[....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [ 58.084625] sshd (6151) used greatest stack depth: 53392 bytes left [....] Starting OpenBSD Secure Shell server: sshd[ 58.264298] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 60.298684] random: sshd: uninitialized urandom read (32 bytes read) [ 60.689020] random: sshd: uninitialized urandom read (32 bytes read) [ 62.266044] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.0.38' (ECDSA) to the list of known hosts. [ 68.026530] random: sshd: uninitialized urandom read (32 bytes read) 2018/10/08 05:49:01 fuzzer started [ 72.506103] random: cc1: uninitialized urandom read (8 bytes read) [ 73.076802] as (6241) used greatest stack depth: 53184 bytes left 2018/10/08 05:49:05 dialing manager at 10.128.0.26:36867 2018/10/08 05:49:05 syscalls: 1 2018/10/08 05:49:05 code coverage: enabled 2018/10/08 05:49:05 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled 2018/10/08 05:49:05 setuid sandbox: enabled 2018/10/08 05:49:05 namespace sandbox: enabled 2018/10/08 05:49:05 Android sandbox: /sys/fs/selinux/policy does not exist 2018/10/08 05:49:05 fault injection: enabled 2018/10/08 05:49:05 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2018/10/08 05:49:05 net packed injection: enabled 2018/10/08 05:49:05 net device setup: enabled [ 78.453251] random: crng init done 05:51:14 executing program 0: r0 = socket$l2tp(0x18, 0x1, 0x1) ioctl(r0, 0x8912, &(0x7f00000000c0)="153f6234418dd25d766070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000580)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000000080)) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) ioctl$KVM_SET_PIT2(r2, 0x4070aea0, &(0x7f00000001c0)={[{0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]}) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={"626f6e643000000000f98b00"}) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="0f425f69f20f38f10b650feda5000066b9800000c00f326635004000000f30b80d008ec86666de3c0f01cf260f01cb2665660f3a618c0060540fc76b39", 0x3d}], 0x1, 0x0, &(0x7f00000002c0), 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 204.373846] IPVS: ftp: loaded support on port[0] = 21 [ 206.675722] bridge0: port 1(bridge_slave_0) entered blocking state [ 206.682359] bridge0: port 1(bridge_slave_0) entered disabled state [ 206.690909] device bridge_slave_0 entered promiscuous mode [ 206.834272] bridge0: port 2(bridge_slave_1) entered blocking state [ 206.840744] bridge0: port 2(bridge_slave_1) entered disabled state [ 206.849225] device bridge_slave_1 entered promiscuous mode [ 206.985203] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 207.124366] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 207.545594] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 207.685669] bond0: Enslaving bond_slave_1 as an active interface with an up link 05:51:18 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00005f5000)={0x0, 0x0, &(0x7f00008feff0)={&(0x7f000080e000)={0x2, 0xe, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x6, 0x0, 0xffffff80, 0x0, @in6}, @sadb_x_policy={0x8, 0x12, 0x0, 0x2, 0x0, 0x0, 0x0, {0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @in=@remote={0xac, 0x14, 0xffffffffffffffff}, @in=@dev}}, @sadb_address={0x5, 0x5, 0x0, 0xffffff80, 0x0, @in6={0xa, 0x0, 0x0, @local={0xfe, 0x80, [], 0xffffffffffffffff}}}]}, 0xa0}}, 0x0) sendmsg$key(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="0213000002000000000000000000e9ff737eccc7e1480cd17f"], 0x19}}, 0x0) [ 208.122869] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 208.129912] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 208.627353] IPVS: ftp: loaded support on port[0] = 21 [ 208.919293] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 208.927522] team0: Port device team_slave_0 added [ 209.069410] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 209.077510] team0: Port device team_slave_1 added [ 209.308152] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 209.315322] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 209.324498] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 209.558353] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 209.565467] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 209.574516] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 209.864226] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 209.871962] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 209.881000] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 210.176477] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 210.184212] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 210.193360] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 212.501777] bridge0: port 1(bridge_slave_0) entered blocking state [ 212.508241] bridge0: port 1(bridge_slave_0) entered disabled state [ 212.516903] device bridge_slave_0 entered promiscuous mode [ 212.690065] bridge0: port 2(bridge_slave_1) entered blocking state [ 212.696632] bridge0: port 2(bridge_slave_1) entered forwarding state [ 212.703645] bridge0: port 1(bridge_slave_0) entered blocking state [ 212.710087] bridge0: port 1(bridge_slave_0) entered forwarding state [ 212.719053] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 212.737704] bridge0: port 2(bridge_slave_1) entered blocking state [ 212.744298] bridge0: port 2(bridge_slave_1) entered disabled state [ 212.752739] device bridge_slave_1 entered promiscuous mode 05:51:23 executing program 2: r0 = creat(&(0x7f0000000200)='./bus\x00', 0x0) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000280)=0x0) fcntl$setown(r0, 0x8, r1) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x5}, 0x0, 0xfffbffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000100)='/dev/full\x00', 0x0, 0x0) gettid() fcntl$setown(0xffffffffffffffff, 0x8, 0x0) fcntl$setsig(0xffffffffffffffff, 0xa, 0x0) r3 = dup2(0xffffffffffffffff, 0xffffffffffffffff) ioctl$BLKRESETZONE(0xffffffffffffffff, 0x40101283, &(0x7f0000000240)={0x2}) r4 = syz_open_dev$loop(&(0x7f0000000180)='/dev/loop#\x00', 0x0, 0x8100) lstat(&(0x7f0000000140)='./bus\x00', &(0x7f00000005c0)) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket(0x11, 0x803, 0x0) ioctl$sock_inet_tcp_SIOCINQ(r5, 0x541b, &(0x7f0000000000)) getresuid(&(0x7f0000000c80), &(0x7f0000000cc0), &(0x7f0000000d00)) getsockopt$inet6_IPV6_IPSEC_POLICY(r2, 0x29, 0x22, &(0x7f0000000d40)={{{@in=@multicast1, @in=@broadcast}}, {{}, 0x0, @in6=@dev}}, &(0x7f0000000e40)=0xe8) getsockopt$inet_IP_IPSEC_POLICY(r3, 0x0, 0x10, &(0x7f0000003880)={{{@in6, @in6=@remote}}, {{@in6=@ipv4={[], [], @multicast2}}, 0x0, @in6=@mcast2}}, &(0x7f0000003980)=0xe8) getresuid(&(0x7f00000039c0), &(0x7f0000003a00), &(0x7f0000003a40)) fstat(r2, &(0x7f00000050c0)) getsockopt$inet_IP_IPSEC_POLICY(r4, 0x0, 0x10, &(0x7f0000005140)={{{@in=@multicast1, @in=@broadcast}}, {{@in6=@ipv4={[], [], @dev}}}}, &(0x7f0000005240)=0xe8) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000006780), &(0x7f00000067c0)=0xc) perf_event_open(&(0x7f0000940000)={0x0, 0x70, 0xee6a}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) rt_sigaction(0x30, &(0x7f0000000340)={&(0x7f00000001c0)="c401792b780041dd33cfc4e16e5285e800000066450f38020966660f6c2cd1c461265aeff04481060000002199c40211af19", {0xfe8}, 0x10000000, &(0x7f00000002c0)="c4e27d0e3500000000c48213f6b0fbffffff430f78ab89000000f042804c412702ff8e07d90000f2f046302f0f1bae87a1591ef3a5c4a17fe6b50000008045d9f7"}, &(0x7f0000000440)={&(0x7f0000000380)="8f6950014e1f36420f54dbc4a20dbfdb8f6978c11b8f885885cdf9c481ac5cc93e0ffd8bff2f027bf30f7ffcc441e55d1ac4217c118075980000", {}, 0x0, &(0x7f0000000400)="f243afc4c3d122641f1213660fe47cfd0041700cc44199d44006c463b5496f00fa66470f78c30056f3440f2cc0c4237122b5040000000d64410f0f7c81e1a7"}, 0x8, &(0x7f0000000480)) sysinfo(&(0x7f00000007c0)=""/154) ioctl$BLKPG(r4, 0x1269, &(0x7f00000006c0)={0x1, 0x0, 0x0, &(0x7f0000000800)}) [ 212.983175] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 213.274794] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 213.383181] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 213.883739] IPVS: ftp: loaded support on port[0] = 21 [ 214.164753] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 214.421733] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 214.673050] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 214.680074] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 214.943824] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 214.950870] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 215.747542] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 215.755847] team0: Port device team_slave_0 added [ 216.079610] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 216.087845] team0: Port device team_slave_1 added [ 216.378043] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 216.387223] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 216.396475] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 216.682415] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 216.689450] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 216.698538] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 216.905192] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 216.912864] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 216.921999] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 217.219418] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 217.227207] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 217.236377] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 218.502264] bridge0: port 1(bridge_slave_0) entered blocking state [ 218.508865] bridge0: port 1(bridge_slave_0) entered disabled state [ 218.517333] device bridge_slave_0 entered promiscuous mode [ 218.767242] bridge0: port 2(bridge_slave_1) entered blocking state [ 218.773854] bridge0: port 2(bridge_slave_1) entered disabled state [ 218.782467] device bridge_slave_1 entered promiscuous mode [ 219.027924] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 219.246671] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 220.022280] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 220.282708] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 220.497505] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 220.506130] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 220.529362] bridge0: port 2(bridge_slave_1) entered blocking state [ 220.535865] bridge0: port 2(bridge_slave_1) entered forwarding state [ 220.542866] bridge0: port 1(bridge_slave_0) entered blocking state [ 220.549338] bridge0: port 1(bridge_slave_0) entered forwarding state [ 220.558523] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 220.572388] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 220.830115] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 220.837231] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready 05:51:31 executing program 3: ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000000380)) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000580)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000080)) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f00000001c0)={[{0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]}) [ 221.863533] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 221.871459] team0: Port device team_slave_0 added [ 221.977799] IPVS: ftp: loaded support on port[0] = 21 [ 222.146628] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 222.154734] team0: Port device team_slave_1 added [ 222.533406] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 222.540469] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 222.549583] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 222.933086] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 222.940210] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 222.949451] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 223.282546] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 223.290137] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 223.299348] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 223.620748] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 223.628929] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 223.638109] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 226.430978] 8021q: adding VLAN 0 to HW filter on device bond0 [ 227.778952] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 227.910505] bridge0: port 2(bridge_slave_1) entered blocking state [ 227.917106] bridge0: port 2(bridge_slave_1) entered forwarding state [ 227.924157] bridge0: port 1(bridge_slave_0) entered blocking state [ 227.930608] bridge0: port 1(bridge_slave_0) entered forwarding state [ 227.939329] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 228.026308] bridge0: port 1(bridge_slave_0) entered blocking state [ 228.033345] bridge0: port 1(bridge_slave_0) entered disabled state [ 228.042133] device bridge_slave_0 entered promiscuous mode [ 228.342219] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 228.359325] bridge0: port 2(bridge_slave_1) entered blocking state [ 228.366009] bridge0: port 2(bridge_slave_1) entered disabled state [ 228.375784] device bridge_slave_1 entered promiscuous mode [ 228.730025] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 229.108140] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 229.121697] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 229.128118] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 229.136572] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 230.183912] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 230.597671] 8021q: adding VLAN 0 to HW filter on device team0 [ 230.611871] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 230.892098] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 230.899159] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 231.313344] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 231.320416] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready 05:51:42 executing program 4: seccomp(0x1, 0x0, &(0x7f0000028ff0)={0x0, &(0x7f00000b3000)}) prctl$seccomp(0x16, 0x2, &(0x7f0000000140)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) [ 232.572238] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 232.580240] team0: Port device team_slave_0 added [ 233.079681] IPVS: ftp: loaded support on port[0] = 21 [ 233.106044] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 233.114305] team0: Port device team_slave_1 added [ 233.506307] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 233.513593] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 233.522810] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 233.969791] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 233.977436] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 233.986328] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 234.378172] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 234.386006] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 234.395478] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 234.770013] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 234.777853] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 234.787027] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 236.574219] 8021q: adding VLAN 0 to HW filter on device bond0 [ 238.258517] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 239.580375] bridge0: port 2(bridge_slave_1) entered blocking state [ 239.586982] bridge0: port 2(bridge_slave_1) entered forwarding state [ 239.594019] bridge0: port 1(bridge_slave_0) entered blocking state [ 239.600489] bridge0: port 1(bridge_slave_0) entered forwarding state [ 239.609224] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 239.933087] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html for details. [ 240.034688] pit: kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 240.122211] ================================================================== [ 240.129633] BUG: KMSAN: uninit-value in vmx_create_vcpu+0x10df/0x7920 [ 240.136250] CPU: 1 PID: 6995 Comm: syz-executor0 Not tainted 4.19.0-rc4+ #63 [ 240.143455] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 240.145223] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 240.152819] Call Trace: [ 240.152854] dump_stack+0x306/0x460 [ 240.152892] ? _raw_spin_lock_irqsave+0x227/0x340 [ 240.152917] ? vmx_create_vcpu+0x10df/0x7920 [ 240.152957] kmsan_report+0x1a3/0x2d0 [ 240.152993] __msan_warning+0x7c/0xe0 [ 240.153026] vmx_create_vcpu+0x10df/0x7920 [ 240.153051] ? kmsan_set_origin_inline+0x6b/0x120 [ 240.153079] ? __msan_poison_alloca+0x17a/0x210 [ 240.153119] ? vmx_vm_init+0x340/0x340 [ 240.153149] kvm_arch_vcpu_create+0x25d/0x2f0 [ 240.153186] kvm_vm_ioctl+0x13fd/0x33d0 [ 240.153225] ? __msan_poison_alloca+0x17a/0x210 [ 240.159829] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 240.161877] ? do_vfs_ioctl+0x18a/0x2810 [ 240.161910] ? __se_sys_ioctl+0x1da/0x270 [ 240.161934] ? vcpu_stat_clear_per_vm+0x420/0x420 [ 240.161956] ? vcpu_stat_clear_per_vm+0x420/0x420 [ 240.161981] do_vfs_ioctl+0xcf3/0x2810 [ 240.162025] ? security_file_ioctl+0x92/0x200 [ 240.162061] __se_sys_ioctl+0x1da/0x270 [ 240.162097] __x64_sys_ioctl+0x4a/0x70 [ 240.167577] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 240.170563] do_syscall_64+0xbe/0x100 [ 240.170594] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 240.170613] RIP: 0033:0x457579 [ 240.170635] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 240.170655] RSP: 002b:00007f2d06be7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 240.170691] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457579 [ 240.306562] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000005 [ 240.313849] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 240.321139] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f2d06be86d4 [ 240.328429] R13: 00000000004bfc18 R14: 00000000004cfca0 R15: 00000000ffffffff [ 240.335721] [ 240.337375] Local variable description: ----c.i.i.i.i.i.i@vmx_create_vcpu [ 240.344306] Variable was created at: [ 240.348039] vmx_create_vcpu+0xd5/0x7920 [ 240.352123] kvm_arch_vcpu_create+0x25d/0x2f0 [ 240.356626] ================================================================== [ 240.364029] Disabling lock debugging due to kernel taint [ 240.369492] Kernel panic - not syncing: panic_on_warn set ... [ 240.369492] [ 240.376902] CPU: 1 PID: 6995 Comm: syz-executor0 Tainted: G B 4.19.0-rc4+ #63 [ 240.385495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 240.395382] Call Trace: [ 240.398001] dump_stack+0x306/0x460 [ 240.401681] panic+0x54c/0xafa [ 240.404958] kmsan_report+0x2cd/0x2d0 [ 240.408805] __msan_warning+0x7c/0xe0 [ 240.412656] vmx_create_vcpu+0x10df/0x7920 [ 240.416928] ? kmsan_set_origin_inline+0x6b/0x120 [ 240.421803] ? __msan_poison_alloca+0x17a/0x210 [ 240.426553] ? vmx_vm_init+0x340/0x340 [ 240.430487] kvm_arch_vcpu_create+0x25d/0x2f0 [ 240.435046] kvm_vm_ioctl+0x13fd/0x33d0 [ 240.439066] ? __msan_poison_alloca+0x17a/0x210 [ 240.443780] ? do_vfs_ioctl+0x18a/0x2810 [ 240.447862] ? __se_sys_ioctl+0x1da/0x270 [ 240.452066] ? vcpu_stat_clear_per_vm+0x420/0x420 [ 240.456944] ? vcpu_stat_clear_per_vm+0x420/0x420 [ 240.461819] do_vfs_ioctl+0xcf3/0x2810 [ 240.465756] ? security_file_ioctl+0x92/0x200 [ 240.470302] __se_sys_ioctl+0x1da/0x270 [ 240.474317] __x64_sys_ioctl+0x4a/0x70 [ 240.478245] do_syscall_64+0xbe/0x100 [ 240.482095] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 240.487311] RIP: 0033:0x457579 [ 240.490529] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 240.509454] RSP: 002b:00007f2d06be7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 240.517194] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457579 [ 240.524482] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000005 [ 240.531770] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 240.539055] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f2d06be86d4 [ 240.546371] R13: 00000000004bfc18 R14: 00000000004cfca0 R15: 00000000ffffffff [ 240.554677] Kernel Offset: disabled [ 240.558316] Rebooting in 86400 seconds..