[ 54.994571] audit: type=1800 audit(1538746260.026:27): pid=5979 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 56.502824] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[ ok 8[?25h[?0c. [ 57.492368] random: sshd: uninitialized urandom read (32 bytes read) [ 57.945396] random: sshd: uninitialized urandom read (32 bytes read) Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 59.437905] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.0.45' (ECDSA) to the list of known hosts. [ 65.203988] random: sshd: uninitialized urandom read (32 bytes read) 2018/10/05 13:31:12 fuzzer started [ 69.754797] random: cc1: uninitialized urandom read (8 bytes read) 2018/10/05 13:31:17 dialing manager at 10.128.0.26:36867 2018/10/05 13:31:17 syscalls: 1 2018/10/05 13:31:17 code coverage: enabled 2018/10/05 13:31:17 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled 2018/10/05 13:31:17 setuid sandbox: enabled 2018/10/05 13:31:17 namespace sandbox: enabled 2018/10/05 13:31:17 Android sandbox: /sys/fs/selinux/policy does not exist 2018/10/05 13:31:17 fault injection: enabled 2018/10/05 13:31:17 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2018/10/05 13:31:17 net packed injection: enabled 2018/10/05 13:31:17 net device setup: enabled [ 75.431166] random: crng init done 13:33:11 executing program 0: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) mount(&(0x7f0000000040)=@filename='./file1\x00', &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='cgroup\x00', 0x0, 0x0) [ 187.348174] IPVS: ftp: loaded support on port[0] = 21 [ 189.624501] bridge0: port 1(bridge_slave_0) entered blocking state [ 189.630996] bridge0: port 1(bridge_slave_0) entered disabled state [ 189.639625] device bridge_slave_0 entered promiscuous mode [ 189.778164] bridge0: port 2(bridge_slave_1) entered blocking state [ 189.784796] bridge0: port 2(bridge_slave_1) entered disabled state [ 189.793286] device bridge_slave_1 entered promiscuous mode [ 189.927620] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 190.062793] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 190.475602] bond0: Enslaving bond_slave_0 as an active interface with an up link 13:33:15 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip6_mr_cache\x00') preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000380)=""/139, 0x8b}], 0x1, 0x4000000) [ 190.627597] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 190.996938] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 191.004358] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 191.373839] IPVS: ftp: loaded support on port[0] = 21 [ 191.543699] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 191.551860] team0: Port device team_slave_0 added [ 191.757078] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 191.765259] team0: Port device team_slave_1 added [ 191.937788] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 192.106699] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 192.113918] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 192.122909] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 192.333618] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 192.341174] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 192.350482] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 192.624139] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 192.631900] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 192.641013] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 195.046678] bridge0: port 1(bridge_slave_0) entered blocking state [ 195.053422] bridge0: port 1(bridge_slave_0) entered disabled state [ 195.062100] device bridge_slave_0 entered promiscuous mode [ 195.120539] bridge0: port 2(bridge_slave_1) entered blocking state [ 195.127130] bridge0: port 2(bridge_slave_1) entered forwarding state [ 195.134223] bridge0: port 1(bridge_slave_0) entered blocking state [ 195.140676] bridge0: port 1(bridge_slave_0) entered forwarding state [ 195.149647] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 195.234227] bridge0: port 2(bridge_slave_1) entered blocking state [ 195.240706] bridge0: port 2(bridge_slave_1) entered disabled state [ 195.249327] device bridge_slave_1 entered promiscuous mode [ 195.493927] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 195.707433] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 196.022780] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready 13:33:21 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000080)='./file1\x00', 0x0) write$P9_ROPEN(r1, &(0x7f0000000100)={0x18}, 0x18) fallocate(r1, 0x10, 0x0, 0x8000) [ 196.422147] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 196.633513] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 196.865942] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 196.874907] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 197.109246] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 197.116421] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 197.418595] IPVS: ftp: loaded support on port[0] = 21 [ 197.991854] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 197.999850] team0: Port device team_slave_0 added [ 198.233447] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 198.241455] team0: Port device team_slave_1 added [ 198.553998] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 198.561059] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 198.570098] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 198.787150] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 198.794306] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 198.803246] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 199.058513] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 199.066172] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 199.075180] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 199.338109] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 199.345804] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 199.354912] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 202.268041] bridge0: port 1(bridge_slave_0) entered blocking state [ 202.274657] bridge0: port 1(bridge_slave_0) entered disabled state [ 202.283233] device bridge_slave_0 entered promiscuous mode [ 202.395829] bridge0: port 2(bridge_slave_1) entered blocking state [ 202.402369] bridge0: port 2(bridge_slave_1) entered forwarding state [ 202.409271] bridge0: port 1(bridge_slave_0) entered blocking state [ 202.415831] bridge0: port 1(bridge_slave_0) entered forwarding state [ 202.424737] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 202.538093] bridge0: port 2(bridge_slave_1) entered blocking state [ 202.544624] bridge0: port 2(bridge_slave_1) entered disabled state [ 202.553070] device bridge_slave_1 entered promiscuous mode [ 202.822139] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 202.832366] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 203.092029] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 203.818207] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 204.057663] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 204.356435] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 204.363756] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready 13:33:29 executing program 3: clone(0x20002100, 0x0, 0xfffffffffffffffe, &(0x7f0000000100), 0xffffffffffffffff) r0 = memfd_create(&(0x7f0000000040)="00000600000000000000", 0x0) write$binfmt_elf64(r0, &(0x7f00000002c0)=ANY=[@ANYBLOB="7f454c46000000efffffffffffffff0003003e000000000000000000000000004000000000000000000000000000000000000000000038"], 0x37) execveat(r0, &(0x7f0000000000)='\x00', &(0x7f0000000280), &(0x7f0000000500), 0x1000) setsockopt$EBT_SO_SET_COUNTERS(0xffffffffffffffff, 0x0, 0x81, &(0x7f0000000140)={'broute\x00', 0x0, 0x0, 0x0, [], 0x3, &(0x7f0000000080)=[{}], 0x0, [{}, {}, {}]}, 0x80) [ 204.757959] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 204.766806] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 205.658838] IPVS: ftp: loaded support on port[0] = 21 [ 205.816508] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 205.824794] team0: Port device team_slave_0 added [ 206.145571] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 206.153990] team0: Port device team_slave_1 added [ 206.534041] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 206.541102] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 206.550225] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 206.886720] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 206.894034] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 206.903242] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 206.924092] 8021q: adding VLAN 0 to HW filter on device bond0 [ 207.218439] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 207.226274] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 207.235326] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 207.611965] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 207.619543] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 207.628599] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 208.376064] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 209.726075] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 209.732562] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 209.740534] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 211.112743] 8021q: adding VLAN 0 to HW filter on device team0 [ 211.233938] bridge0: port 1(bridge_slave_0) entered blocking state [ 211.240410] bridge0: port 1(bridge_slave_0) entered disabled state [ 211.248953] device bridge_slave_0 entered promiscuous mode [ 211.311766] bridge0: port 2(bridge_slave_1) entered blocking state [ 211.318228] bridge0: port 2(bridge_slave_1) entered forwarding state [ 211.325254] bridge0: port 1(bridge_slave_0) entered blocking state [ 211.331772] bridge0: port 1(bridge_slave_0) entered forwarding state [ 211.340418] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 211.526861] bridge0: port 2(bridge_slave_1) entered blocking state [ 211.533491] bridge0: port 2(bridge_slave_1) entered disabled state [ 211.541875] device bridge_slave_1 entered promiscuous mode [ 211.621984] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 211.847051] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 212.085813] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 213.067948] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 213.469286] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 213.759445] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 213.766665] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 214.103130] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 214.110264] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready 13:33:39 executing program 4: r0 = openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/attr/exec\x00', 0x2, 0x0) write$apparmor_exec(r0, &(0x7f0000000040)={'exec ', "262600c7c8f1bc0a95a126578f539c9c5db20436e4e2cda74f0a6c99af66a4e6d0b055ea36ece6"}, 0x2c) [ 215.120118] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 215.128322] team0: Port device team_slave_0 added [ 215.508501] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 215.516671] team0: Port device team_slave_1 added [ 215.820091] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 215.827407] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 215.836389] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 216.107912] IPVS: ftp: loaded support on port[0] = 21 [ 216.260682] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 216.268308] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 216.277260] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 216.629377] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 216.637124] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 216.646207] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 216.705463] 8021q: adding VLAN 0 to HW filter on device bond0 [ 217.049361] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 217.057430] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 217.066412] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 218.333147] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 219.815024] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 219.821420] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 219.829701] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready 13:33:45 executing program 0: socketpair(0x0, 0x0, 0x3b, &(0x7f00000000c0)) ioctl$UI_GET_SYSNAME(0xffffffffffffffff, 0x8040552c, &(0x7f0000000100)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket(0xa, 0x5, 0x0) sendmsg$rds(r0, &(0x7f0000000a40)={&(0x7f0000000300)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x1a}, [0x0, 0xe00000000000000, 0x0, 0x0, 0x20010010]}, 0x10, &(0x7f0000000480), 0x0, &(0x7f00000008c0)=[@mask_fadd={0x58, 0x84, 0x8, {{}, &(0x7f0000000540), &(0x7f0000000580)}}], 0x58}, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x1f, @remote}, 0x295) 13:33:46 executing program 0: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r0, 0x2401, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/secure_tcp\x00', 0x2, 0x0) ioctl$PPPOEIOCDFWD(r1, 0xb101, 0x0) clone(0x0, &(0x7f0000000080), &(0x7f0000000040), &(0x7f0000000100), &(0x7f0000000180)) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x2400, 0x3b9) [ 221.456745] 8021q: adding VLAN 0 to HW filter on device team0 [ 221.698444] bridge0: port 2(bridge_slave_1) entered blocking state [ 221.705004] bridge0: port 2(bridge_slave_1) entered forwarding state [ 221.712050] bridge0: port 1(bridge_slave_0) entered blocking state [ 221.718501] bridge0: port 1(bridge_slave_0) entered forwarding state [ 221.726927] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 221.952120] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 222.158307] ip (6903) used greatest stack depth: 53056 bytes left 13:33:47 executing program 0: r0 = socket$inet6(0xa, 0x2, 0x0) getsockopt$sock_int(r0, 0x1, 0x4, &(0x7f0000000080), &(0x7f00000000c0)=0x4) fcntl$setstatus(r0, 0x4, 0x800) 13:33:47 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) fcntl$F_SET_RW_HINT(r0, 0x40c, &(0x7f0000000040)=0x7) r1 = socket$l2tp(0x18, 0x1, 0x1) ioctl(r1, 0x8912, &(0x7f00000000c0)="153f6234418dd25d766070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000100), 0x8) [ 222.968889] bridge0: port 1(bridge_slave_0) entered blocking state [ 222.975548] bridge0: port 1(bridge_slave_0) entered disabled state [ 222.984106] device bridge_slave_0 entered promiscuous mode 13:33:48 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000003fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r2, 0x84, 0x8, &(0x7f0000013e95), 0x4) ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f00000000c0)={'veth1_to_bond\x00', &(0x7f0000000100)=ANY=[@ANYBLOB="3b000000020900000000000000000800e8efb20c6e8203755800c52d6535d3886aa4330e127685b93039a5797d31d4022e6124c874fc43c2a5134280c2a5b27b30e50b42856f30de3716f8591e108c3803dbfed509baee0a4257f4c961b8ae6d1e56e34087e824b03663f32d4e7c13d21a17698986197a2cd001121f2c2838cd0f29cdbb62f57c8a92abb0d55545a2a1dcdd749f9c0ad481fda6722314f1e917"]}) close(r2) fsetxattr$security_smack_transmute(r0, &(0x7f0000000000)='security.SMACK64TRANSMUTE\x00', &(0x7f0000000040)='TRUE', 0x4, 0x2) epoll_create1(0x80000) close(r1) [ 223.445871] bridge0: port 2(bridge_slave_1) entered blocking state [ 223.452507] bridge0: port 2(bridge_slave_1) entered disabled state [ 223.460721] device bridge_slave_1 entered promiscuous mode 13:33:48 executing program 0: r0 = socket$inet6(0xa, 0x80003, 0x800000000000006) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket(0x40000000002, 0x3, 0x2) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0xfcda) r2 = syz_open_dev$mouse(&(0x7f0000000080)='/dev/input/mouse#\x00', 0x1bdda5ca, 0x101000) ioctl$RTC_SET_TIME(r2, 0x4024700a, &(0x7f0000000140)={0x27, 0x30, 0x1, 0xd, 0x0, 0x20, 0x3, 0x112}) setsockopt$inet_int(r1, 0x0, 0x7, &(0x7f00000000c0)=0x6, 0x4) setsockopt$inet_int(r1, 0x0, 0x6, &(0x7f0000000000)=0x8000000939, 0x4) setsockopt$inet_int(r1, 0x0, 0x4, &(0x7f0000000100), 0x4) sendto$unix(r1, &(0x7f0000000080), 0x7272, 0x0, &(0x7f0000000d00)=@abs={0x0, 0x0, 0x10000e0}, 0x6e) readv(r1, &(0x7f0000000500)=[{&(0x7f0000000440)=""/175, 0xaf}], 0x1) [ 223.839458] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 224.010909] raw_sendmsg: syz-executor0 forgot to set AF_INET. Fix it! [ 224.209625] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready 13:33:49 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) sendto$inet6(r0, &(0x7f0000000280)="4a202186c4610fdd3df3b7eb57afbfb4467f325ff879a678cbc1353d697529d370017ee305edbc1ae6868739ae68d745479213463e352b102adf32e1d42df0748a3446804126f83e278b491c3e85836474ef07db38c524549a2d73264428c98b22739e3ba3c07fb7a54164d61643b8520844e459e39d23127b01e208666a4566b78eacbed563b51b544639aaacb71ef5602b4f1502155dfcaeb7f2f149218b6e1aed14cb73d5879365bb892cc7a8e54ca0e59416f64cc82da15d8782c192acf909d1ecbc64", 0xc5, 0x0, &(0x7f0000000380)={0xa, 0x4e23, 0x5, @empty, 0x5}, 0x1c) getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffff9c, 0x84, 0x1a, &(0x7f0000000540)={0x0, 0x92, "c9be1d99b57c5e8b6d654ec2641305de07ea8f1bfbb7e1280fe2f9d4665d7e6e89a326aa339bd8e2352ab5d8f76fb296fdad5da2f65b2386be68cbf94dc7cf0f1f380bc043e5b4f4b9af293fc4ee597682a5703fc6635e01d0d2c64dcd4b09b4c87cba7131cabe732d950bd89cd0191d319e6b7074a3d8301625dcf327133af50964ed8a40276465a3b56f0f05ec3d45ef31"}, &(0x7f0000000600)=0x9a) getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000640)={0x0, 0x140}, &(0x7f0000000680)=0x8) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f00000006c0)={r1, @in6={{0xa, 0x4e20, 0xa0000000000, @mcast2, 0x3}}, 0xf8, 0x7f, 0x6, 0x14f233a1}, &(0x7f00000000c0)=0xffffffffffffff78) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000180)={r2, @in={{0x2, 0x7, @dev={0xac, 0x14, 0x14, 0x18}}}, 0x6, 0x80000000}, &(0x7f00000003c0)=0x90) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x101300, 0x23) getsockopt$inet_dccp_int(r3, 0x21, 0x6, &(0x7f0000000040), &(0x7f0000000080)=0x4) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x0, 0x0, @loopback}, 0x1c) socket$inet_sctp(0x2, 0x0, 0x84) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000000100), &(0x7f0000000140)=0x8) r4 = syz_open_dev$usbmon(&(0x7f0000000240)='/dev/usbmon#\x00', 0x402ecfd7, 0x8000) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_INFO(r4, 0xc10c5541, &(0x7f0000000400)={0xf5, 0x0, 0x2, 0x0, 0x0, [], [], [], 0x0, 0x6}) 13:33:50 executing program 0: r0 = syz_open_pts(0xffffffffffffff9c, 0x80000) ioctl$TCSETSF(r0, 0x5404, &(0x7f00000000c0)={0x0, 0x5, 0x290e7be1, 0x4, 0xffffffffffffff00, 0x0, 0x7f, 0x7, 0x1000, 0x6, 0xaf80000000000000, 0x2}) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000180)=0x10000000000062) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0x0, 0x0, 0x0, 0xffffffffffffff46}) ioctl$TIOCSSOFTCAR(r1, 0x541a, &(0x7f0000000040)) [ 225.522318] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 225.942697] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 226.248511] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 226.255696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 226.578247] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 226.585496] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 227.659103] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 227.667303] team0: Port device team_slave_0 added [ 227.869928] 8021q: adding VLAN 0 to HW filter on device bond0 [ 227.919836] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 227.928413] team0: Port device team_slave_1 added [ 228.326478] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 228.334188] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 228.344575] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 228.569980] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 228.577276] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 228.586182] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 228.848023] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 228.855916] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 228.864836] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 229.035192] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 229.263563] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 229.271150] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 229.280060] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready 13:33:55 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x101000, 0x0) getsockopt$inet_buf(r0, 0x0, 0x2f, &(0x7f0000dcffe8)=""/24, &(0x7f0000000080)=0x18) [ 230.145982] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 230.152482] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 230.160178] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 230.999960] 8021q: adding VLAN 0 to HW filter on device team0 [ 231.960006] bridge0: port 2(bridge_slave_1) entered blocking state [ 231.966591] bridge0: port 2(bridge_slave_1) entered forwarding state [ 231.973599] bridge0: port 1(bridge_slave_0) entered blocking state [ 231.980056] bridge0: port 1(bridge_slave_0) entered forwarding state [ 231.988416] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 231.995149] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 233.626714] 8021q: adding VLAN 0 to HW filter on device bond0 [ 234.370588] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 235.117436] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 235.123933] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 235.131561] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 235.720961] 8021q: adding VLAN 0 to HW filter on device team0 13:34:01 executing program 2: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/wireless\x00') preadv(r0, &(0x7f0000000480), 0x100000000000027e, 0x0) 13:34:04 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)="2f02726f75702e7374617000", 0x2761, 0x0) r1 = openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000040), 0x2, 0x0) sendfile(r0, r1, &(0x7f0000000100), 0x2000000000c) [ 239.390715] 8021q: adding VLAN 0 to HW filter on device bond0 [ 239.698285] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 239.979324] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 239.985612] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 239.993491] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 240.275682] 8021q: adding VLAN 0 to HW filter on device team0 [ 242.068927] ================================================================== [ 242.076362] BUG: KMSAN: uninit-value in aa_fqlookupn_profile+0x32d/0x720 [ 242.083206] CPU: 0 PID: 7494 Comm: syz-executor4 Not tainted 4.19.0-rc4+ #63 [ 242.090383] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 242.099735] Call Trace: [ 242.102352] dump_stack+0x306/0x460 [ 242.105982] ? _raw_spin_lock_irqsave+0x227/0x340 [ 242.110823] ? aa_fqlookupn_profile+0x32d/0x720 [ 242.115522] kmsan_report+0x1a3/0x2d0 [ 242.119327] __msan_warning+0x7c/0xe0 [ 242.123130] aa_fqlookupn_profile+0x32d/0x720 [ 242.127645] ? __msan_warning+0x61/0xe0 [ 242.131660] aa_label_strn_parse+0x171e/0x1e30 [ 242.136274] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 242.141654] ? refcount_inc_not_zero_checked+0x5bb/0x6d0 [ 242.147125] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 242.152489] aa_label_parse+0x11f/0x130 [ 242.156509] aa_change_profile+0x827/0x3cc0 [ 242.160869] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 242.166232] ? strcmp+0x83/0x160 [ 242.169605] apparmor_setprocattr+0x1258/0x12f0 [ 242.174303] ? apparmor_getprocattr+0x630/0x630 [ 242.178993] security_setprocattr+0x139/0x210 [ 242.183502] proc_pid_attr_write+0x3f9/0x4e0 [ 242.187918] ? proc_pid_attr_read+0x500/0x500 [ 242.192415] __vfs_write+0x1f4/0xb70 [ 242.196146] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 242.201630] ? __sb_start_write+0xf8/0x230 [ 242.205884] vfs_write+0x495/0x8e0 [ 242.209439] __se_sys_write+0x183/0x370 [ 242.213428] __x64_sys_write+0x4a/0x70 [ 242.217334] do_syscall_64+0xbe/0x100 [ 242.221142] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 242.226330] RIP: 0033:0x457579 [ 242.229523] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 242.248446] RSP: 002b:00007f97740f3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 242.256178] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457579 [ 242.263449] RDX: 000000000000002c RSI: 0000000020000040 RDI: 0000000000000003 [ 242.270734] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 242.278000] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f97740f46d4 [ 242.285268] R13: 00000000004c5502 R14: 00000000004d8e08 R15: 00000000ffffffff [ 242.292549] [ 242.294171] Local variable description: ----ns_name@aa_fqlookupn_profile [ 242.300998] Variable was created at: [ 242.304719] aa_fqlookupn_profile+0x79/0x720 [ 242.309122] aa_label_strn_parse+0x171e/0x1e30 [ 242.313687] ================================================================== [ 242.321044] Disabling lock debugging due to kernel taint [ 242.326487] Kernel panic - not syncing: panic_on_warn set ... [ 242.326487] [ 242.333853] CPU: 0 PID: 7494 Comm: syz-executor4 Tainted: G B 4.19.0-rc4+ #63 [ 242.342440] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 242.351815] Call Trace: [ 242.354423] dump_stack+0x306/0x460 [ 242.358076] panic+0x54c/0xafa [ 242.361307] kmsan_report+0x2cd/0x2d0 [ 242.365122] __msan_warning+0x7c/0xe0 [ 242.368927] aa_fqlookupn_profile+0x32d/0x720 [ 242.373426] ? __msan_warning+0x61/0xe0 [ 242.377401] aa_label_strn_parse+0x171e/0x1e30 [ 242.382020] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 242.387384] ? refcount_inc_not_zero_checked+0x5bb/0x6d0 [ 242.392836] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 242.398221] aa_label_parse+0x11f/0x130 [ 242.402202] aa_change_profile+0x827/0x3cc0 [ 242.406556] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 242.411949] ? strcmp+0x83/0x160 [ 242.415321] apparmor_setprocattr+0x1258/0x12f0 [ 242.420007] ? apparmor_getprocattr+0x630/0x630 [ 242.424690] security_setprocattr+0x139/0x210 [ 242.429194] proc_pid_attr_write+0x3f9/0x4e0 [ 242.433615] ? proc_pid_attr_read+0x500/0x500 [ 242.438137] __vfs_write+0x1f4/0xb70 [ 242.441884] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 242.447272] ? __sb_start_write+0xf8/0x230 [ 242.451507] vfs_write+0x495/0x8e0 [ 242.455062] __se_sys_write+0x183/0x370 [ 242.459048] __x64_sys_write+0x4a/0x70 [ 242.462943] do_syscall_64+0xbe/0x100 [ 242.466742] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 242.471928] RIP: 0033:0x457579 [ 242.475113] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 242.494006] RSP: 002b:00007f97740f3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 242.501726] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457579 [ 242.509000] RDX: 000000000000002c RSI: 0000000020000040 RDI: 0000000000000003 [ 242.516261] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 242.523522] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f97740f46d4 [ 242.530781] R13: 00000000004c5502 R14: 00000000004d8e08 R15: 00000000ffffffff [ 242.539157] Kernel Offset: disabled [ 242.542795] Rebooting in 86400 seconds..