Warning: Permanently added '10.128.0.12' (ECDSA) to the list of known hosts. 2018/12/06 09:12:39 fuzzer started 2018/12/06 09:12:44 dialing manager at 10.128.0.26:41601 2018/12/06 09:12:44 syscalls: 1 2018/12/06 09:12:44 code coverage: enabled 2018/12/06 09:12:44 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled 2018/12/06 09:12:44 setuid sandbox: enabled 2018/12/06 09:12:44 namespace sandbox: enabled 2018/12/06 09:12:44 Android sandbox: /sys/fs/selinux/policy does not exist 2018/12/06 09:12:44 fault injection: enabled 2018/12/06 09:12:44 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2018/12/06 09:12:44 net packet injection: enabled 2018/12/06 09:12:44 net device setup: enabled 09:16:13 executing program 0: socketpair$unix(0x1, 0x1000000005, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000180)="2f67726f75702e73746174003c23fb572a1f0294e6f378b41ad54b4d9d9a1f63f8785ad188a7e1c88875e05b18a4cb3a9cd12dcea440d899c22c652b3a471b4a7fa2f3fdf6e034d804e5f0df4b1dee483b157624c59c0100e89e6a357c000000", 0x2761, 0x0) syzkaller login: [ 306.053783] IPVS: ftp: loaded support on port[0] = 21 [ 308.627138] bridge0: port 1(bridge_slave_0) entered blocking state [ 308.633863] bridge0: port 1(bridge_slave_0) entered disabled state [ 308.643393] device bridge_slave_0 entered promiscuous mode [ 308.810574] bridge0: port 2(bridge_slave_1) entered blocking state [ 308.817329] bridge0: port 2(bridge_slave_1) entered disabled state [ 308.826729] device bridge_slave_1 entered promiscuous mode [ 308.977665] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 309.125337] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 309.586862] bond0: Enslaving bond_slave_0 as an active interface with an up link 09:16:17 executing program 1: perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x2, 0x0) bind(r0, &(0x7f0000000100)=@in={0x2, 0x4e20}, 0x80) sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000000280)={0x2, 0x8004e20}, 0x10) recvmmsg(r0, &(0x7f00000004c0)=[{{&(0x7f0000000400)=@ethernet={0x0, @dev}, 0x0, &(0x7f0000000480)}}], 0x6fdaec, 0x22, 0x0) [ 309.793628] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 309.935302] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 309.942518] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 310.196150] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 310.203446] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 310.444085] IPVS: ftp: loaded support on port[0] = 21 [ 310.873524] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 310.882945] team0: Port device team_slave_0 added [ 311.101175] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 311.110270] team0: Port device team_slave_1 added [ 311.319795] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 311.327005] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 311.336739] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 311.512274] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 311.519364] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 311.529135] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 311.766970] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 311.775022] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 311.784887] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 312.018617] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 312.026810] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 312.036395] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 314.336627] bridge0: port 1(bridge_slave_0) entered blocking state [ 314.343460] bridge0: port 1(bridge_slave_0) entered disabled state [ 314.352665] device bridge_slave_0 entered promiscuous mode [ 314.563900] bridge0: port 2(bridge_slave_1) entered blocking state [ 314.570490] bridge0: port 2(bridge_slave_1) entered disabled state [ 314.579724] device bridge_slave_1 entered promiscuous mode [ 314.835611] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 314.852051] bridge0: port 2(bridge_slave_1) entered blocking state [ 314.858653] bridge0: port 2(bridge_slave_1) entered forwarding state [ 314.866030] bridge0: port 1(bridge_slave_0) entered blocking state [ 314.872708] bridge0: port 1(bridge_slave_0) entered forwarding state [ 314.882749] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 315.121700] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready 09:16:23 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r1, 0x0, 0x0, 0x20000004, &(0x7f0000000140)={0xa, 0x4e22}, 0x1c) setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, 0x0, 0x0) r2 = accept4(r0, 0x0, 0x0, 0x0) shutdown(r1, 0x1) shutdown(r2, 0x1) [ 315.381982] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 316.062458] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 316.212541] IPVS: ftp: loaded support on port[0] = 21 [ 316.408734] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 316.629072] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 316.636336] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 316.829725] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 316.837004] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 317.458867] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 317.468044] team0: Port device team_slave_0 added [ 317.721457] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 317.730601] team0: Port device team_slave_1 added [ 318.094679] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 318.102281] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 318.111876] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 318.404607] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 318.412632] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 318.421981] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 318.711176] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 318.719123] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 318.728915] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 318.920276] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 318.928200] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 318.937841] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 321.152478] bridge0: port 1(bridge_slave_0) entered blocking state [ 321.159073] bridge0: port 1(bridge_slave_0) entered disabled state [ 321.168343] device bridge_slave_0 entered promiscuous mode [ 321.484517] bridge0: port 2(bridge_slave_1) entered blocking state [ 321.491092] bridge0: port 2(bridge_slave_1) entered disabled state [ 321.500211] device bridge_slave_1 entered promiscuous mode [ 321.716050] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 322.071352] bridge0: port 2(bridge_slave_1) entered blocking state [ 322.078079] bridge0: port 2(bridge_slave_1) entered forwarding state [ 322.085481] bridge0: port 1(bridge_slave_0) entered blocking state [ 322.092155] bridge0: port 1(bridge_slave_0) entered forwarding state [ 322.102108] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 322.138925] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 323.043821] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 323.063641] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 323.335731] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 323.661774] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 323.668957] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 323.975986] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 323.983365] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready 09:16:32 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = eventfd(0x0) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000000)={r2, 0x4}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = eventfd(0x0) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f00000015c0)={r4, 0xffffffffffff2f4b}) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000180)={r4, 0x0, 0x2, r2}) [ 324.792901] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 324.802203] team0: Port device team_slave_0 added [ 325.156817] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 325.165897] team0: Port device team_slave_1 added [ 325.531865] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 325.538937] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 325.548377] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 325.768469] IPVS: ftp: loaded support on port[0] = 21 [ 325.955146] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 325.962486] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 325.971903] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 326.260824] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 326.268801] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 326.278361] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 326.636841] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 326.645008] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 326.654450] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 328.026362] 8021q: adding VLAN 0 to HW filter on device bond0 [ 329.394445] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 330.847855] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 330.854425] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 330.862940] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 330.937764] bridge0: port 2(bridge_slave_1) entered blocking state [ 330.944431] bridge0: port 2(bridge_slave_1) entered forwarding state [ 330.951809] bridge0: port 1(bridge_slave_0) entered blocking state [ 330.958430] bridge0: port 1(bridge_slave_0) entered forwarding state [ 330.968369] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 331.244150] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 332.178497] bridge0: port 1(bridge_slave_0) entered blocking state [ 332.185333] bridge0: port 1(bridge_slave_0) entered disabled state [ 332.194679] device bridge_slave_0 entered promiscuous mode [ 332.224702] 8021q: adding VLAN 0 to HW filter on device team0 [ 332.586371] bridge0: port 2(bridge_slave_1) entered blocking state [ 332.593130] bridge0: port 2(bridge_slave_1) entered disabled state [ 332.602186] device bridge_slave_1 entered promiscuous mode [ 332.935359] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 333.297307] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 334.408291] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 334.848530] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 335.172689] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 335.179795] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 335.497154] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 335.504464] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready 09:16:43 executing program 4: socket(0x0, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x34000}, 0xc, &(0x7f0000000080)={&(0x7f00000002c0)={0x2c, 0x29, 0x1, 0x0, 0x0, {0x1}, [@nested={0x18, 0x0, [@typed={0x5, 0x0, @ipv6=@ipv4={[0x0, 0x0, 0x0, 0x19, 0xfcffffff], [], @remote}}]}]}, 0x2c}}, 0x0) [ 336.686623] 8021q: adding VLAN 0 to HW filter on device bond0 [ 336.791089] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 336.800204] team0: Port device team_slave_0 added [ 337.212005] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 337.220983] team0: Port device team_slave_1 added [ 337.223379] IPVS: ftp: loaded support on port[0] = 21 [ 337.575540] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 337.582942] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 337.592497] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 338.025907] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 338.033149] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 338.042685] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 338.411220] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 338.419213] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 338.429178] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 338.578901] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 338.897699] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 338.905634] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 338.915513] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 340.332693] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 340.339194] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 340.347770] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready 09:16:49 executing program 0: r0 = socket$inet(0x10, 0x3, 0xc) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="240000000b0607031dfffd946fa2830020200a0009000200001d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0) [ 342.071224] 8021q: adding VLAN 0 to HW filter on device team0 09:16:50 executing program 0: r0 = epoll_create1(0x0) r1 = syz_open_dev$mice(&(0x7f0000000140)='/dev/input/mice\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000c85000)={0x4}) ioctl$UI_SET_PROPBIT(r1, 0x4004556e, 0xb) fcntl$F_GET_RW_HINT(r0, 0x40b, &(0x7f0000000040)) ppoll(&(0x7f0000000000)=[{r0, 0x4250}], 0x1, &(0x7f0000000080)={0x77359400}, &(0x7f00000000c0), 0x8) 09:16:50 executing program 0: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x80000, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f0000000280)={0x1, 0x400, 0x8001, 0x10001, [], [], [], 0x8, 0x2, 0x5, 0x100, "7e35ab3ad54d4b68a396af17e97c3ee5"}) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r1, &(0x7f00000000c0)={&(0x7f0000000080), 0xc, &(0x7f00000001c0)={&(0x7f0000000240)={0x1c, 0x1, 0x1, 0x1, 0x0, 0x0, {}, [@nested={0x8, 0x12, [@typed={0x4, 0x0, @binary}]}]}, 0x1c}}, 0x0) [ 343.043809] netlink: 'syz-executor0': attribute type 18 has an invalid length. 09:16:51 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vcs\x00', 0x400000, 0x0) setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14) accept$packet(0xffffffffffffff9c, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000140)=0x14) setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f00000005c0)={@mcast1, r2}, 0x14) ioctl$sock_SIOCINQ(r0, 0x541b, &(0x7f00000001c0)) r3 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm_plock\x00', 0x80302, 0x0) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0)='tls\x00', 0x4) ioctl$KDGKBDIACR(r3, 0x4b4a, &(0x7f0000000080)=""/48) socket$inet6_udplite(0xa, 0x2, 0x88) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r1, 0x84, 0x13, &(0x7f0000000200)={0x0, 0x5}, &(0x7f00000002c0)=0xfffffffffffffefd) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f0000000280)={r4, 0x7f, 0xfd5d, 0x400, 0x6, 0x4}, 0x14) close(r0) 09:16:51 executing program 0: r0 = socket(0x1e, 0x800000002, 0x400000000000) recvmsg(r0, &(0x7f00000005c0)={&(0x7f0000000000)=@nfc, 0x80, &(0x7f0000000480)=[{&(0x7f0000000440)=""/6, 0x6}], 0x1, &(0x7f0000000500)=""/159, 0x9f}, 0x0) bind(r0, &(0x7f0000afb000)=@generic={0x1e, "01030000000000b9000000004700000000a979f321b30c7bc8790405c7bad62e0a63a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb3151d24acef1f1622ca5bdb9c8ea31000077aeb81c90001d6d7c980400000000f70dc136cb184a"}, 0x80) r1 = socket(0x200000000000001e, 0x1, 0x0) getsockopt$inet_sctp6_SCTP_EVENTS(r1, 0x84, 0xb, &(0x7f0000000080), &(0x7f00000000c0)=0xb) r2 = syz_open_dev$swradio(&(0x7f0000000180)='/dev/swradio#\x00', 0x0, 0x2) ioctl$KVM_SET_XCRS(r2, 0x4188aea7, &(0x7f00000001c0)={0x5, 0x0, [{0x1, 0x0, 0x5}, {0x100, 0x0, 0xe443}, {0x29be, 0x0, 0x2f0}, {0x6, 0x0, 0x712}, {0xfffffffffffffffc, 0x0, 0x327be5b9}]}) sendmsg(r1, &(0x7f0000f36fc8)={&(0x7f0000000100)=@generic={0x10000000001e, "02010000000020df0000000000000000805bf86c57020002000000f1fffff400000000000000000000010300000000e4ff064b3fdf3a000000080000000000000000ac50d5fe32c4000000007fffffff6a008356edb9a6341c1fd45624281e00070ece000206000000090000fd00000900000000000b0000db000004da36"}, 0x80, &(0x7f00000003c0), 0x3b, &(0x7f0000d19000)}, 0x0) [ 343.936706] bridge0: port 2(bridge_slave_1) entered blocking state [ 343.943472] bridge0: port 2(bridge_slave_1) entered forwarding state [ 343.950707] bridge0: port 1(bridge_slave_0) entered blocking state [ 343.957441] bridge0: port 1(bridge_slave_0) entered forwarding state [ 343.967207] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 344.514474] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready 09:16:52 executing program 0: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x2, 0x81b, 0xfffffffffffffffe, 0x8, 0xf, 0x0, 0x70bd22, 0x0, [@sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @ipv4={[0x0, 0x0, 0x700]}}}, @sadb_sa={0x2}, @sadb_x_sec_ctx={0x6, 0x18, 0x0, 0x7fffffff, 0x23, "9ed6c225313381e93678635f185de008b188498f6117b1380d5a00c1ba96023ed7a256"}]}, 0x78}}, 0xfffffffffffffffd) [ 344.894297] bridge0: port 1(bridge_slave_0) entered blocking state [ 344.900876] bridge0: port 1(bridge_slave_0) entered disabled state [ 344.910509] device bridge_slave_0 entered promiscuous mode 09:16:53 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$sock_int(r0, 0x1, 0x33, &(0x7f0000000000), 0x4) sendmmsg$unix(r1, &(0x7f00000bd000), 0x80, 0x0) connect$unix(r1, &(0x7f00002ffff6)=@file={0x0, './file0\x00'}, 0xa) write$binfmt_script(r0, 0x0, 0x0) close(r0) [ 345.361370] bridge0: port 2(bridge_slave_1) entered blocking state [ 345.368107] bridge0: port 2(bridge_slave_1) entered disabled state [ 345.377253] device bridge_slave_1 entered promiscuous mode 09:16:53 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$sock_int(r0, 0x1, 0x33, &(0x7f0000000000), 0x4) sendmmsg$unix(r1, &(0x7f00000bd000), 0x80, 0x0) connect$unix(r1, &(0x7f00002ffff6)=@file={0x0, './file0\x00'}, 0xa) write$binfmt_script(r0, 0x0, 0x0) close(r0) [ 346.018155] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 346.473436] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 347.496098] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 347.914474] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 348.016535] 8021q: adding VLAN 0 to HW filter on device bond0 [ 348.326180] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 348.333467] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 348.707149] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 348.714410] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 349.373313] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 349.382704] team0: Port device team_slave_0 added [ 349.393705] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 349.703248] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 349.712427] team0: Port device team_slave_1 added [ 349.941918] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 349.982560] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 349.992051] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 350.274666] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 350.282029] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 350.291228] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 350.498393] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 350.507530] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 350.516889] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 350.583852] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 350.590305] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 350.599874] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 350.818373] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 350.826408] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 350.835849] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 351.166172] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. 09:16:59 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) recvfrom(0xffffffffffffffff, &(0x7f00000022c0)=""/4096, 0xffffffffffffffd9, 0x0, &(0x7f0000002240)=@ipx={0x4, 0x0, 0x0, "5d6f634e9e66"}, 0x80) r0 = open(&(0x7f0000103ff8)='./file0\x00', 0x141042, 0x0) ftruncate(r0, 0x2) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x802, 0x0) sendfile(r1, r0, &(0x7f0000000240), 0x40800fff) ioctl$GIO_UNISCRNMAP(r1, 0x4b69, &(0x7f0000000300)=""/104) readv(r1, &(0x7f0000000100)=[{&(0x7f0000000080)=""/4, 0x4}], 0x2dc) perf_event_open(&(0x7f0000000100)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 351.833024] 8021q: adding VLAN 0 to HW filter on device team0 [ 353.463714] bridge0: port 2(bridge_slave_1) entered blocking state [ 353.470341] bridge0: port 2(bridge_slave_1) entered forwarding state [ 353.477748] bridge0: port 1(bridge_slave_0) entered blocking state [ 353.484418] bridge0: port 1(bridge_slave_0) entered forwarding state [ 353.494002] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 353.500634] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 356.186063] 8021q: adding VLAN 0 to HW filter on device bond0 [ 356.930872] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 356.977606] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. 09:17:05 executing program 2: r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0) dup3(r0, r1, 0x80000) [ 357.742035] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 357.748484] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 357.756786] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 358.299586] 8021q: adding VLAN 0 to HW filter on device team0 [ 360.897264] 8021q: adding VLAN 0 to HW filter on device bond0 [ 361.465304] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 361.792165] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html for details. 09:17:10 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = eventfd(0x0) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000000)={r2, 0x4}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = eventfd(0x0) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f00000015c0)={r4, 0xffffffffffff2f4b}) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000180)={r4, 0x0, 0x2, r2}) [ 362.008406] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 362.014883] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 362.024359] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 362.442258] 8021q: adding VLAN 0 to HW filter on device team0 [ 364.416578] ================================================================== [ 364.423997] BUG: KMSAN: uninit-value in tipc_nl_compat_name_table_dump+0x557/0xcf0 [ 364.431720] CPU: 0 PID: 8286 Comm: syz-executor4 Not tainted 4.20.0-rc5+ #107 [ 364.439005] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 364.448365] Call Trace: [ 364.450956] dump_stack+0x32d/0x480 [ 364.454601] ? tipc_nl_compat_name_table_dump+0x557/0xcf0 [ 364.460160] kmsan_report+0x12d/0x290 [ 364.463969] __msan_warning+0x76/0xc0 [ 364.467782] tipc_nl_compat_name_table_dump+0x557/0xcf0 [ 364.473166] ? tipc_nlmsg_parse+0x206/0x230 [ 364.477538] ? tipc_nl_compat_name_table_dump_header+0x280/0x280 [ 364.483720] __tipc_nl_compat_dumpit+0x59e/0xdb0 [ 364.488524] tipc_nl_compat_dumpit+0x63a/0x820 [ 364.493172] tipc_nl_compat_recv+0x145d/0x2760 [ 364.497776] ? __msan_get_context_state+0x9/0x20 [ 364.502583] ? tipc_nl_compat_link_reset_stats+0x360/0x360 [ 364.508248] ? tipc_nametbl_stop+0x1000/0x1000 [ 364.512852] ? tipc_nl_compat_name_table_dump_header+0x280/0x280 [ 364.519022] ? tipc_netlink_compat_stop+0x40/0x40 [ 364.523862] genl_rcv_msg+0x185f/0x1a60 [ 364.527864] ? __msan_poison_alloca+0x1e0/0x270 [ 364.532559] netlink_rcv_skb+0x444/0x640 [ 364.536622] ? genl_unbind+0x390/0x390 [ 364.540531] genl_rcv+0x63/0x80 [ 364.543830] netlink_unicast+0xff6/0x10d0 [ 364.548024] netlink_sendmsg+0x13c5/0x1440 [ 364.552302] ___sys_sendmsg+0xdbc/0x11d0 [ 364.556398] ? netlink_getsockopt+0x1910/0x1910 [ 364.561121] ? __fdget+0x329/0x440 [ 364.564676] __se_sys_sendmsg+0x305/0x460 [ 364.568879] __x64_sys_sendmsg+0x4a/0x70 [ 364.572984] do_syscall_64+0xcd/0x110 [ 364.576836] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 364.582033] RIP: 0033:0x457569 [ 364.585248] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 364.604146] RSP: 002b:00007f0402451c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 364.611881] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457569 [ 364.619161] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003 [ 364.626443] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 364.633735] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04024526d4 [ 364.641001] R13: 00000000004c3fd7 R14: 00000000004d6668 R15: 00000000ffffffff [ 364.648289] [ 364.649908] Uninit was created at: [ 364.653478] kmsan_internal_poison_shadow+0x92/0x150 [ 364.658581] kmsan_kmalloc+0xa1/0x100 [ 364.662380] kmsan_slab_alloc+0xe/0x10 [ 364.666279] __kmalloc_node_track_caller+0x1017/0x1360 [ 364.671578] __alloc_skb+0x42b/0xeb0 [ 364.675321] netlink_sendmsg+0xc9c/0x1440 [ 364.679465] ___sys_sendmsg+0xdbc/0x11d0 [ 364.683560] __se_sys_sendmsg+0x305/0x460 [ 364.687783] __x64_sys_sendmsg+0x4a/0x70 [ 364.691865] do_syscall_64+0xcd/0x110 [ 364.695698] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 364.700896] ================================================================== [ 364.708248] Disabling lock debugging due to kernel taint [ 364.713694] Kernel panic - not syncing: panic_on_warn set ... [ 364.719594] CPU: 0 PID: 8286 Comm: syz-executor4 Tainted: G B 4.20.0-rc5+ #107 [ 364.728254] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 364.737600] Call Trace: [ 364.740192] dump_stack+0x32d/0x480 [ 364.743841] panic+0x5db/0xbb8 [ 364.747174] kmsan_report+0x290/0x290 [ 364.751030] __msan_warning+0x76/0xc0 [ 364.754838] tipc_nl_compat_name_table_dump+0x557/0xcf0 [ 364.760221] ? tipc_nlmsg_parse+0x206/0x230 [ 364.764578] ? tipc_nl_compat_name_table_dump_header+0x280/0x280 [ 364.770752] __tipc_nl_compat_dumpit+0x59e/0xdb0 [ 364.775569] tipc_nl_compat_dumpit+0x63a/0x820 [ 364.780199] tipc_nl_compat_recv+0x145d/0x2760 [ 364.784810] ? __msan_get_context_state+0x9/0x20 [ 364.789605] ? tipc_nl_compat_link_reset_stats+0x360/0x360 [ 364.795224] ? tipc_nametbl_stop+0x1000/0x1000 [ 364.799835] ? tipc_nl_compat_name_table_dump_header+0x280/0x280 [ 364.806000] ? tipc_netlink_compat_stop+0x40/0x40 [ 364.810866] genl_rcv_msg+0x185f/0x1a60 [ 364.814880] ? __msan_poison_alloca+0x1e0/0x270 [ 364.819566] netlink_rcv_skb+0x444/0x640 [ 364.823630] ? genl_unbind+0x390/0x390 [ 364.827567] genl_rcv+0x63/0x80 [ 364.830866] netlink_unicast+0xff6/0x10d0 [ 364.835097] netlink_sendmsg+0x13c5/0x1440 [ 364.839377] ___sys_sendmsg+0xdbc/0x11d0 [ 364.843478] ? netlink_getsockopt+0x1910/0x1910 [ 364.848185] ? __fdget+0x329/0x440 [ 364.851759] __se_sys_sendmsg+0x305/0x460 [ 364.855959] __x64_sys_sendmsg+0x4a/0x70 [ 364.860041] do_syscall_64+0xcd/0x110 [ 364.863846] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 364.869031] RIP: 0033:0x457569 [ 364.872220] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 364.891154] RSP: 002b:00007f0402451c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 364.898887] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457569 [ 364.906171] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003 [ 364.913433] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 364.920716] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f04024526d4 [ 364.927977] R13: 00000000004c3fd7 R14: 00000000004d6668 R15: 00000000ffffffff [ 364.936245] Kernel Offset: disabled [ 364.939885] Rebooting in 86400 seconds..