[   39.656233][   T27] audit: type=1800 audit(1556692338.100:25): pid=7768 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[   39.695000][   T27] audit: type=1800 audit(1556692338.110:26): pid=7768 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[   39.718671][   T27] audit: type=1800 audit(1556692338.110:27): pid=7768 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[   39.739223][   T27] audit: type=1800 audit(1556692338.110:28): pid=7768 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="ssh" dev="sda1" ino=2417 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.10.30' (ECDSA) to the list of known hosts.
2019/05/01 06:32:27 fuzzer started
2019/05/01 06:32:30 dialing manager at 10.128.0.26:34869
2019/05/01 06:32:30 syscalls: 2440
2019/05/01 06:32:30 code coverage: enabled
2019/05/01 06:32:30 comparison tracing: enabled
2019/05/01 06:32:30 extra coverage: extra coverage is not supported by the kernel
2019/05/01 06:32:30 setuid sandbox: enabled
2019/05/01 06:32:30 namespace sandbox: enabled
2019/05/01 06:32:30 Android sandbox: /sys/fs/selinux/policy does not exist
2019/05/01 06:32:30 fault injection: enabled
2019/05/01 06:32:30 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2019/05/01 06:32:30 net packet injection: enabled
2019/05/01 06:32:30 net device setup: enabled
06:34:05 executing program 0:
r0 = socket$inet(0x2, 0x3, 0x2)
sendmmsg(r0, &(0x7f00000038c0)=[{{&(0x7f0000000040)=@nl=@unspec, 0x80, &(0x7f0000000100), 0x0, &(0x7f0000000380)}}, {{&(0x7f0000000400)=@in={0x2, 0x0, @local}, 0x80, &(0x7f0000000240), 0x0, &(0x7f0000000480), 0x1400}}], 0x2, 0x0)

syzkaller login: [  146.790250][ T7932] IPVS: ftp: loaded support on port[0] = 21
06:34:05 executing program 1:
r0 = syz_open_dev$dri(&(0x7f00000003c0)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r0, 0xc00c642e, &(0x7f0000000040))

[  146.949765][ T7932] chnl_net:caif_netlink_parms(): no params data found
[  147.004898][ T7932] bridge0: port 1(bridge_slave_0) entered blocking state
[  147.028629][ T7932] bridge0: port 1(bridge_slave_0) entered disabled state
[  147.036998][ T7932] device bridge_slave_0 entered promiscuous mode
[  147.061466][ T7932] bridge0: port 2(bridge_slave_1) entered blocking state
[  147.069751][ T7932] bridge0: port 2(bridge_slave_1) entered disabled state
[  147.077856][ T7932] device bridge_slave_1 entered promiscuous mode
[  147.104262][ T7932] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  147.106514][ T7935] IPVS: ftp: loaded support on port[0] = 21
[  147.123946][ T7932] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  147.154817][ T7932] team0: Port device team_slave_0 added
[  147.167082][ T7932] team0: Port device team_slave_1 added
06:34:05 executing program 2:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x3)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0)

[  147.253234][ T7932] device hsr_slave_0 entered promiscuous mode
[  147.318876][ T7932] device hsr_slave_1 entered promiscuous mode
06:34:05 executing program 3:
r0 = open(&(0x7f00009e1000)='./file0\x00', 0x8040, 0x0)
fcntl$setlease(r0, 0x400, 0x0)
rt_sigprocmask(0x0, &(0x7f0000032ff8)={0xfffffffffffffffe}, 0x0, 0x8)
rt_sigtimedwait(&(0x7f00005a1000)={0xffffffffffeffffd}, 0x0, 0x0, 0x8)
truncate(&(0x7f0000000080)='./file0\x00', 0x0)

[  147.401789][ T7937] IPVS: ftp: loaded support on port[0] = 21
[  147.450504][ T7932] bridge0: port 2(bridge_slave_1) entered blocking state
[  147.457703][ T7932] bridge0: port 2(bridge_slave_1) entered forwarding state
[  147.465485][ T7932] bridge0: port 1(bridge_slave_0) entered blocking state
[  147.472605][ T7932] bridge0: port 1(bridge_slave_0) entered forwarding state
06:34:06 executing program 4:
r0 = open(&(0x7f00009e1000)='./file0\x00', 0x8040, 0x0)
fcntl$setlease(r0, 0x400, 0x0)
rt_sigprocmask(0x0, &(0x7f0000032ff8)={0xfffffffffffffffe}, 0x0, 0x8)
rt_sigtimedwait(&(0x7f00005a1000)={0xffffffffffeffffd}, 0x0, 0x0, 0x8)
truncate(&(0x7f0000000080)='./file0\x00', 0x0)
fcntl$setlease(r0, 0x400, 0x2)

[  147.675573][ T7940] IPVS: ftp: loaded support on port[0] = 21
[  147.694152][ T7935] chnl_net:caif_netlink_parms(): no params data found
[  147.721955][ T7932] 8021q: adding VLAN 0 to HW filter on device bond0
[  147.768945][ T2989] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  147.784212][ T2989] bridge0: port 1(bridge_slave_0) entered disabled state
[  147.802852][ T2989] bridge0: port 2(bridge_slave_1) entered disabled state
[  147.812226][ T2989] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[  147.847769][ T7932] 8021q: adding VLAN 0 to HW filter on device team0
[  147.881895][ T7942] IPVS: ftp: loaded support on port[0] = 21
[  147.930467][ T7935] bridge0: port 1(bridge_slave_0) entered blocking state
[  147.937551][ T7935] bridge0: port 1(bridge_slave_0) entered disabled state
[  147.949687][ T7935] device bridge_slave_0 entered promiscuous mode
06:34:06 executing program 5:
r0 = signalfd4(0xffffffffffffffff, &(0x7f0000000ff8), 0x8, 0x0)
poll(&(0x7f0000000140)=[{r0}], 0x1, 0x0)

[  147.983514][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  147.993397][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  148.002256][   T22] bridge0: port 1(bridge_slave_0) entered blocking state
[  148.009373][   T22] bridge0: port 1(bridge_slave_0) entered forwarding state
[  148.021147][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  148.033050][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  148.042803][   T22] bridge0: port 2(bridge_slave_1) entered blocking state
[  148.049921][   T22] bridge0: port 2(bridge_slave_1) entered forwarding state
[  148.058009][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  148.069425][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  148.078316][ T7935] bridge0: port 2(bridge_slave_1) entered blocking state
[  148.089096][ T7935] bridge0: port 2(bridge_slave_1) entered disabled state
[  148.098361][ T7935] device bridge_slave_1 entered promiscuous mode
[  148.122681][ T7937] chnl_net:caif_netlink_parms(): no params data found
[  148.138067][ T3483] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  148.147020][ T3483] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  148.165642][ T7949] IPVS: ftp: loaded support on port[0] = 21
[  148.194431][ T3483] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  148.202249][ T3483] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  148.211118][ T3483] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  148.230785][ T7935] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  148.241225][ T7935] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  148.266374][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  148.274640][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  148.283865][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  148.292293][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  148.323647][ T7935] team0: Port device team_slave_0 added
[  148.331953][ T7935] team0: Port device team_slave_1 added
[  148.339661][ T7932] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  148.363622][ T7937] bridge0: port 1(bridge_slave_0) entered blocking state
[  148.370960][ T7937] bridge0: port 1(bridge_slave_0) entered disabled state
[  148.378973][ T7937] device bridge_slave_0 entered promiscuous mode
[  148.406795][ T7937] bridge0: port 2(bridge_slave_1) entered blocking state
[  148.423779][ T7937] bridge0: port 2(bridge_slave_1) entered disabled state
[  148.432083][ T7937] device bridge_slave_1 entered promiscuous mode
[  148.458409][ T7937] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  148.501581][ T7937] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  148.571892][ T7935] device hsr_slave_0 entered promiscuous mode
[  148.608871][ T7935] device hsr_slave_1 entered promiscuous mode
[  148.699559][ T7937] team0: Port device team_slave_0 added
[  148.709539][ T7937] team0: Port device team_slave_1 added
[  148.736293][ T7940] chnl_net:caif_netlink_parms(): no params data found
[  148.821660][ T7937] device hsr_slave_0 entered promiscuous mode
[  148.858893][ T7937] device hsr_slave_1 entered promiscuous mode
[  148.912567][ T7942] chnl_net:caif_netlink_parms(): no params data found
[  148.931551][ T7932] 8021q: adding VLAN 0 to HW filter on device batadv0
[  148.982710][ T7940] bridge0: port 1(bridge_slave_0) entered blocking state
[  148.991436][ T7940] bridge0: port 1(bridge_slave_0) entered disabled state
[  149.003233][ T7940] device bridge_slave_0 entered promiscuous mode
[  149.016097][ T7940] bridge0: port 2(bridge_slave_1) entered blocking state
[  149.023389][ T7940] bridge0: port 2(bridge_slave_1) entered disabled state
[  149.031449][ T7940] device bridge_slave_1 entered promiscuous mode
[  149.062958][ T7942] bridge0: port 1(bridge_slave_0) entered blocking state
[  149.070632][ T7942] bridge0: port 1(bridge_slave_0) entered disabled state
[  149.079127][ T7942] device bridge_slave_0 entered promiscuous mode
[  149.086607][ T7942] bridge0: port 2(bridge_slave_1) entered blocking state
[  149.093797][ T7942] bridge0: port 2(bridge_slave_1) entered disabled state
[  149.101923][ T7942] device bridge_slave_1 entered promiscuous mode
[  149.128286][ T7940] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  149.200919][ T7940] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  149.237765][ T7949] chnl_net:caif_netlink_parms(): no params data found
06:34:07 executing program 0:
r0 = socket$inet(0x2, 0x3, 0x2)
sendmmsg(r0, &(0x7f00000038c0)=[{{&(0x7f0000000040)=@nl=@unspec, 0x80, &(0x7f0000000100), 0x0, &(0x7f0000000380)}}, {{&(0x7f0000000400)=@in={0x2, 0x0, @local}, 0x80, &(0x7f0000000240), 0x0, &(0x7f0000000480), 0x1400}}], 0x2, 0x0)

[  149.251102][ T7959] raw_sendmsg: syz-executor.0 forgot to set AF_INET. Fix it!
[  149.272898][ T7942] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  149.291986][ T7942] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  149.363739][ T7949] bridge0: port 1(bridge_slave_0) entered blocking state
[  149.372036][ T7949] bridge0: port 1(bridge_slave_0) entered disabled state
[  149.380092][ T7949] device bridge_slave_0 entered promiscuous mode
[  149.397606][ T7940] team0: Port device team_slave_0 added
06:34:07 executing program 0:
r0 = socket$inet(0x2, 0x3, 0x2)
sendmmsg(r0, &(0x7f00000038c0)=[{{&(0x7f0000000040)=@nl=@unspec, 0x80, &(0x7f0000000100), 0x0, &(0x7f0000000380)}}, {{&(0x7f0000000400)=@in={0x2, 0x0, @local}, 0x80, &(0x7f0000000240), 0x0, &(0x7f0000000480), 0x1400}}], 0x2, 0x0)

06:34:07 executing program 0:
r0 = socket$inet(0x2, 0x3, 0x2)
sendmmsg(r0, &(0x7f00000038c0)=[{{&(0x7f0000000040)=@nl=@unspec, 0x80, &(0x7f0000000100), 0x0, &(0x7f0000000380)}}, {{&(0x7f0000000400)=@in={0x2, 0x0, @local}, 0x80, &(0x7f0000000240), 0x0, &(0x7f0000000480), 0x1400}}], 0x2, 0x0)

[  149.408915][ T7940] team0: Port device team_slave_1 added
[  149.428059][ T7949] bridge0: port 2(bridge_slave_1) entered blocking state
[  149.439059][ T7949] bridge0: port 2(bridge_slave_1) entered disabled state
[  149.455067][ T7949] device bridge_slave_1 entered promiscuous mode
06:34:08 executing program 0:
sendmmsg(0xffffffffffffffff, &(0x7f00000038c0)=[{{&(0x7f0000000040)=@nl=@unspec, 0x80, &(0x7f0000000100), 0x0, &(0x7f0000000380)}}, {{&(0x7f0000000400)=@in={0x2, 0x0, @local}, 0x80, &(0x7f0000000240), 0x0, &(0x7f0000000480), 0x1400}}], 0x2, 0x0)

[  149.497113][ T7942] team0: Port device team_slave_0 added
[  149.516114][ T7942] team0: Port device team_slave_1 added
06:34:08 executing program 0:
sendmmsg(0xffffffffffffffff, &(0x7f00000038c0)=[{{&(0x7f0000000040)=@nl=@unspec, 0x80, &(0x7f0000000100), 0x0, &(0x7f0000000380)}}, {{&(0x7f0000000400)=@in={0x2, 0x0, @local}, 0x80, &(0x7f0000000240), 0x0, &(0x7f0000000480), 0x1400}}], 0x2, 0x0)

[  149.574289][ T7949] bond0: Enslaving bond_slave_0 as an active interface with an up link
06:34:08 executing program 0:
sendmmsg(0xffffffffffffffff, &(0x7f00000038c0)=[{{&(0x7f0000000040)=@nl=@unspec, 0x80, &(0x7f0000000100), 0x0, &(0x7f0000000380)}}, {{&(0x7f0000000400)=@in={0x2, 0x0, @local}, 0x80, &(0x7f0000000240), 0x0, &(0x7f0000000480), 0x1400}}], 0x2, 0x0)

06:34:08 executing program 0:
r0 = socket$inet(0x2, 0x0, 0x2)
sendmmsg(r0, &(0x7f00000038c0)=[{{&(0x7f0000000040)=@nl=@unspec, 0x80, &(0x7f0000000100), 0x0, &(0x7f0000000380)}}, {{&(0x7f0000000400)=@in={0x2, 0x0, @local}, 0x80, &(0x7f0000000240), 0x0, &(0x7f0000000480), 0x1400}}], 0x2, 0x0)

[  149.645470][ T7940] device hsr_slave_0 entered promiscuous mode
[  149.671227][ T7940] device hsr_slave_1 entered promiscuous mode
[  149.747659][ T7949] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  149.763742][ T7937] 8021q: adding VLAN 0 to HW filter on device bond0
[  149.822243][ T7942] device hsr_slave_0 entered promiscuous mode
[  149.868799][ T7942] device hsr_slave_1 entered promiscuous mode
[  149.950709][ T7949] team0: Port device team_slave_0 added
[  149.959071][ T7949] team0: Port device team_slave_1 added
[  149.975869][ T7935] 8021q: adding VLAN 0 to HW filter on device bond0
[  149.987535][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  149.996304][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  150.026081][ T7937] 8021q: adding VLAN 0 to HW filter on device team0
[  150.091141][ T7949] device hsr_slave_0 entered promiscuous mode
[  150.138960][ T7949] device hsr_slave_1 entered promiscuous mode
[  150.197493][ T7935] 8021q: adding VLAN 0 to HW filter on device team0
[  150.221564][ T3483] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  150.230072][ T3483] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  150.248684][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  150.257325][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  150.265815][    T5] bridge0: port 1(bridge_slave_0) entered blocking state
[  150.272871][    T5] bridge0: port 1(bridge_slave_0) entered forwarding state
[  150.281573][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  150.290459][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  150.298949][    T5] bridge0: port 1(bridge_slave_0) entered blocking state
[  150.305990][    T5] bridge0: port 1(bridge_slave_0) entered forwarding state
[  150.315606][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  150.323451][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  150.361374][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  150.372499][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  150.381299][    T5] bridge0: port 2(bridge_slave_1) entered blocking state
[  150.388848][    T5] bridge0: port 2(bridge_slave_1) entered forwarding state
[  150.396502][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  150.405232][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  150.414778][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  150.423611][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  150.431963][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  150.440834][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  150.449395][    T5] bridge0: port 2(bridge_slave_1) entered blocking state
[  150.456435][    T5] bridge0: port 2(bridge_slave_1) entered forwarding state
[  150.464117][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  150.472648][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  150.481394][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  150.490548][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  150.499767][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  150.529533][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  150.538088][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  150.546945][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  150.555656][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  150.564469][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  150.572904][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  150.581494][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  150.593595][ T7935] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  150.622455][ T3483] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  150.634886][ T3483] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  150.643537][ T3483] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  150.651998][ T3483] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  150.676053][ T7935] 8021q: adding VLAN 0 to HW filter on device batadv0
[  150.699884][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  150.708183][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  150.730620][ T7942] 8021q: adding VLAN 0 to HW filter on device bond0
[  150.739952][ T7937] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  150.763392][ T7940] 8021q: adding VLAN 0 to HW filter on device bond0
[  150.799404][ T7949] 8021q: adding VLAN 0 to HW filter on device bond0
[  150.820844][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  150.832269][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  150.839990][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  150.847636][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  150.858947][ T7940] 8021q: adding VLAN 0 to HW filter on device team0
06:34:09 executing program 1:
open_by_handle_at(0xffffffffffffff9c, &(0x7f0000000000)={0x9, 0x2020000000001, "ff"}, 0x40)

[  150.896962][ T7937] 8021q: adding VLAN 0 to HW filter on device batadv0
[  150.926557][ T7942] 8021q: adding VLAN 0 to HW filter on device team0
[  150.947541][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  150.969498][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  150.978880][    T5] bridge0: port 1(bridge_slave_0) entered blocking state
[  150.985991][    T5] bridge0: port 1(bridge_slave_0) entered forwarding state
[  151.000330][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  151.010358][ T7993] syz-executor.1 (7993) used greatest stack depth: 23328 bytes left
[  151.049582][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  151.058307][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  151.068349][    T5] bridge0: port 2(bridge_slave_1) entered blocking state
[  151.075507][    T5] bridge0: port 2(bridge_slave_1) entered forwarding state
[  151.085741][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  151.095097][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  151.104203][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  151.112077][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  151.120564][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  151.129363][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  151.137655][    T5] bridge0: port 1(bridge_slave_0) entered blocking state
[  151.144750][    T5] bridge0: port 1(bridge_slave_0) entered forwarding state
[  151.153690][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  151.185213][ T7949] 8021q: adding VLAN 0 to HW filter on device team0
[  151.194089][ T3483] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  151.203980][ T3483] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  151.212762][ T3483] bridge0: port 2(bridge_slave_1) entered blocking state
[  151.219862][ T3483] bridge0: port 2(bridge_slave_1) entered forwarding state
[  151.227403][ T3483] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  151.236506][ T3483] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  151.245101][ T3483] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  151.253524][ T3483] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  151.262291][ T3483] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  151.271111][ T3483] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  151.280043][ T3483] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  151.288432][ T3483] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  151.297026][ T3483] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  151.305313][ T3483] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  151.314059][ T3483] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  151.322113][ T3483] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
06:34:09 executing program 2:
mkdir(&(0x7f0000000100)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f00000003c0)='autofs\x00', 0x0, &(0x7f0000000400))

[  151.384454][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  151.396027][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  151.410255][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  151.419970][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  151.424025][ T8003] autofs4:pid:8003:autofs_fill_super: called with bogus options
[  151.428543][    T5] bridge0: port 1(bridge_slave_0) entered blocking state
[  151.442909][    T5] bridge0: port 1(bridge_slave_0) entered forwarding state
[  151.452852][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  151.461645][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  151.471786][    T5] bridge0: port 2(bridge_slave_1) entered blocking state
[  151.478900][    T5] bridge0: port 2(bridge_slave_1) entered forwarding state
[  151.486910][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  151.497222][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  151.505898][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  151.514209][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  151.522599][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  151.531896][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  151.541462][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  151.564114][ T3483] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  151.573039][ T3483] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  151.581949][ T3483] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  151.590964][ T3483] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  151.600178][ T3483] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  151.608356][ T3483] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  151.616999][ T3483] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  151.626084][ T7940] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  151.645392][ T2989] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  151.653890][ T2989] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  151.662863][ T2989] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  151.672312][ T2989] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  151.682467][ T7942] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  151.692418][ T7949] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  151.736410][ T7949] 8021q: adding VLAN 0 to HW filter on device batadv0
[  151.759376][ T7942] 8021q: adding VLAN 0 to HW filter on device batadv0
[  151.770344][ T7940] 8021q: adding VLAN 0 to HW filter on device batadv0
06:34:11 executing program 3:
r0 = socket$inet(0x10, 0x2000000000000002, 0x0)
sendmsg(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000000)="2f0000001c000507000000000d2300000200041f01000000fc0002c91300010000000000500000007321452e506f32", 0x2f}], 0x1}, 0x0)

06:34:11 executing program 0:
r0 = socket$inet(0x2, 0x0, 0x2)
sendmmsg(r0, &(0x7f00000038c0)=[{{&(0x7f0000000040)=@nl=@unspec, 0x80, &(0x7f0000000100), 0x0, &(0x7f0000000380)}}, {{&(0x7f0000000400)=@in={0x2, 0x0, @local}, 0x80, &(0x7f0000000240), 0x0, &(0x7f0000000480), 0x1400}}], 0x2, 0x0)

06:34:11 executing program 1:
open_by_handle_at(0xffffffffffffff9c, &(0x7f0000000000)={0x9, 0x2020000000001, "ff"}, 0x40)

06:34:11 executing program 2:
r0 = socket$inet6(0xa, 0x80805, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070")
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @remote, 0x6}, 0x1c)
listen(r0, 0x40)

06:34:11 executing program 5:
open_by_handle_at(0xffffffffffffff9c, &(0x7f0000000000)={0x9, 0x2020000000001, "ff"}, 0xfffffffffffffffe)

06:34:11 executing program 4:
mknod(&(0x7f0000f80000)='./file0\x00', 0x1040, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
read(r0, &(0x7f0000000540)=""/11, 0x485)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000200))
clone(0x3102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
execve(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
ioctl$TIOCSRS485(r0, 0x542f, 0x0)

06:34:11 executing program 1:
open_by_handle_at(0xffffffffffffff9c, &(0x7f0000000000)={0x9, 0x2020000000001, "ff"}, 0x40)

06:34:11 executing program 5:
r0 = socket$unix(0x1, 0x2, 0x0)
ioctl(r0, 0x1000008912, &(0x7f0000000200))

06:34:11 executing program 3:
r0 = socket$inet(0x10, 0x2000000000000002, 0x0)
sendmsg(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000000)="2f0000001c000507000000000d2300000200041f01000000fc0002c91300010000000000500000007321452e506f32", 0x2f}], 0x1}, 0x0)

06:34:11 executing program 0:
r0 = socket$inet(0x2, 0x0, 0x2)
sendmmsg(r0, &(0x7f00000038c0)=[{{&(0x7f0000000040)=@nl=@unspec, 0x80, &(0x7f0000000100), 0x0, &(0x7f0000000380)}}, {{&(0x7f0000000400)=@in={0x2, 0x0, @local}, 0x80, &(0x7f0000000240), 0x0, &(0x7f0000000480), 0x1400}}], 0x2, 0x0)

06:34:11 executing program 5:
gettid()
fsetxattr$security_capability(0xffffffffffffffff, &(0x7f0000000100)='security.capability\x00', 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getpid()
r0 = openat$vsock(0xffffffffffffff9c, 0x0, 0x100, 0x0)
memfd_create(&(0x7f0000000140)='\x00\x00\xe0Q\xdf\x00\x00\x00\x00\x00\x00\x00\x00', 0x10000000004)
modify_ldt$read_default(0x2, &(0x7f0000000080)=""/41, 0x29)
openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000700)='/dev/video36\x00', 0x2, 0x0)
clone(0x200802102001ffb, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000280)='/dev/vhost-vsock\x00', 0x2, 0x0)
ioctl$VHOST_VSOCK_SET_GUEST_CID(0xffffffffffffffff, 0x4008af60, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
ioctl$KVM_SMI(r0, 0xaeb7)
connect$vsock_dgram(r1, &(0x7f0000000200)={0x28, 0x0, 0x0, @my=0x0}, 0x10)

06:34:11 executing program 1:
open_by_handle_at(0xffffffffffffff9c, &(0x7f0000000000)={0x9, 0x2020000000001, "ff"}, 0x40)

06:34:11 executing program 3:
fsetxattr$security_ima(0xffffffffffffffff, 0x0, &(0x7f0000000240)=@sha1={0x1, "6c2b70eac8c4a132ee89054a98b39c9fabaa958a"}, 0x15, 0x0)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000040)=0x74, 0x4)
bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000000680)={0x2, 0x4e23, @local}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000080)=0xda9, 0x4)
r1 = fcntl$dupfd(r0, 0x0, r0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000), 0xc, 0x0, 0x1, 0x0, 0x0, 0x80}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=@ipmr_getroute={0x1c, 0x1a, 0x10, 0x70bd2d, 0x0, {0x80, 0x0, 0x80, 0xfffffffffffffffa, 0x0, 0x6, 0xfe, 0xf, 0x200}}, 0x1c}}, 0x20000000)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000480)={0x8c, 0x18, 0xfa00, {0x0, &(0x7f0000000440), 0x0, 0x49949c4245000000, [0x9c00, 0x0, 0x0, 0x0, 0x64]}}, 0xfef5)

06:34:11 executing program 1:
open_by_handle_at(0xffffffffffffff9c, 0x0, 0x40)

06:34:11 executing program 2:
r0 = socket$inet6(0xa, 0x80805, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070")
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @remote, 0x6}, 0x1c)
listen(r0, 0x40)

[  153.123863][ T8033] syz-executor.2 (8033) used greatest stack depth: 22080 bytes left
06:34:11 executing program 0:
r0 = socket$inet(0x2, 0x3, 0x0)
sendmmsg(r0, &(0x7f00000038c0)=[{{&(0x7f0000000040)=@nl=@unspec, 0x80, &(0x7f0000000100), 0x0, &(0x7f0000000380)}}, {{&(0x7f0000000400)=@in={0x2, 0x0, @local}, 0x80, &(0x7f0000000240), 0x0, &(0x7f0000000480), 0x1400}}], 0x2, 0x0)

[  153.190636][    C0] hrtimer: interrupt took 37024 ns
06:34:11 executing program 1:
open_by_handle_at(0xffffffffffffff9c, 0x0, 0x40)

06:34:12 executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xd, 0x4, &(0x7f0000346fc8)=ANY=[@ANYBLOB="1800000000000000000000000000000061154000000000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x70)

06:34:12 executing program 2:
r0 = socket$inet6(0xa, 0x80805, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070")
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @remote, 0x6}, 0x1c)
listen(r0, 0x40)

06:34:12 executing program 5:
gettid()
fsetxattr$security_capability(0xffffffffffffffff, &(0x7f0000000100)='security.capability\x00', 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getpid()
r0 = openat$vsock(0xffffffffffffff9c, 0x0, 0x100, 0x0)
memfd_create(&(0x7f0000000140)='\x00\x00\xe0Q\xdf\x00\x00\x00\x00\x00\x00\x00\x00', 0x10000000004)
modify_ldt$read_default(0x2, &(0x7f0000000080)=""/41, 0x29)
openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000700)='/dev/video36\x00', 0x2, 0x0)
clone(0x200802102001ffb, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000280)='/dev/vhost-vsock\x00', 0x2, 0x0)
ioctl$VHOST_VSOCK_SET_GUEST_CID(0xffffffffffffffff, 0x4008af60, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
ioctl$KVM_SMI(r0, 0xaeb7)
connect$vsock_dgram(r1, &(0x7f0000000200)={0x28, 0x0, 0x0, @my=0x0}, 0x10)

06:34:12 executing program 1:
open_by_handle_at(0xffffffffffffff9c, 0x0, 0x40)

06:34:12 executing program 0:
r0 = socket$inet(0x2, 0x3, 0x0)
sendmmsg(r0, &(0x7f00000038c0)=[{{&(0x7f0000000040)=@nl=@unspec, 0x80, &(0x7f0000000100), 0x0, &(0x7f0000000380)}}, {{&(0x7f0000000400)=@in={0x2, 0x0, @local}, 0x80, &(0x7f0000000240), 0x0, &(0x7f0000000480), 0x1400}}], 0x2, 0x0)

06:34:12 executing program 1:
open_by_handle_at(0xffffffffffffff9c, &(0x7f0000000000)={0x9, 0x0, "ff"}, 0x40)

06:34:12 executing program 2:
r0 = socket$inet6(0xa, 0x80805, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070")
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @remote, 0x6}, 0x1c)
listen(r0, 0x40)

06:34:12 executing program 3:
r0 = syz_open_dev$video(&(0x7f0000000080)='/dev/video#\x00', 0x2000400000000009, 0x0)
poll(&(0x7f0000000000)=[{r0, 0x449}], 0x1, 0x0)
close(r0)

06:34:12 executing program 5:
r0 = userfaultfd(0x0)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_UNREGISTER(r0, 0xc020aa04, &(0x7f0000000200)={&(0x7f0000011000/0x1000)=nil, 0x1000})

06:34:12 executing program 4:
mknod(&(0x7f0000000140)='./bus\x00', 0x800008000, 0x86128)
r0 = open(&(0x7f0000000100)='./bus\x00', 0x4001, 0x0)
pwritev(r0, &(0x7f0000000040)=[{&(0x7f00000000c0)="fa1204a49155ce1e00", 0x9}], 0x1, 0x0)
writev(r0, &(0x7f0000000200)=[{&(0x7f0000000000)='\f\x00', 0x2}], 0x1)
pwritev(r0, &(0x7f00000024c0)=[{&(0x7f0000000840)="573f0f052446fea56a585a40376de99dd3448b06de2cbce006c13336623d0f6dcd9879b96d604b348d2d2c50bba70352dc5bcd7718c1e9ffb2260eb560b2be22e11011c58870fe56c67f3e95af436a40012c2600ece7e47f29c6191799729f31c1a76fcfacbee7fee5bdeba407f9ea8f77cf76fd2b6d79aca1f430d321a3d17fcf06180488f56ceec0a25b0eb218ecb927692a49a8780b0c33ad6318857605ec945ee155f977ac5e5cabc021996e8ce4fe37c91620986dd58c074730d0d92735695b5c05df61537226a3ac792f47f9570dffa3a7e21b6f149ee474ed7349c8d989dda3d0c259eca6076a2d60292be10ff02adfd90cdb6cd3b3e9d50e0d7c4e5892615a09b858fa8b76912f1074de591ccb4f6df173035e4cd62b4e2f2f06b6ec02750d5b04cc22f47e4f07fba60a0685f49a7386bd82420807849e0991fe5a4a407f0349e1c3b98ca600db453263d4df7fe3108e3a378c2cd38086379b68f2747d4266382948a2d369539fe713a4105f328f9ba9152c465b7e0dea62c07d707a6f3e8727e63f757ba2ef5a792adea05f55a40a075154db06bb4762507200d22e8380cd97aae7a12e054335c867d25685018cee2cfe48ace570640903849bc36be5202cd5b62d976313af757bb72fcfb042cbf453588a00a8dd79dec49b212bc98f0931931a80d88c96b12df23c0e9130f1afd78bee608729cce3954b544e9270552544792160a064bc5bd7197144641191aa31427933c5155c3cf2e5f9eb98b4aeab351a1ab9bb55a662b74fdc41793465c9c31b3a4f1a26fd4504f6e5a546888694c5d0d02bfe829514536495a2acd2cb08223f72126fa678e8ee5197b16468e7e073ac5f272b1e8ee934d438ddf6842ec0bea48405c5b808484565e529a8949d8a01242211def7ab4809096061d489aa5ea50ac3cf4cd63cb69fe9cf3f27a1b0a5ba2ce901826f676a93784faaa285f9dc1293dd40d35baa80ba7e8e66cbf51f5acf3b0604182c705b9aebe54692a25b8a2825bf45a567d911dbe3f463d1c3e116ec9824d85a06c1e101d33089e2cd249dbb497fd3a841b7df5aa6fe49413e930a354d90dbf5e60a21dd0df8b2ab3d3076beb206065ed82dd37c708747d06b59c17a0b6aae9d2171611c54396c113b6028db7d1371c7baf94e45d2bef1df5da8523d0de313d9f7c9cd075de38badb0b6e6bdf0b2df1c28616e202fd0695596a7d9159e8dcba5d00082a0474b2328f597f85452067bf27a8b805c383285b322d35ef0c55b70080100008000000000f89c99300b2aa806796b31068b4c69685928b4efa4640e10ccda869763a25be5287df6d81d00c8806580f5a4ca047c7e220c31777a8651be15c2e2a9022162d01e94066d734c6536a8c81a70c73241c4a08dbe4aa5953ab4e4ee01f71a587005c11e5b41ca38842efe10c83356af374429307410bb1cae57280e4f8a41482d4f85745c7108a416dc81d4371f25b9dd22905e5d4b75df9e697188a34e33a056f712364d15d3956b577a9a5026b7766435a14591bcf5fdebfe5d6c274181e04f21d10d80de2c6d6b3ca5db5f195cac75fc02d5fa60df505344d98339889273347ae640d91c8ed253e0010df3689a32e4d8d7a0cd126e0bc1d199dc43cf3979acb918eb97792a1475960581", 0x499}], 0x1, 0x0)

06:34:12 executing program 0:
r0 = socket$inet(0x2, 0x3, 0x0)
sendmmsg(r0, &(0x7f00000038c0)=[{{&(0x7f0000000040)=@nl=@unspec, 0x80, &(0x7f0000000100), 0x0, &(0x7f0000000380)}}, {{&(0x7f0000000400)=@in={0x2, 0x0, @local}, 0x80, &(0x7f0000000240), 0x0, &(0x7f0000000480), 0x1400}}], 0x2, 0x0)

06:34:12 executing program 1:
open_by_handle_at(0xffffffffffffff9c, &(0x7f0000000000)={0x9, 0x0, "ff"}, 0x40)

06:34:12 executing program 2:
r0 = socket$inet6(0xa, 0x80805, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070")
listen(r0, 0x40)

06:34:12 executing program 1:
open_by_handle_at(0xffffffffffffff9c, &(0x7f0000000000)={0x9, 0x0, "ff"}, 0x40)

06:34:12 executing program 4:

[  154.102203][ T8144] vivid-001: kernel_thread() failed
06:34:12 executing program 5:

06:34:12 executing program 2:
r0 = socket$inet6(0xa, 0x80805, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070")
listen(r0, 0x40)

06:34:12 executing program 0:
socket$inet(0x2, 0x3, 0x2)
sendmmsg(0xffffffffffffffff, &(0x7f00000038c0)=[{{&(0x7f0000000040)=@nl=@unspec, 0x80, &(0x7f0000000100), 0x0, &(0x7f0000000380)}}, {{&(0x7f0000000400)=@in={0x2, 0x0, @local}, 0x80, &(0x7f0000000240), 0x0, &(0x7f0000000480), 0x1400}}], 0x2, 0x0)

06:34:12 executing program 2:
r0 = socket$inet6(0xa, 0x80805, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070")
listen(r0, 0x40)

06:34:12 executing program 3:
r0 = syz_open_dev$video(&(0x7f0000000080)='/dev/video#\x00', 0x2000400000000009, 0x0)
poll(&(0x7f0000000000)=[{r0, 0x449}], 0x1, 0x0)
close(r0)

06:34:12 executing program 4:

06:34:12 executing program 5:
syz_execute_func(&(0x7f00000000c0)="410f01f9c4e1f573d50664ff0941c3c4e2c99758423e46d87312660fd2323e0f1110d4b842419dcccc")
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f00000000c0)=0x100000001, 0x151)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12, 0x2}, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f0000000880)={{0x0, 0x1c9c380}, {0x0, 0x989680}}, 0x0)
rt_sigtimedwait(&(0x7f0000000500), 0x0, 0x0, 0x8)
tkill(r1, 0x1000000000015)
futex(&(0x7f0000000140)=0x2, 0x80, 0x2, &(0x7f0000000180)={0x77359400}, &(0x7f00000001c0)=0x1, 0x2)

06:34:12 executing program 1:
open_by_handle_at(0xffffffffffffff9c, &(0x7f0000000000)={0x8, 0x2020000000001}, 0x40)

06:34:12 executing program 0:
socket$inet(0x2, 0x3, 0x2)
sendmmsg(0xffffffffffffffff, &(0x7f00000038c0)=[{{&(0x7f0000000040)=@nl=@unspec, 0x80, &(0x7f0000000100), 0x0, &(0x7f0000000380)}}, {{&(0x7f0000000400)=@in={0x2, 0x0, @local}, 0x80, &(0x7f0000000240), 0x0, &(0x7f0000000480), 0x1400}}], 0x2, 0x0)

06:34:12 executing program 4:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000003c0)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060", 0x3f}], 0x1, 0x0, 0x0, 0x0)
openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x0, 0x0)
ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000000100))
syz_open_dev$evdev(&(0x7f0000000140)='/dev/input/event#\x00', 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

06:34:12 executing program 2:
r0 = socket$inet6(0xa, 0x80805, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @remote, 0x6}, 0x1c)
listen(r0, 0x40)

06:34:12 executing program 0:
socket$inet(0x2, 0x3, 0x2)
sendmmsg(0xffffffffffffffff, &(0x7f00000038c0)=[{{&(0x7f0000000040)=@nl=@unspec, 0x80, &(0x7f0000000100), 0x0, &(0x7f0000000380)}}, {{&(0x7f0000000400)=@in={0x2, 0x0, @local}, 0x80, &(0x7f0000000240), 0x0, &(0x7f0000000480), 0x1400}}], 0x2, 0x0)

06:34:12 executing program 1:
open_by_handle_at(0xffffffffffffff9c, &(0x7f0000000000)={0x8, 0x2020000000001}, 0x40)

06:34:12 executing program 3:
r0 = syz_open_dev$video(&(0x7f0000000080)='/dev/video#\x00', 0x2000400000000009, 0x0)
poll(&(0x7f0000000000)=[{r0, 0x449}], 0x1, 0x0)
close(r0)

06:34:13 executing program 0:
r0 = socket$inet(0x2, 0x3, 0x2)
sendmmsg(r0, 0x0, 0x0, 0x0)

[  154.556013][ T8187] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html for details.
06:34:13 executing program 3:
r0 = syz_open_dev$video(&(0x7f0000000080)='/dev/video#\x00', 0x2000400000000009, 0x0)
poll(&(0x7f0000000000)=[{r0, 0x449}], 0x1, 0x0)
close(r0)

06:34:13 executing program 2:
r0 = socket$inet6(0xa, 0x80805, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @remote, 0x6}, 0x1c)
listen(r0, 0x40)

06:34:13 executing program 1:
open_by_handle_at(0xffffffffffffff9c, &(0x7f0000000000)={0x8, 0x2020000000001}, 0x40)

[  154.770279][ T8187] kasan: CONFIG_KASAN_INLINE enabled
[  154.775744][ T8187] kasan: GPF could be caused by NULL-ptr deref or user memory access
[  154.783824][ T8187] general protection fault: 0000 [#1] PREEMPT SMP KASAN
[  154.790770][ T8187] CPU: 1 PID: 8187 Comm: syz-executor.4 Not tainted 5.1.0-rc7-next-20190430 #33
[  154.799890][ T8187] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  154.805780][ T3879] kobject: 'loop0' (0000000097174aca): kobject_uevent_env
[  154.809958][ T8187] RIP: 0010:vcpu_enter_guest+0xbcd/0x5fb0
[  154.809974][ T8187] Code: 48 c1 ea 03 80 3c 02 00 0f 85 6f 48 00 00 49 8b 9f b0 03 00 00 48 b8 00 00 00 00 00 fc ff df 48 8d 7b 78 48 89 fa 48 c1 ea 03 <0f> b6 04 02 84 c0 74 08 3c 03 0f 8e 39 48 00 00 8b 5b 78 31 ff 89
[  154.809981][ T8187] RSP: 0018:ffff8880637c7a00 EFLAGS: 00010006
[  154.809992][ T8187] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffc9000e649000
[  154.810009][ T8187] RDX: 000000000000000f RSI: ffffffff810cd7b2 RDI: 0000000000000078
[  154.817197][ T3879] kobject: 'loop0' (0000000097174aca): fill_kobj_path: path = '/devices/virtual/block/loop0'
[  154.822814][ T8187] RBP: ffff8880637c7b10 R08: ffff88808e862440 R09: ffffed1015d26be0
[  154.822822][ T8187] R10: ffffed1015d26bdf R11: ffff8880ae935efb R12: ffff88806267806c
[  154.822831][ T8187] R13: 0000000000000000 R14: ffff888062678070 R15: ffff888062678040
[  154.822842][ T8187] FS:  00007fbe3fea4700(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000
[  154.822850][ T8187] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  154.822858][ T8187] CR2: 00007f1d98c366c0 CR3: 00000000951a5000 CR4: 00000000001426e0
[  154.822871][ T8187] Call Trace:
[  154.925163][ T8187]  ? emulator_read_emulated+0x50/0x50
[  154.930537][ T8187]  ? lock_acquire+0x16f/0x3f0
[  154.935193][ T8187]  ? kvm_check_async_pf_completion+0x2d8/0x440
[  154.941332][ T8187]  kvm_arch_vcpu_ioctl_run+0x425/0x1750
[  154.946867][ T8187]  ? kvm_arch_vcpu_ioctl_run+0x425/0x1750
[  154.952572][ T8187]  kvm_vcpu_ioctl+0x4dc/0xf90
[  154.957232][ T8187]  ? kvm_set_memory_region+0x50/0x50
[  154.962531][ T8187]  ? tomoyo_path_number_perm+0x263/0x520
[  154.968161][ T8187]  ? tomoyo_execute_permission+0x4a0/0x4a0
[  154.973958][ T8187]  ? __fget+0x35a/0x550
[  154.978096][ T8187]  ? kvm_set_memory_region+0x50/0x50
[  154.983464][ T8187]  do_vfs_ioctl+0xd6e/0x1390
[  154.988043][ T8187]  ? ioctl_preallocate+0x210/0x210
[  154.993133][ T8187]  ? __fget+0x381/0x550
[  154.997271][ T8187]  ? ksys_dup3+0x3e0/0x3e0
[  155.001669][ T8187]  ? nsecs_to_jiffies+0x30/0x30
[  155.006499][ T8187]  ? tomoyo_file_ioctl+0x23/0x30
[  155.011433][ T8187]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  155.017654][ T8187]  ? security_file_ioctl+0x93/0xc0
[  155.022749][ T8187]  ksys_ioctl+0xab/0xd0
[  155.026893][ T8187]  __x64_sys_ioctl+0x73/0xb0
[  155.031482][ T8187]  do_syscall_64+0x103/0x670
[  155.036055][ T8187]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  155.041937][ T8187] RIP: 0033:0x458da9
[  155.045811][ T8187] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  155.065405][ T8187] RSP: 002b:00007fbe3fea3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  155.073795][ T8187] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000458da9
[  155.081742][ T8187] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  155.089689][ T8187] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  155.097639][ T8187] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbe3fea46d4
[  155.105592][ T8187] R13: 00000000004c1d42 R14: 00000000004d4550 R15: 00000000ffffffff
[  155.113551][ T8187] Modules linked in:
[  155.117453][ T8187] ---[ end trace ca173f791120641a ]---
[  155.122901][ T8187] RIP: 0010:vcpu_enter_guest+0xbcd/0x5fb0
[  155.128599][ T8187] Code: 48 c1 ea 03 80 3c 02 00 0f 85 6f 48 00 00 49 8b 9f b0 03 00 00 48 b8 00 00 00 00 00 fc ff df 48 8d 7b 78 48 89 fa 48 c1 ea 03 <0f> b6 04 02 84 c0 74 08 3c 03 0f 8e 39 48 00 00 8b 5b 78 31 ff 89
[  155.148183][ T8187] RSP: 0018:ffff8880637c7a00 EFLAGS: 00010006
[  155.154225][ T8187] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffc9000e649000
[  155.162194][ T8187] RDX: 000000000000000f RSI: ffffffff810cd7b2 RDI: 0000000000000078
[  155.170170][ T8187] RBP: ffff8880637c7b10 R08: ffff88808e862440 R09: ffffed1015d26be0
[  155.178116][ T8187] R10: ffffed1015d26bdf R11: ffff8880ae935efb R12: ffff88806267806c
[  155.186066][ T8187] R13: 0000000000000000 R14: ffff888062678070 R15: ffff888062678040
[  155.194019][ T8187] FS:  00007fbe3fea4700(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000
[  155.203113][ T8187] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  155.209691][ T8187] CR2: 00007f1d98c366c0 CR3: 00000000951a5000 CR4: 00000000001426e0
[  155.217645][ T8187] Kernel panic - not syncing: Fatal exception
[  155.224756][ T8187] Kernel Offset: disabled
[  155.229077][ T8187] Rebooting in 86400 seconds..