[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   45.159507][   T26] audit: type=1800 audit(1562123491.991:25): pid=7993 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[   45.198708][   T26] audit: type=1800 audit(1562123491.991:26): pid=7993 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[   45.235352][   T26] audit: type=1800 audit(1562123491.991:27): pid=7993 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.1.40' (ECDSA) to the list of known hosts.
2019/07/03 03:11:42 fuzzer started
2019/07/03 03:11:45 dialing manager at 10.128.0.26:36823
2019/07/03 03:11:46 syscalls: 2465
2019/07/03 03:11:46 code coverage: enabled
2019/07/03 03:11:46 comparison tracing: enabled
2019/07/03 03:11:46 extra coverage: extra coverage is not supported by the kernel
2019/07/03 03:11:46 setuid sandbox: enabled
2019/07/03 03:11:46 namespace sandbox: enabled
2019/07/03 03:11:46 Android sandbox: /sys/fs/selinux/policy does not exist
2019/07/03 03:11:46 fault injection: enabled
2019/07/03 03:11:46 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2019/07/03 03:11:46 net packet injection: enabled
2019/07/03 03:11:46 net device setup: enabled
03:12:51 executing program 0:

syzkaller login: [  124.936613][ T8158] IPVS: ftp: loaded support on port[0] = 21
03:12:51 executing program 1:

[  125.037861][ T8158] chnl_net:caif_netlink_parms(): no params data found
[  125.096005][ T8158] bridge0: port 1(bridge_slave_0) entered blocking state
[  125.118834][ T8158] bridge0: port 1(bridge_slave_0) entered disabled state
[  125.138730][ T8158] device bridge_slave_0 entered promiscuous mode
[  125.147204][ T8158] bridge0: port 2(bridge_slave_1) entered blocking state
[  125.168729][ T8158] bridge0: port 2(bridge_slave_1) entered disabled state
[  125.176663][ T8158] device bridge_slave_1 entered promiscuous mode
[  125.201468][ T8161] IPVS: ftp: loaded support on port[0] = 21
[  125.214334][ T8158] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  125.224601][ T8158] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  125.251146][ T8158] team0: Port device team_slave_0 added
[  125.265899][ T8158] team0: Port device team_slave_1 added
03:12:52 executing program 2:

[  125.361651][ T8158] device hsr_slave_0 entered promiscuous mode
[  125.399002][ T8158] device hsr_slave_1 entered promiscuous mode
03:12:52 executing program 3:

[  125.467776][ T8163] IPVS: ftp: loaded support on port[0] = 21
[  125.483831][ T8158] bridge0: port 2(bridge_slave_1) entered blocking state
[  125.491016][ T8158] bridge0: port 2(bridge_slave_1) entered forwarding state
[  125.498645][ T8158] bridge0: port 1(bridge_slave_0) entered blocking state
[  125.505707][ T8158] bridge0: port 1(bridge_slave_0) entered forwarding state
[  125.644589][ T8161] chnl_net:caif_netlink_parms(): no params data found
[  125.720481][ T8158] 8021q: adding VLAN 0 to HW filter on device bond0
[  125.789876][ T8161] bridge0: port 1(bridge_slave_0) entered blocking state
[  125.797235][ T8161] bridge0: port 1(bridge_slave_0) entered disabled state
[  125.807064][ T8161] device bridge_slave_0 entered promiscuous mode
[  125.814816][ T8163] chnl_net:caif_netlink_parms(): no params data found
03:12:52 executing program 4:

[  125.833555][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  125.852738][    T5] bridge0: port 1(bridge_slave_0) entered disabled state
[  125.860704][    T5] bridge0: port 2(bridge_slave_1) entered disabled state
[  125.872330][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[  125.897904][ T8158] 8021q: adding VLAN 0 to HW filter on device team0
[  125.915632][ T8161] bridge0: port 2(bridge_slave_1) entered blocking state
[  125.938711][ T8161] bridge0: port 2(bridge_slave_1) entered disabled state
[  125.946640][ T8161] device bridge_slave_1 entered promiscuous mode
[  125.985197][ T8167] IPVS: ftp: loaded support on port[0] = 21
[  126.002071][ T8161] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  126.022284][ T8161] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  126.068145][ T2992] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  126.081212][ T2992] bridge0: port 1(bridge_slave_0) entered blocking state
[  126.088270][ T2992] bridge0: port 1(bridge_slave_0) entered forwarding state
[  126.124222][ T8163] bridge0: port 1(bridge_slave_0) entered blocking state
[  126.136052][ T8171] IPVS: ftp: loaded support on port[0] = 21
[  126.138668][ T8163] bridge0: port 1(bridge_slave_0) entered disabled state
[  126.157771][ T8163] device bridge_slave_0 entered promiscuous mode
03:12:53 executing program 5:

[  126.169561][ T8161] team0: Port device team_slave_0 added
[  126.187653][ T8164] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  126.197592][ T8164] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  126.209589][ T8164] bridge0: port 2(bridge_slave_1) entered blocking state
[  126.216648][ T8164] bridge0: port 2(bridge_slave_1) entered forwarding state
[  126.226998][ T8164] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  126.236166][ T8164] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  126.248009][ T8164] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  126.258250][ T8164] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  126.267022][ T8164] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  126.275614][ T8164] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  126.283825][ T8164] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  126.292153][ T8164] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  126.300253][ T8164] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  126.308349][ T8164] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  126.326075][ T8163] bridge0: port 2(bridge_slave_1) entered blocking state
[  126.333939][ T8163] bridge0: port 2(bridge_slave_1) entered disabled state
[  126.341756][ T8163] device bridge_slave_1 entered promiscuous mode
[  126.349552][ T8161] team0: Port device team_slave_1 added
[  126.374380][ T8164] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  126.388796][ T8163] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  126.400107][ T8163] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  126.416229][ T8173] IPVS: ftp: loaded support on port[0] = 21
[  126.426179][ T8158] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  126.462410][ T8163] team0: Port device team_slave_0 added
[  126.470142][ T8163] team0: Port device team_slave_1 added
[  126.521379][ T8161] device hsr_slave_0 entered promiscuous mode
[  126.579031][ T8161] device hsr_slave_1 entered promiscuous mode
[  126.691438][ T8163] device hsr_slave_0 entered promiscuous mode
[  126.728958][ T8163] device hsr_slave_1 entered promiscuous mode
[  126.849786][ T8158] 8021q: adding VLAN 0 to HW filter on device batadv0
[  126.926464][ T8171] chnl_net:caif_netlink_parms(): no params data found
03:12:53 executing program 0:
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x9, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x4d}, [@ldst={0x3, 0x0, 0x3, 0x1c10a1}]}, &(0x7f0000003ff6)='G\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48)

03:12:53 executing program 0:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040), 0xfb01cbdd028b9044)
setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r0, 0x84, 0x78, &(0x7f0000000540), 0x4)
r1 = accept(r0, 0x0, &(0x7f0000000000))
r2 = socket$netlink(0x10, 0x3, 0x6)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000140)='IPVS\x00')
r3 = socket$inet(0x2, 0x803, 0x1)
setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX_OLD(r3, 0x84, 0x6b, &(0x7f0000000240)=[@in={0x2, 0x4e24, @remote}, @in={0x2, 0x4e21, @remote}, @in6={0xa, 0x4e21, 0xffffffffffff8001, @mcast2, 0x2}, @in={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x16}}], 0x4c)
sendmsg$IPVS_CMD_DEL_SERVICE(r2, &(0x7f00000004c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000001c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="18072abd7000ffdbdf2503000000500001000c4d34006e6f6e650000000008000100020000000800060077727200ddc2c70c0007002200000004000000080002003f0000000c000700100000002200000009000600727200000800050000000000080004004000000008000400400000004de8c1bb6a3ee73dd06c0cb3b4041566e5d98fe73a75d6434403d170deccda5926"], 0x1}, 0x1, 0x0, 0x0, 0x1}, 0x4080)
syz_emit_ethernet(0x1, &(0x7f0000001940)=ANY=[@ANYBLOB="e57b14bbe0244178dae4af29b0ca986c4781a136ffffffffffff8847450000c50066000001ff90787f000001ffffffff4e234e2100b19078dc7395de64a7bf7dd0f7a4756d095bee3681960635fe15134892a1c445d35803a654bdccd04e8c500165539c952e96119e5f3abd6005a2a438ded6babdbf164a1c399a184140239355ac1ee37d3cfeea60db084173c78782cda2fbe9d4c7a4ed00d85b4e92f6a0fd594258aa53283585662d56759a3e51514f429c46e22c1c65acc42503a3ce1e6822c57d6d042522030013de8a699199763e1fbf3f227e7a00f92f0a9ad1fe2ee574aeb20d6ddd369b298fc8164124b91551fca76a1bbea617a6800756264544a0f905aecb32aa29fda9ce"], 0x0)
ioctl$sock_SIOCGSKNS(r2, 0x894c, &(0x7f0000000100)=0x4)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000000180)='TIPC\x00')
setsockopt$inet_opts(r3, 0x0, 0xd, &(0x7f0000000940)="86a326511585c26cc789d8db95c5b44f92c04c3fa8ef3dfb009490ef41c8899a8ae0ba13d871ac4531a5b6250c93f224c67725308fe1d52bc7c3f7f31f89d65e01ec85ab087c2d8fc4903f78cce345f667a563e6e823035c68fb27a25b24784815155cccc1e1004608ef3faa9c8fe966fe6765c6e51ed1b82e65668f9356126a38900a4e072c242a19ff766e7f70264bfa36e909ea996646655ac4268828e08f4d0dd2cce5fff635a78faa69b06d871b016498412d9aa6f507f07102e169489b9537a933f0b0c181a10a0267f8b7da4a46569fe2c6cf60c627db0c2cbe1a671b639038bcbb6c440dc4566574f774cac696c623dec4dd6ac71b2acc3d21f6f6de41c14f92351c73c2fdf88bb4fbe98d6a073814b14fa24c7d3e7672eb0bccbd4a3ebc4bae5599c6c6612a695fe3b7aa30f8b67df5066efed8e06e058b7d5c2f80aa36f30462e61c7e9ff8c88cb42a3caf4f77e329c156e84c8bfd632b49f63b90f5341a119ab2ad503d07b170f8392203be0e721476b036d57895ff67899a7c7f42b8b30b963f8d175153feab8747b1f9384bcb8074bfac15827980a0cf88f55995d84410f1e0f9d380ecd6fcd4847c4e3fb3a2b3441f29a20b93729445b7058120fd6607cfc9d58bc1b09112132dc5f53c82e12f964e93f5dbd28147a172ef91abdbf3431ee6210ec689d66cdb7b54bf75c3e7d3c157eb77af36bb609e74da7858647bca5695967489c22bca802fe725a622c70dab971494be1fba86bc0463d6b82a5e337b30e1980c8aeec1b1099db924a80b9480d6c1eeaa546693a9522bc88c5c3bf132ac317615e794d498cc8fb5fdeb83d3f8ab13438da10712e068e8c25275c9f9af84c3afd564d9f9f1fd46cd514274c201d8adade4cef6f23882d4ace378224a8522f5687b2eba0bfb7cbf43f668e842ec6c6b54db48461e345ea5b3e6bdf6d4fca14e70a5c2f24d84157f5dfef9be2d34f53d61cfa88f31214ccd91639c806395456632924a3e0f242e1e03e885c44b26a08104f0273f25682697fd8546d1e95bbb78adf5524001b8c8bee9c794e4dedc852c87688baf5f95bc0ba2cd478fcdd3b78c920659a06ccd258fdbddf1a5a965fc8b9e65fbc40c34c9ca7c5d5055b7bd6d19b69ec086b23e964fa92c580c2402dbf7097318b6acdb1825004a5c65c600c4e3864510c85e087418c28fb03affcf9c734ca0e124b6ca8eabd0764d7eb9ef6c6d103c185503fc6ed3f0fa6727199bfb010126484fe4c6ae48858a9df1c95cc89f0ed84e2ddaaae3b2cd63616e28b984fbd6d681b938682afc6979ea6c4a2908ea0a4ca4d5fb49700df52acae7b82be4eeda6e08ed3b44bfa57591190b59dfe1457b698018876b434f8ba0d6b0f614cc1adec892b2c7aaa0ae61bc9c905a8bb3b8d357efd3c76c1a20d04951c745a808d0fa2776f3108aad2253c20ca5d5bfd658ad733f8884e3110b4b5670fbd4edfc5a982679ede523d2a7afd943f874723a874c4ff60dd83af9be06fe3e7feb065163f588200728252d27fa84209b2a0b24eabe924a85922830d79ac3312f261eec3b92bc007066d2e3ec71270b7a91956511fd0ecbaba5e5b1b351f23e5a295004002c2ff69f110760448b1a599aa2497d930d8c150901ee63676c2e963171a01db64a633fe1d72dd6ab3e2a9f53a0d4eafa10bd6b555205f7e0fa55fdbd65f63c4c78ac54b7b56431335f6af4c4963cee94c43e4802df398a8df6b805db0c328d8f2a496073510a3ff03304c22135190934960c839dae436ae3a4c9a4df7dc7f608931b9e0d082612cd068d4025c3e6f67875bd19c47725090b204d8139d9cbfc3828550271a9d0b1a36ee7d6d39019532fece36489111441d690359d8f1f15f43e78748f1c76fed2f6444dd027dba77eff5947c821bff1e317ef8f69fe78b037ab534942a91b4f34d3a5e253ff03ddab7e42ec5c6d3e8c62bfca63ccb4df8e200376f8d2d8df6eb02e11a247f618976aba9eedb6a9dea8560971e3277e9d7e4186072642c2e5191364b1c9935d323583a4fc5a2b9dea4b46983bee659f223d48369af2e1211fe0b0c85747d3b7add1644c89910157b42437212dc7910d5f923ef0bb0c8e2cc88d820f1894a9cf37d4d19c6878773a1d34bc0c549472ebdaba14df0b17c6bc06d940d45d8e36ef0886b2015437f09a57793307f8d175f851a8d5d1e77eab550836cb7e9c3a58db18bb1078a2a96d8adced1f3c434497cce75c3431f77e952b34b2c2a3922cc6f81bd2cec79667475688901fa240951415d0e3787926cf3ad9ab6d1337d9fb343fbe4f09e41f93d2c68d2c5a7f2915dd27ecff3743a5bcda4190103311980e5b41261a156c526d05ab12d82db72c4f2133fc69fa5f42bef5dfcf0bd0508e917f5289c268ff1852acd5ea15f1ae28e3f9b97b1e711660fdca9270ce38b7bf4669f634884e4644669d8607d19401bb96a2fd08b1d1917c7f31135f1468c23b86613357dd264c7cd0168f1b2cf5ef3daec51a6f558b1bffa75a4e68f3e0fb36f3e812bfc5b5259d776c18c1fdb93a295b4c9be645d22aada9eea6fe88ac9371ec950b353f3d990f2f818a8f93c4c236a215640da64b3bc2021cbf941cde53400666cde6f191ca3e7a1c446f9e96666c370c43bf12da61e33575507c9a5e263080bbd8fcc65ced374094b1ffb57834845b340e0abb87313a21047c963ecfc966ffe96e403f2e24260945eb55d2e7c447369e7a571a598ee1e1897ba9e4cf7105fd77fddb7b6953a60be0b5d0b223bfe0f890f802c16ebc485afbc7241ee896907be3fc96279db303bc6a091fd28d031b8cfa4884548bc53e173e7df5b8ffa5a4038cba94726c707e32290fbbb51ed9a66304ffb298632d73bf92fba82e90a7b8d00cf850f3f988762a45459aae8c1bea9b930b4f08fc4f177f998cf971c61182fc12f96d4a915bbbaf01a2ca35a9d95a03faf59d7330f8a69e5c491811a2dc56e0724d39df42b3b3393d39f3512933e7b2f14087fbd19de20436221db072f4f5a22714c971142f99d3cfccc9b0a157f7a5780c81d198436ce2969ce8ca33156edc364dca1b332adaa8ace16ab67a130efeccd1ca757126a3bc357a9e18757af00d2eba4d25e1eff62838120cc98610071a1247e153f59023e1e58c22e4eafdba15374e480ba58d4f1b2089f37e9d12ac6da2cffbce6b426fddfefb1952e4261176cd21629ac1de3243c25056226f2cf5c53789248fd1af2e7311f81b8b06ac6b26b58dc11b977c801f947d109adcb88bb1898816c10a5a8541bdb513d2664c625392c7939e4e41b6b506a15e8e7381a724f91aab3fdb0edbedc260b733f8e55fbc3751d2c4bfacc9bc2e77750d00e08b1cfae1a3c5fa415b0e87a62dd34c6027d0c5b1063d206e144e1df720d7eb9c4f413e0d599c9cc1d9887ace55754313448cb1ad4cbe6ba773ed6c252fac8c6ab8844143f31556f52cf66740fe4809bb1974cbb3c35c3fafa0bf01a518347ee2b1fc51eecc2886c4256c78b5ac6befb690c3f20f0e3d412cd0b792e4419b196e58ef23420ad03ce0af5497b7c7c347041196dce30f2af2924cb5c854cd01162b5caff1253cbb28a2c0bcbf6c34269374296cc212058de278bb0f28e2ab3e4be6a4fb1eb74e30d7e0d77be7b99bf9306d346ead20afb4740d17f04adc87a0d681d85d9b161b1e638d58f432fb595e34178433df8e8d17af5a4004fc7e15d50c9e4964bce9ea36f2326c5bb7d7a506b5b8b197144ad49d4d716ca0542154b9ef36fcbadb15ba028c38edaddb1769e6e86e98623aab58ebf75871da2b4503ff4f9e163e814e217cb71246cf378436d289e34a2ad27a2236c80a2f6a305a91287cf16e0bb453ae94f922b4d7e21e568b287484d8111b60e1572098f53842654ec2e65c09cf74e1a681ae0e67547aaf75b0884b8e3dee5d3dfa17885b36016d42d75502de67a6588050954f822f676c437b07398b693f4a1dab1fcbf8cecb35bb369b8e3cb4a466fa1d0659a09b4bc7953b06fbdc4a67c2f4bd26fbf804db38390bdddbd73da9ee1af6e4ea15eb632f6cc6e7f8a67ffeb1ddfd96d11b44881dc98a29ddbbbc031d5ec7decd52fc170a1c8278c4fef27e0481b3725200d8c87182bf406a3b1f2a0cdef7d3b2295667f4bb05528a8e816eb3094343edf34e39a5dc678f92927de5ea33f9d245333ae278fbe5af5a4d905413e02981ce7446ac9236b314ff450b75401d772419b6105d2ede88a3c133bcbb90ce030e70d2cf02f5412777b6c3e66bb7fda330a813c38eb8a96106730db71c334d4ef49b7b8c84273cdf680c8cd23103b433270eef9b344a77fdf0c9ce922b039830f1555027489beb252c048b7a3667d1e2d18b44ad7b372572c65e814cc2e1a727eebeeb85dce7e00394f51f1e5437ffd46c7b93b0cc9e7f3d1d73b7ba4cd4e1ac4399b369b96546972396eacbbbbada7fbd52908879aeb13eb496a0cec29000d782edf635a75555022773e3b540aedb628aed39ba74c1a2f0f3ae185bcfdf80ec0ec3fc06de08ca3cdeaf25a59d8d17969c371fefa898d9f3ecc271200afd9a8d3ad741b250b7859a2e1317377a8a051395dc864becb347ef64ac1390e0138d8ee3c46dd865171e15845d9c4977bd1d06f1bb4ce938e9ddafc0daf06e3e57af55140bd358c78d07477845f55cd899eb5f94c3d300c357b11f2a93df07f567ccbe63913e4a2d5cc6686bfc7e2140c0fdbae5c8376e7ed3c35faa0516a6da17bff17bc6c48613c9f90bcecf2ef62d69635535551366345197684e23320d7c9231165dc8b1941d0e75d540fcdb5e13cd2477fbc5c91ad6fde04dd1ae002915d965f94ab5215cbe34e44dcdf14a4434bcad0630238842fc3d915bfe03be4a78356b025e83f214f2adcd7fcbcaebc14ae9d565d624af60354acfb234842e24577a8aad67b87ca80c712202d1a77f743d69c4785b8dd459bc6c39fd5f2c05953cfc3d776596b54ebd6f7288599fcc3e9cbf0a61410d1bd5cd201c709f13df0afc800160f4e50a868e15506c425257d6597150819b4745b5d1c372b6a2c6d5496fb8c26c2d090a8093fa0ac51e6f9e554712def0d819a29c790be569299fb839b10fc30b2bb7983a64bffa3b166eeb815ed8baf09a8f8a523ebd2b007fdb864a297ab758f1b1e2978e70310075dbf5641130c658244c63e5df940c669f0e8e0761abfd16cc4ced11b5c1230d525c283691e7bb36858e639c93e3a6abab4e3d0d25dbe39bc51ca86529dd4026501e221382770ad87df133beb372ebeaf3828538962c9619ff898e68c57be1f2491f4fe9de31f94800f740f556beafd799717541053d40476552c27caf116f607143e14643175fc8659e5029105f5f653671fb9b1d1dab19243d14f9dd985cfa20c5b97c9814169e9813d4b21e67093d2fb47261d3f3ff8b59ddfa966d565ea0cab9fd50d474cb5748b455f633dae96e7232ff7f68d5a1c2b545f207b397206ac7c5e82ff7cf16b4c678a0d023426fbb1606dc29d80d2dcefb6ee851df4504a44574375fe414d94c1bc4b1a6ef3f905c9355e2eacbdeef29ea63979142a5fc78621e30cec75e66e2de04ba6be57921cd126802034e51d937fd491577668def757bd9456a76893119f0d883dcb7c1458f49832c9fa5b38e67a02f8651cd28482ce7cfe19806bba392dec8a36466a6c9b3a1494865c2442b44fd2254fe2a3b0b7cc8e3b5a9feb244716aee94beb9406c6d642f8e5a7cae1abd4b57b243d7dddf2a3022334585f382823dd49e4943ac4a917f4f", 0x1000)
sendmsg$TIPC_CMD_GET_NODES(r1, &(0x7f0000000500)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x1c, r4, 0x104, 0x70bd27, 0x25dfdbff, {}, [""]}, 0x1c}, 0x1, 0x0, 0x0, 0x40004}, 0x4000000)
r5 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
socket$alg(0x26, 0x5, 0x0)
bind$llc(r5, &(0x7f0000000200)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x23f33}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
unshare(0x0)
setsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(0xffffffffffffffff, 0x84, 0x7, 0x0, 0x0)
connect$llc(0xffffffffffffffff, 0x0, 0x0)
accept4$llc(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockname(r5, 0x0, &(0x7f0000000400))

[  127.124971][ T8163] 8021q: adding VLAN 0 to HW filter on device bond0
[  127.139439][ T8173] chnl_net:caif_netlink_parms(): no params data found
[  127.178237][ T8171] bridge0: port 1(bridge_slave_0) entered blocking state
[  127.185871][ T8171] bridge0: port 1(bridge_slave_0) entered disabled state
[  127.194141][ T8171] device bridge_slave_0 entered promiscuous mode
[  127.203812][ T8164] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[  127.217441][ T8161] 8021q: adding VLAN 0 to HW filter on device bond0
03:12:54 executing program 0:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0x32600)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
ioctl$EXT4_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000080))
write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'memory'}]}, 0xda00)
write$cgroup_int(r1, &(0x7f0000000200), 0x44000)
syz_genetlink_get_family_id$net_dm(0x0)

[  127.231838][ T8167] chnl_net:caif_netlink_parms(): no params data found
[  127.259429][ T8171] bridge0: port 2(bridge_slave_1) entered blocking state
[  127.266494][ T8171] bridge0: port 2(bridge_slave_1) entered disabled state
[  127.279249][ T8171] device bridge_slave_1 entered promiscuous mode
[  127.308697][ T8163] 8021q: adding VLAN 0 to HW filter on device team0
[  127.321874][ T2992] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  127.331133][ T2992] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  127.339528][ T2992] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  127.347200][ T2992] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  127.371789][ T8161] 8021q: adding VLAN 0 to HW filter on device team0
03:12:54 executing program 0:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0x32600)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
ioctl$EXT4_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000080))
write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'memory'}]}, 0xda00)
write$cgroup_int(r1, &(0x7f0000000200), 0x44000)
syz_genetlink_get_family_id$net_dm(0x0)

[  127.418084][ T8173] bridge0: port 1(bridge_slave_0) entered blocking state
[  127.425613][ T8173] bridge0: port 1(bridge_slave_0) entered disabled state
[  127.434825][ T8173] device bridge_slave_0 entered promiscuous mode
[  127.448996][ T8164] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  127.457773][ T8164] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  127.466651][ T8164] bridge0: port 1(bridge_slave_0) entered blocking state
[  127.473765][ T8164] bridge0: port 1(bridge_slave_0) entered forwarding state
[  127.482827][ T8164] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  127.503052][ T8164] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  127.515116][ T8164] bridge0: port 2(bridge_slave_1) entered blocking state
[  127.522232][ T8164] bridge0: port 2(bridge_slave_1) entered forwarding state
[  127.531098][ T8164] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  127.540050][ T8164] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  127.548290][ T8164] bridge0: port 1(bridge_slave_0) entered blocking state
[  127.555391][ T8164] bridge0: port 1(bridge_slave_0) entered forwarding state
03:12:54 executing program 0:
r0 = socket$inet(0x10, 0x3, 0x20000000006)
sendmsg(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000400)="24000000150007031dfffd946fa2830002200a0009000000741d85680c1ba3a20400ff7e", 0x24}], 0x1}, 0x0)

[  127.565887][ T8171] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  127.577632][ T8171] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  127.586353][ T8167] bridge0: port 1(bridge_slave_0) entered blocking state
[  127.595344][ T8167] bridge0: port 1(bridge_slave_0) entered disabled state
[  127.616195][ T8167] device bridge_slave_0 entered promiscuous mode
[  127.634103][ T8167] bridge0: port 2(bridge_slave_1) entered blocking state
[  127.641302][ T8167] bridge0: port 2(bridge_slave_1) entered disabled state
[  127.649364][ T8167] device bridge_slave_1 entered promiscuous mode
[  127.658409][ T8173] bridge0: port 2(bridge_slave_1) entered blocking state
03:12:54 executing program 0:
r0 = socket$inet6(0xa, 0x2, 0x0)
ioctl(r0, 0x1000008912, &(0x7f00000000c0)="11dc86055e0bceec7be070")
r1 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000021000500d25a80648c63940d0400fc00100003400200a06d053582c137153e370900018000f01700d1bd", 0x2e}], 0x1}, 0x0)

[  127.666258][ T8173] bridge0: port 2(bridge_slave_1) entered disabled state
[  127.677124][ T8173] device bridge_slave_1 entered promiscuous mode
[  127.704909][ T8164] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  127.713034][ T8164] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  127.721176][ T8164] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  127.749128][ T8208] netlink: 'syz-executor.0': attribute type 1 has an invalid length.
[  127.757258][ T8208] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
03:12:54 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="c0dca5055e0bcfec7be070")
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x2, [@struct={0x0, 0x1, 0x0, 0x4, 0x1, 0x0, [{0x0, 0x4}]}]}}, &(0x7f0000000200)=""/245, 0x32, 0xf5, 0x1}, 0x20)

[  127.797532][ T8189] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  127.808286][ T8189] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  127.816918][ T8189] bridge0: port 2(bridge_slave_1) entered blocking state
[  127.824027][ T8189] bridge0: port 2(bridge_slave_1) entered forwarding state
[  127.832543][ T8189] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  127.841911][ T8189] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  127.854258][ T8189] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  127.869571][ T8189] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  127.877886][ T8189] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  127.886594][ T8189] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  127.894962][ T8189] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  127.903312][ T8189] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  127.905584][ T8212] kasan: CONFIG_KASAN_INLINE enabled
[  127.911512][ T8189] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  127.924748][ T8212] kasan: GPF could be caused by NULL-ptr deref or user memory access
[  127.924766][ T8212] general protection fault: 0000 [#1] PREEMPT SMP KASAN
[  127.924777][ T8212] CPU: 0 PID: 8212 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[  127.924789][ T8212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  127.933505][ T8189] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  127.939760][ T8212] RIP: 0010:btf_struct_resolve+0x42d/0xfc0
[  127.939771][ T8212] Code: e8 03 42 80 3c 28 00 4d 89 e7 74 08 48 89 df e8 a9 5b 25 00 4c 8b 23 49 8d 5c 24 04 48 89 d8 48 c1 e8 03 48 89 85 68 ff ff ff <42> 0f b6 04 28 84 c0 48 8b 55 c8 0f 85 19 04 00 00 4c 8d 6a fc 48
[  127.939776][ T8212] RSP: 0018:ffff8880618475f0 EFLAGS: 00010247
[  127.939785][ T8212] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 0000000000040000
[  127.939790][ T8212] RDX: ffffc90005fea000 RSI: 0000000000000951 RDI: 0000000000000952
[  127.939802][ T8212] RBP: ffff888061847690 R08: ffffffff81897f18 R09: fffffbfff1178ed9
[  127.948150][ T8189] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  127.957629][ T8212] R10: fffffbfff1178ed9 R11: 1ffffffff1178ed8 R12: 0000000000000000
[  127.957635][ T8212] R13: dffffc0000000000 R14: ffff8880937e1600 R15: ffff88806183f440
[  127.957643][ T8212] FS:  00007f006cefc700(0000) GS:ffff8880aea00000(0000) knlGS:0000000000000000
[  127.957650][ T8212] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  127.957661][ T8212] CR2: 000000000075c000 CR3: 000000009451c000 CR4: 00000000001406f0
[  127.966036][ T8189] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  127.971309][ T8212] Call Trace:
[  127.971331][ T8212]  btf_resolve+0x3ed/0xda0
[  127.971346][ T8212]  ? btf_sec_info_cmp+0x110/0x110
[  127.991678][ T8189] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  127.996995][ T8212]  ? kasan_kmalloc+0x9/0x10
[  128.005474][ T8189] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  128.012921][ T8212]  ? __kmalloc_node+0x4d/0x60
[  128.012949][ T8212]  btf_new_fd+0x216a/0x37b0
[  128.012981][ T8212]  ? __might_fault+0xf9/0x160
[  128.021376][ T8189] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  128.028735][ T8212]  ? btf_release+0xd0/0xd0
[  128.028757][ T8212]  __do_sys_bpf+0x1212/0xc5d0
[  128.037141][ T8189] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  128.044668][ T8212]  ? tomoyo_file_ioctl+0x23/0x30
[  128.044682][ T8212]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  128.044698][ T8212]  ? __bfs+0x550/0x550
[  128.054056][ T8189] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  128.060192][ T8212]  ? __lock_acquire+0xcf7/0x1a40
[  128.060213][ T8212]  ? __bpf_prog_put_rcu+0x320/0x320
[  128.070907][ T8161] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  128.076041][ T8212]  ? __lock_acquire+0xcf7/0x1a40
[  128.080147][ T8161] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  128.083705][ T8212]  ? trace_lock_acquire+0x190/0x190
[  128.098401][ T8161] 8021q: adding VLAN 0 to HW filter on device batadv0
[  128.101198][ T8212]  ? kasan_check_read+0x11/0x20
[  128.101208][ T8212]  ? do_raw_spin_unlock+0x49/0x260
[  128.101225][ T8212]  ? __might_fault+0xf9/0x160
[  128.109081][ T8161] kobject: 'vlan0' (00000000769ab4b6): kobject_add_internal: parent: 'mesh', set: '<NULL>'
[  128.113667][ T8212]  ? kasan_check_read+0x11/0x20
[  128.169709][ T3879] kobject: 'loop1' (00000000453112a0): kobject_uevent_env
[  128.170099][ T8212]  ? _copy_to_user+0xca/0xf0
[  128.175046][ T3879] kobject: 'loop1' (00000000453112a0): fill_kobj_path: path = '/devices/virtual/block/loop1'
[  128.180204][ T8212]  ? put_timespec64+0x106/0x150
[  128.180215][ T8212]  ? ktime_get_raw+0xf0/0xf0
[  128.180233][ T8212]  ? prepare_exit_to_usermode+0x1e1/0x4f0
[  128.191080][ T8171] kobject: 'veth1_to_team' (000000004d13a7d5): kobject_add_internal: parent: 'net', set: 'devices'
[  128.195459][ T8212]  ? __x64_sys_clock_gettime+0x1c5/0x220
03:12:55 executing program 1:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
socket$inet(0x2, 0x0, 0x0)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r0, &(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10)

[  128.211661][ T8171] kobject: 'veth1_to_team' (000000004d13a7d5): kobject_uevent_env
[  128.214467][ T8212]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  128.214478][ T8212]  ? trace_irq_disable_rcuidle+0x23/0x1c0
[  128.214500][ T8212]  ? do_syscall_64+0x1d/0x140
[  128.214523][ T8212]  __x64_sys_bpf+0x7a/0x90
[  128.219554][ T8171] kobject: 'veth1_to_team' (000000004d13a7d5): fill_kobj_path: path = '/devices/virtual/net/veth1_to_team'
[  128.224438][ T8212]  do_syscall_64+0xfe/0x140
[  128.224454][ T8212]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  128.224468][ T8212] RIP: 0033:0x4597c9
[  128.229682][ T8171] kobject: 'queues' (000000003f85fe15): kobject_add_internal: parent: 'veth1_to_team', set: '<NULL>'
[  128.239074][ T8212] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  128.239080][ T8212] RSP: 002b:00007f006cefbc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  128.239090][ T8212] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004597c9
[  128.239096][ T8212] RDX: 0000000000000020 RSI: 0000000020000000 RDI: 0000000000000012
[  128.239101][ T8212] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  128.239106][ T8212] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f006cefc6d4
[  128.239117][ T8212] R13: 00000000004bfa25 R14: 00000000004d13a0 R15: 00000000ffffffff
[  128.244143][ T8171] kobject: 'queues' (000000003f85fe15): kobject_uevent_env
[  128.251036][ T8212] Modules linked in:
[  128.282434][ T8212] ---[ end trace 6a493e317d56b340 ]---
[  128.312766][ T3879] kobject: 'loop1' (00000000453112a0): kobject_uevent_env
[  128.318053][ T8212] RIP: 0010:btf_struct_resolve+0x42d/0xfc0
[  128.324867][ T3879] kobject: 'loop1' (00000000453112a0): fill_kobj_path: path = '/devices/virtual/block/loop1'
[  128.328843][ T8212] Code: e8 03 42 80 3c 28 00 4d 89 e7 74 08 48 89 df e8 a9 5b 25 00 4c 8b 23 49 8d 5c 24 04 48 89 d8 48 c1 e8 03 48 89 85 68 ff ff ff <42> 0f b6 04 28 84 c0 48 8b 55 c8 0f 85 19 04 00 00 4c 8d 6a fc 48
[  128.341380][ T8171] kobject: 'queues' (000000003f85fe15): kobject_uevent_env: filter function caused the event to drop!
[  128.372002][ T8212] RSP: 0018:ffff8880618475f0 EFLAGS: 00010247
[  128.382747][ T8171] kobject: 'rx-0' (00000000ed2ded63): kobject_add_internal: parent: 'queues', set: 'queues'
[  128.403011][ T8212] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 0000000000040000
[  128.408564][ T8171] kobject: 'rx-0' (00000000ed2ded63): kobject_uevent_env
[  128.440799][ T8212] RDX: ffffc90005fea000 RSI: 0000000000000951 RDI: 0000000000000952
[  128.450427][ T3879] kobject: 'loop1' (00000000453112a0): kobject_uevent_env
[  128.464163][ T8212] RBP: ffff888061847690 R08: ffffffff81897f18 R09: fffffbfff1178ed9
[  128.473656][ T3879] kobject: 'loop1' (00000000453112a0): fill_kobj_path: path = '/devices/virtual/block/loop1'
[  128.491375][ T8212] R10: fffffbfff1178ed9 R11: 1ffffffff1178ed8 R12: 0000000000000000
[  128.505017][ T8171] kobject: 'rx-0' (00000000ed2ded63): fill_kobj_path: path = '/devices/virtual/net/veth1_to_team/queues/rx-0'
[  128.508328][ T8212] R13: dffffc0000000000 R14: ffff8880937e1600 R15: ffff88806183f440
[  128.518683][ T8171] kobject: 'tx-0' (00000000a55d015f): kobject_add_internal: parent: 'queues', set: 'queues'
[  128.527246][ T8212] FS:  00007f006cefc700(0000) GS:ffff8880aea00000(0000) knlGS:0000000000000000
[  128.536254][ T8171] kobject: 'tx-0' (00000000a55d015f): kobject_uevent_env
[  128.558003][ T8212] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  128.570545][ T8171] kobject: 'tx-0' (00000000a55d015f): fill_kobj_path: path = '/devices/virtual/net/veth1_to_team/queues/tx-0'
[  128.575131][ T8212] CR2: 00007ffd03f11fb8 CR3: 000000009451c000 CR4: 00000000001406f0
[  128.587375][ T8171] kobject: 'batman_adv' (0000000076b846c8): kobject_add_internal: parent: 'veth1_to_team', set: '<NULL>'
[  128.594828][ T8212] Kernel panic - not syncing: Fatal exception
[  128.607553][ T8171] kobject: 'team_slave_1' (000000000480c1a2): kobject_add_internal: parent: 'net', set: 'devices'
[  128.614554][ T8212] Kernel Offset: disabled
[  128.679664][ T8212] Rebooting in 86400 seconds..