Warning: Permanently added '10.128.1.54' (ECDSA) to the list of known hosts.
2019/11/17 04:44:23 fuzzer started
2019/11/17 04:44:24 dialing manager at 10.128.0.26:44591
2019/11/17 04:44:24 syscalls: 2566
2019/11/17 04:44:24 code coverage: enabled
2019/11/17 04:44:24 comparison tracing: enabled
2019/11/17 04:44:24 extra coverage: enabled
2019/11/17 04:44:24 setuid sandbox: enabled
2019/11/17 04:44:24 namespace sandbox: enabled
2019/11/17 04:44:24 Android sandbox: /sys/fs/selinux/policy does not exist
2019/11/17 04:44:24 fault injection: enabled
2019/11/17 04:44:24 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2019/11/17 04:44:24 net packet injection: enabled
2019/11/17 04:44:24 net device setup: enabled
2019/11/17 04:44:24 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2019/11/17 04:44:24 devlink PCI setup: PCI device 0000:00:10.0 is not available
04:46:47 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$vfat(&(0x7f0000000140)='vfat\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)={[{@fat=@tz_utc='tz=UTC'}]})

syzkaller login: [  210.605414][ T8864] IPVS: ftp: loaded support on port[0] = 21
[  210.788538][ T8864] chnl_net:caif_netlink_parms(): no params data found
04:46:47 executing program 1:
syz_mount_image$vfat(&(0x7f0000000140)='vfat\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)={[{@fat=@allow_utime={'allow_utime', 0x3d, 0x100000005}}]})

[  210.829504][ T8864] bridge0: port 1(bridge_slave_0) entered blocking state
[  210.838657][ T8864] bridge0: port 1(bridge_slave_0) entered disabled state
[  210.847257][ T8864] device bridge_slave_0 entered promiscuous mode
[  210.858190][ T8864] bridge0: port 2(bridge_slave_1) entered blocking state
[  210.865346][ T8864] bridge0: port 2(bridge_slave_1) entered disabled state
[  210.873751][ T8864] device bridge_slave_1 entered promiscuous mode
[  210.901216][ T8864] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  210.912595][ T8864] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  210.940915][ T8864] team0: Port device team_slave_0 added
[  210.948747][ T8864] team0: Port device team_slave_1 added
[  211.010739][ T8864] device hsr_slave_0 entered promiscuous mode
[  211.077073][ T8864] device hsr_slave_1 entered promiscuous mode
04:46:47 executing program 2:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_emit_ethernet(0x7e, &(0x7f0000000080)={@local, @random="c8b703909a83", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x70, 0x0, 0x0, 0x0, 0x1, 0x0, @remote={0xac, 0x223}, @dev={0xac, 0x14, 0x14, 0x11}}, @icmp=@parameter_prob={0xb, 0x0, 0x0, 0x0, 0xfe, 0x0, {0x15, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x89, 0x0, @empty, @empty, {[@timestamp={0x44, 0x40, 0x0, 0x0, 0x0, [{}, {[@dev]}, {[@local]}, {[@initdev={0xac, 0x1e, 0x0, 0x0}]}, {}, {[@dev]}, {}, {}, {}, {[@empty]}]}]}}}}}}}, 0x0)

[  211.180471][ T8868] IPVS: ftp: loaded support on port[0] = 21
[  211.259164][ T8864] netdevsim netdevsim0 netdevsim0: renamed from eth0
04:46:48 executing program 3:
clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000280)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000080), 0x1c)
r1 = dup2(r0, r0)
setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0xfdf2)
setsockopt$inet_mreq(r1, 0x0, 0x23, 0x0, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/net/tun\x00', 0x0, 0x0)
ioctl$TUNSETVNETHDRSZ(r2, 0x400454d8, 0x0)

[  211.350686][ T8864] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  211.400645][ T8864] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  211.461203][ T8864] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  211.523758][ T8870] IPVS: ftp: loaded support on port[0] = 21
[  211.567174][ T8872] IPVS: ftp: loaded support on port[0] = 21
[  211.580828][ T8864] bridge0: port 2(bridge_slave_1) entered blocking state
[  211.588232][ T8864] bridge0: port 2(bridge_slave_1) entered forwarding state
[  211.596031][ T8864] bridge0: port 1(bridge_slave_0) entered blocking state
[  211.603171][ T8864] bridge0: port 1(bridge_slave_0) entered forwarding state
04:46:48 executing program 4:
ioctl$TUNSETTXFILTER(0xffffffffffffffff, 0x400454d1, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000240))
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0)
rename(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000440)='./file0\x00')
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xa000, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0)
prctl$PR_SET_MM_MAP_SIZE(0x23, 0xf, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = fcntl$dupfd(r1, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r3, 0x0, 0x0, 0x20000004, &(0x7f000031e000)={0xa, 0x4e22}, 0x1c)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r4, 0x80)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r5, 0x0, 0x0, 0x20000004, &(0x7f000031e000)={0xa, 0x4e22}, 0x1c)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r6, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r6, 0x80)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r7, 0x0, 0x0, 0x20000004, &(0x7f000031e000)={0xa, 0x4e22}, 0x1c)
setsockopt$IP6T_SO_SET_ADD_COUNTERS(r3, 0x29, 0x41, &(0x7f0000000680)=ANY=[@ANYPTR=&(0x7f00000008c0)=ANY=[@ANYBLOB="b8d38fa86e251a411288ecd93e22dba52e05893cfee411102815c4974883e68e3c0a0d95facf7f78194c16396313c6afacb9a01d04f1ae5c0419364d545c721af432e19a1fabac152198b7bc102ddc907de8529aa1c0d12026a885104e7b82f39e1f348673eaf6e5f4bf2324d5d9a277b49ea02c16e6f594539232857873a31ae36bb328659bb38488ac7a23e0ef8d", @ANYRES16, @ANYRES32=r4, @ANYRESOCT, @ANYRES64=r2, @ANYRESDEC=r7, @ANYRESHEX=r0], @ANYPTR, @ANYBLOB="c6be59f29bd61c7877ed1197bc9ada7716a12ef9efc92191aa0a513ff925166ff9866745305f702704dc91031c2f54e6cb7e2e5dee5f045b260aa28447a9124cde9500703582084e091049ddd47daae52f0cdf93382ce3a30333ba148a030382ab4fe5a5630e2e073acd4b1a38b3d3284d74665fbabd4e1581", @ANYRESDEC=r6, @ANYBLOB="4b16d9fff49888ae698e3ed88812d73ad7e9d10fffa38f628b6096649adb5762be191cd75a4334075b67f8d2a9f6e6db39a59360927b5df7992620ee24d53d581accb9c8c1aa9ad7bd449d75e02799befec2ed1107b2a1a756e2d87a47a84106b10f1bfbbc60e3899fa5ca77cc4bd60c0cd20573c4d051b3d407bec5a0e648521194693c144d1a40e31f42aceccd4c43a17f8188", @ANYRES64=r6], 0x6)

[  211.802531][ T8873] bridge0: port 1(bridge_slave_0) entered disabled state
[  211.817646][ T8873] bridge0: port 2(bridge_slave_1) entered disabled state
[  211.884493][ T8864] 8021q: adding VLAN 0 to HW filter on device bond0
[  211.913133][ T8868] chnl_net:caif_netlink_parms(): no params data found
[  211.973001][ T8876] IPVS: ftp: loaded support on port[0] = 21
[  211.979166][ T3108] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  211.990849][ T3108] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  212.006831][ T8864] 8021q: adding VLAN 0 to HW filter on device team0
04:46:48 executing program 5:
perf_event_open(&(0x7f0000000100)={0x2, 0x5f, 0x800000000000012, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_buf(r0, 0x6, 0xb, 0x0, &(0x7f0000000480))

[  212.052251][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  212.064215][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  212.073221][   T44] bridge0: port 1(bridge_slave_0) entered blocking state
[  212.080362][   T44] bridge0: port 1(bridge_slave_0) entered forwarding state
[  212.092433][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  212.102937][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  212.113647][   T44] bridge0: port 2(bridge_slave_1) entered blocking state
[  212.120791][   T44] bridge0: port 2(bridge_slave_1) entered forwarding state
[  212.192758][ T8872] chnl_net:caif_netlink_parms(): no params data found
[  212.210202][ T8868] bridge0: port 1(bridge_slave_0) entered blocking state
[  212.218953][ T8868] bridge0: port 1(bridge_slave_0) entered disabled state
[  212.226934][ T8868] device bridge_slave_0 entered promiscuous mode
[  212.236878][ T8870] chnl_net:caif_netlink_parms(): no params data found
[  212.260264][ T8868] bridge0: port 2(bridge_slave_1) entered blocking state
[  212.268268][ T8868] bridge0: port 2(bridge_slave_1) entered disabled state
[  212.275908][ T8868] device bridge_slave_1 entered promiscuous mode
[  212.292893][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  212.315015][ T8881] IPVS: ftp: loaded support on port[0] = 21
[  212.373324][ T8868] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  212.387770][ T8868] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  212.397531][ T8872] bridge0: port 1(bridge_slave_0) entered blocking state
[  212.404626][ T8872] bridge0: port 1(bridge_slave_0) entered disabled state
[  212.413145][ T8872] device bridge_slave_0 entered promiscuous mode
[  212.425690][ T8872] bridge0: port 2(bridge_slave_1) entered blocking state
[  212.432823][ T8872] bridge0: port 2(bridge_slave_1) entered disabled state
[  212.441118][ T8872] device bridge_slave_1 entered promiscuous mode
[  212.449676][ T8878] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  212.478207][ T8870] bridge0: port 1(bridge_slave_0) entered blocking state
[  212.485511][ T8870] bridge0: port 1(bridge_slave_0) entered disabled state
[  212.493343][ T8870] device bridge_slave_0 entered promiscuous mode
[  212.517820][ T8872] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  212.529019][ T8878] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  212.538087][ T8878] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  212.547063][ T8878] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  212.555719][ T8878] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  212.564331][ T8878] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  212.573127][ T8878] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  212.582581][ T8878] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  212.600384][ T8868] team0: Port device team_slave_0 added
[  212.609913][ T8864] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  212.621618][ T8864] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  212.629755][ T8870] bridge0: port 2(bridge_slave_1) entered blocking state
[  212.637272][ T8870] bridge0: port 2(bridge_slave_1) entered disabled state
[  212.644964][ T8870] device bridge_slave_1 entered promiscuous mode
[  212.653369][ T8872] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  212.678778][ T8866] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  212.687340][ T8866] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  212.697087][ T8868] team0: Port device team_slave_1 added
[  212.739093][ T8872] team0: Port device team_slave_0 added
[  212.780147][ T8868] device hsr_slave_0 entered promiscuous mode
[  212.836724][ T8868] device hsr_slave_1 entered promiscuous mode
[  212.876428][ T8868] debugfs: Directory 'hsr0' with parent '/' already present!
[  212.885963][ T8870] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  212.897199][ T8872] team0: Port device team_slave_1 added
[  212.904294][ T8870] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  212.953549][ T8866] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  212.962531][ T8866] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  212.998238][ T8864] 8021q: adding VLAN 0 to HW filter on device batadv0
[  213.011332][ T8876] chnl_net:caif_netlink_parms(): no params data found
[  213.032430][ T8870] team0: Port device team_slave_0 added
[  213.090541][ T8872] device hsr_slave_0 entered promiscuous mode
[  213.158232][ T8872] device hsr_slave_1 entered promiscuous mode
[  213.206565][ T8872] debugfs: Directory 'hsr0' with parent '/' already present!
[  213.230449][ T8870] team0: Port device team_slave_1 added
[  213.333290][ T8876] bridge0: port 1(bridge_slave_0) entered blocking state
[  213.341298][ T8876] bridge0: port 1(bridge_slave_0) entered disabled state
[  213.349579][ T8876] device bridge_slave_0 entered promiscuous mode
[  213.419580][ T8870] device hsr_slave_0 entered promiscuous mode
[  213.446622][ T8870] device hsr_slave_1 entered promiscuous mode
[  213.496879][ T8870] debugfs: Directory 'hsr0' with parent '/' already present!
[  213.514714][ T8876] bridge0: port 2(bridge_slave_1) entered blocking state
[  213.521938][ T8876] bridge0: port 2(bridge_slave_1) entered disabled state
[  213.529941][ T8876] device bridge_slave_1 entered promiscuous mode
[  213.537898][ T8868] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  213.590445][ T8868] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  213.625632][ T8888] FAT-fs (loop0): bogus number of reserved sectors
[  213.632900][ T8888] FAT-fs (loop0): Can't find a valid FAT filesystem
[  213.671587][ T8881] chnl_net:caif_netlink_parms(): no params data found
[  213.680302][ T8868] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  213.742488][ T8868] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  213.832842][ T8872] netdevsim netdevsim3 netdevsim0: renamed from eth0
04:46:50 executing program 0:

[  213.919819][ T8876] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  213.937222][ T8876] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
04:46:50 executing program 0:

04:46:50 executing program 0:

[  213.977161][ T8872] netdevsim netdevsim3 netdevsim1: renamed from eth1
04:46:50 executing program 0:

04:46:50 executing program 0:

[  214.098145][ T8876] team0: Port device team_slave_0 added
[  214.111154][ T8872] netdevsim netdevsim3 netdevsim2: renamed from eth2
04:46:50 executing program 0:

[  214.161425][ T8872] netdevsim netdevsim3 netdevsim3: renamed from eth3
04:46:51 executing program 0:

[  214.260021][ T8876] team0: Port device team_slave_1 added
[  214.265791][ T8870] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  214.356966][ T8870] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  214.418321][ T8881] bridge0: port 1(bridge_slave_0) entered blocking state
[  214.425412][ T8881] bridge0: port 1(bridge_slave_0) entered disabled state
[  214.434428][ T8881] device bridge_slave_0 entered promiscuous mode
[  214.444737][ T8881] bridge0: port 2(bridge_slave_1) entered blocking state
[  214.451907][ T8881] bridge0: port 2(bridge_slave_1) entered disabled state
[  214.460345][ T8881] device bridge_slave_1 entered promiscuous mode
[  214.518959][ T8876] device hsr_slave_0 entered promiscuous mode
[  214.566825][ T8876] device hsr_slave_1 entered promiscuous mode
[  214.606388][ T8876] debugfs: Directory 'hsr0' with parent '/' already present!
[  214.614052][ T8870] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  214.662998][ T8870] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  214.748952][ T8881] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  214.762824][ T8881] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  214.794263][ T8881] team0: Port device team_slave_0 added
[  214.803170][ T8881] team0: Port device team_slave_1 added
[  214.918413][ T8881] device hsr_slave_0 entered promiscuous mode
[  214.976648][ T8881] device hsr_slave_1 entered promiscuous mode
[  215.017051][ T8881] debugfs: Directory 'hsr0' with parent '/' already present!
[  215.027541][ T8868] 8021q: adding VLAN 0 to HW filter on device bond0
[  215.034644][ T8876] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  215.109327][ T8876] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  215.193040][ T8872] 8021q: adding VLAN 0 to HW filter on device bond0
[  215.204886][ T8876] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  215.267822][ T8866] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  215.275563][ T8866] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  215.286420][ T8881] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  215.329725][ T8876] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  215.393881][ T8868] 8021q: adding VLAN 0 to HW filter on device team0
[  215.402300][ T8881] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  215.430734][ T8881] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  215.499011][ T8881] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  215.564010][ T8866] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  215.572781][ T8866] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  215.584008][ T8866] bridge0: port 1(bridge_slave_0) entered blocking state
[  215.591184][ T8866] bridge0: port 1(bridge_slave_0) entered forwarding state
[  215.599288][ T8866] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  215.607237][ T8866] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  215.614929][ T8866] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  215.623636][ T8866] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  215.632148][ T8866] bridge0: port 2(bridge_slave_1) entered blocking state
[  215.639248][ T8866] bridge0: port 2(bridge_slave_1) entered forwarding state
[  215.651233][ T8872] 8021q: adding VLAN 0 to HW filter on device team0
[  215.669980][ T8873] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  215.678242][ T8873] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  215.687433][ T8873] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  215.696130][ T8873] bridge0: port 1(bridge_slave_0) entered blocking state
[  215.703224][ T8873] bridge0: port 1(bridge_slave_0) entered forwarding state
[  215.711931][ T8873] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  215.721070][ T8873] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  215.729624][ T8873] bridge0: port 2(bridge_slave_1) entered blocking state
[  215.736713][ T8873] bridge0: port 2(bridge_slave_1) entered forwarding state
[  215.744980][ T8873] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  215.770621][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  215.781160][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  215.790518][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  215.800197][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  215.808837][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  215.817402][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  215.826089][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  215.834585][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  215.846665][ T3108] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  215.875556][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  215.884448][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  215.893652][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  215.902431][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  215.910835][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  215.919818][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  215.930734][ T8872] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  215.943778][ T3108] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  215.963565][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  215.972608][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  216.005450][ T3108] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  216.013905][ T3108] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  216.022394][ T3108] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  216.030998][ T3108] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  216.042161][ T8868] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  216.064063][ T3108] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  216.073452][ T3108] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  216.088893][ T8872] 8021q: adding VLAN 0 to HW filter on device batadv0
[  216.111302][ T8870] 8021q: adding VLAN 0 to HW filter on device bond0
[  216.130175][ T8876] 8021q: adding VLAN 0 to HW filter on device bond0
[  216.154779][ T8868] 8021q: adding VLAN 0 to HW filter on device batadv0
[  216.171473][ T3108] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  216.179608][ T3108] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  216.195651][ T8870] 8021q: adding VLAN 0 to HW filter on device team0
[  216.209077][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  216.217563][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  216.225206][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  216.234027][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  216.243008][   T44] bridge0: port 1(bridge_slave_0) entered blocking state
[  216.250130][   T44] bridge0: port 1(bridge_slave_0) entered forwarding state
[  216.259450][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  216.275615][ T8881] 8021q: adding VLAN 0 to HW filter on device bond0
[  216.307837][ T8878] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  216.316171][ T8878] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  216.330870][ T8878] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  216.344612][ T8878] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  216.359518][ T8878] bridge0: port 2(bridge_slave_1) entered blocking state
[  216.366684][ T8878] bridge0: port 2(bridge_slave_1) entered forwarding state
[  216.382909][ T8881] 8021q: adding VLAN 0 to HW filter on device team0
[  216.405498][ T8878] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  216.414128][ T8878] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  216.424982][ T8878] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  216.433945][ T8878] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  216.443378][ T8878] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  216.457490][ T8878] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  216.471072][ T8878] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  216.480013][ T8878] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  216.495377][ T8878] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  216.508502][ T8876] 8021q: adding VLAN 0 to HW filter on device team0
[  216.526078][ T8873] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  216.540872][ T8873] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  216.552135][ T8873] bridge0: port 1(bridge_slave_0) entered blocking state
[  216.559276][ T8873] bridge0: port 1(bridge_slave_0) entered forwarding state
[  216.560578][ T8873] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  216.582735][ T8873] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  216.591671][ T8873] bridge0: port 1(bridge_slave_0) entered blocking state
[  216.598811][ T8873] bridge0: port 1(bridge_slave_0) entered forwarding state
04:46:53 executing program 0:

[  216.608034][ T8873] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  216.617462][ T8873] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  216.636392][ T8873] bridge0: port 2(bridge_slave_1) entered blocking state
[  216.643568][ T8873] bridge0: port 2(bridge_slave_1) entered forwarding state
[  216.662177][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  216.670294][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  216.706494][ T8878] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  216.732723][ T8870] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  216.761931][ T8870] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  216.793706][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  216.803518][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  216.823111][   T44] bridge0: port 2(bridge_slave_1) entered blocking state
[  216.830287][   T44] bridge0: port 2(bridge_slave_1) entered forwarding state
[  216.844310][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  216.863882][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  216.873138][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  216.881666][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  216.890379][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  216.899304][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  216.910177][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  216.919259][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  216.928449][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  216.958472][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  216.967371][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  216.975478][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  216.993102][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  217.009048][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  217.017968][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  217.026623][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  217.034905][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  217.043198][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  217.051689][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  217.060535][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  217.068964][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  217.078202][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  217.086821][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  217.095737][   T44] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  217.115006][ T8876] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  217.123001][ T8873] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  217.130642][ T8873] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  217.143188][ T8881] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  217.155199][ T8881] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  217.171139][ T8870] 8021q: adding VLAN 0 to HW filter on device batadv0
[  217.180775][ T8873] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  217.192319][ T8873] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  217.216080][ T8876] 8021q: adding VLAN 0 to HW filter on device batadv0
[  217.243366][ T8873] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  217.251783][ T8873] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  217.278571][ T8873] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  217.286045][ T8873] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  217.310083][ T8881] 8021q: adding VLAN 0 to HW filter on device batadv0
04:46:54 executing program 2:

04:46:54 executing program 1:

[  217.667576][    C0] hrtimer: interrupt took 50633 ns
04:46:54 executing program 4:
openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)
setxattr$security_ima(0x0, 0x0, 0x0, 0x0, 0x6ce7fa9d598140a3)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
r0 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c)
r1 = socket$inet_dccp(0x2, 0x6, 0x0)
listen(r0, 0x6)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
setsockopt(r1, 0x10d, 0x800000000d, &(0x7f00001c9fff)="03", 0x1)
connect$inet(r1, &(0x7f0000e5c000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x20}}, 0x10)
sendmmsg(r1, &(0x7f0000005700)=[{{&(0x7f0000003900)=@pptp, 0x80, &(0x7f0000003b80), 0x2f2, &(0x7f0000003bc0)}}], 0x3a6, 0x0)

04:46:54 executing program 0:

04:46:54 executing program 3:

04:46:54 executing program 1:

04:46:54 executing program 2:
geteuid()
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x41, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
getpid()
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
recvmmsg(r0, &(0x7f0000008880), 0x400000000000249, 0x44000102, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @mcast1}, 0x18)
pipe(&(0x7f00000003c0))
socket$vsock_stream(0x28, 0x1, 0x0)
syz_open_dev$sndseq(&(0x7f00000003c0)='/dev/snd/seq\x00', 0x0, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1b7}, &(0x7f0000000200), 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
clock_gettime(0x0, 0x0)

04:46:54 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x0, 0x2, 0x2}}, 0x10)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$tipc(r0, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x0, 0x1}}}, 0x10)
sendmsg$tipc(r0, &(0x7f0000000700)={&(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{0x0, 0x1}}}, 0x10, 0x0}, 0x0)

04:46:54 executing program 3:
r0 = socket$inet6(0xa, 0x803, 0xa5)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in=@loopback, @in6=@ipv4={[], [], @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x80000000000001}, {{@in6=@empty, 0x0, 0x3c}, 0x0, @in=@empty, 0x0, 0x1}}, 0xe8)
sendmmsg(r0, &(0x7f0000008440)=[{{0x0, 0x1aa, 0x0}}], 0x400000000000107, 0x0)

04:46:54 executing program 1:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
chroot(&(0x7f0000000140)='./file0/../file0\x00')

[  217.904773][ T8968] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based  firewall rule not found. Use the iptables CT target to attach helpers instead.
04:46:54 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="b7000000000000009f00000000000000670000000000000095000000000000009fc0231e423afe6d2fe4eee68ee5d0d1131a502fb09c4e754ef84f3c8894e33f7aaa63e97f3e2cd6f0c0c7a08c1523d66f815f58486c92eeb8a3f48cbd83b429ca23fd03af526f041813af27550122d1a5621402864c264643f640e8cbfe0fc7b9e9e2670efc150c2decf0350eb2d3363b24ea1cdffb7e19edda0103f67648b5d2b6d1a1e24586c424c280ed90e64ce49171b7aa410bce240371118d921678"], &(0x7f0000003ff6)='OPL\x00', 0x1, 0xff06, &(0x7f000000cf3d)=""/195}, 0x48)

04:46:54 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x0, 0x2, 0x2}}, 0x10)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$tipc(r0, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x0, 0x1}}}, 0x10)
sendmsg$tipc(r0, &(0x7f0000000700)={&(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{0x0, 0x1}}}, 0x10, 0x0}, 0x0)

[  218.086764][ T8981] BPF:hdr_len not found
04:46:54 executing program 3:
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
dup3(0xffffffffffffffff, r0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$IP_VS_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x481, 0x0, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000001000000000000040", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x48}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=ANY=[@ANYBLOB="740000002400070500"/20, @ANYRES32=r4, @ANYBLOB="00000000ffffffff00000000080001007166710048000229c6090032d0ed64f3c3545aaf6e000085a4e4ebb5ef670000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a010c3"], 0x74}}, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=@dellink={0x20, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r4}}, 0x20}}, 0x0)

04:46:54 executing program 1:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f0000000140)=[{0x200000000006, 0x0, 0x0, 0xfffffffb}]})
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
chdir(&(0x7f0000000340)='./file0\x00')

[  218.290753][ T8991] device bridge_slave_1 left promiscuous mode
[  218.305163][ T8991] bridge0: port 2(bridge_slave_1) entered disabled state
[  218.317065][   T26] kauditd_printk_skb: 3 callbacks suppressed
[  218.317078][   T26] audit: type=1326 audit(1573966015.081:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=8992 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45d47a code=0xffff0000
[  218.400057][ T8991] device bridge_slave_0 left promiscuous mode
[  218.407212][ T8991] bridge0: port 1(bridge_slave_0) entered disabled state
04:46:55 executing program 4:
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0}, 0x200000484, 0x80000000000003, 0xfffffbff, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

04:46:55 executing program 0:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mprotect(&(0x7f0000028000/0x2000)=nil, 0x2000, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000400)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, [], 0x0, 0x0}, 0x6}, 0x1c)
connect$inet6(0xffffffffffffffff, &(0x7f0000000400)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, [], 0x0, 0x0}, 0x6}, 0x1c)
r0 = syz_open_procfs(0x0, &(0x7f0000000440)='pagemap\x00')
sendfile(0xffffffffffffffff, r0, 0x0, 0xedc0)
r1 = syz_genetlink_get_family_id$nbd(&(0x7f0000000140)='nbd\x00')
sendmsg$NBD_CMD_STATUS(r0, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10000400}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, r1, 0x400, 0x70bd2c, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x40044}, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={[], [], @multicast1}}, 0x1c)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xedc0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = eventfd2(0x0, 0x0)
ioctl$KVM_IOEVENTFD(r4, 0x4040ae79, &(0x7f0000000080)={0x0, 0x0, 0x4, r5})
ioctl$KVM_IOEVENTFD(r4, 0x4040ae79, &(0x7f0000000100)={0x0, 0x0, 0x4, r5})
ioctl$EXT4_IOC_SETFLAGS(r4, 0x40086602, 0x0)

04:46:55 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x0, 0x2, 0x2}}, 0x10)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$tipc(r0, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x0, 0x1}}}, 0x10)
sendmsg$tipc(r0, &(0x7f0000000700)={&(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{0x0, 0x1}}}, 0x10, 0x0}, 0x0)

04:46:55 executing program 2:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000140)=[{0x200000000006, 0x0, 0x0, 0xfffffffb}]})
mincore(&(0x7f0000ffc000/0x2000)=nil, 0x2000, &(0x7f0000000180)=""/208)

[  218.801054][   T26] audit: type=1326 audit(1573966015.561:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=9000 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45d47a code=0xffff0000
04:46:55 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x0, 0x2, 0x2}}, 0x10)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bind$tipc(r0, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x0, 0x1}}}, 0x10)
sendmsg$tipc(r0, &(0x7f0000000700)={&(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{0x0, 0x1}}}, 0x10, 0x0}, 0x0)

04:46:55 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
request_key(&(0x7f0000000180)='dns_resolver\x00', &(0x7f0000000140)={'siz', 0x3}, 0x0, 0x0)

[  219.009483][ T9003] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  219.060700][   T26] audit: type=1326 audit(1573966015.821:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=8992 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45d47a code=0xffff0000
04:46:55 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x0, 0x2, 0x2}}, 0x10)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
sendmsg$tipc(r0, &(0x7f0000000700)={&(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{0x0, 0x1}}}, 0x10, 0x0}, 0x0)

04:46:55 executing program 4:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000400)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, [], 0x0, 0x0}, 0x6}, 0x1c)
connect$inet6(r1, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={[], [], @multicast1}}, 0x1c)
r2 = syz_open_procfs(0x0, &(0x7f0000000440)='pagemap\x00')
sendfile(r1, r2, 0x0, 0xedc0)
r3 = syz_genetlink_get_family_id$nbd(&(0x7f0000000140)='nbd\x00')
sendmsg$NBD_CMD_STATUS(r2, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10000400}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x20, r3, 0x400, 0x70bd2c, 0x25dfdbfc, {}, [@NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x9c}]}, 0x20}, 0x1, 0x0, 0x0, 0x40044}, 0x0)
connect$inet6(r0, &(0x7f0000000300)={0xa, 0x4e26, 0x0, @ipv4={[], [], @multicast1}}, 0x1c)
r4 = syz_open_procfs(0x0, &(0x7f0000000440)='pagemap\x00')
sendfile(r0, r4, 0x0, 0xedc0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = eventfd2(0x0, 0x0)
ioctl$KVM_IOEVENTFD(r7, 0x4040ae79, &(0x7f0000000080)={0x0, 0x0, 0x4, r8})
ioctl$KVM_IOEVENTFD(r7, 0x4040ae79, &(0x7f0000000100)={0x0, 0x0, 0x4, r8})
ioctl$EXT4_IOC_SETFLAGS(r7, 0x40086602, &(0x7f0000000040)=0x4000)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00017, 0x0, 0x0, 0x0, 0x10000000002)

04:46:55 executing program 1:
syz_emit_ethernet(0x4e, &(0x7f00000001c0)={@random="e7792b82ffb1", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "eefeff", 0x18, 0x4, 0x0, @local, @mcast2, {[], @icmpv6=@mld={0x0, 0x0, 0x0, 0x0, 0x0, @local={0xfe, 0x80, [], 0xffffffff0a000000}}}}}}}, 0x0)

04:46:56 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x0, 0x2, 0x2}}, 0x10)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
sendmsg$tipc(r0, &(0x7f0000000700)={&(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{0x0, 0x1}}}, 0x10, 0x0}, 0x0)

04:46:56 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x0, 0x2, 0x2}}, 0x10)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
sendmsg$tipc(r0, &(0x7f0000000700)={&(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{0x0, 0x1}}}, 0x10, 0x0}, 0x0)

04:46:56 executing program 3:
r0 = memfd_create(&(0x7f0000000100)='#\'%nodev\x00', 0x0)
write(r0, &(0x7f0000002000)='/', 0x1)
sendfile(r0, r0, &(0x7f0000000200), 0x87)
sendfile(r0, r0, &(0x7f00000001c0), 0xfec)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x4, 0x11, r0, 0x0)
mount(&(0x7f0000000080), &(0x7f0000000080)='.', 0x0, 0x0, 0x0)

04:46:56 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cgroup.controllers\x00', 0x0, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5)
clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
setsockopt$inet6_buf(r0, 0x29, 0x22, &(0x7f0000000000), 0xd4)
ptrace$setopts(0x4206, r1, 0x0, 0x0)
tkill(0x0, 0x2f)
fcntl$setstatus(r0, 0x4, 0x80000000002c00)

[  219.608252][   T26] audit: type=1326 audit(1573966016.371:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=9000 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45d47a code=0xffff0000
04:46:56 executing program 0:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000140)=[{0x200000000006, 0x0, 0x0, 0xfffffffb}]})
shmat(0x0, &(0x7f0000fed000/0x1000)=nil, 0x6ffd)

04:46:56 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x0, 0x8000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x3, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r1 = open(&(0x7f0000000440)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x2007fff)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000240), &(0x7f0000000280)=0x5)
dup3(r1, r0, 0x0)
fcntl$setstatus(r0, 0x4, 0x44000)
io_setup(0x8, &(0x7f0000000200)=<r2=>0x0)
io_submit(r2, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000000), 0x200a00}])

04:46:56 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x0, 0x2, 0x2}}, 0x10)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
fcntl$dupfd(r1, 0x0, r1)
bind$tipc(r0, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x0, 0x1}}}, 0x10)
sendmsg$tipc(r0, &(0x7f0000000700)={&(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{0x0, 0x1}}}, 0x10, 0x0}, 0x0)

04:46:56 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x0, 0x2, 0x2}}, 0x10)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
fcntl$dupfd(r1, 0x0, r1)
bind$tipc(r0, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x0, 0x1}}}, 0x10)
sendmsg$tipc(r0, &(0x7f0000000700)={&(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{0x0, 0x1}}}, 0x10, 0x0}, 0x0)

04:46:56 executing program 3:
open(&(0x7f00000009c0)='./bus\x00', 0x141042, 0x0)
creat(&(0x7f00000002c0)='./bus\x00', 0x0)

04:46:56 executing program 4:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000140)=[{0x200000000006, 0x0, 0x0, 0xfffffffb}]})
umount2(0x0, 0x0)

[  219.903756][   T26] audit: type=1326 audit(1573966016.661:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=9063 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45d47a code=0xffff0000
04:46:56 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x0, 0x2, 0x2}}, 0x10)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
fcntl$dupfd(r1, 0x0, r1)
bind$tipc(r0, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x0, 0x1}}}, 0x10)
sendmsg$tipc(r0, &(0x7f0000000700)={&(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{0x0, 0x1}}}, 0x10, 0x0}, 0x0)

04:46:56 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bridge={{0xc, 0x1, 'bridge\x00'}, {0xc, 0x2, [@IFLA_BR_STP_STATE={0x8, 0x2}]}}}]}, 0x3c}}, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r2, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)

[  220.056384][   T26] audit: type=1326 audit(1573966016.791:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=9070 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45d47a code=0xffff0000
04:46:56 executing program 3:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f0000000140)=[{0x200000000006, 0x0, 0x0, 0xfffffffb}]})
timerfd_create(0x0, 0x0)

04:46:57 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x0, 0x2, 0x2}}, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
bind$tipc(r0, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x0, 0x1}}}, 0x10)
sendmsg$tipc(r0, &(0x7f0000000700)={&(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{0x0, 0x1}}}, 0x10, 0x0}, 0x0)

[  220.203537][   T26] audit: type=1326 audit(1573966016.961:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=9083 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45d47a code=0xffff0000
04:46:57 executing program 1:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000140)=[{0x200000000006, 0x0, 0x0, 0xfffffffb}]})
getrusage(0x0, &(0x7f0000000180))

04:46:57 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x0, 0x2, 0x2}}, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
bind$tipc(r0, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x0, 0x1}}}, 0x10)
sendmsg$tipc(r0, &(0x7f0000000700)={&(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{0x0, 0x1}}}, 0x10, 0x0}, 0x0)

[  220.413367][   T26] audit: type=1326 audit(1573966017.171:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=9093 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45d47a code=0xffff0000
[  220.693567][   T26] audit: type=1326 audit(1573966017.451:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=9063 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45d47a code=0xffff0000
04:46:57 executing program 0:
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000fc9000)='/dev/sequencer2\x00', 0x0, 0x0)
ioctl$KDGKBLED(r0, 0xc0045405, &(0x7f00000009c0))

04:46:57 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x0, 0x2, 0x2}}, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
bind$tipc(r0, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x0, 0x1}}}, 0x10)
sendmsg$tipc(r0, &(0x7f0000000700)={&(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{0x0, 0x1}}}, 0x10, 0x0}, 0x0)

04:46:57 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x0, 0x2, 0x2}}, 0x10)
r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
bind$tipc(r0, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x0, 0x1}}}, 0x10)
sendmsg$tipc(r0, &(0x7f0000000700)={&(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{0x0, 0x1}}}, 0x10, 0x0}, 0x0)

04:46:57 executing program 0:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000140)=[{0x200000000006, 0x0, 0x0, 0xfffffffb}]})
select(0x40, &(0x7f00000002c0)={0x1}, 0x0, 0x0, 0x0)

04:46:57 executing program 2:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000140)=[{0x200000000006, 0x0, 0x0, 0xfffffffb}]})
iopl(0x3)

[  220.846420][   T26] audit: type=1326 audit(1573966017.601:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=9070 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45d47a code=0xffff0000
04:46:57 executing program 4:
geteuid()
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x41, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff}, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x10, 0xffffffffffffffff, 0x0)
write$P9_RXATTRCREATE(0xffffffffffffffff, &(0x7f0000000000)={0x7}, 0x7)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000100)={0x0, 0x0, <r2=>0x0}, &(0x7f0000000180)=0xc)
bind$inet6(r1, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x44000102, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x0, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @mcast1}, 0x18)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
socket$vsock_stream(0x28, 0x1, 0x0)
ioctl$KVM_SET_XCRS(0xffffffffffffffff, 0x4188aea7, 0x0)
syz_open_dev$sndseq(0x0, 0x0, 0x0)
fcntl$setpipe(r4, 0x407, 0x0)
write(r4, &(0x7f0000000340), 0x41395527)
syz_open_procfs(0x0, &(0x7f0000000440)='pagemap\x00')
clock_gettime(0x0, &(0x7f0000000380)={0x0, <r5=>0x0})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1b7}, &(0x7f0000000200)={0x0, r5+30000000}, 0x0)
setfsgid(r2)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
clock_gettime(0x5, &(0x7f00000001c0))

04:46:57 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x0, 0x2, 0x2}}, 0x10)
r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
bind$tipc(r0, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x0, 0x1}}}, 0x10)
sendmsg$tipc(r0, &(0x7f0000000700)={&(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{0x0, 0x1}}}, 0x10, 0x0}, 0x0)

[  221.073474][ T9125] kasan: CONFIG_KASAN_INLINE enabled
[  221.079250][ T9125] kasan: GPF could be caused by NULL-ptr deref or user memory access
[  221.087323][ T9125] general protection fault: 0000 [#1] PREEMPT SMP KASAN
[  221.094249][ T9125] CPU: 1 PID: 9125 Comm: syz-executor.2 Not tainted 5.4.0-rc7-next-20191115 #0
[  221.103604][ T9125] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  221.106385][ T4004] kobject: 'loop3' (0000000033fcaf26): kobject_uevent_env
[  221.113687][ T9125] RIP: 0010:tss_update_io_bitmap+0x138/0x590
[  221.121455][ T9124] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based  firewall rule not found. Use the iptables CT target to attach helpers instead.
[  221.126748][ T9125] Code: 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 9e 03 00 00 4c 89 ea 4c 8b 73 68 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 <80> 3c 02 00 0f 85 72 03 00 00 4d 3b 75 00 0f 85 35 02 00 00 48 8d
[  221.126754][ T9125] RSP: 0018:ffff888058d2fe80 EFLAGS: 00010046
[  221.126765][ T9125] RAX: dffffc0000000000 RBX: ffff8880ae90a000 RCX: ffffffff812a12e8
[  221.126772][ T9125] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffff8880ae90a068
[  221.126780][ T9125] RBP: ffff888058d2ff10 R08: 1ffff110143be4a8 R09: ffffed10143be4a9
[  221.126787][ T9125] R10: ffffed10143be4a8 R11: ffff8880a1df2547 R12: 1ffff1100b1a5fd2
[  221.126793][ T9125] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  221.126803][ T9125] FS:  00007f857c65f700(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000
[  221.126810][ T9125] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  221.126816][ T9125] CR2: 000000000075c000 CR3: 00000000a8b54000 CR4: 00000000001406e0
[  221.126832][ T9125] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  221.157500][ T4004] kobject: 'loop3' (0000000033fcaf26): fill_kobj_path: path = '/devices/virtual/block/loop3'
[  221.164635][ T9125] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  221.164641][ T9125] Call Trace:
[  221.164667][ T9125]  ? set_tsc_mode+0x330/0x330
[  221.164689][ T9125]  ? lockdown_is_locked_down+0x42/0xb4
[  221.273441][ T9125]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  221.279499][ T9125]  ? trace_hardirqs_off+0x62/0x240
[  221.284592][ T9125]  ? task_update_io_bitmap+0x78/0xe0
[  221.289862][ T9125]  do_syscall_64+0x685/0x790
[  221.294448][ T9125]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  221.300318][ T9125] RIP: 0033:0x45a639
[  221.304199][ T9125] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  221.323786][ T9125] RSP: 002b:00007f857c65ec78 EFLAGS: 00000246 ORIG_RAX: 00000000000000ac
[  221.332191][ T9125] RAX: 0000000000000000 RBX: 0000000000000001 RCX: 000000000045a639
[  221.340430][ T9125] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  221.348507][ T9125] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  221.356468][ T9125] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f857c65f6d4
[  221.364428][ T9125] R13: 00000000004c6c26 R14: 00000000004dc060 R15: 00000000ffffffff
[  221.373965][ T9125] Modules linked in:
[  221.377855][ T9125] ---[ end trace 1bec4d69d117d7b3 ]---
[  221.383310][ T9125] RIP: 0010:tss_update_io_bitmap+0x138/0x590
[  221.389275][ T9125] Code: 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 9e 03 00 00 4c 89 ea 4c 8b 73 68 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 <80> 3c 02 00 0f 85 72 03 00 00 4d 3b 75 00 0f 85 35 02 00 00 48 8d
[  221.408886][ T9125] RSP: 0018:ffff888058d2fe80 EFLAGS: 00010046
[  221.414937][ T9125] RAX: dffffc0000000000 RBX: ffff8880ae90a000 RCX: ffffffff812a12e8
[  221.422891][ T9125] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffff8880ae90a068
[  221.430857][ T9125] RBP: ffff888058d2ff10 R08: 1ffff110143be4a8 R09: ffffed10143be4a9
[  221.438809][ T9125] R10: ffffed10143be4a8 R11: ffff8880a1df2547 R12: 1ffff1100b1a5fd2
[  221.446851][ T9125] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  221.454806][ T9125] FS:  00007f857c65f700(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000
[  221.463728][ T9125] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  221.470294][ T9125] CR2: 000000000075c000 CR3: 00000000a8b54000 CR4: 00000000001406e0
[  221.478265][ T9125] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  221.486219][ T9125] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  221.494192][ T9125] Kernel panic - not syncing: Fatal exception
[  221.501663][ T9125] Kernel Offset: disabled
[  221.505998][ T9125] Rebooting in 86400 seconds..