[info] Using makefile-style concurrent boot in runlevel 2. [ 26.678539] audit: type=1800 audit(1545624306.270:21): pid=5866 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="bootlogs" dev="sda1" ino=2419 res=0 [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [....] startpar: service(s) returned failure: ssh ...[?25l[?1c7[FAIL8[?25h[?0c failed! Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.142' (ECDSA) to the list of known hosts. 2018/12/24 04:05:19 fuzzer started 2018/12/24 04:05:21 dialing manager at 10.128.0.26:33943 syzkaller login: [ 41.413651] ld (6052) used greatest stack depth: 15200 bytes left 2018/12/24 04:05:21 syscalls: 1 2018/12/24 04:05:21 code coverage: enabled 2018/12/24 04:05:21 comparison tracing: enabled 2018/12/24 04:05:21 setuid sandbox: enabled 2018/12/24 04:05:21 namespace sandbox: enabled 2018/12/24 04:05:21 Android sandbox: /sys/fs/selinux/policy does not exist 2018/12/24 04:05:21 fault injection: enabled 2018/12/24 04:05:21 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2018/12/24 04:05:21 net packet injection: enabled 2018/12/24 04:05:21 net device setup: enabled 04:07:39 executing program 0: syz_genetlink_get_family_id$ipvs(&(0x7f0000000000)='IPVS\x00') r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="cf"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f0000000240)={0x20001, 0x0, [0x4, 0x100000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7]}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000440)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 179.943934] IPVS: ftp: loaded support on port[0] = 21 04:07:39 executing program 1: pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) flock(r0, 0x1) flock(r1, 0x2) flock(r1, 0x100000000000001) flock(r0, 0x2) ioctl$BLKPBSZGET(r1, 0x127b, &(0x7f0000000180)) [ 180.176172] IPVS: ftp: loaded support on port[0] = 21 04:07:40 executing program 2: openat$qat_adf_ctl(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$SG_SET_DEBUG(0xffffffffffffffff, 0x227e, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x0) clone(0x802102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) gettid() perf_event_open(&(0x7f000000a000)={0x2, 0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400}, 0xa00000400, 0x0, 0x8000010004}, 0x0, 0x0, 0xffffffffffffffff, 0x0) umount2(0x0, 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='nfs\x00', 0x0, &(0x7f000000a000)) fstat(0xffffffffffffffff, 0x0) [ 180.624222] IPVS: ftp: loaded support on port[0] = 21 04:07:40 executing program 3: write(0xffffffffffffffff, &(0x7f0000000000)="6056844397050e47a94ec2270cdf86cf5bb355f036d43139299db8da00aef367ebeac781a787585cc21df3efc8dc3f9de1afa47317fa540c2ea3f5901059a4ea338053539d618f755d8f171b3fbc4b3993d73ae3290349c64cab2ba2e83bd9596425b3592e22eb08ffbf4869e8d653d5d154e0597d8285df141c190d16269422a4cafe168f7799ae668d33c1", 0x8c) r0 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={0x0}}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=@ipv4_delrule={0x30, 0x21, 0x1, 0x0, 0x0, {}, [@FRA_GENERIC_POLICY=@FRA_SUPPRESS_PREFIXLEN={0x8}, @FRA_GENERIC_POLICY=@FRA_L3MDEV={0x8}]}, 0x30}}, 0x0) sendmmsg$alg(r0, &(0x7f0000000140)=[{0x0, 0x0, &(0x7f0000000100), 0x0, &(0x7f0000000100)}], 0x492492492492805, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) [ 181.021168] IPVS: ftp: loaded support on port[0] = 21 04:07:40 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @remote}, 0x10) socket(0xa, 0x1, 0x0) setsockopt$sock_int(r1, 0x1, 0x29, &(0x7f0000000140), 0x4) [ 181.480725] IPVS: ftp: loaded support on port[0] = 21 [ 181.631365] bridge0: port 1(bridge_slave_0) entered blocking state [ 181.661532] bridge0: port 1(bridge_slave_0) entered disabled state [ 181.668864] device bridge_slave_0 entered promiscuous mode 04:07:41 executing program 5: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x2, 0x0) write$sndseq(r0, &(0x7f0000000000)=[{0x5, 0x4f6, 0x0, 0x0, @tick, {}, {}, @time}], 0x30) [ 181.812599] bridge0: port 2(bridge_slave_1) entered blocking state [ 181.819413] bridge0: port 2(bridge_slave_1) entered disabled state [ 181.828219] device bridge_slave_1 entered promiscuous mode [ 181.962202] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 181.996013] bridge0: port 1(bridge_slave_0) entered blocking state [ 182.011851] bridge0: port 1(bridge_slave_0) entered disabled state [ 182.041640] device bridge_slave_0 entered promiscuous mode [ 182.069752] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 182.115668] IPVS: ftp: loaded support on port[0] = 21 [ 182.239455] bridge0: port 2(bridge_slave_1) entered blocking state [ 182.258296] bridge0: port 2(bridge_slave_1) entered disabled state [ 182.266433] device bridge_slave_1 entered promiscuous mode [ 182.390084] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 182.443395] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 182.552104] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 182.581661] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 182.946076] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 183.054852] bridge0: port 1(bridge_slave_0) entered blocking state [ 183.061349] bridge0: port 1(bridge_slave_0) entered disabled state [ 183.079665] device bridge_slave_0 entered promiscuous mode [ 183.091000] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 183.149765] bridge0: port 1(bridge_slave_0) entered blocking state [ 183.195343] bridge0: port 1(bridge_slave_0) entered disabled state [ 183.203080] device bridge_slave_0 entered promiscuous mode [ 183.217388] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 183.229077] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 183.277014] bridge0: port 2(bridge_slave_1) entered blocking state [ 183.297495] bridge0: port 2(bridge_slave_1) entered disabled state [ 183.305224] device bridge_slave_1 entered promiscuous mode [ 183.313727] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 183.322646] team0: Port device team_slave_0 added [ 183.341766] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 183.357908] bridge0: port 2(bridge_slave_1) entered blocking state [ 183.381673] bridge0: port 2(bridge_slave_1) entered disabled state [ 183.389025] device bridge_slave_1 entered promiscuous mode [ 183.409199] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 183.455195] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 183.490757] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 183.498527] team0: Port device team_slave_1 added [ 183.512799] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 183.570003] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 183.653394] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 183.671037] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 183.682484] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 183.702197] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 183.738211] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 183.762616] team0: Port device team_slave_0 added [ 183.806342] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 183.863373] bridge0: port 1(bridge_slave_0) entered blocking state [ 183.869790] bridge0: port 1(bridge_slave_0) entered disabled state [ 183.883264] device bridge_slave_0 entered promiscuous mode [ 183.902217] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 183.909607] team0: Port device team_slave_1 added [ 183.941035] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 183.954528] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 183.970309] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 184.002666] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 184.013654] bridge0: port 2(bridge_slave_1) entered blocking state [ 184.020433] bridge0: port 2(bridge_slave_1) entered disabled state [ 184.032145] device bridge_slave_1 entered promiscuous mode [ 184.049327] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 184.073211] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 184.102239] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 184.122010] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 184.139110] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 184.154622] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 184.182474] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 184.192002] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 184.216067] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 184.266063] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 184.285980] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 184.301618] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 184.309495] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 184.350882] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 184.359707] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 184.383444] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 184.391186] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 184.409164] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 184.422261] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 184.434627] bridge0: port 1(bridge_slave_0) entered blocking state [ 184.441047] bridge0: port 1(bridge_slave_0) entered disabled state [ 184.453519] device bridge_slave_0 entered promiscuous mode [ 184.471681] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 184.490823] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 184.505835] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 184.540105] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 184.552250] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 184.575264] bridge0: port 2(bridge_slave_1) entered blocking state [ 184.585267] bridge0: port 2(bridge_slave_1) entered disabled state [ 184.594098] device bridge_slave_1 entered promiscuous mode [ 184.642000] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 184.652144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 184.728294] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 184.735304] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 184.754006] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 184.767736] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 184.839592] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 184.905442] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 184.924647] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 184.940340] team0: Port device team_slave_0 added [ 185.100460] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 185.122648] team0: Port device team_slave_1 added [ 185.141730] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 185.161087] team0: Port device team_slave_0 added [ 185.167228] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 185.180215] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 185.196221] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 185.252094] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 185.259040] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 185.272215] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 185.302784] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 185.316574] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 185.332317] team0: Port device team_slave_1 added [ 185.411787] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 185.418976] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 185.430489] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 185.460489] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 185.474306] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 185.497163] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 185.531257] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 185.547744] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 185.572333] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 185.601766] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 185.617557] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 185.634766] bridge0: port 2(bridge_slave_1) entered blocking state [ 185.641249] bridge0: port 2(bridge_slave_1) entered forwarding state [ 185.648234] bridge0: port 1(bridge_slave_0) entered blocking state [ 185.654682] bridge0: port 1(bridge_slave_0) entered forwarding state [ 185.663478] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 185.672384] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 185.683187] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 185.712434] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 185.723669] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 185.732240] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 185.739636] team0: Port device team_slave_0 added [ 185.768372] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 185.792809] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 185.852320] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 185.859465] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 185.882230] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 185.905502] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 185.914049] team0: Port device team_slave_1 added [ 186.003819] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 186.011267] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 186.022134] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 186.055745] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 186.066288] team0: Port device team_slave_0 added [ 186.086357] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 186.114008] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 186.185489] bridge0: port 2(bridge_slave_1) entered blocking state [ 186.192024] bridge0: port 2(bridge_slave_1) entered forwarding state [ 186.198744] bridge0: port 1(bridge_slave_0) entered blocking state [ 186.205235] bridge0: port 1(bridge_slave_0) entered forwarding state [ 186.213557] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 186.231974] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 186.238972] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 186.256129] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 186.304779] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 186.350351] team0: Port device team_slave_1 added [ 186.359482] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 186.386800] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 186.418311] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 186.452667] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 186.467938] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 186.494610] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 186.504646] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 186.562023] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 186.572136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 186.588728] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 186.604546] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 186.615592] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 186.735121] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 186.758447] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 186.782165] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 186.870097] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 186.900246] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 186.928062] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 187.091667] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 187.170487] bridge0: port 2(bridge_slave_1) entered blocking state [ 187.176907] bridge0: port 2(bridge_slave_1) entered forwarding state [ 187.183651] bridge0: port 1(bridge_slave_0) entered blocking state [ 187.190072] bridge0: port 1(bridge_slave_0) entered forwarding state [ 187.200620] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 187.470480] bridge0: port 2(bridge_slave_1) entered blocking state [ 187.477042] bridge0: port 2(bridge_slave_1) entered forwarding state [ 187.483789] bridge0: port 1(bridge_slave_0) entered blocking state [ 187.490167] bridge0: port 1(bridge_slave_0) entered forwarding state [ 187.501227] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 188.091663] bridge0: port 2(bridge_slave_1) entered blocking state [ 188.098216] bridge0: port 2(bridge_slave_1) entered forwarding state [ 188.104940] bridge0: port 1(bridge_slave_0) entered blocking state [ 188.111358] bridge0: port 1(bridge_slave_0) entered forwarding state [ 188.126667] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 188.147857] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 188.165939] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 188.173800] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 188.348551] bridge0: port 2(bridge_slave_1) entered blocking state [ 188.354990] bridge0: port 2(bridge_slave_1) entered forwarding state [ 188.361692] bridge0: port 1(bridge_slave_0) entered blocking state [ 188.368075] bridge0: port 1(bridge_slave_0) entered forwarding state [ 188.379006] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 189.181533] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 191.195484] 8021q: adding VLAN 0 to HW filter on device bond0 [ 191.394324] 8021q: adding VLAN 0 to HW filter on device bond0 [ 191.678594] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 191.934458] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 192.264327] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 192.271690] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 192.282296] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 192.295879] 8021q: adding VLAN 0 to HW filter on device bond0 [ 192.484847] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 192.491176] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 192.510917] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 192.565372] 8021q: adding VLAN 0 to HW filter on device bond0 [ 192.784926] 8021q: adding VLAN 0 to HW filter on device team0 [ 192.825806] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 192.882737] 8021q: adding VLAN 0 to HW filter on device team0 [ 193.058987] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 193.220896] 8021q: adding VLAN 0 to HW filter on device bond0 [ 193.381248] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 193.402151] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 193.409390] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 193.459924] 8021q: adding VLAN 0 to HW filter on device bond0 [ 193.577014] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 193.587050] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 193.598392] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 193.706431] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 193.813246] 8021q: adding VLAN 0 to HW filter on device team0 [ 193.991291] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 194.018063] 8021q: adding VLAN 0 to HW filter on device team0 [ 194.118593] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 194.130203] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 194.151266] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 194.461939] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 194.469052] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 194.492177] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 194.645539] 8021q: adding VLAN 0 to HW filter on device team0 [ 194.900052] 8021q: adding VLAN 0 to HW filter on device team0 [ 195.790056] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html for details. [ 195.837785] ================================================================== [ 195.845278] BUG: KASAN: slab-out-of-bounds in fpstate_init+0x50/0x160 [ 195.851868] Write of size 832 at addr ffff8881bc698bc0 by task syz-executor0/7500 [ 195.859491] [ 195.861140] CPU: 0 PID: 7500 Comm: syz-executor0 Not tainted 4.20.0-rc6-next-20181217+ #172 [ 195.869651] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 195.879032] Call Trace: [ 195.881644] dump_stack+0x244/0x39d [ 195.885291] ? dump_stack_print_info.cold.1+0x20/0x20 [ 195.890505] ? printk+0xa7/0xcf [ 195.893801] ? kmsg_dump_rewind_nolock+0xe4/0xe4 [ 195.898584] print_address_description.cold.4+0x9/0x1ff [ 195.903980] ? fpstate_init+0x50/0x160 [ 195.907887] kasan_report.cold.5+0x1b/0x39 [ 195.912137] ? fpstate_init+0x50/0x160 [ 195.916044] ? fpstate_init+0x50/0x160 [ 195.919970] check_memory_region+0x13e/0x1b0 [ 195.924396] memset+0x23/0x40 [ 195.927537] fpstate_init+0x50/0x160 [ 195.931261] kvm_arch_vcpu_init+0x3e9/0x870 [ 195.935601] kvm_vcpu_init+0x2fa/0x420 [ 195.939505] ? vcpu_stat_get+0x300/0x300 [ 195.943584] ? kmem_cache_alloc+0x33f/0x730 [ 195.947934] vmx_create_vcpu+0x1b7/0x2695 [ 195.952116] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 195.957239] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 195.961837] ? preempt_schedule+0x4d/0x60 [ 195.966015] ? preempt_schedule_common+0x1f/0xe0 [ 195.970791] ? vmx_exec_control+0x210/0x210 [ 195.975126] ? ___preempt_schedule+0x16/0x18 [ 195.979578] ? kasan_check_write+0x14/0x20 [ 195.983824] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 195.988765] ? wait_for_completion+0x8a0/0x8a0 [ 195.993385] ? print_usage_bug+0xc0/0xc0 [ 195.997476] ? migrate_swap_stop+0x8a0/0x8a0 [ 196.001901] kvm_arch_vcpu_create+0xe5/0x220 [ 196.006337] ? kvm_arch_vcpu_free+0x90/0x90 [ 196.010675] kvm_vm_ioctl+0x526/0x2030 [ 196.014591] ? kvm_unregister_device_ops+0x70/0x70 [ 196.019541] ? mark_held_locks+0x130/0x130 [ 196.023814] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 196.029022] ? drop_futex_key_refs.isra.14+0x6d/0xe0 [ 196.034134] ? futex_wake+0x304/0x760 [ 196.037997] ? __lock_acquire+0x62f/0x4c20 [ 196.042284] ? mark_held_locks+0x130/0x130 [ 196.046550] ? graph_lock+0x270/0x270 [ 196.050360] ? do_futex+0x249/0x26d0 [ 196.054106] ? rcu_read_unlock_special+0x370/0x370 [ 196.059048] ? rcu_softirq_qs+0x20/0x20 [ 196.063032] ? unwind_dump+0x190/0x190 [ 196.066934] ? find_held_lock+0x36/0x1c0 [ 196.071028] ? __fget+0x4aa/0x740 [ 196.074496] ? lock_downgrade+0x900/0x900 [ 196.078721] ? check_preemption_disabled+0x48/0x280 [ 196.083750] ? kasan_check_read+0x11/0x20 [ 196.087907] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 196.093207] ? rcu_read_unlock_special+0x370/0x370 [ 196.098153] ? __fget+0x4d1/0x740 [ 196.101647] ? ksys_dup3+0x680/0x680 [ 196.105423] ? __might_fault+0x12b/0x1e0 [ 196.109491] ? lock_downgrade+0x900/0x900 [ 196.113654] ? lock_release+0xa00/0xa00 [ 196.117646] ? perf_trace_sched_process_exec+0x860/0x860 [ 196.123137] ? kvm_unregister_device_ops+0x70/0x70 [ 196.128092] do_vfs_ioctl+0x1de/0x1790 [ 196.132019] ? ioctl_preallocate+0x300/0x300 [ 196.136460] ? __fget_light+0x2e9/0x430 [ 196.140477] ? fget_raw+0x20/0x20 [ 196.143986] ? _copy_to_user+0xc8/0x110 [ 196.148000] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 196.154028] ? put_timespec64+0x10f/0x1b0 [ 196.158194] ? nsecs_to_jiffies+0x30/0x30 [ 196.162364] ? do_syscall_64+0x9a/0x820 [ 196.166346] ? do_syscall_64+0x9a/0x820 [ 196.170332] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 196.174933] ? security_file_ioctl+0x94/0xc0 [ 196.179379] ksys_ioctl+0xa9/0xd0 [ 196.182849] __x64_sys_ioctl+0x73/0xb0 [ 196.186766] do_syscall_64+0x1b9/0x820 [ 196.190685] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 196.196067] ? syscall_return_slowpath+0x5e0/0x5e0 [ 196.201007] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 196.205866] ? trace_hardirqs_on_caller+0x310/0x310 [ 196.210896] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 196.215939] ? prepare_exit_to_usermode+0x291/0x3b0 [ 196.221013] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 196.225884] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 196.231099] RIP: 0033:0x457669 [ 196.234314] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 196.253308] RSP: 002b:00007fa1a9705c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 196.261054] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457669 [ 196.268326] RDX: 0000000000000002 RSI: 000000000000ae41 RDI: 0000000000000004 [ 196.275603] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 196.282875] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa1a97066d4 [ 196.290148] R13: 00000000004c00ff R14: 00000000004d1170 R15: 00000000ffffffff [ 196.297481] [ 196.299121] Allocated by task 7500: [ 196.302772] save_stack+0x43/0xd0 [ 196.306291] kasan_kmalloc+0xcb/0xd0 [ 196.310021] kasan_slab_alloc+0x12/0x20 [ 196.314021] kmem_cache_alloc+0x130/0x730 [ 196.318184] vmx_create_vcpu+0x110/0x2695 [ 196.322340] kvm_arch_vcpu_create+0xe5/0x220 [ 196.326773] kvm_vm_ioctl+0x526/0x2030 [ 196.330670] do_vfs_ioctl+0x1de/0x1790 [ 196.334568] ksys_ioctl+0xa9/0xd0 [ 196.338030] __x64_sys_ioctl+0x73/0xb0 [ 196.341927] do_syscall_64+0x1b9/0x820 [ 196.345845] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 196.351046] [ 196.352676] Freed by task 0: [ 196.355707] (stack is not available) [ 196.359412] [ 196.361056] The buggy address belongs to the object at ffff8881bc698b80 [ 196.361056] which belongs to the cache x86_fpu of size 832 [ 196.373393] The buggy address is located 64 bytes inside of [ 196.373393] 832-byte region [ffff8881bc698b80, ffff8881bc698ec0) [ 196.385220] The buggy address belongs to the page: [ 196.390173] page:ffffea0006f1a600 count:1 mapcount:0 mapping:ffff8881d5161940 index:0x0 [ 196.398370] flags: 0x2fffc0000000200(slab) [ 196.402615] raw: 02fffc0000000200 ffff8881d5162548 ffff8881d5162548 ffff8881d5161940 [ 196.410509] raw: 0000000000000000 ffff8881bc698040 0000000100000004 0000000000000000 [ 196.418391] page dumped because: kasan: bad access detected [ 196.424113] [ 196.425743] Memory state around the buggy address: [ 196.430689] ffff8881bc698d80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 196.438059] ffff8881bc698e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 196.445427] >ffff8881bc698e80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 196.452790] ^ [ 196.458261] ffff8881bc698f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 196.465643] ffff8881bc698f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 196.473012] ================================================================== [ 196.480374] Disabling lock debugging due to kernel taint [ 196.533557] Kernel panic - not syncing: panic_on_warn set ... [ 196.539553] CPU: 0 PID: 7500 Comm: syz-executor0 Tainted: G B 4.20.0-rc6-next-20181217+ #172 [ 196.549436] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 196.558798] Call Trace: [ 196.561410] dump_stack+0x244/0x39d [ 196.565066] ? dump_stack_print_info.cold.1+0x20/0x20 [ 196.570308] ? fpstate_init+0x30/0x160 [ 196.574211] panic+0x2ad/0x632 [ 196.577415] ? add_taint.cold.5+0x16/0x16 [ 196.581575] ? preempt_schedule+0x4d/0x60 [ 196.585742] ? ___preempt_schedule+0x16/0x18 [ 196.590193] ? trace_hardirqs_on+0xb4/0x310 [ 196.594526] ? fpstate_init+0x50/0x160 [ 196.598425] end_report+0x47/0x4f [ 196.601902] kasan_report.cold.5+0xe/0x39 [ 196.606064] ? fpstate_init+0x50/0x160 [ 196.609974] ? fpstate_init+0x50/0x160 [ 196.613871] check_memory_region+0x13e/0x1b0 [ 196.618294] memset+0x23/0x40 [ 196.621427] fpstate_init+0x50/0x160 [ 196.625168] kvm_arch_vcpu_init+0x3e9/0x870 [ 196.629506] kvm_vcpu_init+0x2fa/0x420 [ 196.633432] ? vcpu_stat_get+0x300/0x300 [ 196.637534] ? kmem_cache_alloc+0x33f/0x730 [ 196.641882] vmx_create_vcpu+0x1b7/0x2695 [ 196.646038] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 196.651157] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 196.655749] ? preempt_schedule+0x4d/0x60 [ 196.659926] ? preempt_schedule_common+0x1f/0xe0 [ 196.664713] ? vmx_exec_control+0x210/0x210 [ 196.669066] ? ___preempt_schedule+0x16/0x18 [ 196.673477] ? kasan_check_write+0x14/0x20 [ 196.677716] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 196.682662] ? wait_for_completion+0x8a0/0x8a0 [ 196.687282] ? print_usage_bug+0xc0/0xc0 [ 196.691375] ? migrate_swap_stop+0x8a0/0x8a0 [ 196.695811] kvm_arch_vcpu_create+0xe5/0x220 [ 196.700257] ? kvm_arch_vcpu_free+0x90/0x90 [ 196.704617] kvm_vm_ioctl+0x526/0x2030 [ 196.708537] ? kvm_unregister_device_ops+0x70/0x70 [ 196.713476] ? mark_held_locks+0x130/0x130 [ 196.717723] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 196.722929] ? drop_futex_key_refs.isra.14+0x6d/0xe0 [ 196.728129] ? futex_wake+0x304/0x760 [ 196.731985] ? __lock_acquire+0x62f/0x4c20 [ 196.736264] ? mark_held_locks+0x130/0x130 [ 196.740520] ? graph_lock+0x270/0x270 [ 196.744332] ? do_futex+0x249/0x26d0 [ 196.748069] ? rcu_read_unlock_special+0x370/0x370 [ 196.753011] ? rcu_softirq_qs+0x20/0x20 [ 196.757006] ? unwind_dump+0x190/0x190 [ 196.760911] ? find_held_lock+0x36/0x1c0 [ 196.765012] ? __fget+0x4aa/0x740 [ 196.768504] ? lock_downgrade+0x900/0x900 [ 196.772663] ? check_preemption_disabled+0x48/0x280 [ 196.777706] ? kasan_check_read+0x11/0x20 [ 196.781857] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 196.787141] ? rcu_read_unlock_special+0x370/0x370 [ 196.792074] ? __fget+0x4d1/0x740 [ 196.795542] ? ksys_dup3+0x680/0x680 [ 196.799259] ? __might_fault+0x12b/0x1e0 [ 196.803339] ? lock_downgrade+0x900/0x900 [ 196.807490] ? lock_release+0xa00/0xa00 [ 196.811465] ? perf_trace_sched_process_exec+0x860/0x860 [ 196.816919] ? kvm_unregister_device_ops+0x70/0x70 [ 196.821864] do_vfs_ioctl+0x1de/0x1790 [ 196.825758] ? ioctl_preallocate+0x300/0x300 [ 196.830170] ? __fget_light+0x2e9/0x430 [ 196.834147] ? fget_raw+0x20/0x20 [ 196.837602] ? _copy_to_user+0xc8/0x110 [ 196.841581] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 196.847129] ? put_timespec64+0x10f/0x1b0 [ 196.851283] ? nsecs_to_jiffies+0x30/0x30 [ 196.855450] ? do_syscall_64+0x9a/0x820 [ 196.859426] ? do_syscall_64+0x9a/0x820 [ 196.863400] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 196.868008] ? security_file_ioctl+0x94/0xc0 [ 196.872437] ksys_ioctl+0xa9/0xd0 [ 196.875897] __x64_sys_ioctl+0x73/0xb0 [ 196.879821] do_syscall_64+0x1b9/0x820 [ 196.883712] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 196.889104] ? syscall_return_slowpath+0x5e0/0x5e0 [ 196.894036] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 196.898889] ? trace_hardirqs_on_caller+0x310/0x310 [ 196.903926] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 196.908966] ? prepare_exit_to_usermode+0x291/0x3b0 [ 196.913997] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 196.918850] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 196.924053] RIP: 0033:0x457669 [ 196.927251] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 196.946158] RSP: 002b:00007fa1a9705c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 196.953917] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457669 [ 196.961207] RDX: 0000000000000002 RSI: 000000000000ae41 RDI: 0000000000000004 [ 196.968482] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 196.975772] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa1a97066d4 [ 196.983054] R13: 00000000004c00ff R14: 00000000004d1170 R15: 00000000ffffffff [ 196.991494] Kernel Offset: disabled [ 196.995125] Rebooting in 86400 seconds..