[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 56.360825] audit: type=1800 audit(1540193502.401:25): pid=6003 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 56.380372] audit: type=1800 audit(1540193502.421:26): pid=6003 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 56.400007] audit: type=1800 audit(1540193502.431:27): pid=6003 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.86' (ECDSA) to the list of known hosts. 2018/10/22 07:31:56 fuzzer started 2018/10/22 07:32:01 dialing manager at 10.128.0.26:43193 2018/10/22 07:32:01 syscalls: 1 2018/10/22 07:32:01 code coverage: enabled 2018/10/22 07:32:01 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled 2018/10/22 07:32:01 setuid sandbox: enabled 2018/10/22 07:32:01 namespace sandbox: enabled 2018/10/22 07:32:01 Android sandbox: /sys/fs/selinux/policy does not exist 2018/10/22 07:32:01 fault injection: enabled 2018/10/22 07:32:01 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2018/10/22 07:32:01 net packed injection: enabled 2018/10/22 07:32:01 net device setup: enabled 07:34:41 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000007c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f000002b000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f0000000540)="c4c140161666b833000f00d80fc79d04000000440f20c03505000000440f22c00f01c9c4e27913ccb9800000c00f3235000400000f3066b86e000f00d066b8e4008ee80fc7ab42430000", 0x4a}], 0x1, 0x0, &(0x7f0000000280), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000026000/0x18000)=nil, &(0x7f00000002c0)=[@textreal={0x8, &(0x7f00000001c0)="64650f01d10f21c13e0fc71ee4e564260533092e0f083e3636650f1811650f01cf0f20d86635200000000f22d80f0138baf80c66b8d0ffdb8566efbafc0c66b80900000066ef", 0x46}], 0x1, 0x0, &(0x7f0000000300)=[@cr4={0x1, 0x40220}], 0x1) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) socket$key(0xf, 0x3, 0x2) syzkaller login: [ 235.889853] IPVS: ftp: loaded support on port[0] = 21 [ 238.269124] bridge0: port 1(bridge_slave_0) entered blocking state [ 238.275681] bridge0: port 1(bridge_slave_0) entered disabled state [ 238.284375] device bridge_slave_0 entered promiscuous mode [ 238.424390] bridge0: port 2(bridge_slave_1) entered blocking state [ 238.430864] bridge0: port 2(bridge_slave_1) entered disabled state [ 238.439416] device bridge_slave_1 entered promiscuous mode [ 238.577484] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 238.715006] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready 07:34:45 executing program 1: r0 = syz_open_dev$loop(&(0x7f0000000280)='/dev/loop#\x00', 0x0, 0x0) ioctl$LOOP_SET_BLOCK_SIZE(r0, 0x4c09, 0x404) [ 239.142133] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 239.291222] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 239.675505] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 239.682691] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 239.908381] IPVS: ftp: loaded support on port[0] = 21 [ 240.502145] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 240.510156] team0: Port device team_slave_0 added [ 240.826345] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 240.834638] team0: Port device team_slave_1 added [ 241.114179] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 241.121218] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 241.130317] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 241.387723] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 241.394937] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 241.403756] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 241.657380] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 241.665137] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 241.674045] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 241.820020] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 241.827705] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 241.836836] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 242.820640] ip (6272) used greatest stack depth: 53264 bytes left [ 243.570333] bridge0: port 1(bridge_slave_0) entered blocking state [ 243.576966] bridge0: port 1(bridge_slave_0) entered disabled state [ 243.585554] device bridge_slave_0 entered promiscuous mode [ 243.815597] bridge0: port 2(bridge_slave_1) entered blocking state [ 243.822291] bridge0: port 2(bridge_slave_1) entered disabled state [ 243.830601] device bridge_slave_1 entered promiscuous mode [ 244.016370] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 244.265326] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready 07:34:50 executing program 2: r0 = syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x201, 0x8000000100079) ioctl$KVM_SET_CPUID(r0, 0xc0185500, &(0x7f0000000080)=ANY=[@ANYBLOB="2303338408"]) ioctl$BLKPBSZGET(r0, 0x127b, &(0x7f0000000040)) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) [ 244.574598] bridge0: port 2(bridge_slave_1) entered blocking state [ 244.581099] bridge0: port 2(bridge_slave_1) entered forwarding state [ 244.588205] bridge0: port 1(bridge_slave_0) entered blocking state [ 244.594756] bridge0: port 1(bridge_slave_0) entered forwarding state [ 244.603789] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 244.703344] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 245.147793] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 245.455934] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 245.579199] IPVS: ftp: loaded support on port[0] = 21 [ 245.746853] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 245.754804] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 246.075274] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 246.082522] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 246.943946] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 246.952162] team0: Port device team_slave_0 added [ 247.153532] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 247.161507] team0: Port device team_slave_1 added [ 247.417211] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 247.424487] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 247.433288] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 247.646764] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 247.654042] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 247.662852] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 247.901549] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 247.909262] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 247.918339] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 248.154277] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 248.162024] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 248.170811] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 250.495068] bridge0: port 1(bridge_slave_0) entered blocking state [ 250.501514] bridge0: port 1(bridge_slave_0) entered disabled state [ 250.510032] device bridge_slave_0 entered promiscuous mode [ 250.878203] bridge0: port 2(bridge_slave_1) entered blocking state [ 250.884790] bridge0: port 2(bridge_slave_1) entered disabled state [ 250.893305] device bridge_slave_1 entered promiscuous mode [ 251.121934] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 251.308803] bridge0: port 2(bridge_slave_1) entered blocking state [ 251.315420] bridge0: port 2(bridge_slave_1) entered forwarding state [ 251.322485] bridge0: port 1(bridge_slave_0) entered blocking state [ 251.328938] bridge0: port 1(bridge_slave_0) entered forwarding state [ 251.337685] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 251.422761] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 252.092750] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 252.272353] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 252.631808] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 252.913600] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 252.920642] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready 07:34:59 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000100)={&(0x7f0000000040), 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="0000000000000000140012000c0001006772657461700000040002000a0001009300000000000000"], 0x1}}, 0x0) [ 253.138252] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 253.145512] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 254.245456] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 254.245498] IPVS: ftp: loaded support on port[0] = 21 [ 254.253909] team0: Port device team_slave_0 added [ 254.576083] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 254.584196] team0: Port device team_slave_1 added [ 254.887395] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 254.894555] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 254.903480] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 255.323770] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 255.330811] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 255.339582] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 255.673609] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 255.681155] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 255.690077] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 256.089011] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 256.096778] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 256.105677] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 257.684214] 8021q: adding VLAN 0 to HW filter on device bond0 [ 259.167792] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 259.976097] bridge0: port 1(bridge_slave_0) entered blocking state [ 259.982674] bridge0: port 1(bridge_slave_0) entered disabled state [ 259.990976] device bridge_slave_0 entered promiscuous mode [ 260.138950] bridge0: port 2(bridge_slave_1) entered blocking state [ 260.145501] bridge0: port 2(bridge_slave_1) entered forwarding state [ 260.152521] bridge0: port 1(bridge_slave_0) entered blocking state [ 260.158977] bridge0: port 1(bridge_slave_0) entered forwarding state [ 260.167811] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 260.360182] bridge0: port 2(bridge_slave_1) entered blocking state [ 260.366959] bridge0: port 2(bridge_slave_1) entered disabled state [ 260.375661] device bridge_slave_1 entered promiscuous mode [ 260.492554] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 260.595362] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 260.607647] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 260.615817] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 260.775271] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 261.135369] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 261.929579] 8021q: adding VLAN 0 to HW filter on device team0 [ 262.204196] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 262.589687] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 262.950689] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 262.957834] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 263.309141] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 263.316441] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready 07:35:09 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$VT_ACTIVATE(0xffffffffffffffff, 0x5606, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f00000005c0)="82780000260f017731f3d87e0b0f20e06635000020000f22e066b9800000c00f326635002000000f30640f02d766b8008000000f23d80f21f86635400000f00f23f8db13b85f078ee82e0f01cf"}], 0xaaaaaaaaaaaac60, 0x0, &(0x7f0000000100), 0x330) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000180)={0x0, 0x103}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000040)={0x2, 0x0, [0x4b564d02, 0x1]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 264.628863] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 264.637151] team0: Port device team_slave_0 added [ 265.097678] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 265.105800] team0: Port device team_slave_1 added [ 265.194480] IPVS: ftp: loaded support on port[0] = 21 [ 265.559356] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 265.566478] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 265.575341] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 266.013887] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 266.020937] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 266.029801] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 266.206481] 8021q: adding VLAN 0 to HW filter on device bond0 [ 266.409632] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 266.417482] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 266.426295] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 266.848369] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 266.856463] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 266.865552] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 267.827600] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 269.516099] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 269.522673] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 269.530698] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 271.184679] 8021q: adding VLAN 0 to HW filter on device team0 [ 271.528973] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html for details. [ 271.857516] bridge0: port 2(bridge_slave_1) entered blocking state [ 271.864104] bridge0: port 2(bridge_slave_1) entered forwarding state [ 271.871032] bridge0: port 1(bridge_slave_0) entered blocking state [ 271.877674] bridge0: port 1(bridge_slave_0) entered forwarding state [ 271.886793] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 272.424740] bridge0: port 1(bridge_slave_0) entered blocking state [ 272.431213] bridge0: port 1(bridge_slave_0) entered disabled state [ 272.439743] device bridge_slave_0 entered promiscuous mode 07:35:18 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000007c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x80000, 0x0) ioctl$sock_bt(r2, 0x8906, &(0x7f0000000040)="73767ec56d13341f630b27d4d9cf75c05d4195bc0555660e682012a48aad3d6e970276678028f25cee4fee") syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f000002b000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f0000000540)="c4c140161666b833000f00d80fc79d04000000440f20c03505000000440f22c00f01c9c4e27913ccb9800000c00f3235000400000f3066b86e000f00d066b8e4008ee80fc7ab42430000", 0x4a}], 0x1, 0x0, &(0x7f0000000280), 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000026000/0x18000)=nil, &(0x7f00000002c0)=[@textreal={0x8, &(0x7f00000001c0)="64650f01d10f21c13e0fc71ee4e564260533092e0f083e3636650f1811650f01cf0f20d86635200000000f22d80f0138baf80c66b8d0ffdb8566efbafc0c66b80900000066ef", 0x46}], 0x1, 0x0, &(0x7f0000000300)=[@cr4={0x1, 0x40220}], 0x1) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) socket$key(0xf, 0x3, 0x2) [ 272.572498] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 272.997690] bridge0: port 2(bridge_slave_1) entered blocking state [ 273.004426] bridge0: port 2(bridge_slave_1) entered disabled state [ 273.013199] device bridge_slave_1 entered promiscuous mode [ 273.507786] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready 07:35:19 executing program 0: bind$alg(0xffffffffffffffff, &(0x7f0000000100)={0x26, 'skcipher\x00', 0x0, 0x0, 'lrw(serpent)\x00'}, 0x58) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r0 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0xfff, 0x103000) ioctl$EVIOCGSW(r0, 0x8040451b, &(0x7f0000000180)=""/113) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000200)="83e3551dff2265b12856e42104fea0b4", 0xfffffffffffffed0) [ 273.881282] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready 07:35:20 executing program 0: r0 = syz_open_dev$admmidi(&(0x7f00000012c0)='/dev/admmidi#\x00', 0xffffffffffffffe0, 0x10200) write$P9_RCLUNK(r0, &(0x7f0000001240)={0x7, 0x79, 0x2}, 0x7) setsockopt$IP_VS_SO_SET_ADDDEST(r0, 0x0, 0x487, &(0x7f0000001300)={{0x3c, @remote, 0x4e23, 0x1, 'rr\x00', 0x21, 0x6, 0x72}, {@empty, 0x4e24, 0x2000, 0x8, 0xb1f, 0x82f}}, 0x44) r1 = socket$alg(0x26, 0x5, 0x0) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ppp\x00', 0xc00, 0x0) fchdir(r1) bind$alg(r1, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'xcbc(aes-fixed-time)\x00'}, 0x58) ioctl$DRM_IOCTL_GET_UNIQUE(r2, 0xc0106401, &(0x7f0000000140)={0x1000, &(0x7f0000000240)=""/4096}) ioctl$sock_inet_SIOCGIFBRDADDR(r2, 0x8919, &(0x7f0000000180)={'bond0\x00', {0x2, 0x4e23, @multicast2}}) r3 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x1, 0x0) bind$alg(r2, &(0x7f00000000c0)={0x26, 'hash\x00', 0x0, 0x0, 'wp256-generic\x00'}, 0x58) socket$inet(0x2, 0x80000, 0xfffffffffffffe01) ioctl$EVIOCRMFF(r3, 0x40044581, &(0x7f0000000040)) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000000), 0xfffffd9b) ioctl$EXT4_IOC_PRECACHE_EXTENTS(r3, 0x6612) 07:35:21 executing program 0: mkdir(&(0x7f0000000180)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000480)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000200)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = creat(&(0x7f0000000040)='./control/file0\x00', 0x0) ioctl$SG_GET_KEEP_ORPHAN(r1, 0x2288, &(0x7f0000000000)) write$sndseq(r1, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) mkdir(&(0x7f0000000100)='./file0\x00', 0x0) setxattr$security_smack_transmute(&(0x7f0000000080)='./control/file0\x00', &(0x7f0000000140)='security.SMACK64TRANSMUTE\x00', &(0x7f00000001c0)='TRUE', 0x4, 0x2) unlink(&(0x7f00000000c0)='./control/file0\x00') rename(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000440)='./control/file1\x00') close(r0) [ 275.297198] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 275.678486] bond0: Enslaving bond_slave_1 as an active interface with an up link 07:35:21 executing program 0: semop(0x0, &(0x7f0000000000)=[{0x0, 0x2}, {0x0, 0x8}, {0x0, 0x100, 0x1000}, {0x5, 0x7fffffff}], 0x4) r0 = semget$private(0x0, 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='io.stat\x00', 0x0, 0x0) ioctl$TIOCLINUX5(r1, 0x541c, &(0x7f0000000080)={0x5, 0x4, 0x6, 0x8001}) getsockopt$inet_sctp6_SCTP_RECVNXTINFO(r1, 0x84, 0x21, &(0x7f0000000180), &(0x7f00000001c0)=0x4) semop(r0, &(0x7f0000000100)=[{0x0, 0x7}], 0x1) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0xb02, 0x0) ioctl$sock_inet_sctp_SIOCINQ(r2, 0x541b, &(0x7f0000000140)) [ 276.147357] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 276.154494] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready 07:35:22 executing program 0: r0 = socket$netlink(0x10, 0x3, 0xa) sendmsg$nl_xfrm(r0, &(0x7f0000000500)={&(0x7f0000000400), 0xc, &(0x7f00000004c0)={&(0x7f0000000440)=@getae={0x40, 0x1f, 0x0, 0x0, 0x0, {{@in=@dev}, @in=@local}}, 0x40}}, 0x0) r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x2, 0x0) getsockopt$bt_BT_DEFER_SETUP(r1, 0x112, 0x7, &(0x7f0000000040)=0x7, &(0x7f0000000080)=0x4) [ 276.634184] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 276.641283] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready 07:35:22 executing program 0: r0 = socket$inet(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f000021d000)={0x2, 0x4e21}, 0x3e) setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f0000000000)={@multicast1, @local, @multicast2}, 0xc) syz_emit_ethernet(0x32, &(0x7f0000000040)={@random="e187a48d30b3", @empty=[0xd000000, 0x0, 0x14], [{[{0x9100, 0x0, 0x0, 0x3}], {0x8100, 0x3, 0x227, 0x2}}], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @udp={0x0, 0x4e21, 0x8}}}}}, 0x0) 07:35:23 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000000)='/dev/snd/controlC#\x00', 0xfffffffffffffa33, 0x109000) ftruncate(r0, 0x3d76) ioctl$SNDRV_CTL_IOCTL_ELEM_LIST(r0, 0xc0505510, &(0x7f0000000140)={0x4, 0x4, 0x9, 0x674, &(0x7f0000000040)=[{}, {}, {}, {}]}) ioctl$FIGETBSZ(r0, 0x2, &(0x7f00000001c0)) r1 = accept(0xffffffffffffffff, &(0x7f0000000200)=@vsock={0x28, 0x0, 0x0, @host}, &(0x7f0000000280)=0x80) getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r1, 0x84, 0x1c, &(0x7f00000002c0), &(0x7f0000000300)=0x4) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000340)='./cgroup.net/syz1\x00', 0x200002, 0x0) setsockopt$inet_sctp6_SCTP_NODELAY(r1, 0x84, 0x3, &(0x7f0000000380)=0x7ff, 0x4) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/snapshot\x00', 0x400, 0x0) ioctl$TCGETS(r2, 0x5401, &(0x7f0000000400)) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r2, 0x80045530, &(0x7f0000000440)=""/108) socket$key(0xf, 0x3, 0x2) getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f00000004c0)={{{@in6=@local, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@rand_addr}, 0x0, @in6=@loopback}}, &(0x7f00000005c0)=0xe8) connect$packet(r1, &(0x7f0000000600)={0x11, 0x18, r3, 0x1, 0x3}, 0x14) ioctl$RTC_PLL_SET(r2, 0x40207012, &(0x7f0000000640)={0x40, 0x99, 0x20, 0x4, 0x5ccb, 0x37f3, 0x1}) r4 = getpgid(0xffffffffffffffff) r5 = perf_event_open(&(0x7f0000000680)={0x5, 0x70, 0x9, 0x7, 0x2, 0x3, 0x0, 0x5, 0x10000, 0xc, 0x4, 0xfffffffffffffffe, 0x2, 0x5, 0x81, 0x8, 0x1, 0xb21c, 0x4, 0x100000001, 0x728, 0x8, 0x0, 0x8fa7, 0x7, 0x0, 0x9be8, 0x5, 0x4, 0x8, 0xcec, 0x81, 0x101, 0x8da6, 0x4, 0x1, 0x1000, 0xa091, 0x0, 0x3ff, 0x0, @perf_config_ext={0x57, 0x7fff}, 0x4, 0x0, 0x3, 0x5, 0x559b, 0x5, 0x1}, r4, 0x200, r2, 0xa) r6 = semget(0x2, 0x2, 0x20) semop(r6, &(0x7f0000000700)=[{0x0, 0x39, 0x800}, {0x0, 0x401, 0x800}, {0x7, 0x100, 0x800}], 0x3) ioctl$PERF_EVENT_IOC_RESET(r5, 0x2403, 0x2) r7 = socket$xdp(0x2c, 0x3, 0x0) ioctl$EVIOCGABS20(r2, 0x80184560, &(0x7f0000000740)=""/190) ioctl$sock_bt_hidp_HIDPGETCONNLIST(r1, 0x800448d2, &(0x7f00000009c0)={0x3, &(0x7f0000000800)=[{}, {}, {}]}) ioctl$TCGETS(r2, 0x5401, &(0x7f0000000a00)) setsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000000a40)=0x78d9, 0x4) getsockopt$inet_sctp_SCTP_MAXSEG(r2, 0x84, 0xd, &(0x7f0000000a80)=@assoc_id=0x0, &(0x7f0000000ac0)=0x4) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000b00)={r8, @in={{0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}}, 0x81, 0x100000000, 0x4, 0x8, 0x8}, 0x98) ioctl$KVM_ENABLE_CAP(r2, 0x4068aea3, &(0x7f0000000bc0)={0x79, 0x0, [0xfffffffffffff000, 0x4, 0x1, 0x400]}) sendfile(r5, r7, &(0x7f0000000c40), 0x10000) getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000c80)=@assoc_value, &(0x7f0000000cc0)=0x8) [ 277.878087] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 277.886324] team0: Port device team_slave_0 added [ 278.055822] 8021q: adding VLAN 0 to HW filter on device bond0 [ 278.292811] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 278.300989] team0: Port device team_slave_1 added [ 278.463623] IPVS: ftp: loaded support on port[0] = 21 [ 278.673490] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 278.680556] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 278.689681] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 278.996268] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 279.003507] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 279.012281] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 279.413911] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 279.438318] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 279.445984] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 279.456133] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 279.727714] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 279.735510] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 279.744383] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 280.862842] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 280.869210] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 280.877161] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready 07:35:27 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_ENABLE_CAP_CPU(r2, 0xc008ae88, &(0x7f0000000140)={0x7b, 0x0, [0x40000002]}) [ 282.153570] 8021q: adding VLAN 0 to HW filter on device team0 [ 283.558164] bridge0: port 1(bridge_slave_0) entered blocking state [ 283.564966] bridge0: port 1(bridge_slave_0) entered disabled state [ 283.573748] device bridge_slave_0 entered promiscuous mode [ 283.703193] bridge0: port 2(bridge_slave_1) entered blocking state [ 283.709675] bridge0: port 2(bridge_slave_1) entered forwarding state [ 283.716700] bridge0: port 1(bridge_slave_0) entered blocking state [ 283.723244] bridge0: port 1(bridge_slave_0) entered forwarding state [ 283.731794] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 283.871475] bridge0: port 2(bridge_slave_1) entered blocking state [ 283.878127] bridge0: port 2(bridge_slave_1) entered disabled state [ 283.886739] device bridge_slave_1 entered promiscuous mode [ 284.165478] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 284.334322] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 284.490515] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 285.404008] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 285.679563] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 285.986472] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 285.993636] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 286.335608] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 286.342742] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 286.825790] 8021q: adding VLAN 0 to HW filter on device bond0 [ 287.073917] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 287.082208] team0: Port device team_slave_0 added [ 287.386185] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 287.394497] team0: Port device team_slave_1 added [ 287.702641] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 287.709697] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 287.718549] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 287.830856] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 288.008614] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 288.015794] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 288.024462] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 288.264849] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 288.272634] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 288.281573] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 288.605496] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 288.613238] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 288.622187] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 288.915413] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 288.922040] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 288.929927] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready 07:35:36 executing program 2: r0 = getpid() prctl$setptracer(0x59616d61, r0) r1 = getpgrp(0x0) prctl$setptracer(0x59616d61, r1) pipe(&(0x7f0000000000)) [ 289.939993] 8021q: adding VLAN 0 to HW filter on device team0 [ 291.499266] bridge0: port 2(bridge_slave_1) entered blocking state [ 291.505899] bridge0: port 2(bridge_slave_1) entered forwarding state [ 291.513037] bridge0: port 1(bridge_slave_0) entered blocking state [ 291.519539] bridge0: port 1(bridge_slave_0) entered forwarding state [ 291.528119] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 291.534858] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 294.113875] 8021q: adding VLAN 0 to HW filter on device bond0 [ 294.836632] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready 07:35:41 executing program 3: inotify_init1(0x0) ptrace(0x4207, 0x0) ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$inet6(0xa, 0x803, 0x3) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000fc0)={'ip6tnl0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000500)={&(0x7f0000000440)={0x10, 0xf0ffffff}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)=@delneigh={0x28, 0x1c, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x0, 0xf0ffffff}, [@NDA_LLADDR={0xa, 0x2, @empty=[0xf0ffffff]}]}, 0x28}}, 0x0) [ 295.455507] ================================================================== [ 295.462947] BUG: KMSAN: uninit-value in memcmp+0x117/0x180 [ 295.468598] CPU: 1 PID: 7581 Comm: syz-executor3 Not tainted 4.19.0-rc8+ #70 [ 295.475832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 295.485199] Call Trace: [ 295.487818] dump_stack+0x306/0x460 [ 295.491472] ? memcmp+0x117/0x180 [ 295.495521] kmsan_report+0x1a2/0x2e0 [ 295.499371] __msan_warning+0x7c/0xe0 [ 295.503207] memcmp+0x117/0x180 [ 295.506538] dev_mc_add_excl+0x165/0x770 [ 295.510651] rtnl_fdb_add+0xe83/0x12a0 [ 295.514609] ? rtnl_dump_all+0x540/0x540 [ 295.518857] rtnetlink_rcv_msg+0xa53/0x1590 [ 295.523241] ? __msan_poison_alloca+0x17a/0x210 [ 295.527943] ? kmsan_set_origin_inline+0x6b/0x120 [ 295.532846] ? kmsan_set_origin_inline+0x6b/0x120 [ 295.537723] ? kmsan_set_origin+0x83/0x140 [ 295.542010] netlink_rcv_skb+0x394/0x640 [ 295.546106] ? rtnetlink_bind+0x120/0x120 [ 295.550323] rtnetlink_rcv+0x50/0x60 [ 295.554085] netlink_unicast+0x166d/0x1720 [ 295.558388] ? rtnetlink_net_exit+0x90/0x90 [ 295.562777] netlink_sendmsg+0x1391/0x1420 [ 295.567112] ___sys_sendmsg+0xe47/0x1200 [ 295.571248] ? netlink_getsockopt+0x1560/0x1560 [ 295.575967] ? __fget+0x8f7/0x940 [ 295.579482] ? __fdget+0x318/0x430 [ 295.583068] __se_sys_sendmsg+0x307/0x460 [ 295.587290] __x64_sys_sendmsg+0x4a/0x70 [ 295.591389] do_syscall_64+0xbe/0x100 [ 295.595222] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 295.600436] RIP: 0033:0x457569 [ 295.603648] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 295.622574] RSP: 002b:00007f46e4148c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 295.630310] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457569 [ 295.637608] RDX: 0000000000000000 RSI: 0000000020000500 RDI: 0000000000000007 [ 295.644903] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 295.652198] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f46e41496d4 [ 295.659496] R13: 00000000004c38a5 R14: 00000000004d5700 R15: 00000000ffffffff [ 295.666816] [ 295.668454] Uninit was created at: [ 295.672015] kmsan_internal_poison_shadow+0xc8/0x1d0 [ 295.677119] kmsan_kmalloc+0xa4/0x120 [ 295.680942] kmsan_slab_alloc+0x10/0x20 [ 295.684932] __kmalloc_node_track_caller+0xb43/0x1400 [ 295.690118] __alloc_skb+0x422/0xe90 [ 295.693836] netlink_sendmsg+0xcaf/0x1420 [ 295.697984] ___sys_sendmsg+0xe47/0x1200 [ 295.702042] __se_sys_sendmsg+0x307/0x460 [ 295.706207] __x64_sys_sendmsg+0x4a/0x70 [ 295.710281] do_syscall_64+0xbe/0x100 [ 295.714125] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 295.719319] ================================================================== [ 295.726697] Disabling lock debugging due to kernel taint [ 295.732143] Kernel panic - not syncing: panic_on_warn set ... [ 295.732143] [ 295.739510] CPU: 1 PID: 7581 Comm: syz-executor3 Tainted: G B 4.19.0-rc8+ #70 [ 295.748095] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 295.757467] Call Trace: [ 295.760081] dump_stack+0x306/0x460 [ 295.763770] panic+0x54c/0xafa [ 295.766997] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 295.772454] kmsan_report+0x2d3/0x2e0 [ 295.776260] __msan_warning+0x7c/0xe0 [ 295.780067] memcmp+0x117/0x180 [ 295.783365] dev_mc_add_excl+0x165/0x770 [ 295.787440] rtnl_fdb_add+0xe83/0x12a0 [ 295.791421] ? rtnl_dump_all+0x540/0x540 [ 295.795481] rtnetlink_rcv_msg+0xa53/0x1590 [ 295.799822] ? __msan_poison_alloca+0x17a/0x210 [ 295.804502] ? kmsan_set_origin_inline+0x6b/0x120 [ 295.809460] ? kmsan_set_origin_inline+0x6b/0x120 [ 295.814304] ? kmsan_set_origin+0x83/0x140 [ 295.818549] netlink_rcv_skb+0x394/0x640 [ 295.822610] ? rtnetlink_bind+0x120/0x120 [ 295.826771] rtnetlink_rcv+0x50/0x60 [ 295.830486] netlink_unicast+0x166d/0x1720 [ 295.834732] ? rtnetlink_net_exit+0x90/0x90 [ 295.839094] netlink_sendmsg+0x1391/0x1420 [ 295.843371] ___sys_sendmsg+0xe47/0x1200 [ 295.847459] ? netlink_getsockopt+0x1560/0x1560 [ 295.852160] ? __fget+0x8f7/0x940 [ 295.855674] ? __fdget+0x318/0x430 [ 295.859256] __se_sys_sendmsg+0x307/0x460 [ 295.863438] __x64_sys_sendmsg+0x4a/0x70 [ 295.867500] do_syscall_64+0xbe/0x100 [ 295.871318] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 295.876530] RIP: 0033:0x457569 [ 295.879731] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 295.898658] RSP: 002b:00007f46e4148c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 295.906375] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457569 [ 295.913642] RDX: 0000000000000000 RSI: 0000000020000500 RDI: 0000000000000007 [ 295.920904] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 295.928167] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f46e41496d4 [ 295.935433] R13: 00000000004c38a5 R14: 00000000004d5700 R15: 00000000ffffffff [ 295.943671] Kernel Offset: disabled [ 295.947308] Rebooting in 86400 seconds..