[[0;32m  OK  [0m] Started Getty on tty1.
[[0;32m  OK  [0m] Started Serial Getty on ttyS0.
[[0;32m  OK  [0m] Reached target Login Prompts.
[[0;32m  OK  [0m] Reached target Multi-User System.
[[0;32m  OK  [0m] Reached target Graphical Interface.
         Starting Update UTMP about System Runlevel Changes...
[[0;32m  OK  [0m] Started Update UTMP about System Runlevel Changes.
[   54.466150][ T6804] scp (6804) used greatest stack depth: 21424 bytes left
         Starting Load/Save RF Kill Switch Status...
[[0;32m  OK  [0m] Started Load/Save RF Kill Switch Status.

Debian GNU/Linux 9 syzkaller ttyS0

Warning: Permanently added '10.128.1.34' (ECDSA) to the list of known hosts.
2020/06/26 20:30:37 fuzzer started
2020/06/26 20:30:37 dialing manager at 10.128.0.26:45395
2020/06/26 20:30:38 syscalls: 3118
2020/06/26 20:30:38 code coverage: enabled
2020/06/26 20:30:38 comparison tracing: enabled
2020/06/26 20:30:38 extra coverage: enabled
2020/06/26 20:30:38 setuid sandbox: enabled
2020/06/26 20:30:38 namespace sandbox: enabled
2020/06/26 20:30:38 Android sandbox: /sys/fs/selinux/policy does not exist
2020/06/26 20:30:38 fault injection: enabled
2020/06/26 20:30:38 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2020/06/26 20:30:38 net packet injection: enabled
2020/06/26 20:30:38 net device setup: enabled
2020/06/26 20:30:38 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2020/06/26 20:30:38 devlink PCI setup: PCI device 0000:00:10.0 is not available
2020/06/26 20:30:38 USB emulation: enabled
20:32:29 executing program 0:

syzkaller login: [  172.193952][ T6892] IPVS: ftp: loaded support on port[0] = 21
20:32:29 executing program 1:

[  172.382226][ T6892] chnl_net:caif_netlink_parms(): no params data found
[  172.471648][ T6892] bridge0: port 1(bridge_slave_0) entered blocking state
[  172.479466][ T6892] bridge0: port 1(bridge_slave_0) entered disabled state
[  172.490193][ T6892] device bridge_slave_0 entered promiscuous mode
[  172.499977][ T6892] bridge0: port 2(bridge_slave_1) entered blocking state
[  172.508844][ T6892] bridge0: port 2(bridge_slave_1) entered disabled state
[  172.517122][ T6892] device bridge_slave_1 entered promiscuous mode
[  172.550629][ T6892] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  172.562601][ T6892] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  172.595183][ T6892] team0: Port device team_slave_0 added
[  172.603937][ T6892] team0: Port device team_slave_1 added
[  172.608166][ T7023] IPVS: ftp: loaded support on port[0] = 21
[  172.632068][ T6892] batman_adv: batadv0: Adding interface: batadv_slave_0
[  172.639633][ T6892] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  172.666932][ T6892] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  172.682727][ T6892] batman_adv: batadv0: Adding interface: batadv_slave_1
20:32:29 executing program 2:

[  172.706171][ T6892] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  172.736308][ T6892] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  172.871582][ T6892] device hsr_slave_0 entered promiscuous mode
[  172.927876][ T6892] device hsr_slave_1 entered promiscuous mode
20:32:29 executing program 3:

[  173.040552][ T7078] IPVS: ftp: loaded support on port[0] = 21
[  173.240657][ T7023] chnl_net:caif_netlink_parms(): no params data found
[  173.372011][ T6892] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  173.441033][ T6892] netdevsim netdevsim0 netdevsim1: renamed from eth1
20:32:30 executing program 4:

[  173.514207][ T7222] IPVS: ftp: loaded support on port[0] = 21
[  173.539321][ T6892] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  173.667011][ T6892] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  173.739923][ T7023] bridge0: port 1(bridge_slave_0) entered blocking state
[  173.750740][ T7326] IPVS: ftp: loaded support on port[0] = 21
[  173.751086][ T7023] bridge0: port 1(bridge_slave_0) entered disabled state
[  173.769904][ T7023] device bridge_slave_0 entered promiscuous mode
[  173.793556][ T7078] chnl_net:caif_netlink_parms(): no params data found
[  173.812812][ T7023] bridge0: port 2(bridge_slave_1) entered blocking state
[  173.820048][ T7023] bridge0: port 2(bridge_slave_1) entered disabled state
[  173.831951][ T7023] device bridge_slave_1 entered promiscuous mode
[  173.944436][ T7023] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  173.981408][ T7023] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
20:32:31 executing program 5:

[  174.045975][ T7023] team0: Port device team_slave_0 added
[  174.126325][ T7023] team0: Port device team_slave_1 added
[  174.255202][ T7078] bridge0: port 1(bridge_slave_0) entered blocking state
[  174.272303][ T7078] bridge0: port 1(bridge_slave_0) entered disabled state
[  174.283240][ T7078] device bridge_slave_0 entered promiscuous mode
[  174.341911][ T7023] batman_adv: batadv0: Adding interface: batadv_slave_0
[  174.349546][ T7023] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  174.376697][ T7023] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  174.388871][ T7078] bridge0: port 2(bridge_slave_1) entered blocking state
[  174.395937][ T7078] bridge0: port 2(bridge_slave_1) entered disabled state
[  174.405599][ T7078] device bridge_slave_1 entered promiscuous mode
[  174.427711][ T7222] chnl_net:caif_netlink_parms(): no params data found
[  174.440801][ T7023] batman_adv: batadv0: Adding interface: batadv_slave_1
[  174.448342][ T7023] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  174.475374][ T7023] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  174.499375][ T7464] IPVS: ftp: loaded support on port[0] = 21
[  174.509154][ T7326] chnl_net:caif_netlink_parms(): no params data found
[  174.533487][ T7078] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  174.546842][ T7078] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  174.659416][ T7023] device hsr_slave_0 entered promiscuous mode
[  174.706813][ T7023] device hsr_slave_1 entered promiscuous mode
[  174.766447][ T7023] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  174.774281][ T7023] Cannot create hsr debugfs directory
[  174.844909][ T7078] team0: Port device team_slave_0 added
[  174.855091][ T7078] team0: Port device team_slave_1 added
[  174.882309][ T7326] bridge0: port 1(bridge_slave_0) entered blocking state
[  174.889653][ T7326] bridge0: port 1(bridge_slave_0) entered disabled state
[  174.899569][ T7326] device bridge_slave_0 entered promiscuous mode
[  174.946078][ T7326] bridge0: port 2(bridge_slave_1) entered blocking state
[  174.953620][ T7326] bridge0: port 2(bridge_slave_1) entered disabled state
[  174.967786][ T7326] device bridge_slave_1 entered promiscuous mode
[  174.983112][ T7222] bridge0: port 1(bridge_slave_0) entered blocking state
[  174.992990][ T7222] bridge0: port 1(bridge_slave_0) entered disabled state
[  175.001264][ T7222] device bridge_slave_0 entered promiscuous mode
[  175.009853][ T7078] batman_adv: batadv0: Adding interface: batadv_slave_0
[  175.017070][ T7078] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  175.043403][ T7078] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  175.058807][ T7078] batman_adv: batadv0: Adding interface: batadv_slave_1
[  175.065764][ T7078] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  175.091987][ T7078] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  175.131619][ T7326] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  175.140931][ T7222] bridge0: port 2(bridge_slave_1) entered blocking state
[  175.148269][ T7222] bridge0: port 2(bridge_slave_1) entered disabled state
[  175.155988][ T7222] device bridge_slave_1 entered promiscuous mode
[  175.189567][ T7326] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  175.281412][ T7078] device hsr_slave_0 entered promiscuous mode
[  175.326783][ T7078] device hsr_slave_1 entered promiscuous mode
[  175.376366][ T7078] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  175.383965][ T7078] Cannot create hsr debugfs directory
[  175.394628][ T7326] team0: Port device team_slave_0 added
[  175.404038][ T7326] team0: Port device team_slave_1 added
[  175.450639][ T7222] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  175.465020][ T7222] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  175.475314][ T7326] batman_adv: batadv0: Adding interface: batadv_slave_0
[  175.482762][ T7326] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  175.509288][ T7326] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  175.568538][ T6892] 8021q: adding VLAN 0 to HW filter on device bond0
[  175.575844][ T7326] batman_adv: batadv0: Adding interface: batadv_slave_1
[  175.583223][ T7326] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  175.609985][ T7326] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  175.710071][ T7222] team0: Port device team_slave_0 added
[  175.716128][ T7464] chnl_net:caif_netlink_parms(): no params data found
[  175.784300][   T27] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  175.793950][   T27] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  175.808525][ T7222] team0: Port device team_slave_1 added
[  175.890975][ T7326] device hsr_slave_0 entered promiscuous mode
[  175.936938][ T7326] device hsr_slave_1 entered promiscuous mode
[  175.976494][ T7326] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  175.984086][ T7326] Cannot create hsr debugfs directory
[  176.004450][ T6892] 8021q: adding VLAN 0 to HW filter on device team0
[  176.016649][ T7222] batman_adv: batadv0: Adding interface: batadv_slave_0
[  176.023620][ T7222] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  176.049857][ T7222] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  176.062553][ T7222] batman_adv: batadv0: Adding interface: batadv_slave_1
[  176.070196][ T7222] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  176.096709][ T7222] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  176.220257][ T7222] device hsr_slave_0 entered promiscuous mode
[  176.266683][ T7222] device hsr_slave_1 entered promiscuous mode
[  176.316914][ T7222] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  176.324618][ T7222] Cannot create hsr debugfs directory
[  176.334650][ T7023] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  176.390254][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  176.400504][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  176.409764][ T2498] bridge0: port 1(bridge_slave_0) entered blocking state
[  176.417027][ T2498] bridge0: port 1(bridge_slave_0) entered forwarding state
[  176.425229][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  176.451251][ T7023] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  176.549434][ T7023] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  176.613806][ T7023] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  176.696086][ T7464] bridge0: port 1(bridge_slave_0) entered blocking state
[  176.704719][ T7464] bridge0: port 1(bridge_slave_0) entered disabled state
[  176.713293][ T7464] device bridge_slave_0 entered promiscuous mode
[  176.730364][ T7464] bridge0: port 2(bridge_slave_1) entered blocking state
[  176.737569][ T7464] bridge0: port 2(bridge_slave_1) entered disabled state
[  176.745501][ T7464] device bridge_slave_1 entered promiscuous mode
[  176.760098][ T2753] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  176.769339][ T2753] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  176.778534][ T2753] bridge0: port 2(bridge_slave_1) entered blocking state
[  176.785587][ T2753] bridge0: port 2(bridge_slave_1) entered forwarding state
[  176.833611][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  176.843746][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  176.896440][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  176.905438][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  176.914895][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  176.923969][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  176.939939][ T7464] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  176.954188][ T7464] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  177.007829][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  177.017189][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  177.025622][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  177.034848][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  177.044029][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  177.059446][ T7078] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  177.098816][ T7078] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  177.173170][ T7464] team0: Port device team_slave_0 added
[  177.181050][ T6892] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  177.211080][ T7078] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  177.271181][ T7464] team0: Port device team_slave_1 added
[  177.292837][ T7464] batman_adv: batadv0: Adding interface: batadv_slave_0
[  177.300773][ T7464] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  177.327323][ T7464] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  177.350560][ T7078] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  177.434783][ T7464] batman_adv: batadv0: Adding interface: batadv_slave_1
[  177.442185][ T7464] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  177.469121][ T7464] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  177.540382][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  177.547979][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  177.616928][ T7464] device hsr_slave_0 entered promiscuous mode
[  177.656962][ T7464] device hsr_slave_1 entered promiscuous mode
[  177.716503][ T7464] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  177.724087][ T7464] Cannot create hsr debugfs directory
[  177.730453][ T7326] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  177.801951][ T6892] 8021q: adding VLAN 0 to HW filter on device batadv0
[  177.822957][ T7326] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  177.869323][ T7326] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  177.967302][ T7326] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  178.130910][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  178.141627][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  178.153804][ T7222] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  178.210240][ T7222] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  178.263426][ T7023] 8021q: adding VLAN 0 to HW filter on device bond0
[  178.290885][ T7222] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  178.351738][ T7222] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  178.409267][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  178.417894][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  178.432857][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  178.441451][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  178.454407][ T6892] device veth0_vlan entered promiscuous mode
[  178.525600][ T6892] device veth1_vlan entered promiscuous mode
[  178.545897][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  178.563390][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  178.572670][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  178.625675][ T7023] 8021q: adding VLAN 0 to HW filter on device team0
[  178.664772][ T7464] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  178.707789][ T7078] 8021q: adding VLAN 0 to HW filter on device bond0
[  178.741812][   T27] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  178.750980][   T27] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  178.760262][   T27] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  178.769151][   T27] bridge0: port 1(bridge_slave_0) entered blocking state
[  178.776215][   T27] bridge0: port 1(bridge_slave_0) entered forwarding state
[  178.784710][ T7464] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  178.869642][ T7464] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  178.930859][ T7464] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  179.014587][   T27] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  179.023879][   T27] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  179.033442][   T27] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  179.043176][   T27] bridge0: port 2(bridge_slave_1) entered blocking state
[  179.050434][   T27] bridge0: port 2(bridge_slave_1) entered forwarding state
[  179.059636][   T27] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  179.068891][   T27] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  179.077896][   T27] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  179.086851][   T27] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  179.120965][ T6892] device veth0_macvtap entered promiscuous mode
[  179.132873][ T6892] device veth1_macvtap entered promiscuous mode
[  179.145431][ T2753] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  179.154757][ T2753] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  179.162925][ T2753] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  179.171188][ T2753] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  179.180918][ T2753] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  179.190538][ T2753] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  179.204338][ T7078] 8021q: adding VLAN 0 to HW filter on device team0
[  179.234818][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  179.244310][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  179.253556][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  179.263266][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  179.286606][   T27] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  179.295235][   T27] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  179.310337][   T27] bridge0: port 1(bridge_slave_0) entered blocking state
[  179.317482][   T27] bridge0: port 1(bridge_slave_0) entered forwarding state
[  179.325195][   T27] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  179.337677][   T27] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  179.351455][   T27] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  179.369583][ T7326] 8021q: adding VLAN 0 to HW filter on device bond0
[  179.382141][ T7023] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  179.397520][ T7222] 8021q: adding VLAN 0 to HW filter on device bond0
[  179.416770][ T2753] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  179.425407][ T2753] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  179.440897][ T2753] bridge0: port 2(bridge_slave_1) entered blocking state
[  179.448040][ T2753] bridge0: port 2(bridge_slave_1) entered forwarding state
[  179.471162][ T6892] batman_adv: batadv0: Interface activated: batadv_slave_0
[  179.498819][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  179.507848][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  179.515505][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  179.525216][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  179.534232][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  179.543592][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  179.552277][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  179.560577][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  179.573163][ T7326] 8021q: adding VLAN 0 to HW filter on device team0
[  179.592696][ T7222] 8021q: adding VLAN 0 to HW filter on device team0
[  179.610271][ T6892] batman_adv: batadv0: Interface activated: batadv_slave_1
[  179.622510][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  179.632145][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  179.641368][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  179.650387][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  179.659371][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  179.671341][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  179.680416][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  179.737213][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  179.745829][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  179.754946][ T2498] bridge0: port 1(bridge_slave_0) entered blocking state
[  179.762075][ T2498] bridge0: port 1(bridge_slave_0) entered forwarding state
[  179.771155][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  179.779964][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  179.788808][ T2498] bridge0: port 2(bridge_slave_1) entered blocking state
[  179.795985][ T2498] bridge0: port 2(bridge_slave_1) entered forwarding state
[  179.803798][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  179.812817][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  179.820495][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  179.828289][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  179.837314][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  179.846038][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  179.854718][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  179.863315][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  179.872676][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  179.880849][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  179.945461][ T7078] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  179.957485][ T7078] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  179.981735][ T7023] 8021q: adding VLAN 0 to HW filter on device batadv0
[  179.989430][ T2753] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  180.003494][ T2753] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  180.012373][ T2753] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  180.021834][ T2753] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  180.030485][ T2753] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  180.039658][ T2753] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  180.049075][ T2753] bridge0: port 1(bridge_slave_0) entered blocking state
[  180.056155][ T2753] bridge0: port 1(bridge_slave_0) entered forwarding state
[  180.064241][ T2753] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  180.073067][ T2753] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  180.082028][ T2753] bridge0: port 2(bridge_slave_1) entered blocking state
[  180.089285][ T2753] bridge0: port 2(bridge_slave_1) entered forwarding state
[  180.099184][ T2753] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  180.189004][ T7464] 8021q: adding VLAN 0 to HW filter on device bond0
[  180.249580][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  180.258532][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  180.273474][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  180.282213][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  180.294723][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  180.303812][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  180.319916][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  180.332658][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  180.391324][ T7326] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
20:32:37 executing program 0:
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, 0xffffffffffffffff)
perf_event_open(&(0x7f00000003c0)={0x2, 0x70, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$IPCTNL_MSG_CT_DELETE(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4000}, 0x1)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
socket$inet_icmp(0x2, 0x2, 0x1)
r1 = gettid()
clone(0x700a2100, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r1)
r2 = getpgid(0x0)
perf_event_open(0x0, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioprio_get$pid(0x1, r2)
wait4(0x0, 0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
fsetxattr(0xffffffffffffffff, &(0x7f0000000140)=ANY=[@ANYBLOB='hecurity'], 0x0, 0x0, 0x0)

[  180.476165][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  180.497378][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  180.504901][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  180.526951][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  180.552441][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  180.577831][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  180.587580][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  180.617429][    C1] hrtimer: interrupt took 46030 ns
[  180.659748][ T8152] ptrace attach of "/root/syz-executor.0"[8148] was attempted by "/root/syz-executor.0"[8152]
[  180.661508][ T7464] 8021q: adding VLAN 0 to HW filter on device team0
[  180.711528][ T7078] 8021q: adding VLAN 0 to HW filter on device batadv0
[  180.781166][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  180.797355][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  180.816374][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  180.831978][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  180.843013][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  180.843021][ T8150] IPVS: ftp: loaded support on port[0] = 21
[  180.865278][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  180.883475][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  180.892067][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  180.908234][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  180.923094][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  180.933197][   T17] bridge0: port 1(bridge_slave_0) entered blocking state
[  180.940357][   T17] bridge0: port 1(bridge_slave_0) entered forwarding state
[  180.964387][ T8148] IPVS: ftp: loaded support on port[0] = 21
[  181.058219][ T7222] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  181.072513][ T7023] device veth0_vlan entered promiscuous mode
[  181.106320][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  181.115220][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  181.133322][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  181.143909][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  181.160562][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  181.174340][   T17] bridge0: port 2(bridge_slave_1) entered blocking state
[  181.181501][   T17] bridge0: port 2(bridge_slave_1) entered forwarding state
[  181.197940][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  181.223735][ T7326] 8021q: adding VLAN 0 to HW filter on device batadv0
[  181.304351][ T7023] device veth1_vlan entered promiscuous mode
[  181.353932][ T2697] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  181.376948][ T2697] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  181.384393][ T2697] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  181.559267][ T2753] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  181.572272][ T2753] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  181.592690][ T2753] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  181.610780][ T2753] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  181.679910][ T7222] 8021q: adding VLAN 0 to HW filter on device batadv0
[  181.711194][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  181.778359][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  181.805467][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  181.834605][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  181.853994][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  181.864473][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  181.880910][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  181.911570][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  181.941085][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  181.996098][ T7023] device veth0_macvtap entered promiscuous mode
[  182.026736][ T2753] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  182.034988][ T2753] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  182.065857][ T2753] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  182.179691][ T7464] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  182.201922][ T7023] device veth1_macvtap entered promiscuous mode
[  182.226925][ T2753] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  182.307225][ T2753] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  182.326472][ T2753] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  182.355154][ T2753] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  182.393177][ T2753] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  182.422313][ T2753] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  182.511684][ T2753] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  182.579233][ T7078] device veth0_vlan entered promiscuous mode
[  182.617140][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  182.624964][ T2498] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  182.663202][ T7222] device veth0_vlan entered promiscuous mode
[  182.685772][ T7023] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[  182.747251][ T7023] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  182.772967][ T7023] batman_adv: batadv0: Interface activated: batadv_slave_0
[  182.795056][ T7326] device veth0_vlan entered promiscuous mode
[  182.854434][ T7222] device veth1_vlan entered promiscuous mode
[  182.884466][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  182.927164][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  182.934651][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  183.044876][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  183.054174][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  183.063046][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  183.072792][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  183.089749][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  183.102954][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  183.118527][ T7023] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
[  183.172191][ T7023] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  183.193436][ T7023] batman_adv: batadv0: Interface activated: batadv_slave_1
[  183.206056][ T7464] 8021q: adding VLAN 0 to HW filter on device batadv0
[  183.234269][ T7326] device veth1_vlan entered promiscuous mode
[  183.245682][ T7078] device veth1_vlan entered promiscuous mode
[  183.266851][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  183.275240][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  183.327880][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  183.335877][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  183.345535][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  183.354578][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  183.364157][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  183.373585][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  183.383521][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  183.564135][ T7222] device veth0_macvtap entered promiscuous mode
[  183.629442][ T2753] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  183.649558][ T2753] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  183.674060][ T7222] device veth1_macvtap entered promiscuous mode
[  183.914531][ T2510] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  183.947951][ T2510] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  183.956178][ T2510] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
20:32:40 executing program 1:
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ttyS3\x00', 0x0, 0x0)
ioctl$TCSBRKP(r0, 0x5425, 0x0)
ioctl$TCSBRKP(r0, 0x5425, 0x0)

[  184.060273][ T2510] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  184.198125][ T7078] device veth0_macvtap entered promiscuous mode
[  184.235029][ T7326] device veth0_macvtap entered promiscuous mode
[  184.264802][ T2510] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  184.329727][ T2510] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  184.359855][ T2510] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  184.371470][ T7222] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[  184.384253][ T7222] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  184.394792][ T7222] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[  184.406867][ T7222] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  184.421420][ T7222] batman_adv: batadv0: Interface activated: batadv_slave_0
[  184.434037][ T7326] device veth1_macvtap entered promiscuous mode
[  184.453520][ T2753] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  184.463846][ T2753] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  184.479695][ T2753] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
20:32:41 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="73797a30d01d3800000000ff0743a84659fba8b78f2fd1b89910c0fe018c"], 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = dup(r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x11c000})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  184.507932][ T2753] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  184.538967][ T7078] device veth1_macvtap entered promiscuous mode
[  184.589025][ T7222] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
[  184.638805][ T7222] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  184.686005][ T8176] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  184.702190][ T7222] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
[  184.788084][ T7222] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  184.858981][ T7222] batman_adv: batadv0: Interface activated: batadv_slave_1
[  184.926370][ T2510] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  184.977850][ T2510] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
20:32:42 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
semget$private(0x0, 0x0, 0x0)
r0 = syz_open_dev$ttys(0xc, 0x2, 0x0)
ioctl$TIOCSSOFTCAR(r0, 0x541a, &(0x7f0000000080))
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
getsockopt$IP_SET_OP_GET_BYNAME(0xffffffffffffffff, 0x1, 0x53, &(0x7f0000000000)={0x6, 0x7, 'syz2\x00'}, &(0x7f0000000040)=0x28)
ioctl$sock_SIOCSIFVLAN_GET_VLAN_REALDEV_NAME_CMD(r1, 0x8983, &(0x7f00000000c0)={0x8, 'bond_slave_1\x00', {'ip6tnl0\x00'}, 0x400})
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x4ca32, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000013c0)=ANY=[], 0x34}}, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
write$P9_RSETATTR(r2, &(0x7f0000000100)={0xffffffffffffff6c, 0x1b, 0x1}, 0xff6f)

[  185.097849][ T2510] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  185.106618][ T2510] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  185.192301][ T7078] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[  185.222291][ T7078] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  185.282794][ T7078] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[  185.342491][ T7078] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  185.373535][ T7078] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[  185.414951][ T7078] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  185.436499][ T7078] batman_adv: batadv0: Interface activated: batadv_slave_0
[  185.534533][ T7326] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[  185.559651][ T7326] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  185.575738][ T7326] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[  185.593792][ T7326] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  185.614083][ T7326] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[  185.633404][ T7326] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  185.650354][ T7326] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[  185.691381][ T7326] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  185.711831][ T7326] batman_adv: batadv0: Interface activated: batadv_slave_0
[  185.726354][ T2697] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
20:32:42 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f0000000040)='./bus\x00', 0x24)
sendmsg$IPVS_CMD_SET_SERVICE(0xffffffffffffffff, 0x0, 0x0)
ftruncate(r0, 0x800)
socket$netlink(0x10, 0x3, 0x4)
writev(0xffffffffffffffff, 0x0, 0x0)
socket$packet(0x11, 0x2, 0x300)
sendmsg$SMC_PNETID_GET(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040), 0xc, 0x0}, 0x0)
lseek(r0, 0x0, 0x2)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x8001)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000100)={0x0, 0x0, 0xdf52, 0x728df552})

[  185.754664][ T2697] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  185.782049][ T2697] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  185.808029][ T2697] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  185.829692][ T7078] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
[  185.861796][ T7078] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  185.911229][ T7078] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
[  185.949697][   T28] audit: type=1804 audit(1593203562.886:2): pid=8196 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir299703793/syzkaller.gDH6NJ/4/bus" dev="sda1" ino=15747 res=1
[  185.988777][ T7078] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  186.069899][ T7078] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
[  186.076020][   T28] audit: type=1804 audit(1593203562.946:3): pid=8196 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir299703793/syzkaller.gDH6NJ/4/bus" dev="sda1" ino=15747 res=1
[  186.143073][ T7078] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  186.213514][ T7078] batman_adv: batadv0: Interface activated: batadv_slave_1
[  186.384513][ T7326] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
[  186.428440][ T7326] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  186.497130][ T7326] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
[  186.572906][ T7326] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  186.653271][ T7326] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
[  186.675698][ T7326] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  186.685696][ T7326] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
[  186.696228][ T7326] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  186.787355][ T7326] batman_adv: batadv0: Interface activated: batadv_slave_1
[  186.794757][ T2697] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  186.819430][   T28] audit: type=1804 audit(1593203563.766:4): pid=8199 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir299703793/syzkaller.gDH6NJ/4/bus" dev="sda1" ino=15747 res=1
[  186.819646][ T2697] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  186.905858][ T2697] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  186.926233][   T28] audit: type=1804 audit(1593203563.796:5): pid=8200 uid=0 auid=0 ses=4 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir299703793/syzkaller.gDH6NJ/4/bus" dev="sda1" ino=15747 res=1
[  186.964099][ T2697] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
20:32:44 executing program 1:
r0 = socket$inet6(0xa, 0x80002, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x88880, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @dev}, 0x1c)
sendto$inet6(r0, &(0x7f00000009c0)="c7", 0x1, 0x0, 0x0, 0x0)

[  187.080114][ T7464] device veth0_vlan entered promiscuous mode
[  187.136965][   T27] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  187.145754][   T27] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  187.190839][ T8203] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based  firewall rule not found. Use the iptables CT target to attach helpers instead.
20:32:44 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000140)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0)
ioctl$VHOST_SET_FEATURES(0xffffffffffffffff, 0x4008af00, &(0x7f0000000080))
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
sendmsg$SEG6_CMD_DUMPHMAC(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f00000000c0), 0xc, 0x0}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000008}, 0xc, 0x0}, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x4, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x4cb]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x2, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, @perf_bp={&(0x7f00000001c0), 0xc}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  187.306959][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  187.315736][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
20:32:44 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)={0xe, 0x4, 0x4, 0x2001, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0x2e, 0x2e, 0x5f, 0x600005f, 0x2, 0x5f, 0x5f, 0x52, 0x5f, 0x5f, 0x5f]}, 0x40)
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0xaaaaaaaaaaaab70, &(0x7f0000000100)=[{&(0x7f00000000c0)="0a02014d3804000019000300e6007d006c00007a000000000100000001000000004000000040000080000000", 0x2c}], 0x4801, 0x0)

[  187.513180][ T7464] device veth1_vlan entered promiscuous mode
[  187.591956][ T8210] ------------[ cut here ]------------
[  187.597594][ T8210] kernel BUG at arch/x86/kvm/mmu/mmu.c:3719!
[  187.636455][ T8210] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[  187.642563][ T8210] CPU: 0 PID: 8210 Comm: syz-executor.3 Not tainted 5.7.0-rc7-next-20200529-syzkaller #0
[  187.652357][ T8210] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  187.662419][ T8210] RIP: 0010:kvm_mmu_load+0xbfa/0xe00
[  187.668049][ T8210] Code: ac 23 99 00 48 8b 44 24 08 e9 cf f5 ff ff e8 6d 23 99 00 e9 b7 f4 ff ff 4c 89 f7 e8 90 23 99 00 e9 78 f4 ff ff e8 56 1a 5a 00 <0f> 0b 48 89 df e8 7c 23 99 00 e9 7e f8 ff ff e8 72 23 99 00 e9 c4
[  187.687648][ T8210] RSP: 0018:ffffc900177efb30 EFLAGS: 00010216
[  187.693709][ T8210] RAX: 0000000000040000 RBX: 0000000000000000 RCX: ffffc9000fb91000
[  187.701677][ T8210] RDX: 0000000000008e8c RSI: ffffffff8118e14a RDI: 0000000000000001
[  187.709650][ T8210] RBP: ffff888062290040 R08: ffff8880634f2080 R09: ffffed1015cc719c
[  187.717621][ T8210] R10: ffff8880ae638cdb R11: ffffed1015cc719b R12: 0000000000000000
[  187.725590][ T8210] R13: 0000000000000001 R14: ffff888062290458 R15: 0000000000000000
[  187.733564][ T8210] FS:  00007f99e0166700(0000) GS:ffff8880ae600000(0000) knlGS:0000000000000000
[  187.742488][ T8210] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  187.749099][ T8210] CR2: 0000001b2ed25000 CR3: 000000008ccd9000 CR4: 00000000001426f0
[  187.757075][ T8210] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  187.765057][ T8210] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  187.773021][ T8210] Call Trace:
[  187.776318][ T8210]  ? lockdep_hardirqs_on_prepare+0x3a2/0x590
[  187.782300][ T8210]  kvm_arch_vcpu_ioctl_run+0x4016/0x68d0
[  187.787948][ T8210]  ? kvm_arch_vcpu_runnable+0x6c0/0x6c0
[  187.793496][ T8210]  ? lock_downgrade+0x840/0x840
[  187.798352][ T8210]  ? rcu_read_lock_held_common+0xa0/0xa0
[  187.799296][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  187.803996][ T8210]  ? check_preemption_disabled+0x38/0x220
[  187.817133][ T8210]  ? kvm_vcpu_ioctl+0x467/0xe10
[  187.821999][ T8210]  kvm_vcpu_ioctl+0x467/0xe10
[  187.826675][ T8210]  ? kvm_get_dirty_log_protect.isra.0+0x670/0x670
[  187.833084][ T8210]  ? ioctl_file_clone+0x180/0x180
[  187.836288][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  187.838103][ T8210]  ? check_preemption_disabled+0x38/0x220
[  187.838119][ T8210]  ? __fget_files+0x299/0x400
[  187.838136][ T8210]  ? kvm_get_dirty_log_protect.isra.0+0x670/0x670
[  187.838151][ T8210]  ksys_ioctl+0x11a/0x180
[  187.838165][ T8210]  __x64_sys_ioctl+0x6f/0xb0
[  187.838176][ T8210]  do_syscall_64+0x60/0xe0
[  187.838190][ T8210]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  187.838205][ T8210] RIP: 0033:0x45cb19
[  187.838220][ T8210] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  187.838226][ T8210] RSP: 002b:00007f99e0165c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  187.838237][ T8210] RAX: ffffffffffffffda RBX: 00000000004e8a00 RCX: 000000000045cb19
[  187.838244][ T8210] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  187.838251][ T8210] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
20:32:44 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000140)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xbf97}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x4, 0x0, 0x40000007, 0x0, 0x0, 0x0, 0x4cb]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
add_key(&(0x7f0000000100)='cifs.spnego\x00', 0x0, 0x0, 0x0, 0xffffffffffffffff)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='ns\x00')
ioctl$KVM_S390_VCPU_FAULT(0xffffffffffffffff, 0x4004ae52, &(0x7f00000000c0)=0x8)
perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x2, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, @perf_bp={0x0}, 0x41800, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

20:32:44 executing program 4:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)={0x48, 0x2, 0x6, 0x3, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_TYPENAME={0xd, 0x3, 'hash:net\x00'}]}, 0x48}, 0x13}, 0x0)

[  187.838257][ T8210] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
[  187.838263][ T8210] R13: 00000000000003d0 R14: 00000000004c68ae R15: 00007f99e01666d4
[  187.838271][ T8210] Modules linked in:
20:32:44 executing program 4:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)={0x48, 0x2, 0x6, 0x3, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_TYPENAME={0xd, 0x3, 'hash:net\x00'}]}, 0x48}, 0x13}, 0x0)

[  188.071451][ T8231] ------------[ cut here ]------------
[  188.076939][ T8231] kernel BUG at arch/x86/kvm/mmu/mmu.c:3719!
[  188.099197][ T8231] invalid opcode: 0000 [#2] PREEMPT SMP KASAN
[  188.105302][ T8231] CPU: 1 PID: 8231 Comm: syz-executor.2 Tainted: G      D           5.7.0-rc7-next-20200529-syzkaller #0
[  188.116487][ T8231] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  188.126549][ T8231] RIP: 0010:kvm_mmu_load+0xbfa/0xe00
[  188.131958][ T8231] Code: ac 23 99 00 48 8b 44 24 08 e9 cf f5 ff ff e8 6d 23 99 00 e9 b7 f4 ff ff 4c 89 f7 e8 90 23 99 00 e9 78 f4 ff ff e8 56 1a 5a 00 <0f> 0b 48 89 df e8 7c 23 99 00 e9 7e f8 ff ff e8 72 23 99 00 e9 c4
[  188.151648][ T8231] RSP: 0018:ffffc900178cfb30 EFLAGS: 00010212
[  188.157796][ T8231] RAX: 0000000000040000 RBX: 0000000000000000 RCX: ffffc9000db81000
[  188.165767][ T8231] RDX: 0000000000006b17 RSI: ffffffff8118e14a RDI: 0000000000000001
[  188.173731][ T8231] RBP: ffff88805dbc80c0 R08: ffff88805d972240 R09: fffffbfff155b432
[  188.181807][ T8231] R10: ffffffff8aada18f R11: fffffbfff155b431 R12: 0000000000000000
[  188.189776][ T8231] R13: 0000000000000001 R14: ffff88805dbc84d8 R15: 0000000000000000
[  188.197766][ T8231] FS:  00007f9e2329c700(0000) GS:ffff8880ae700000(0000) knlGS:0000000000000000
[  188.206691][ T8231] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  188.213296][ T8231] CR2: 0000001b33322000 CR3: 0000000099d87000 CR4: 00000000001426e0
[  188.221261][ T8231] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  188.229226][ T8231] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  188.237184][ T8231] Call Trace:
[  188.240478][ T8231]  kvm_arch_vcpu_ioctl_run+0x4016/0x68d0
[  188.246125][ T8231]  ? kvm_arch_vcpu_runnable+0x6c0/0x6c0
[  188.251667][ T8231]  ? lock_downgrade+0x840/0x840
[  188.256521][ T8231]  ? kvm_vcpu_ioctl+0x467/0xe10
[  188.261380][ T8231]  kvm_vcpu_ioctl+0x467/0xe10
[  188.266079][ T8231]  ? kvm_get_dirty_log_protect.isra.0+0x670/0x670
[  188.272489][ T8231]  ? ioctl_file_clone+0x180/0x180
[  188.277508][ T8231]  ? __might_fault+0x190/0x1d0
[  188.282280][ T8231]  ? _copy_to_user+0x126/0x160
[  188.287046][ T8231]  ? __fget_files+0x299/0x400
[  188.291726][ T8231]  ? kvm_get_dirty_log_protect.isra.0+0x670/0x670
[  188.298136][ T8231]  ksys_ioctl+0x11a/0x180
[  188.302475][ T8231]  __x64_sys_ioctl+0x6f/0xb0
[  188.307074][ T8231]  do_syscall_64+0x60/0xe0
[  188.311491][ T8231]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  188.317380][ T8231] RIP: 0033:0x45cb19
[  188.321277][ T8231] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  188.340892][ T8231] RSP: 002b:00007f9e2329bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  188.349489][ T8231] RAX: ffffffffffffffda RBX: 00000000004e8a00 RCX: 000000000045cb19
[  188.357461][ T8231] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  188.365424][ T8231] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000
[  188.373386][ T8231] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
[  188.381350][ T8231] R13: 00000000000003d0 R14: 00000000004c68ae R15: 00007f9e2329c6d4
[  188.389318][ T8231] Modules linked in:
[  188.499417][ T8210] ---[ end trace ec1b38d271e096fb ]---
[  188.504917][ T8210] RIP: 0010:kvm_mmu_load+0xbfa/0xe00
[  188.519169][ T8210] Code: ac 23 99 00 48 8b 44 24 08 e9 cf f5 ff ff e8 6d 23 99 00 e9 b7 f4 ff ff 4c 89 f7 e8 90 23 99 00 e9 78 f4 ff ff e8 56 1a 5a 00 <0f> 0b 48 89 df e8 7c 23 99 00 e9 7e f8 ff ff e8 72 23 99 00 e9 c4
[  188.566867][ T8210] RSP: 0018:ffffc900177efb30 EFLAGS: 00010216
[  188.572961][ T8210] RAX: 0000000000040000 RBX: 0000000000000000 RCX: ffffc9000fb91000
[  188.586909][ T2753] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  188.595320][ T2753] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  188.626972][ T8210] RDX: 0000000000008e8c RSI: ffffffff8118e14a RDI: 0000000000000001
[  188.637274][ T7464] device veth0_macvtap entered promiscuous mode
[  188.653254][ T8210] RBP: ffff888062290040 R08: ffff8880634f2080 R09: ffffed1015cc719c
[  188.666478][ T7464] device veth1_macvtap entered promiscuous mode
[  188.691874][ T8210] R10: ffff8880ae638cdb R11: ffffed1015cc719b R12: 0000000000000000
[  188.722853][ T7464] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[  188.727105][ T8210] R13: 0000000000000001 R14: ffff888062290458 R15: 0000000000000000
[  188.757921][ T7464] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  188.786654][ T8210] FS:  00007f99e0166700(0000) GS:ffff8880ae700000(0000) knlGS:0000000000000000
[  188.812658][ T7464] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[  188.822873][ T8210] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  188.849092][ T8210] CR2: 00007f9e23238db8 CR3: 000000008ccd9000 CR4: 00000000001426e0
[  188.853445][ T7464] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  188.880000][ T8210] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  188.888625][ T8210] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  188.896600][ T8210] Kernel panic - not syncing: Fatal exception
[  188.896698][ T7464] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[  188.904259][ T8210] Kernel Offset: disabled
[  188.918942][ T8210] Rebooting in 86400 seconds..