[ 55.579032] audit: type=1800 audit(1538913828.624:27): pid=5978 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 57.070001] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 59.016708] random: sshd: uninitialized urandom read (32 bytes read) [ 59.430194] random: sshd: uninitialized urandom read (32 bytes read) [ 61.845099] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.10.14' (ECDSA) to the list of known hosts. [ 67.834177] random: sshd: uninitialized urandom read (32 bytes read) 2018/10/07 12:04:02 fuzzer started [ 72.447717] random: cc1: uninitialized urandom read (8 bytes read) 2018/10/07 12:04:07 dialing manager at 10.128.0.26:36867 2018/10/07 12:04:07 syscalls: 1 2018/10/07 12:04:07 code coverage: enabled 2018/10/07 12:04:07 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled 2018/10/07 12:04:07 setuid sandbox: enabled 2018/10/07 12:04:07 namespace sandbox: enabled 2018/10/07 12:04:07 Android sandbox: /sys/fs/selinux/policy does not exist 2018/10/07 12:04:07 fault injection: enabled 2018/10/07 12:04:07 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2018/10/07 12:04:07 net packed injection: enabled 2018/10/07 12:04:07 net device setup: enabled [ 77.399413] random: crng init done 12:06:13 executing program 0: r0 = gettid() r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000240)="2f65786500000000000489004bddd9de91be10eebf000ee91e18f0c76fbb232a07424ae1e901d2da75af1f0200f5ab26d7e071fb35331ce39c5a0000") ioctl$FS_IOC_FSGETXATTR(r2, 0x40086607, &(0x7f0000000040)={0x0, 0x3ff800, 0x0, 0x40000000}) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x421b) ioctl$LOOP_GET_STATUS64(r2, 0x4c05, &(0x7f0000000100)) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(r2, 0xc08c5334, &(0x7f00000004c0)={0x2, 0x2, 0x0, 'queue0\x00', 0x4}) shmget$private(0x0, 0x3000, 0x0, &(0x7f0000ffa000/0x3000)=nil) fstat(r1, &(0x7f0000000080)) lstat(&(0x7f0000000380)='./file0\x00', &(0x7f00000003c0)) getgroups(0xa, &(0x7f0000000000)=[0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xee01, 0xee00, 0xee00, 0xffffffffffffffff, 0xffffffffffffffff]) getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000000440)={0x0, @rand_addr, @multicast1}, &(0x7f0000000480)=0xc) getgid() getpeername$unix(r2, &(0x7f0000000580), &(0x7f0000000600)=0x6e) tkill(r0, 0x0) getpid() [ 201.282173] IPVS: ftp: loaded support on port[0] = 21 [ 203.603842] bridge0: port 1(bridge_slave_0) entered blocking state [ 203.610360] bridge0: port 1(bridge_slave_0) entered disabled state [ 203.618982] device bridge_slave_0 entered promiscuous mode [ 203.775528] bridge0: port 2(bridge_slave_1) entered blocking state [ 203.782120] bridge0: port 2(bridge_slave_1) entered disabled state [ 203.790568] device bridge_slave_1 entered promiscuous mode [ 203.929556] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 204.070053] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 204.489227] bond0: Enslaving bond_slave_0 as an active interface with an up link 12:06:17 executing program 1: perf_event_open(&(0x7f0000aaa000)={0x2, 0x70, 0x85a, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x6, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 204.631944] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 205.033788] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 205.040819] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 205.445337] IPVS: ftp: loaded support on port[0] = 21 [ 205.622902] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 205.630965] team0: Port device team_slave_0 added [ 205.876354] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 205.884549] team0: Port device team_slave_1 added [ 206.083020] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 206.090028] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 206.098964] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 206.268756] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 206.275966] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 206.284879] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 206.458552] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 206.466311] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 206.475623] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 206.705435] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 206.713179] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 206.722362] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 208.750115] bridge0: port 1(bridge_slave_0) entered blocking state [ 208.756668] bridge0: port 1(bridge_slave_0) entered disabled state [ 208.765106] device bridge_slave_0 entered promiscuous mode [ 209.090688] bridge0: port 2(bridge_slave_1) entered blocking state [ 209.097390] bridge0: port 2(bridge_slave_1) entered disabled state [ 209.105818] device bridge_slave_1 entered promiscuous mode [ 209.355487] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 209.490725] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 209.764035] bridge0: port 2(bridge_slave_1) entered blocking state [ 209.770510] bridge0: port 2(bridge_slave_1) entered forwarding state [ 209.777509] bridge0: port 1(bridge_slave_0) entered blocking state [ 209.784035] bridge0: port 1(bridge_slave_0) entered forwarding state [ 209.792952] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 210.062756] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready 12:06:23 executing program 2: socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000080)={"6c6f0000000004000000000600", 0xfd}) syz_genetlink_get_family_id$fou(&(0x7f0000004e40)='fou\x00') [ 210.127043] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 210.450103] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 210.745424] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 210.752630] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 211.077865] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 211.085062] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 211.174198] IPVS: ftp: loaded support on port[0] = 21 [ 211.830982] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 211.839175] team0: Port device team_slave_0 added [ 212.132302] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 212.140259] team0: Port device team_slave_1 added [ 212.353535] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 212.360565] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 212.369547] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 212.644412] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 212.651426] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 212.660371] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 212.948099] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 212.955787] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 212.964936] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 213.230559] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 213.238471] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 213.247642] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 215.808362] bridge0: port 1(bridge_slave_0) entered blocking state [ 215.814974] bridge0: port 1(bridge_slave_0) entered disabled state [ 215.823828] device bridge_slave_0 entered promiscuous mode [ 216.106471] bridge0: port 2(bridge_slave_1) entered blocking state [ 216.113019] bridge0: port 2(bridge_slave_1) entered disabled state [ 216.121440] device bridge_slave_1 entered promiscuous mode [ 216.309966] bridge0: port 2(bridge_slave_1) entered blocking state [ 216.316548] bridge0: port 2(bridge_slave_1) entered forwarding state [ 216.323692] bridge0: port 1(bridge_slave_0) entered blocking state [ 216.330149] bridge0: port 1(bridge_slave_0) entered forwarding state [ 216.339145] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 216.372587] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 216.492552] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 216.614978] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 217.418629] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 217.636110] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 217.867817] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 217.874992] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 218.160329] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 218.167489] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready 12:06:31 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$usb(&(0x7f0000000080)='/dev/bus/usb/00#/00#\x00', 0x8000000000a, 0x6) ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000240)={0x10300}) [ 218.926894] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 218.935147] team0: Port device team_slave_0 added [ 219.231693] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 219.239860] team0: Port device team_slave_1 added [ 219.590004] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 219.597219] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 219.606240] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 219.928041] IPVS: ftp: loaded support on port[0] = 21 [ 219.943818] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 219.950820] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 219.959889] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 220.228127] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 220.235867] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 220.244836] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 220.595704] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 220.603489] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 220.612652] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 222.527294] 8021q: adding VLAN 0 to HW filter on device bond0 [ 223.991154] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 224.446830] bridge0: port 2(bridge_slave_1) entered blocking state [ 224.453361] bridge0: port 2(bridge_slave_1) entered forwarding state [ 224.460251] bridge0: port 1(bridge_slave_0) entered blocking state [ 224.466814] bridge0: port 1(bridge_slave_0) entered forwarding state [ 224.476058] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 225.293378] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 225.379892] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 225.386460] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 225.394632] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 226.073977] bridge0: port 1(bridge_slave_0) entered blocking state [ 226.080424] bridge0: port 1(bridge_slave_0) entered disabled state [ 226.089050] device bridge_slave_0 entered promiscuous mode [ 226.498500] bridge0: port 2(bridge_slave_1) entered blocking state [ 226.505137] bridge0: port 2(bridge_slave_1) entered disabled state [ 226.513743] device bridge_slave_1 entered promiscuous mode [ 226.742232] 8021q: adding VLAN 0 to HW filter on device team0 [ 226.861501] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 227.215385] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 228.278071] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 228.629808] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 228.975668] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 228.982903] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready 12:06:42 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000000c0)="153f6234488dd25d766070") getdents(0xffffffffffffffff, 0xfffffffffffffffd, 0xffffffd4) [ 229.360207] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 229.367553] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 230.746616] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 230.754714] team0: Port device team_slave_0 added [ 230.858894] IPVS: ftp: loaded support on port[0] = 21 [ 230.875376] 8021q: adding VLAN 0 to HW filter on device bond0 [ 231.138867] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 231.147027] team0: Port device team_slave_1 added [ 231.572282] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 231.581147] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 231.590392] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 232.050814] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 232.058526] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 232.067625] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 232.398358] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 232.541044] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 232.549178] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 232.558125] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 233.016639] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 233.024436] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 233.033775] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 234.083091] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 234.089474] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 234.097679] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 235.682473] 8021q: adding VLAN 0 to HW filter on device team0 [ 236.342671] hrtimer: interrupt took 52061 ns 12:06:49 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) close(r0) r1 = socket(0x840000000002, 0x3, 0xff) connect$inet(r0, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r2 = syz_open_procfs(0x0, &(0x7f0000000200)="2f6578650000c10000000000e9ff0700000000000054fa07424adee916d2da75afe70b35a0fd6a1f0200f5ab26d7a071fb35331ce39c5a6568641006d7c0206a74e33326530000000000000000000000") getsockname(0xffffffffffffffff, &(0x7f0000001580)=@generic, &(0x7f0000001440)=0x2b2) recvfrom$inet(0xffffffffffffffff, &(0x7f0000000280)=""/4096, 0x1000, 0x2101, &(0x7f0000000140)={0x2, 0x0, @loopback}, 0x10) sendfile(r1, r2, &(0x7f0000000180), 0x100000001) 12:06:50 executing program 0: capset(&(0x7f0000000200)={0x20071026}, &(0x7f0000001fe8)={0x0, 0x3}) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x1000000, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={"69705f89746930000000021000", 0xfffffffffffffffe}) [ 237.895004] capability: warning: `syz-executor0' uses deprecated v2 capabilities in a way that may be insecure [ 238.004116] bridge0: port 2(bridge_slave_1) entered blocking state [ 238.010618] bridge0: port 2(bridge_slave_1) entered forwarding state [ 238.017832] bridge0: port 1(bridge_slave_0) entered blocking state [ 238.024336] bridge0: port 1(bridge_slave_0) entered forwarding state [ 238.032829] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 238.172769] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready 12:06:51 executing program 0: r0 = memfd_create(&(0x7f00000000c0)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) write$binfmt_script(r0, &(0x7f0000000000)=ANY=[@ANYBLOB='#!'], 0x2) execveat(r0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000180)=[&(0x7f0000000040)='\x00', &(0x7f0000000080)='\x00', &(0x7f0000000200)='\x00', &(0x7f0000000140)='nodev[[bdevvboxnet1)proc8&vboxnet1@]:\x00'], 0x1000) [ 238.410156] bridge0: port 1(bridge_slave_0) entered blocking state [ 238.416902] bridge0: port 1(bridge_slave_0) entered disabled state [ 238.425498] device bridge_slave_0 entered promiscuous mode 12:06:51 executing program 0: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = getpgrp(0x0) process_vm_writev(r1, &(0x7f0000000880), 0x10000000000001c2, &(0x7f0000000080)=[{&(0x7f00000008c0)}, {&(0x7f0000000b00)=""/35, 0x23}, {&(0x7f0000000bc0)=""/229, 0xe5}], 0x3, 0x0) [ 238.978513] bridge0: port 2(bridge_slave_1) entered blocking state [ 238.985077] bridge0: port 2(bridge_slave_1) entered disabled state [ 238.993563] device bridge_slave_1 entered promiscuous mode 12:06:52 executing program 0: r0 = socket$inet6(0xa, 0x1000000000003, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x1000, @empty, 0x4}, 0x1c) r1 = socket$rds(0x2, 0x2, 0x0) connect$rds(r1, &(0x7f00000002c0)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) sendmsg$rds(r1, &(0x7f0000000080)={&(0x7f0000003000)={0x2, 0x4e20, @multicast2}, 0x10, &(0x7f0000008000), 0x0, &(0x7f0000001000)=[@cswp={0x58, 0x114, 0x7, {{}, &(0x7f0000001000)=0x24, &(0x7f0000000ff8), 0x14, 0x200000000, 0x2}}], 0x42}, 0x0) [ 239.465146] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 239.544531] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready 12:06:52 executing program 0: r0 = syz_open_dev$sndpcmc(&(0x7f0000000180)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0) ioctl(r0, 0x40084146, &(0x7f0000000240)) write$P9_RUNLINKAT(r0, &(0x7f0000000000)={0x7, 0x4d, 0x1}, 0x7) ioctl$KVM_IRQFD(r0, 0x4020ae76, &(0x7f0000000040)={r0, 0x40, 0x1, r0}) [ 239.973363] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready 12:06:53 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@broute={'broute\x00', 0x20, 0x1, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200002c0], 0x0, &(0x7f0000000000), &(0x7f0000000180)=ANY=[]}, 0x78) socket$xdp(0x2c, 0x3, 0x0) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/rfkill\x00', 0x20002, 0x0) ioctl$EVIOCGABS3F(r1, 0x8018457f, &(0x7f0000000100)=""/233) socketpair$inet(0x2, 0x4, 0x7, &(0x7f0000000200)) [ 240.523548] kernel msg: ebtables bug: please report to author: Entries_size never zero [ 240.696084] kernel msg: ebtables bug: please report to author: Entries_size never zero 12:06:54 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="158dd2f0796070") bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x8, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="850000002a000000270000000000000095f005cfddcb67203ea39200000000000000"], &(0x7f00000002c0)='syzkaller\x00', 0x9, 0x4ae, &(0x7f0000000340)=""/207}, 0x48) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000100)={{{@in=@remote, @in6=@mcast2}}, {{}, 0x0, @in6=@local}}, &(0x7f0000000200)=0xe8) r1 = creat(&(0x7f0000000300)='./file0\x00', 0x0) ioctl$SG_SET_RESERVED_SIZE(r1, 0x2275, &(0x7f00000004c0)) fcntl$addseals(r0, 0x409, 0x3) [ 241.184582] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 241.523437] 8021q: adding VLAN 0 to HW filter on device bond0 [ 241.565424] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 241.895821] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 241.903036] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 242.137475] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 242.144668] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 242.748136] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 242.840564] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 242.848778] team0: Port device team_slave_0 added [ 243.139308] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 243.147560] team0: Port device team_slave_1 added [ 243.421306] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 243.430083] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 243.438923] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 243.727528] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 243.735004] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 243.743703] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 243.799497] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 243.806018] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 243.814051] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 244.062317] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 244.069907] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 244.078942] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 244.327860] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 244.335728] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 244.344638] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready 12:06:57 executing program 1: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) keyctl$revoke(0x3, 0x0) syz_open_dev$mice(&(0x7f00000000c0)='/dev/input/mice\x00', 0x0, 0x4040) [ 245.004929] 8021q: adding VLAN 0 to HW filter on device team0 [ 247.021263] bridge0: port 2(bridge_slave_1) entered blocking state [ 247.027827] bridge0: port 2(bridge_slave_1) entered forwarding state [ 247.034886] bridge0: port 1(bridge_slave_0) entered blocking state [ 247.041336] bridge0: port 1(bridge_slave_0) entered forwarding state [ 247.049942] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 247.056901] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 249.877439] 8021q: adding VLAN 0 to HW filter on device bond0 12:07:03 executing program 2: [ 250.575924] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 251.099275] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 251.105762] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 251.113710] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 251.644961] 8021q: adding VLAN 0 to HW filter on device team0 [ 253.921164] 8021q: adding VLAN 0 to HW filter on device bond0 [ 254.445397] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 254.968051] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 254.974536] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 254.982492] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready 12:07:08 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r0, 0x80287010, &(0x7f0000000000)) [ 255.392435] 8021q: adding VLAN 0 to HW filter on device team0 12:07:10 executing program 4: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_open_pts(0xffffffffffffffff, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000280)) keyctl$join(0x1, &(0x7f0000000000)={'syz'}) 12:07:10 executing program 0: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={"6e7230010100", 0x2}) ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000040)={0x2, &(0x7f0000000140)=[{0x28, 0x0, 0x0, 0xfffff000}, {0x16}]}) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000180)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast1}}}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000200)=""/101, 0x65}], 0x1, &(0x7f0000000280)=""/167, 0xa7, 0x7}, 0x101) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000340)={&(0x7f0000000000/0x2000)=nil, 0x2000}, &(0x7f0000000380)=0x10) 12:07:10 executing program 5: getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000000040)={{{@in, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@loopback}, 0x0, @in=@rand_addr}}, &(0x7f0000000140)=0xe8) getgroups(0x1, &(0x7f0000000180)=[0x0]) chown(&(0x7f0000000000)='./file0\x00', r0, r1) r2 = syz_open_dev$vcsa(&(0x7f00000001c0)='/dev/vcsa#\x00', 0x4089808c, 0x0) unlinkat(r2, &(0x7f0000000200)='./file0/file0\x00', 0x200) ioctl$VHOST_GET_VRING_ENDIAN(r2, 0x4008af14, &(0x7f0000000240)={0x3, 0x8}) ioctl$KVM_KVMCLOCK_CTRL(0xffffffffffffffff, 0xaead) r3 = openat$audio(0xffffffffffffff9c, &(0x7f0000000280)='/dev/audio\x00', 0x400000, 0x0) fcntl$getownex(r3, 0x10, &(0x7f00000002c0)={0x0, 0x0}) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={r3, 0x50, &(0x7f0000000340)={0x0, 0x0}}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000400)={r4, r3, 0x0, 0x2, &(0x7f0000000300)='(\x00', r5}, 0x30) sysfs$2(0x2, 0x0, &(0x7f0000000440)=""/251) modify_ldt$read_default(0x2, &(0x7f0000000540)=""/83, 0x53) ioctl$PERF_EVENT_IOC_REFRESH(r3, 0x2402, 0x4) setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f00000005c0)={0xd22, 0x7, 0x2000}, 0x4) getpeername$packet(r2, &(0x7f0000000600)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000640)=0x14) pipe(&(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl(r3, 0x7f, &(0x7f00000006c0)="f3fdd1e7dff6aa29c3e975e5891d04900e5a265504846ab037fe10715a5a0a7d987359414692021d5c7c6e56e573f08105022faf0d090d1cfeca7443283ec653bae6a78a2c0555b49be4ac2461f9c1555ebcfdd54fd83b732600a4e6ddeb2ad0562a6f02947ae317d262f704cc8d372204a8f7f25f7332fea1d62cc290cdd0dd6e559624cfecc561b1ff2c439fa4e03b3956fbd63de5a521793e17b3c8ab2d440c8b00e8f0725f0f39ed010166523efe322f7a939508ed6b70f865908f5e2978cfdc29cd098dad21595a99e42772d12877f4d6c94500240192be72a8da9097637223ce4cafd2c3ee4d5fbad347ed0a45a0f5d4ac3e5359e5ddba4c8e97c703a69800b2e237d67111c6b1e8f3e4cff3d9f53ca5acb9cfb6994f6e482ba53b5df31c6115a6f7974465aae8b167edf2eb12e1c605c743bfa52a875ab784917407509771be4fd31a2ead5f177f54ecfee2306874fc5d4f95e4f65bc00a57ee4cbed5757ebb66f44945c2fa090c6755a58e4279afe70a38b123a4cec87770c8c028d150c5d24472b5df6a2bbaca8542aa9b7c6f69ddc3573f5ffdffd8b5de1fd6cba7bf44d239c7d5e4d79d67c8d1a70d403c72fcdc2ad0da3def72fbcc3d8684d628dec1f611803d304f8a1448b094c487c83ab233ed14e8754ca27c544b2f4e134e44639bce0fda2f0046e641743f4c167e7f6b68e3ca720d3d3bf115e62e1b16de552ed43875106576e08c9b60898364191dec7575b520b3eefa888066b7e533823596233c71ec903e9ecc59f59669f037fb813441bbdf1e3bb21a8dfc1314ff811a8cd9fd1081ab7489d5a1390dccb4032937e24175d5f24361608bb49b02c5d52e3a5cdb54f9bfa7e0d0a59375f3dccd309bd3bfeb5ffa7dc00b7b67c15f2326b6d3f02d9d3ace7f213c1f5ce3b9412dd38075df4e80d1dd35a0fef2c308fe566317f409c8acf3fae1acfc17d7e12c2963bc1a211202480bd7414da5bdd2de9766e1ff70a4b3f10f5169ff99cbbda7dad1d6b35684b33cd125b7d6d97d64a2f51ed1d602dad949274bcfc0f3ef108a4ca5403ad9b4b4fca93f5e9a0a206d90220a805358552982472b3cf37c386c19480ecfc16941637bd56f461d2abfb2fc33f646ba7f0262420d48946da8d9880dab770b5f683c95ee23fc107433852dcc625bcacee3137ecd6b9b6deed5e91d59a077ee3818516966882fd563380011734c03dc1a1917e6e6b8f44a536f838edbbb12d4e715ab0b930e1529fc4acfd3e6f92f4642ca562fc4a4657272685aad7105ecbb9a34ec426555dad8c1b0d1eb0ad89e91cf48f97c2d30f4b4f4ebf1a63967ca5f75439fada34ebaec04eb6396b6a1a71e230f6b58c54314e4a9a34b4c1557464deb3721c858c0d8c8dac859f38ef7a0a31b260c631e678bf03c188419e0125ffc942e4139d649ff00aee0cabab74a91777901ae988c99100730411861a9021fe6aa24329319f443f87a79000e95f80a05e042a671b205eab8f6b1ef467b36e62934ce6778afe58a9ddf9df7ecd7520f13da6f436c9635093e85b4809bac4ccdc3ad985621bc085db0531cf000fcafce4b27ae28b6e04714ca36ecbc642b90397851d03acbd5e14174b10a54b7111051351058023c4931db6f1e92b3bf0ae17a6387fea9756a77bef26e867d592f8b91c6b9aab597b7ee2b7b11cf7d85ef341080d2441decbf8e907f698fedb77b68a1263bc93d5e54841f608079de4064e63d7bde0e6e65d5854e904b6b026f73cb2a377b8872ef4779fcf725be829b206177158269a6dd40530889e300218270432953065ddb3534b8f5fc1885c1f6e41b06ab998c04f6a463db5eaded14f6f810e41e564fd824a26b5e42914537a8e966cebe5b64f6e342d8bcc1927416923c9a07bc2c0ea7b09ffab44b91cead81397d9249ec8f243f15d593a449a62110beb6cc211c03c2d869e745502c8b890a490b7e8fb46911a38c508e32f5f59fb89822d7f3f754337cd81e75af1d8a936262891cb09e4deef05f46424fa2a4c0802166ab49479b7c77e106e4adc758a3d7f9a67acadf0a141c20e7c48fb412e1f0d2f2102b9ae92a04a5b4d9e4efec1ec8728d3c883be7d4d06c6aad1bab4f4cc53a932c7f45353e32093af8c1f8a61874746087c56b68cbd7452252bea7f6a98c74bff3465d7ce5d40e3408fc74d5a65be93aa39e97a50a7e84eea4f9e87b1c77978c3a2aba04e4c93ab9488501f83a294e3f5dcf55781730e47a34380beb38c69f8909e9e467c8144acec9f9d9168ef7a49b969beb6d477efa9ffb622b5c8965cbcaf50c4b9b27b0d926ddc3e66207ca13dd9d76464f96dcccace0bfca2d991e0353105ed25bdbc4a9760884e3e53b1bef7e4c0cc15ecce26163bc544c14776bb4719cf71fe1b984266984c70322406dccef2959e29dbc39803eb637c9b858a086c7f1a27907c0f46434b2fa7b70770c810b6b62fbd4b500e5e6298aef44a430d9c4c34de13e241d0247d9cbae5f0e57a7b5f7b47defaaa8aac82d664775ff470006264070210082c5719d638d247b98c0853fc58b7b68a4639fb4718c618c22c38a60df68d5035f03a34f2473c6bc805ed40718382969b94f884993f10468adf47976d958c8685faae17259f68d865928179e8c538b4508685258adf9fb98fe3aceef9cf9c6a37b36ef9c13e8ec526e80d2768e984f92cc14b5858ab1fa5800daf7fbf4c61e7339472aef710501d58284d2126bc3c83e1e9d66379af9fa7778b5f63b781a690f6cdc16ae4d23fa95b0e846bb89864321cf5ab90dce6e2433fe249810465ca4752521c58fe2c353c3a2ab0457a60c8bab4d45f267a8ef1b290f2f59fe63b62e518d1e5a95461483a606b9f575619acf2e836444977c706fdf30bd52fe3e4ffa678bae8f75f5beea4cf9ee7bd1064b853e206a890051766e154e8bd1b0daafb67f0e583c84a35eab2affb000139cc73ca670cab0bffa74c08cf6148b544d4d765b73f4474942390a79dd0d7b3ee241239fae81fc9f1950a01afa181b5efc083860543d714fcd82a0568138de6c86420445276adbe9848f0464eafabafc31937d19cc855c3a8783eb24a63f38c7516cdd4e58b37b63fa5c3ec7750b8ebcf7d38bdd89ec676011b087f11c134c9226e662e7090bd779d9aaad5f617bdd530625aef4fbf6377df33075ef47dbc10f5695f38141d10185590f5c71c6f6bb632902e75055c34d774b8d2b36198e7b65c0c28310b3f0daafe25a8bee5b7856ed9543545455ece80c9b9eb0ddac1fe7ace0db0c33e7ca65c73fad178ad3c0e01e4b0d0c7aa2541c847cc2ed7b9659f633abaf64b664f482c673e802db03c4734df5daeb5aa8b8a37c6e59821733ab0b40d13cf81f063b22ae90b7395279e334bcaf0441a6651f1f602d3ecc38db7f58e0e97771ddc3f4f2e3dc2f0fc2190c99bed45c456348cbba005c4b4b85c3bf01d3355afd366854cff02b8beb98181fb6112019d53cf93925d55a88e397ef8caa1a0f83199345dc4514590d49862cea02e98bed89de1ef9a7eb62c6fd1bdf34f16beb56b77a08b07bc22eee8976c93fd7b6d575092cc86cc1728b5be5dff698082726f24105eebbfbe8704505a3eb0fcaf47f29d1efedca9e28d2dcf03cd6a133e073d86423ae0efab77ac0d2ae0145302d0885513154ad59488a9271b936d718872ad7b959bf94bcc47497ecfdaaef5859e9da00f2d5bf8ac8daf68e0995f939d4e8c5096fbeec501fecde39b3d586a94a90cca384ce95b1176c7b043240f5b53a0734426110ef1f71d79b531ac3ac3032909ff77f36ff789541875a0f72192035851102b62ef98ab5741dd741994f134f20abb6702baf9e112a3604c8a5945e985343b983bef5d93f25faa3ddb00beaa62347e36dd1b72c1397fa63cabf0a57892b9032b148fae32c7a672ae7159a3023fe686f830064eb02451a1230b502072823b3c361df44d0bccfc9235aeb8554fffbb1cfcaf2551c0c99f83621b738a2f1dae211dbfbc54378d2803b52b8b4f43a0522cd5f1ae68ceee7f0af198ac35587c2fb0693035533b358e70437b0f13a428912270e1c0d0c07519fcd058c2654181c6debb4e3b06e6c2266e5e982ece6ce183c195e5ca7f9ebbe9dbbe5d2bd3289269cff8b4e335cf0c58406d7f32013014713aee4b62c739b34c417ea73badfdce2f5555c74b8c6ec7e44635dd3e6671510716caa6ed176f90ff7350beca58fe58b19cbbcac4e5d2fc963887eacda510d9d94ea1ea2dd56067ef1337e5d09ebd31d9525a761c39a0842a6bc7dd758c92be571f47b7c03fa4077c5eceea7176d667dfb9fd8d8d055178e31b32b4f6b132741f8f0bd9b051a2a44b26112e695a06483144515a7386a7619e27f620cba212dde64c02fd5a2b0a63ecf9b1b86aa1fe090bd9dd51095a8bbdc7066795961792bfccc28cf00c4c8be0e3dc6fbd0b8196034ca1715ca17f57c4c5743b915561ad441ee5cd87e82d8414913a3bb8bb5cc5aa77c60c86d565e73ab914bbc2b03eb3b0e77cd5438a77ce683363e3caf0ca83ed8006d6d7972f1e83320c2c2d9cb14c9b6e3e72a1bff80a1e30c4df8570cbb4fda19e02a97bef163d748aa0a9195ef20b12f9d9a515e65caaacd96c87362145942dff6fb0ec24f2da2d20bf72b8e3c7c7215155ca6da59dc8f9cb52f97f78e4f3de827227507b86f5d4f06863dbb668e12336ccb8876e17f4d92fa59bfae04676bfb7baeb274453f25e890121dd13cc3ac668116ccd34b01707dad3e6c63444cbe11150829b8ce2b0d69b7b1b5b7cd1e4900409d3afb98eed5eea01c7b60899cdec02d0813d08197883198b28125b8141203950a6be6248f758279fbf2b747f5b653c9579ec2faabc185655b6f80f0d27c74dc7aaef94446645babd67f808aae37140ad1a96c5ad4ce886eee2eea4e3150ff0f897a8579428801264fe82ee33037a297cada8a6ca307c8f6d0e53ddad38cf4783cd290aab000922e7dc8c31e15bcb1baebcead4e2b4fb0a589e987635c6df0c4ad27825e83f2b9bc7fb10b6a1e71c8718a146dc6d720f2fa8815ff0d9fc0a99396f4eb00c766925af22bcda0f2a7ddef1819e6a5aae2d511a63311bca1fb55191d8c087bc3315867ee1b09a55a59d10de3d966db8ea82cfb8497368f2abeb28c920c24f846f0fa585fc9231d4a1ae9d9196d8f1326208919f0888f87cb94ce7dc80d2dfbc649ea447e4821893b2857183c42d65c3e72f4e485b513e5265a76829ffa4e69397b5da1eb058f61818f194aec0f57b521b7cbd40437f9ab867a5fe30b96722a691194843fa7474b82fc6715d9a17002c69acbbb3ba50303251e947b164db3cbb5b6ab848286b2978150ecbce593310455424c4f5a80b3fe2d8c8a05f3934a94d2618eed559691c53b5cda5d3d1f196a91a3b47b964ac5d5210159f38d89950eaae36eeb5194d04ee8b8a1d42a55e64ed810119ceb871aed5222447741767fb15078789e8409476afe81f25028dfdb361d963d4f937c5786176f6e2db4be32426b2a5d5c927c2685cd12e5d40299c4935595f680951a30b12f7d86b461904f0f60b91ae2d99f8df6f2c6107d303d536d21aedafc625084e535a2a96de4108ed8ccbb203351e9fa60a337707fac57c97976a3330f56a2d2aeaa82d0b785e8a8468b0f58e74f64c1968a47a767f7db1709b39aa9470564605b5d85917281bfc6ff774813c7adf2edf9ba78e8ec19d9475f8d3b1c06f402768414f62c666adfd87769b0ed22cfda0b613541975baf60ee1e625bd07d1b3fe4c3") ioctl$UI_SET_EVBIT(r7, 0x40045564, 0x9) write$FUSE_INTERRUPT(r8, &(0x7f00000016c0)={0x10, 0x0, 0x3}, 0x10) ioctl$sock_inet6_SIOCADDRT(r3, 0x890b, &(0x7f0000001700)={@empty, @mcast1, @empty, 0xf1, 0x6, 0x9, 0x500, 0x4, 0x2000000, r6}) munmap(&(0x7f0000fff000/0x1000)=nil, 0x1000) fcntl$setown(r7, 0x8, r4) ioctl$KVM_SET_GSI_ROUTING(r7, 0x4008ae6a, &(0x7f0000001780)={0x1, 0x0, [{0x2, 0x3, 0x0, 0x0, @adapter={0xef61, 0xffffffffffffffff, 0xa35, 0x800, 0x80000000}}]}) openat$uinput(0xffffffffffffff9c, &(0x7f00000017c0)='/dev/uinput\x00', 0x802, 0x0) ioctl$DRM_IOCTL_AGP_RELEASE(r7, 0x6431) ioctl$SCSI_IOCTL_SYNC(r2, 0x4) mount$fuse(0x0, &(0x7f0000001800)='./file0\x00', &(0x7f0000001840)='fuse\x00', 0x20000, &(0x7f0000001880)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id', 0x3d, r0}, 0x2c, {'group_id', 0x3d, r1}, 0x2c, {[{@default_permissions='default_permissions'}, {@max_read={'max_read', 0x3d, 0x9}}], [{@rootcontext={'rootcontext', 0x3d, 'unconfined_u'}}]}}) socket$key(0xf, 0x3, 0x2) fcntl$F_SET_RW_HINT(r8, 0x40c, &(0x7f0000001940)) 12:07:10 executing program 2: syz_emit_ethernet(0x2a, &(0x7f0000000140)={@link_local, @dev, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @rand_addr, @multicast1}, @igmp={0x12}}}}}, &(0x7f00003b5000)) 12:07:10 executing program 1: 12:07:10 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040)='/dev/snd/midiC#D#\x00', 0xe440, 0x103802) write$cgroup_type(r0, &(0x7f00000000c0)='threaded\x00', 0xff4c) 12:07:10 executing program 2: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000dec000)={0x6, 0x4, 0x338d, 0x7}, 0x2c) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000440)={r0, &(0x7f0000000340)='5', &(0x7f0000000400)}, 0x20) 12:07:10 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f00000004c0)="2f65786500000000000409004bddd9de91be10ee9ed554fa07424adee9cbc699ec2ca576e50000bcd7a071fb35331ce39c5ad0cf73770bd4246847a1914e4fb0aa9b15eaa94bcd0e700ed63b44338e84ad4ec2f11f6f2adb8dc2fdb18231446f43142ebe700b2231e8fceed6b22a373c9409675ac8d0b53033123fb3037d66241aafe0f880e7a51d1b036ade31d2544d2581fe8653d0cff54369df8c2fce21dcb1cb965669f9a75345ac3479cd51dc7de364c9c272c83ed9e666ca25aad2e7a26e3d6c62d0f8b9065cfca311c06d0744db265aa0e486707c51fd108c0c6ccae6ff42274af94d30fce8836ff9d00bdd") ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f0000000040)={0x0, 0x3000000000002000, 0x4}) 12:07:10 executing program 1: r0 = openat$cgroup(0xffffffffffffffff, &(0x7f00000009c0)='syz1\x00', 0x200002, 0x0) openat$cgroup(0xffffffffffffff9c, &(0x7f0000000ac0)='syz0\x00', 0x200002, 0x0) socketpair(0x10, 0x80004, 0x8, &(0x7f0000000b00)={0xffffffffffffffff}) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000b40)='./cgroup.cpu/syz0\x00', 0x200002, 0x0) openat$cgroup(r2, &(0x7f0000000bc0)="0000f7ff00", 0x200002, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000005c0)={r0, 0x6, 0x1, 0x9, &(0x7f0000000600)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x1}, 0xfe02) socket$kcm(0x29, 0x1000000000009, 0x0) r3 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair(0x5, 0x20000000000005, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_QUERY_BPF(r5, 0xc008240a, &(0x7f0000000a80)=ANY=[@ANYBLOB="0000000000583b27faa6ca01e8ffc1ff57b9090000007d79b32d8346dd01b46df69e5f0010931260b96dd693956d99002b35bb92ed30006a61"]) r6 = socket$kcm(0x2, 0xa, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(r1, 0xc008240a, &(0x7f0000000c00)=ANY=[@ANYRESHEX=0x0]) r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.cpu\x00', 0x200002, 0x0) r8 = gettid() perf_event_open(&(0x7f0000000940)={0x5, 0x70, 0x3, 0x3, 0x401, 0x3ff, 0x0, 0x8, 0x404, 0xe, 0x16, 0x3f, 0x4, 0x1, 0x98, 0x20, 0x1, 0x100000001, 0x6, 0x4, 0x2, 0x3, 0x4, 0x2, 0x3e2d, 0x9, 0x0, 0x4, 0xfffffffffffffffd, 0xffffffff80000000, 0xffffffff, 0x80000000, 0x330, 0x8, 0x7f, 0x6, 0x2, 0x6, 0x0, 0x2, 0x0, @perf_bp={&(0x7f00000007c0)}, 0x800, 0x9, 0x7, 0x3, 0x80000000, 0x7ff, 0xfff}, r8, 0xe, r3, 0x3) r9 = openat$cgroup_int(r7, &(0x7f0000000040)='cpuset.mems\x00', 0x2, 0x0) write$cgroup_subtree(r9, &(0x7f0000000080)=ANY=[@ANYBLOB="332d2c6d6f0510a0"], 0x8) openat$cgroup_ro(r4, &(0x7f0000000480)='cgroup.controllers\x00', 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f0000000200)="47501a00f9d3c471b4a5430b11691d81fb4b9c49106ab3a01eaa6e1494e10112f6e527a746961b2da661bc0517d1fed124f6efb4292dc4c6df52a2c0623cdc1a18767d961c26d3aa8c633a234967dfe047b15997efc5a3bb522cb0393846dcc3f6e76a288635697c642b3cc7b3b36b3d1354dd508712a1f15e3b542d8a0c0c9a73d19d952bcef7d7d5cb703b44c4f17e5f76e7a2f9c44e076fb1000000000000000000000000000000", 0x2, 0xab93031f99fda67f, &(0x7f0000000080)=""/251}, 0x48) sendmsg(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000000)=@nfc={0x27, 0x0, 0x2}, 0x80, &(0x7f0000000780)=[{&(0x7f0000000700)="bdc3f5c47317ab4ca2fb53056600a58c67b1ffc57c5428c2fd378b4b911dc474760a340235932635476a0c92e7ce56b7e9b27f312e0a656966d91c9f5a537a66377bbc", 0x43}], 0x1}, 0x0) ioctl$sock_kcm_SIOCKCMUNATTACH(r6, 0x890b, &(0x7f0000000000)) ioctl$sock_kcm_SIOCKCMUNATTACH(r6, 0x890c, &(0x7f0000000000)) 12:07:10 executing program 3: memfd_create(&(0x7f00000004c0)='/dev/loop#\x00', 0x2) ioctl$BLKTRACESTOP(0xffffffffffffffff, 0x1275, 0x0) r0 = syz_open_dev$loop(&(0x7f0000000040)='/dev/loop#\x00', 0x0, 0x0) openat$rtc(0xffffffffffffff9c, &(0x7f0000000080)='/dev/rtc0\x00', 0x0, 0x0) syz_open_dev$sndtimer(&(0x7f0000000200)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$EVIOCGNAME(0xffffffffffffffff, 0x80404506, &(0x7f0000000140)=""/183) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x2000800007, 0x4}) ioctl$KVM_ENABLE_CAP_CPU(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000280)) sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x1}, 0x0) ioctl$BLKALIGNOFF(0xffffffffffffffff, 0x127a, &(0x7f0000000500)) ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) 12:07:11 executing program 0: 12:07:11 executing program 2: [ 258.225983] syz-executor1 uses obsolete (PF_INET,SOCK_PACKET) 12:07:11 executing program 0: sched_setaffinity(0x0, 0x7, &(0x7f00000000c0)=0x9) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xee6b}, 0x0, 0x0, 0xffffffffffffffff, 0x0) madvise(&(0x7f000079c000/0x800000)=nil, 0x800000, 0xc) sigaltstack(&(0x7f0000c63000/0x2000)=nil, &(0x7f0000000000)) madvise(&(0x7f00002f8000/0xc00000)=nil, 0xc00000, 0xd) 12:07:11 executing program 2: sched_setaffinity(0x0, 0x7, &(0x7f00000000c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000002c0)={&(0x7f0000000100)='./file0\x00'}, 0x10) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xee6b}, 0x0, 0x0, 0xffffffffffffffff, 0x0) epoll_create(0x4) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='status\x00') preadv(r0, &(0x7f0000000480), 0x1000000000000268, 0x0) [ 259.157637] IPVS: ftp: loaded support on port[0] = 21 [ 260.546613] bridge0: port 1(bridge_slave_0) entered blocking state [ 260.553116] bridge0: port 1(bridge_slave_0) entered disabled state [ 260.560559] device bridge_slave_0 entered promiscuous mode [ 260.639381] bridge0: port 2(bridge_slave_1) entered blocking state [ 260.645897] bridge0: port 2(bridge_slave_1) entered disabled state [ 260.653856] device bridge_slave_1 entered promiscuous mode [ 260.727420] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 260.802139] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 261.025448] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 261.104013] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 261.251536] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 261.258646] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 261.478911] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 261.486464] team0: Port device team_slave_0 added [ 261.563971] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 261.571454] team0: Port device team_slave_1 added [ 261.647325] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 261.725910] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 261.802854] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 261.810130] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 261.819254] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 261.889959] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 261.897254] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 261.906393] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 262.758946] bridge0: port 2(bridge_slave_1) entered blocking state [ 262.765443] bridge0: port 2(bridge_slave_1) entered forwarding state [ 262.772394] bridge0: port 1(bridge_slave_0) entered blocking state [ 262.778798] bridge0: port 1(bridge_slave_0) entered forwarding state [ 262.787289] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 263.212436] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 265.894148] 8021q: adding VLAN 0 to HW filter on device bond0 [ 266.179181] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 266.473406] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 266.479629] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 266.487652] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 266.769132] 8021q: adding VLAN 0 to HW filter on device team0 12:07:21 executing program 5: sched_setaffinity(0x0, 0x7, &(0x7f00000000c0)) sendto(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000002c0)={&(0x7f0000000100)='./file0\x00'}, 0x10) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xee6b}, 0x0, 0x0, 0xffffffffffffffff, 0x0) epoll_create(0x4) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='status\x00') preadv(r0, &(0x7f0000000480), 0x1000000000000268, 0x0) 12:07:21 executing program 4: sched_setaffinity(0x0, 0x7, &(0x7f00000000c0)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xee6b}, 0x0, 0x0, 0xffffffffffffffff, 0x0) madvise(&(0x7f000079c000/0x800000)=nil, 0x800000, 0xc) 12:07:21 executing program 1: r0 = openat$cgroup(0xffffffffffffffff, &(0x7f00000009c0)='syz1\x00', 0x200002, 0x0) openat$cgroup(0xffffffffffffff9c, &(0x7f0000000ac0)='syz0\x00', 0x200002, 0x0) socketpair(0x10, 0x80004, 0x8, &(0x7f0000000b00)={0xffffffffffffffff}) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000b40)='./cgroup.cpu/syz0\x00', 0x200002, 0x0) openat$cgroup(r2, &(0x7f0000000bc0)="0000f7ff00", 0x200002, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000005c0)={r0, 0x6, 0x1, 0x9, &(0x7f0000000600)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x1}, 0xfe02) socket$kcm(0x29, 0x1000000000009, 0x0) r3 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair(0x5, 0x20000000000005, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_QUERY_BPF(r5, 0xc008240a, &(0x7f0000000a80)=ANY=[@ANYBLOB="0000000000583b27faa6ca01e8ffc1ff57b9090000007d79b32d8346dd01b46df69e5f0010931260b96dd693956d99002b35bb92ed30006a61"]) r6 = socket$kcm(0x2, 0xa, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(r1, 0xc008240a, &(0x7f0000000c00)=ANY=[@ANYRESHEX=0x0]) r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.cpu\x00', 0x200002, 0x0) r8 = gettid() perf_event_open(&(0x7f0000000940)={0x5, 0x70, 0x3, 0x3, 0x401, 0x3ff, 0x0, 0x8, 0x404, 0xe, 0x16, 0x3f, 0x4, 0x1, 0x98, 0x20, 0x1, 0x100000001, 0x6, 0x4, 0x2, 0x3, 0x4, 0x2, 0x3e2d, 0x9, 0x0, 0x4, 0xfffffffffffffffd, 0xffffffff80000000, 0xffffffff, 0x80000000, 0x330, 0x8, 0x7f, 0x6, 0x2, 0x6, 0x0, 0x2, 0x0, @perf_bp={&(0x7f00000007c0)}, 0x800, 0x9, 0x7, 0x3, 0x80000000, 0x7ff, 0xfff}, r8, 0xe, r3, 0x3) r9 = openat$cgroup_int(r7, &(0x7f0000000040)='cpuset.mems\x00', 0x2, 0x0) write$cgroup_subtree(r9, &(0x7f0000000080)=ANY=[@ANYBLOB="332d2c6d6f0510a0"], 0x8) openat$cgroup_ro(r4, &(0x7f0000000480)='cgroup.controllers\x00', 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f0000000200)="47501a00f9d3c471b4a5430b11691d81fb4b9c49106ab3a01eaa6e1494e10112f6e527a746961b2da661bc0517d1fed124f6efb4292dc4c6df52a2c0623cdc1a18767d961c26d3aa8c633a234967dfe047b15997efc5a3bb522cb0393846dcc3f6e76a288635697c642b3cc7b3b36b3d1354dd508712a1f15e3b542d8a0c0c9a73d19d952bcef7d7d5cb703b44c4f17e5f76e7a2f9c44e076fb1000000000000000000000000000000", 0x2, 0xab93031f99fda67f, &(0x7f0000000080)=""/251}, 0x48) sendmsg(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000000)=@nfc={0x27, 0x0, 0x2}, 0x80, &(0x7f0000000780)=[{&(0x7f0000000700)="bdc3f5c47317ab4ca2fb53056600a58c67b1ffc57c5428c2fd378b4b911dc474760a340235932635476a0c92e7ce56b7e9b27f312e0a656966d91c9f5a537a66377bbc", 0x43}], 0x1}, 0x0) ioctl$sock_kcm_SIOCKCMUNATTACH(r6, 0x890b, &(0x7f0000000000)) ioctl$sock_kcm_SIOCKCMUNATTACH(r6, 0x890c, &(0x7f0000000000)) 12:07:21 executing program 0: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xee6b}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$sndtimer(&(0x7f0000000200)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f0000000080)) 12:07:21 executing program 3: sched_setaffinity(0x0, 0x7, &(0x7f00000000c0)) pipe(&(0x7f0000000000)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xee6b}, 0x0, 0x0, 0xffffffffffffffff, 0x0) madvise(&(0x7f000079c000/0x800000)=nil, 0x800000, 0xc) sigaltstack(&(0x7f0000c63000/0x2000)=nil, &(0x7f0000000000)) madvise(&(0x7f00002f8000/0xc00000)=nil, 0xc00000, 0xd) 12:07:21 executing program 2: sched_setaffinity(0x0, 0x7, &(0x7f00000000c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000002c0)={&(0x7f0000000100)='./file0\x00'}, 0x10) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xee6b}, 0x0, 0x0, 0xffffffffffffffff, 0x0) epoll_create(0x4) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='status\x00') preadv(r0, &(0x7f0000000480), 0x1000000000000268, 0x0) 12:07:22 executing program 3: sched_setaffinity(0x0, 0x7, &(0x7f00000000c0)) pipe(&(0x7f0000000000)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xee6b}, 0x0, 0x0, 0xffffffffffffffff, 0x0) madvise(&(0x7f000079c000/0x800000)=nil, 0x800000, 0xc) sigaltstack(&(0x7f0000c63000/0x2000)=nil, &(0x7f0000000000)) madvise(&(0x7f00002f8000/0xc00000)=nil, 0xc00000, 0xd) 12:07:22 executing program 4: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) semop(0x0, &(0x7f00000000c0), 0x0) syz_open_dev$sndmidi(&(0x7f0000000040)='/dev/snd/midiC#D#\x00', 0xe440, 0x103802) 12:07:22 executing program 0: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000000)='IPVS\x00') sendmsg$IPVS_CMD_NEW_SERVICE(r0, &(0x7f0000000500)={&(0x7f0000000280), 0xc, &(0x7f00000004c0)={&(0x7f0000000300)={0x14, r1, 0x101}, 0x14}}, 0x0) 12:07:22 executing program 1: r0 = openat$cgroup(0xffffffffffffffff, &(0x7f00000009c0)='syz1\x00', 0x200002, 0x0) openat$cgroup(0xffffffffffffff9c, &(0x7f0000000ac0)='syz0\x00', 0x200002, 0x0) socketpair(0x10, 0x80004, 0x8, &(0x7f0000000b00)={0xffffffffffffffff}) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000b40)='./cgroup.cpu/syz0\x00', 0x200002, 0x0) openat$cgroup(r2, &(0x7f0000000bc0)="0000f7ff00", 0x200002, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000005c0)={r0, 0x6, 0x1, 0x9, &(0x7f0000000600)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x1}, 0xfe02) socket$kcm(0x29, 0x1000000000009, 0x0) r3 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair(0x5, 0x20000000000005, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_QUERY_BPF(r5, 0xc008240a, &(0x7f0000000a80)=ANY=[@ANYBLOB="0000000000583b27faa6ca01e8ffc1ff57b9090000007d79b32d8346dd01b46df69e5f0010931260b96dd693956d99002b35bb92ed30006a61"]) r6 = socket$kcm(0x2, 0xa, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(r1, 0xc008240a, &(0x7f0000000c00)=ANY=[@ANYRESHEX=0x0]) r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.cpu\x00', 0x200002, 0x0) r8 = gettid() perf_event_open(&(0x7f0000000940)={0x5, 0x70, 0x3, 0x3, 0x401, 0x3ff, 0x0, 0x8, 0x404, 0xe, 0x16, 0x3f, 0x4, 0x1, 0x98, 0x20, 0x1, 0x100000001, 0x6, 0x4, 0x2, 0x3, 0x4, 0x2, 0x3e2d, 0x9, 0x0, 0x4, 0xfffffffffffffffd, 0xffffffff80000000, 0xffffffff, 0x80000000, 0x330, 0x8, 0x7f, 0x6, 0x2, 0x6, 0x0, 0x2, 0x0, @perf_bp={&(0x7f00000007c0)}, 0x800, 0x9, 0x7, 0x3, 0x80000000, 0x7ff, 0xfff}, r8, 0xe, r3, 0x3) r9 = openat$cgroup_int(r7, &(0x7f0000000040)='cpuset.mems\x00', 0x2, 0x0) write$cgroup_subtree(r9, &(0x7f0000000080)=ANY=[@ANYBLOB="332d2c6d6f0510a0"], 0x8) openat$cgroup_ro(r4, &(0x7f0000000480)='cgroup.controllers\x00', 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f0000000200)="47501a00f9d3c471b4a5430b11691d81fb4b9c49106ab3a01eaa6e1494e10112f6e527a746961b2da661bc0517d1fed124f6efb4292dc4c6df52a2c0623cdc1a18767d961c26d3aa8c633a234967dfe047b15997efc5a3bb522cb0393846dcc3f6e76a288635697c642b3cc7b3b36b3d1354dd508712a1f15e3b542d8a0c0c9a73d19d952bcef7d7d5cb703b44c4f17e5f76e7a2f9c44e076fb1000000000000000000000000000000", 0x2, 0xab93031f99fda67f, &(0x7f0000000080)=""/251}, 0x48) sendmsg(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000000)=@nfc={0x27, 0x0, 0x2}, 0x80, &(0x7f0000000780)=[{&(0x7f0000000700)="bdc3f5c47317ab4ca2fb53056600a58c67b1ffc57c5428c2fd378b4b911dc474760a340235932635476a0c92e7ce56b7e9b27f312e0a656966d91c9f5a537a66377bbc", 0x43}], 0x1}, 0x0) ioctl$sock_kcm_SIOCKCMUNATTACH(r6, 0x890b, &(0x7f0000000000)) ioctl$sock_kcm_SIOCKCMUNATTACH(r6, 0x890c, &(0x7f0000000000)) 12:07:22 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/netfilter\x00') getdents(r0, &(0x7f0000000100)=""/220, 0x18) 12:07:22 executing program 5: clock_gettime(0x6, &(0x7f0000000080)) 12:07:22 executing program 4: connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote}, 0x1c) clone(0x80000, 0x0, 0xfffffffffffffffe, &(0x7f00000003c0), 0xffffffffffffffff) 12:07:22 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000340)='/dev/ashmem\x00', 0x0, 0x0) ioctl$ASHMEM_GET_NAME(r1, 0x81007702, &(0x7f00000001c0)=""/187) [ 269.925813] Not allocated shadow for addr ffff88013065c298 (page ffffea0007226280) [ 269.933572] Attempted to access 8 bytes [ 269.937593] ------------[ cut here ]------------ [ 269.942362] kernel BUG at mm/kmsan/kmsan.c:1075! [ 269.947142] invalid opcode: 0000 [#1] SMP [ 269.951316] CPU: 1 PID: 6496 Comm: syz-executor3 Not tainted 4.19.0-rc4+ #63 [ 269.958509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 269.967916] RIP: 0010:kmsan_get_shadow_address+0x2d6/0x3d0 12:07:23 executing program 2: clone(0x80000, 0x0, 0xfffffffffffffffe, &(0x7f00000003c0), 0xffffffffffffffff) [ 269.973585] Code: e9 89 00 00 00 c7 04 25 20 73 28 8c 01 00 00 00 65 48 8b 04 25 00 fd 02 00 c6 80 7b 09 00 00 01 80 3c 25 38 73 28 8c 00 74 0c <0f> 0b 0f 1f 84 00 00 00 00 00 eb fe 48 c7 c7 11 bc 57 8b 31 c0 4c [ 269.992501] RSP: 0018:ffff8801549ff768 EFLAGS: 00010046 [ 269.999097] RAX: 000000000000001b RBX: 0000000000000000 RCX: ae3b9ff99f89dd00 [ 270.006377] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000000 [ 270.013663] RBP: ffff8801549ff798 R08: 0000000000000000 R09: ffff88021fd38f50 [ 270.020969] R10: 0000000000000000 R11: ffffffff86258280 R12: 0000000000000001 [ 270.023133] Not allocated shadow for addr ffff88013065c2a8 (page ffffea0007226280) [ 270.028257] R13: ffff88013065c298 R14: 0000000000000001 R15: 0000000000000008 [ 270.035994] ------------[ cut here ]------------ [ 270.043236] FS: 0000000001abf940(0000) GS:ffff88021fd00000(0000) knlGS:0000000000000000 [ 270.047976] kernel BUG at mm/kmsan/kmsan.c:1075! [ 270.056190] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 270.056210] CR2: 0000000001855938 CR3: 00000001549b3000 CR4: 00000000001406e0 [ 270.074086] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 270.081359] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 270.088647] Call Trace: [ 270.091305] kmsan_internal_unpoison_shadow+0x5c/0xe0 [ 270.096508] kmsan_unpoison_shadow+0x72/0xd0 [ 270.100944] vunmap_page_range+0x828/0xc20 [ 270.105258] remove_vm_area+0x39b/0x450 [ 270.109260] __vunmap+0x34c/0x5d0 [ 270.112754] vfree+0x79/0x170 [ 270.115914] do_ip6t_get_ctl+0x10b9/0x1140 [ 270.120194] ? compat_do_ip6t_set_ctl+0x3cf0/0x3cf0 [ 270.125231] nf_getsockopt+0x481/0x4e0 [ 270.129146] ipv6_getsockopt+0x279/0x510 [ 270.133230] ? compat_ipv6_setsockopt+0x4c0/0x4c0 [ 270.138086] tcp_getsockopt+0x1c6/0x1f0 [ 270.142087] ? tcp_get_timestamping_opt_stats+0x1810/0x1810 [ 270.147810] sock_common_getsockopt+0x13f/0x180 [ 270.152502] ? sock_recv_errqueue+0x990/0x990 [ 270.157019] __sys_getsockopt+0x48c/0x550 [ 270.161204] __se_sys_getsockopt+0xe1/0x100 [ 270.165555] __x64_sys_getsockopt+0x62/0x80 [ 270.169893] do_syscall_64+0xbe/0x100 [ 270.173723] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 270.178931] RIP: 0033:0x45a0aa [ 270.182185] Code: b8 34 01 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 88 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 37 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 88 fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 270.201099] RSP: 002b:0000000000a3f608 EFLAGS: 00000212 ORIG_RAX: 0000000000000037 [ 270.208819] RAX: ffffffffffffffda RBX: 0000000000a3f630 RCX: 000000000045a0aa [ 270.216091] RDX: 0000000000000041 RSI: 0000000000000029 RDI: 0000000000000003 [ 270.223368] RBP: 0000000000709cc0 R08: 0000000000a3f62c R09: 0000000000004000 [ 270.230641] R10: 0000000000a3f730 R11: 0000000000000212 R12: 0000000000000003 [ 270.237925] R13: 0000000000000000 R14: 0000000000000029 R15: 0000000000709600 [ 270.245219] Modules linked in: [ 270.248445] ---[ end trace c6ff3b69424dc372 ]--- [ 270.248460] invalid opcode: 0000 [#2] SMP [ 270.248486] CPU: 0 PID: 6303 Comm: syz-executor2 Tainted: G D 4.19.0-rc4+ #63 [ 270.253230] RIP: 0010:kmsan_get_shadow_address+0x2d6/0x3d0 [ 270.257368] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 270.265946] Code: e9 89 00 00 00 c7 04 25 20 73 28 8c 01 00 00 00 65 48 8b 04 25 00 fd 02 00 c6 80 7b 09 00 00 01 80 3c 25 38 73 28 8c 00 74 0c <0f> 0b 0f 1f 84 00 00 00 00 00 eb fe 48 c7 c7 11 bc 57 8b 31 c0 4c [ 270.271561] RIP: 0010:kmsan_get_shadow_address+0x2d6/0x3d0 [ 270.280896] RSP: 0018:ffff8801549ff768 EFLAGS: 00010046 [ 270.299821] Code: e9 89 00 00 00 c7 04 25 20 73 28 8c 01 00 00 00 65 48 8b 04 25 00 fd 02 00 c6 80 7b 09 00 00 01 80 3c 25 38 73 28 8c 00 74 0c <0f> 0b 0f 1f 84 00 00 00 00 00 eb fe 48 c7 c7 11 bc 57 8b 31 c0 4c [ 270.310786] RSP: 0018:ffff88015dbaf780 EFLAGS: 00010002 [ 270.330194] RAX: 000000000000001b RBX: 0000000000000000 RCX: ae3b9ff99f89dd00 [ 270.330213] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000000 [ 270.342831] RBP: ffff8801549ff798 R08: 0000000000000000 R09: ffff88021fd38f50 [ 270.350096] RAX: 0000000000000046 RBX: 0000000000000000 RCX: 15cb4ab4a7625600 [ 270.357359] R10: 0000000000000000 R11: ffffffff86258280 R12: 0000000000000001 [ 270.364623] RDX: 0000000000000000 RSI: 0000000000000001 RDI: ffff88021fc36afc [ 270.371882] R13: ffff88013065c298 R14: 0000000000000001 R15: 0000000000000008 [ 270.379146] RBP: ffff88015dbaf7b0 R08: 0000000000000000 R09: ffff88021fc38f50 [ 270.386407] FS: 0000000001abf940(0000) GS:ffff88021fd00000(0000) knlGS:0000000000000000 [ 270.393663] R10: 0000000000000000 R11: ffffffff86258280 R12: 0000000000000001 [ 270.401901] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 270.409168] R13: ffff88013065c2a8 R14: 0000000000000001 R15: 0000000000000008 [ 270.415039] CR2: 0000000001855938 CR3: 00000001549b3000 CR4: 00000000001406e0 [ 270.422301] FS: 00000000026b0940(0000) GS:ffff88021fc00000(0000) knlGS:0000000000000000 [ 270.429556] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 270.437772] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 270.445034] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 270.450912] CR2: 0000000000706158 CR3: 000000015d6ba000 CR4: 00000000001406f0 [ 270.458167] Kernel panic - not syncing: Fatal exception [ 270.465435] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 270.478043] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 270.485312] Call Trace: [ 270.487931] kmsan_internal_unpoison_shadow+0x5c/0xe0 [ 270.493139] kmsan_unpoison_shadow+0x72/0xd0 [ 270.497572] vunmap_page_range+0x828/0xc20 [ 270.501861] remove_vm_area+0x39b/0x450 [ 270.505865] __vunmap+0x34c/0x5d0 [ 270.509344] vfree+0x79/0x170 [ 270.512470] do_arpt_get_ctl+0xddb/0xe80 [ 270.516572] ? compat_do_arpt_set_ctl+0x2e90/0x2e90 [ 270.521600] nf_getsockopt+0x481/0x4e0 [ 270.525609] ip_getsockopt+0x2b1/0x470 [ 270.529524] ? compat_ip_setsockopt+0x380/0x380 [ 270.534209] tcp_getsockopt+0x1c6/0x1f0 [ 270.538210] ? tcp_get_timestamping_opt_stats+0x1810/0x1810 [ 270.543940] sock_common_getsockopt+0x13f/0x180 [ 270.548632] ? sock_recv_errqueue+0x990/0x990 [ 270.553149] __sys_getsockopt+0x48c/0x550 [ 270.557338] __se_sys_getsockopt+0xe1/0x100 [ 270.561734] __x64_sys_getsockopt+0x62/0x80 [ 270.566066] do_syscall_64+0xbe/0x100 [ 270.569896] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 270.575121] RIP: 0033:0x45a0aa [ 270.578326] Code: b8 34 01 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 88 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 37 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 88 fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 270.597251] RSP: 002b:0000000000a3f648 EFLAGS: 00000212 ORIG_RAX: 0000000000000037 [ 270.604976] RAX: ffffffffffffffda RBX: 0000000000a3f750 RCX: 000000000045a0aa [ 270.612250] RDX: 0000000000000061 RSI: 0000000000000000 RDI: 0000000000000003 [ 270.619530] RBP: 0000000000000003 R08: 0000000000a3f65c R09: 000000000000000a [ 270.626806] R10: 0000000000a3f750 R11: 0000000000000212 R12: 0000000000000000 [ 270.634086] R13: 0000000000041d4b R14: 0000000000000008 R15: 0000000000000002 [ 270.641384] Modules linked in: [ 270.644598] ---[ end trace c6ff3b69424dc373 ]--- [ 270.649378] RIP: 0010:kmsan_get_shadow_address+0x2d6/0x3d0 [ 270.655018] Code: e9 89 00 00 00 c7 04 25 20 73 28 8c 01 00 00 00 65 48 8b 04 25 00 fd 02 00 c6 80 7b 09 00 00 01 80 3c 25 38 73 28 8c 00 74 0c <0f> 0b 0f 1f 84 00 00 00 00 00 eb fe 48 c7 c7 11 bc 57 8b 31 c0 4c [ 270.673948] RSP: 0018:ffff8801549ff768 EFLAGS: 00010046 [ 270.679325] RAX: 000000000000001b RBX: 0000000000000000 RCX: ae3b9ff99f89dd00 [ 270.686598] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000000 [ 270.693874] RBP: ffff8801549ff798 R08: 0000000000000000 R09: ffff88021fd38f50 [ 270.701155] R10: 0000000000000000 R11: ffffffff86258280 R12: 0000000000000001 [ 270.708431] R13: ffff88013065c298 R14: 0000000000000001 R15: 0000000000000008 [ 270.715717] FS: 00000000026b0940(0000) GS:ffff88021fc00000(0000) knlGS:0000000000000000 [ 270.723950] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 270.729839] CR2: 0000000000706158 CR3: 000000015d6ba000 CR4: 00000000001406f0 [ 270.737122] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 270.744414] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 272.045739] Shutting down cpus with NMI [ 272.049796] ------------[ cut here ]------------ [ 272.054564] kernel BUG at mm/kmsan/kmsan_entry.c:81! [ 272.059690] invalid opcode: 0000 [#3] SMP [ 272.063848] CPU: 0 PID: 6303 Comm: syz-executor2 Tainted: G D 4.19.0-rc4+ #63 [ 272.067048] Kernel Offset: disabled [[ 272722.0.7067060662] 2]Re bReoobotiontgin gin i 8n6 4860040 0se scoecndonsd.s. . .C o mpute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 272.089414] RIP: 0010:kmsan_nmi_enter+0x42/0x70 [ 272.094097] Code: 00 74 27 65 8b 04 25 40 8f 03 00 ff c0 83 f8 08 7d 28 65 89 04 25 40 8f 03 00 65 c6 04 25 d5 6c 0b 00 ff c3 0f 0b 66 90 eb fe <0f> 0b 66 90 66 2e 0f 1f 84 00 00 00 00 00 eb fe 0f 0b 66 90 66 2e [ 272.113004] RSP: 0018:fffffe000000eea8 EFLAGS: 00010046 [ 272.118378] RAX: 0000000080000000 RBX: 0000000000000001 RCX: 00000000c0000101 [ 272.125650] RDX: 00000000ffff8802 RSI: ffffffff8ac011a8 RDI: ffff88021fc39f00 [ 272.132930] RBP: fffffe000000eef9 R08: 0000000000000000 R09: 0000000000000000 [ 272.140208] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 272.147498] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 272.154776] FS: 00000000026b0940(0000) GS:ffff88021fc00000(0000) knlGS:0000000000000000 [ 272.163039] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 272.168931] CR2: 0000000000706158 CR3: 000000015d6ba000 CR4: 00000000001406f0 [ 272.176210] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 272.183482] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 272.190840] Call Trace: [ 272.193425] [ 272.195607] ? end_repeat_nmi+0x19/0x58 [ 272.199595] ? end_repeat_nmi+0x7/0x58 [ 272.203519] ? panic_smp_self_stop+0xe/0xd0 [ 272.207893] ? panic_smp_self_stop+0x12/0xd0 [ 272.212317] ? panic_smp_self_stop+0x12/0xd0 [ 272.216739] ? panic_smp_self_stop+0x12/0xd0 [ 272.221146] [ 272.223394] ? panic+0x324/0xafa [ 272.226799] ? __show_regs+0xf8d/0x1310 [ 272.230805] ? oops_end+0x2cc/0x2d0 [ 272.234449] ? die+0x124/0x140 [ 272.237660] ? do_trap+0x686/0x710 [ 272.241238] ? do_error_trap+0x63c/0x6e0 [ 272.245308] ? kmsan_get_shadow_address+0x2d6/0x3d0 [ 272.250334] ? kmsan_get_shadow_address+0x2d6/0x3d0 [ 272.255409] ? do_invalid_op+0x98/0xb0 [ 272.259315] ? invalid_op+0x14/0x20 [ 272.262969] ? write_ext_msg+0x890/0x890 [ 272.267060] ? kmsan_get_shadow_address+0x2d6/0x3d0 [ 272.272108] ? kmsan_internal_unpoison_shadow+0x5c/0xe0 [ 272.277487] ? kmsan_unpoison_shadow+0x72/0xd0 [ 272.282085] ? vunmap_page_range+0x828/0xc20 [ 272.286539] ? remove_vm_area+0x39b/0x450 [ 272.290709] ? __vunmap+0x34c/0x5d0 [ 272.294357] ? vfree+0x79/0x170 [ 272.297696] ? do_arpt_get_ctl+0xddb/0xe80 [ 272.301973] ? compat_do_arpt_set_ctl+0x2e90/0x2e90 [ 272.307012] ? nf_getsockopt+0x481/0x4e0 [ 272.311102] ? ip_getsockopt+0x2b1/0x470 [ 272.315191] ? compat_ip_setsockopt+0x380/0x380 [ 272.319869] ? tcp_getsockopt+0x1c6/0x1f0 [ 272.324192] ? tcp_get_timestamping_opt_stats+0x1810/0x1810 [ 272.329923] ? sock_common_getsockopt+0x13f/0x180 [ 272.334779] ? sock_recv_errqueue+0x990/0x990 [ 272.339303] ? __sys_getsockopt+0x48c/0x550 [ 272.343649] ? __se_sys_getsockopt+0xe1/0x100 [ 272.348167] ? __x64_sys_getsockopt+0x62/0x80 [ 272.352672] ? do_syscall_64+0xbe/0x100 [ 272.356671] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 272.362051] Modules linked in: [ 272.365266] ---[ end trace c6ff3b69424dc374 ]--- [ 272.370028] RIP: 0010:kmsan_get_shadow_address+0x2d6/0x3d0 [ 272.375660] Code: e9 89 00 00 00 c7 04 25 20 73 28 8c 01 00 00 00 65 48 8b 04 25 00 fd 02 00 c6 80 7b 09 00 00 01 80 3c 25 38 73 28 8c 00 74 0c <0f> 0b 0f 1f 84 00 00 00 00 00 eb fe 48 c7 c7 11 bc 57 8b 31 c0 4c [ 272.394563] RSP: 0018:ffff8801549ff768 EFLAGS: 00010046 [ 272.399963] RAX: 000000000000001b RBX: 0000000000000000 RCX: ae3b9ff99f89dd00 [ 272.407240] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000000 [ 272.414515] RBP: ffff8801549ff798 R08: 0000000000000000 R09: ffff88021fd38f50 [ 272.421799] R10: 0000000000000000 R11: ffffffff86258280 R12: 0000000000000001 [ 272.429070] R13: ffff88013065c298 R14: 0000000000000001 R15: 0000000000000008 [ 272.436346] FS: 00000000026b0940(0000) GS:ffff88021fc00000(0000) knlGS:0000000000000000 [ 272.444574] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 272.450458] CR2: 0000000000706158 CR3: 000000015d6ba000 CR4: 00000000001406f0 [ 272.457733] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 272.465003] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400