18, 0x1, {0x0, r3, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
ioctl$sock_SIOCBRDELBR(r3, 0x89a1, &(0x7f0000000040)='irlan0\x00')
setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x1, 0x800000000000000a}, {}, {0x0, 0x0, 0x2}, 0x0, 0x0, 0x1}, {{@in=@multicast1, 0x0, 0x2b}, 0x2, @in, 0x0, 0x4}}, 0xe8)
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
r5 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f0000000400)={'vcan0\x00', <r6=>0x0})
r7 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r7, 0x11b, 0x3, &(0x7f00000000c0)=0x2, 0x4)
setsockopt$XDP_UMEM_REG(r7, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/17, 0x10000, 0x1000}, 0x18)
setsockopt$XDP_UMEM_FILL_RING(r7, 0x11b, 0x5, &(0x7f00000008c0)=0x8, 0x4)
setsockopt$XDP_UMEM_COMPLETION_RING(r7, 0x11b, 0x6, &(0x7f00000002c0)=0x80, 0x4)
bind$xdp(r7, &(0x7f0000000300)={0x2c, 0x0, r6}, 0x10)
write$binfmt_elf64(r7, &(0x7f0000000800)=ANY=[], 0x0)
socketpair$inet(0x2, 0x0, 0x7, &(0x7f0000000740))

09:37:43 executing program 2:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
mount(&(0x7f0000000180)=ANY=[], &(0x7f0000000080)='.', &(0x7f0000000280)="fee7ea94a1f36c087c92b352ad32239f2e3268655bde9084c9d01839b6949b519df94ec01650b06e24b62e284f12316e1407bd2173abdec209cb0450f6ae04ff20475b7f5acde8aaff3d295b59a7008986dd7e2f817fbd7c1f4602ff714eaa857c07a371c712db85f90f0b3cf2361a496f11f63a6b2e1c1ce68dbc9694738470dddfe31dcb9c59f917535ec82b513e1c1293e4d5c2d82f86bf1b82f52910caab6edcd9ea3b96967607c16ceb31e6d7999c3a239528ae0b0685f019dc6a45874363e8c0040eaaf1be9cbbc214e8e8458a597e8aef2d74f6808c", 0x0, 0x0)

09:37:43 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
setrlimit(0x0, &(0x7f00000000c0)={0x0, 0x4})
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$key(0xf, 0x3, 0x2)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f00000001c0), 0xfa)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000e15000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr(blowfish)\x00'}, 0x58)
accept4$alg(r2, 0x0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000380)="7026f2c5", 0x4)
sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="0273ec3759151342cfd90700005756ebb73ceb2f1e"], 0x15}}, 0x0)
sendmsg$key(r1, &(0x7f00000040c0)={0x0, 0x0, &(0x7f0000001700)={&(0x7f0000000100)=ANY=[@ANYBLOB="0200000000000000000000000000000011edc1cb727a1cdc3501dfbda9b87df6d06f31c47b09a492a7ffccf65567"], 0x2e}}, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote, 0x3}, 0x1c)
r4 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r4, &(0x7f00000009c0)=@pppol2tpv3={0x18, 0x1, {0x0, r3, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
ioctl$sock_SIOCBRDELBR(r3, 0x89a1, &(0x7f0000000040)='irlan0\x00')
setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x1, 0x800000000000000a}, {}, {0x0, 0x0, 0x2}, 0x0, 0x0, 0x1}, {{@in=@multicast1, 0x0, 0x2b}, 0x2, @in, 0x0, 0x4}}, 0xe8)
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
r5 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f0000000400)={'vcan0\x00', <r6=>0x0})
r7 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r7, 0x11b, 0x3, &(0x7f00000000c0)=0x2, 0x4)
setsockopt$XDP_UMEM_REG(r7, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/17, 0x10000, 0x1000}, 0x18)
setsockopt$XDP_UMEM_FILL_RING(r7, 0x11b, 0x5, &(0x7f00000008c0)=0x8, 0x4)
setsockopt$XDP_UMEM_COMPLETION_RING(r7, 0x11b, 0x6, &(0x7f00000002c0)=0x80, 0x4)
bind$xdp(r7, &(0x7f0000000300)={0x2c, 0x0, r6}, 0x10)
write$binfmt_elf64(r7, &(0x7f0000000800)=ANY=[], 0x0)
socketpair$inet(0x2, 0x0, 0x7, &(0x7f0000000740))

09:37:43 executing program 3:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f0000000040)=0x1, 0x4)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000100)='bond0\x00', 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @loopback}, 0x10)

[  300.238976] 8021q: adding VLAN 0 to HW filter on device team0
09:37:43 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="0fa1"])
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000440)=[@text64={0x40, &(0x7f0000000080)="660f2d6600450f094b0fc7683ac7442400b9760000c7442402f9ffffffc7442406000000000f011c24d27af667410f01a300000100c42115c6d338c4a18b5d79050f71d7bb470f01bc600cb40000", 0x4e}], 0x1, 0x0, &(0x7f0000000400), 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil})
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:37:43 executing program 2:
socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000500))
openat$ppp(0xffffffffffffff9c, &(0x7f0000000480)='/dev/ppp\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000140)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha384\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000ff8000), 0x0)
r1 = accept$alg(r0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000001f80)=[{{&(0x7f0000000080)=@pptp={0x18, 0x2, {0x0, @loopback}}, 0x80, &(0x7f0000000440)=[{&(0x7f0000000380)=""/95, 0x5f}, {&(0x7f0000000000)=""/62, 0x3e}, {&(0x7f0000000400)=""/55, 0x37}], 0x3, &(0x7f0000000540)=""/221, 0xdd, 0x100000001}, 0x4}, {{0x0, 0x0, &(0x7f0000000d80), 0x0, &(0x7f0000000dc0)=""/80, 0x50}}, {{&(0x7f0000001540)=@pptp={0x18, 0x2, {0x0, @multicast1}}, 0x80, &(0x7f0000001040), 0x0, &(0x7f0000001900)=""/1, 0x1}}], 0x3, 0x100, &(0x7f0000002140)={0x0, 0x989680})
write$binfmt_script(r1, &(0x7f0000000280)={'#! ', './file0', [{}, {0x20, '#! '}, {0x20, 'aead\x00'}, {0x20, 'gcm_base(ctr(aes-aesni),ghash-generic)\x00'}, {0x20, 'gcm_base(ctr(aes-aesni),ghash-generic)\x00'}, {0x20, 'GPL\''}], 0xa, "066c821e87c5cc56b9d151802f3f2c44e0"}, 0x7c)
recvmmsg(r1, &(0x7f0000001280)=[{{&(0x7f0000000ec0)=@nl=@proc, 0x34e, &(0x7f0000001180)=[{&(0x7f0000001080)=""/251, 0xfb}], 0x11, &(0x7f00000011c0)=""/157, 0x9d}}], 0x1500, 0x0, &(0x7f0000001380)={0x77359400})

09:37:46 executing program 5:
sched_setaffinity(0x0, 0x8, &(0x7f0000000180))
connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket(0x10, 0x3, 0x0)
ioctl$sock_ifreq(r3, 0x89f0, &(0x7f0000000080)={'ip_vti0\x00', @ifru_data=&(0x7f0000000000)="b06f31673d3da2b793d4f9a507e3c9133ba7ce8f5e6e538ecf8829b08f7f4aae"})
ioctl$sock_ifreq(r3, 0x89f3, &(0x7f0000000080)={'ip_vti0\x00', @ifru_data=&(0x7f0000000000)="b06f31673d3da2b793d4f9a507e3c9133ba7ce8f5e6e538ecf8829b08f7f4aae"})
connect(r2, &(0x7f0000000140)=@pppol2tp={0x18, 0x1, {0x0, r1, {0x2, 0x4e22, @broadcast}, 0x4, 0x3, 0x1, 0x3}}, 0x80)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000000c0)={0x2, 0x4e23, @broadcast}, 0x10)
setsockopt$inet_tcp_int(r4, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x4)
sendto$inet(r4, &(0x7f0000000000), 0x0, 0x20000802, &(0x7f0000001180)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0xa}}, 0x10)
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f0000000000)='sit0\x00', 0x10)
r5 = dup3(r4, r2, 0x80000)
ioctl$UI_END_FF_ERASE(r5, 0x400c55cb, &(0x7f00000004c0)={0x8, 0x4000000000000})
getsockname$inet6(r5, &(0x7f00000001c0), &(0x7f0000000200)=0x1c)
sendto$inet(r4, &(0x7f0000d7cfcb), 0x100000252, 0x0, &(0x7f0000893ff0), 0x10)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r5, 0xc0505405, &(0x7f0000000240)={{0x3, 0x0, 0x5, 0x3, 0x1f}, 0xc26, 0x9, 0x4})
shutdown(r4, 0x400000000000001)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r5, 0xc0505405, &(0x7f0000000400)={{0x3, 0x3, 0x332, 0x3, 0x21}, 0x0, 0x3ff, 0xffffffffffffff80})
r6 = gettid()
capset(&(0x7f0000000340)={0x20080522, r6}, &(0x7f0000000480)={0x7, 0x4, 0x5, 0xa3e5, 0x9, 0x7fff})
ioctl$sock_inet_SIOCSIFADDR(r4, 0x8916, &(0x7f0000000080)={'lo\x00', {0x2, 0x4e24, @local}})
getsockopt$EBT_SO_GET_INIT_INFO(r5, 0x0, 0x82, &(0x7f00000002c0)={'broute\x00'}, &(0x7f00000003c0)=0x78)
ioctl$sock_inet6_tcp_SIOCATMARK(r5, 0x8905, &(0x7f0000000540))
r7 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r7, &(0x7f00000001c0), 0x10)
connect$inet(r7, &(0x7f0000000040)={0x2, 0xfffffffffffffffd, @broadcast}, 0x10)
sendmmsg(0xffffffffffffffff, &(0x7f0000007fc0), 0x4000000000001a8, 0x0)

09:37:46 executing program 4:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070")
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.controllers\x00', 0x26e1, 0x0)
ioctl$EXT4_IOC_RESIZE_FS(r1, 0x40086610, &(0x7f0000000080)=0x7ff00)

09:37:46 executing program 3:
r0 = socket(0x100000010, 0x3, 0x0)
ioctl$sock_ifreq(r0, 0x8924, &(0x7f0000000000)={"626f6e6430000000000600000100", @ifru_settings={0x1, 0x0, @fr_pvc=&(0x7f0000000040)}})

09:37:46 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="0fae"])
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000440)=[@text64={0x40, &(0x7f0000000080)="660f2d6600450f094b0fc7683ac7442400b9760000c7442402f9ffffffc7442406000000000f011c24d27af667410f01a300000100c42115c6d338c4a18b5d79050f71d7bb470f01bc600cb40000", 0x4e}], 0x1, 0x0, &(0x7f0000000400), 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil})
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

09:37:46 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000480)={0x79})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$vcsn(&(0x7f00000006c0)='/dev/vcs#\x00', 0x815a, 0x40)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000180)="2e65f32efe0a6766c7442400008000006766c7442402000000006766c744240600000000670f011c24b866000f00d066b88044a2b20f23c80f21f866350400d0000f23f80f0766b80500000066b9080000000f01c10f0766b8010000000f01c10f01dfb835008ee0", 0x68}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f00000007c0)={"a523fb9656eb871ffcd7ffeb51d84e738a55eba841ae487e33cdd921e8a51ce6c924020f0ac3562dd8cdeb31deac16f46da4ac16ee8165bce439eddce671c5b0a1103ea3f86a43cbb78504f6f9c77c2f09dc27632ec6036ee52a87e321e707c0cfe15576c26d52d0334c8d4693e127b3a046a5ed7796c9c5017cfd58ec871ed76369846fea9ebfa2f7f96496abf4ef57ed1ecd930eb9e13396875f01e932804ffe8a34c8fbedd97cdfb3176ec59fbbfd20a6ff17795431c3908530e4f5f703480a5211cc6a7e2084e4a9b6aedf60b7b8084b00ca2cbed255b4cc4679c967432fea5e95119f9635e94794aab6ef54f290677fa08d0ee2cc8eae468efd02417055d3f3ccc86b629dfb878c4d115c16c75fe352cffa93648cf49577256b5d2faf0634335c97ffff966ae90cbf81250df3613c25d2789c869c9cc95a6e9d364c4c684059c593f9950e66cf81cd9f36d73fade4f0cbb795010364d13ff32c12efd91d0ebb6533700945f2db6113a630bd521eec89a74c46e1733b72d6e4d2ccee3b40f99809a9a4fb5fc2d1c53e1366d455bcbe81893100ab56b2556b55c1a0c5787356b464c3bf7011488e55f587a6d4420d46d69a74ee5bbfbcb0d6cb00aae8c3dfd6dd2e9f76d7a542f20553207b668dce69f1b463ee9166e81bb109f461b8885f15c9e525d72260ccdbd69e3345612158114780b9409ea856cb724faa6ed27ba836b35c10e7c7d43f2fa34f98f16a00f31565e16a213eaf4a7f438c89733ebe6d16328b930fd942bc64d631dd1f2aa1cc2ccdaff2324076c83e1ba4d2a0e40e010c96b42e7a4a76cd7a89ef592b9b3030f62d9fbd565ee5908ab90b42620b61e5d1e08621a31d21003cd12a450461636472fa64a7e1b98778bfb482fb4b4da31b42ee98b10f9c0f4c085d08c37ee2e3a9e4a5aff72a0ab844fcbfa224842c85f6cdfd25829c44760e3859624f891df4824f7d17938ac2def6721639176fad9512ee9b4c5de1412cf3083e1d5ee2d29b63267ccba535409da7bef05d3fa79a3ef037ee609e01ad345ee17f48b5e8510f767de35df4dfb856f7533ad88866c6b01fe345107ba7191a8809e2e014492acf9c4f35cad664198a65c55f884490f4b30b4526324be842c393f336f16bea2bf6c6b917fdb751e12ff689ab4ffa44625a8b2bc1de4e88682abe5ce9d1942792747681ad23c31046d825140987f19a9cf10323c3f50a20f35a6d1dd8ca6758296b4537a0da1a853011b777623c8774b3689897cf9264a7782470847f36a8093faee04114663438ab39d8a777fb3e10cb4a2402a939a98d387087c5ca5fd8fbc4d96ae698b5bb84a0a8484e2b85743e623a033eb5b1889ccfb4b95885bc69d4c1cb819b95e7923e557c9ec9ec10e94d1e1295fc2f256fa095036f6cfc04c414fc57fc72c120614a586089c93741e97a61c466"})
ioctl$KVM_SET_VAPIC_ADDR(0xffffffffffffffff, 0x4008ae93, &(0x7f0000000000))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000440)=[@text32={0x20, &(0x7f00000002c0)="b9ec090000b808000000ba000000000f300fc76b07dc920080000067260fc7ac0b000f3808580026660f3880a100400000c4c2659f5d0d0fc7af0e000000660f01c80f01cf", 0x45}], 0xaaaac41, 0x0, &(0x7f0000000400), 0x10000000000001ee)
ioctl$EVIOCGBITSW(0xffffffffffffffff, 0x80404525, &(0x7f0000000340)=""/209)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x3bf}, 0x0)
write$RDMA_USER_CM_CMD_JOIN_MCAST(0xffffffffffffffff, &(0x7f0000000c40)={0x16, 0x98, 0xfa00, {&(0x7f0000000c00)={<r3=>0xffffffffffffffff}, 0x0, 0xffffffffffffffff, 0x0, 0x0, @ib={0x1b, 0x29c, 0x0, {"50b2468b209f7b53a90c30e8fc97f564"}, 0x0, 0x3, 0x9}}}, 0xa0)
write$RDMA_USER_CM_CMD_LEAVE_MCAST(0xffffffffffffffff, &(0x7f0000000d00)={0x11, 0x10, 0xfa00, {&(0x7f0000000bc0), r3}}, 0x18)
open$dir(&(0x7f0000000380)='./file0\x00', 0x6c400, 0x0)

09:37:46 executing program 2:
socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000500))
openat$ppp(0xffffffffffffff9c, &(0x7f0000000480)='/dev/ppp\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000140)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha384\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000ff8000), 0x0)
r1 = accept$alg(r0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000001f80)=[{{&(0x7f0000000080)=@pptp={0x18, 0x2, {0x0, @loopback}}, 0x80, &(0x7f0000000440)=[{&(0x7f0000000380)=""/95, 0x5f}, {&(0x7f0000000000)=""/62, 0x3e}, {&(0x7f0000000400)=""/55, 0x37}], 0x3, &(0x7f0000000540)=""/221, 0xdd, 0x100000001}, 0x4}, {{0x0, 0x0, &(0x7f0000000d80), 0x0, &(0x7f0000000dc0)=""/80, 0x50}}, {{&(0x7f0000001540)=@pptp={0x18, 0x2, {0x0, @multicast1}}, 0x80, &(0x7f0000001040), 0x0, &(0x7f0000001900)=""/1, 0x1}}], 0x3, 0x100, &(0x7f0000002140)={0x0, 0x989680})
write$binfmt_script(r1, &(0x7f0000000280)={'#! ', './file0', [{}, {0x20, '#! '}, {0x20, 'aead\x00'}, {0x20, 'gcm_base(ctr(aes-aesni),ghash-generic)\x00'}, {0x20, 'gcm_base(ctr(aes-aesni),ghash-generic)\x00'}, {0x20, 'GPL\''}], 0xa, "066c821e87c5cc56b9d151802f3f2c44e0"}, 0x7c)
recvmmsg(r1, &(0x7f0000001280)=[{{&(0x7f0000000ec0)=@nl=@proc, 0x34e, &(0x7f0000001180)=[{&(0x7f0000001080)=""/251, 0xfb}], 0x11, &(0x7f00000011c0)=""/157, 0x9d}}], 0x1500, 0x0, &(0x7f0000001380)={0x77359400})

[  303.537397] ==================================================================
[  303.544817] BUG: KMSAN: kernel-infoleak in kvm_vcpu_write_guest_page+0x383/0x500
[  303.552378] CPU: 0 PID: 7992 Comm: syz-executor0 Not tainted 4.19.0-rc8+ #71
[  303.559585] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  303.568957] Call Trace:
[  303.571597]  dump_stack+0x306/0x460
[  303.575282]  ? kvm_vcpu_write_guest_page+0x383/0x500
[  303.575328]  kmsan_report+0x1a2/0x2e0
[  303.575371]  kmsan_internal_check_memory+0x374/0x460
[  303.575407]  ? __msan_metadata_ptr_for_load_8+0x10/0x20
[  303.575458]  kmsan_copy_to_user+0x89/0xe0
[  303.575492]  kvm_vcpu_write_guest_page+0x383/0x500
[  303.575539]  kvm_vcpu_write_guest+0x1d6/0x350
[  303.575588]  emulator_write_std+0x391/0x4d0
[  303.575638]  ? kvm_read_guest_phys_system+0x100/0x100
[  303.575663]  em_fxsave+0x7a6/0x830
[  303.575818]  ? check_svme+0x220/0x220
[  303.575847]  x86_emulate_insn+0x2d48/0xa5b0
[  303.575917]  x86_emulate_instruction+0x14e6/0x6360
[  303.575990]  kvm_mmu_page_fault+0xd24/0x2ae0
[  303.576069]  ? __msan_metadata_ptr_for_load_1+0x10/0x20
[  303.576109]  ? vmx_set_nmi_mask+0x3bf/0x560
[  303.576170]  handle_ept_violation+0x7e1/0x820
[  303.576202]  ? handle_desc+0x110/0x110
[  303.576228]  vmx_handle_exit+0x20f5/0xb900
[  303.576286]  ? vmx_flush_tlb_gva+0x450/0x450
[  303.576313]  kvm_arch_vcpu_ioctl_run+0xa22b/0x10ab0
[  303.576511]  ? __msan_poison_alloca+0x17a/0x210
[  303.576555]  ? kmsan_set_origin_inline+0x6b/0x120
[  303.576588]  ? __msan_poison_alloca+0x17a/0x210
[  303.576621]  ? put_pid+0x71/0x410
[  303.576643]  ? kvm_vcpu_ioctl+0x20a4/0x20b0
[  303.576699]  ? put_pid+0x1a9/0x410
[  303.576758]  ? __msan_metadata_ptr_for_load_8+0x10/0x20
[  303.576782]  ? get_task_pid+0x17b/0x270
[  303.576819]  kvm_vcpu_ioctl+0x11a7/0x20b0
[  303.576866]  ? do_vfs_ioctl+0x187/0x2ca0
[  303.576889]  ? __se_sys_ioctl+0x1da/0x270
[  303.576923]  ? kvm_vm_release+0x90/0x90
[  303.576954]  do_vfs_ioctl+0xf28/0x2ca0
[  303.577005]  ? security_file_ioctl+0x92/0x200
[  303.577042]  __se_sys_ioctl+0x1da/0x270
[  303.577080]  __x64_sys_ioctl+0x4a/0x70
[  303.577106]  do_syscall_64+0xbe/0x100
[  303.577137]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[  303.577157] RIP: 0033:0x457569
[  303.577182] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  303.577196] RSP: 002b:00007f047bde6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  303.577222] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457569
[  303.577236] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  303.577251] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[  303.577265] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f047bde76d4
[  303.577280] R13: 00000000004c0274 R14: 00000000004d05c0 R15: 00000000ffffffff
[  303.577311] 
[  303.577322] Local variable description: ----fx_state@em_fxsave
[  303.577329] Variable was created at:
[  303.577348]  em_fxsave+0xcb/0x830
[  303.577371]  x86_emulate_insn+0x2d48/0xa5b0
[  303.577378] 
[  303.577392] Bytes 0-159 of 160 are uninitialized
[  303.577421] Memory access of size 160 starts at ffff88012afeedd0
[  303.577429] ==================================================================
[  303.577437] Disabling lock debugging due to kernel taint
[  303.577450] Kernel panic - not syncing: panic_on_warn set ...
[  303.577450] 
[  303.577475] CPU: 0 PID: 7992 Comm: syz-executor0 Tainted: G    B             4.19.0-rc8+ #71
[  303.577503] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  303.577512] Call Trace:
[  303.577536]  dump_stack+0x306/0x460
[  303.577577]  panic+0x54c/0xafa
[  303.577662]  ? __msan_metadata_ptr_for_store_1+0x13/0x20
[  303.577704]  kmsan_report+0x2d3/0x2e0
[  303.577742]  kmsan_internal_check_memory+0x374/0x460
[  303.577773]  ? __msan_metadata_ptr_for_load_8+0x10/0x20
[  303.577832]  kmsan_copy_to_user+0x89/0xe0
[  303.577861]  kvm_vcpu_write_guest_page+0x383/0x500
[  303.577904]  kvm_vcpu_write_guest+0x1d6/0x350
[  303.577956]  emulator_write_std+0x391/0x4d0
[  303.578005]  ? kvm_read_guest_phys_system+0x100/0x100
[  303.578028]  em_fxsave+0x7a6/0x830
[  303.578169]  ? check_svme+0x220/0x220
[  303.578195]  x86_emulate_insn+0x2d48/0xa5b0
[  303.578265]  x86_emulate_instruction+0x14e6/0x6360
[  303.578333]  kvm_mmu_page_fault+0xd24/0x2ae0
[  303.578381]  ? __msan_metadata_ptr_for_load_1+0x10/0x20
[  303.578405]  ? vmx_set_nmi_mask+0x3bf/0x560
[  303.578478]  handle_ept_violation+0x7e1/0x820
[  303.578510]  ? handle_desc+0x110/0x110
[  303.578536]  vmx_handle_exit+0x20f5/0xb900
[  303.578591]  ? vmx_flush_tlb_gva+0x450/0x450
[  303.578621]  kvm_arch_vcpu_ioctl_run+0xa22b/0x10ab0
[  303.578834]  ? __msan_poison_alloca+0x17a/0x210
[  303.578883]  ? kmsan_set_origin_inline+0x6b/0x120
[  303.578916]  ? __msan_poison_alloca+0x17a/0x210
[  303.578956]  ? put_pid+0x71/0x410
[  303.578981]  ? kvm_vcpu_ioctl+0x20a4/0x20b0
[  303.579013]  ? put_pid+0x1a9/0x410
[  303.579042]  ? __msan_metadata_ptr_for_load_8+0x10/0x20
[  303.579066]  ? get_task_pid+0x17b/0x270
[  303.579101]  kvm_vcpu_ioctl+0x11a7/0x20b0
[  303.579144]  ? do_vfs_ioctl+0x187/0x2ca0
[  303.579167]  ? __se_sys_ioctl+0x1da/0x270
[  303.579199]  ? kvm_vm_release+0x90/0x90
[  303.579221]  do_vfs_ioctl+0xf28/0x2ca0
[  303.579284]  ? security_file_ioctl+0x92/0x200
[  303.579320]  __se_sys_ioctl+0x1da/0x270
[  303.579355]  __x64_sys_ioctl+0x4a/0x70
[  303.579380]  do_syscall_64+0xbe/0x100
[  303.579408]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[  303.579425] RIP: 0033:0x457569
[  303.579446] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  303.579460] RSP: 002b:00007f047bde6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  303.579486] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457569
[  303.579500] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  303.579514] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[  303.579529] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f047bde76d4
[  303.579543] R13: 00000000004c0274 R14: 00000000004d05c0 R15: 00000000ffffffff
[  303.580485] Kernel Offset: disabled
[  304.137503] Rebooting in 86400 seconds..