[ 37.607924] audit: type=1800 audit(1569992002.478:32): pid=7357 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="ssh" dev="sda1" ino=2450 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. Starting mcstransd: [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 38.422783] audit: type=1800 audit(1569992003.358:33): pid=7357 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2465 res=0 Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.1.26' (ECDSA) to the list of known hosts. 2019/10/02 04:53:33 fuzzer started syzkaller login: [ 48.333326] kauditd_printk_skb: 2 callbacks suppressed [ 48.333341] audit: type=1400 audit(1569992013.268:36): avc: denied { map } for pid=7543 comm="syz-fuzzer" path="/root/syz-fuzzer" dev="sda1" ino=16482 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 2019/10/02 04:53:34 dialing manager at 10.128.0.105:35887 2019/10/02 04:53:35 syscalls: 2516 2019/10/02 04:53:35 code coverage: enabled 2019/10/02 04:53:35 comparison tracing: enabled 2019/10/02 04:53:35 extra coverage: extra coverage is not supported by the kernel 2019/10/02 04:53:35 setuid sandbox: enabled 2019/10/02 04:53:35 namespace sandbox: enabled 2019/10/02 04:53:35 Android sandbox: /sys/fs/selinux/policy does not exist 2019/10/02 04:53:35 fault injection: enabled 2019/10/02 04:53:35 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/10/02 04:53:35 net packet injection: enabled 2019/10/02 04:53:35 net device setup: enabled 04:55:36 executing program 0: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000100)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x50000}]}) sendmmsg(0xffffffffffffffff, 0x0, 0x63f, 0x0) [ 171.708652] audit: type=1400 audit(1569992136.648:37): avc: denied { map } for pid=7560 comm="syz-executor.0" path="/sys/kernel/debug/kcov" dev="debugfs" ino=14233 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:debugfs_t:s0 tclass=file permissive=1 [ 171.796373] IPVS: ftp: loaded support on port[0] = 21 04:55:36 executing program 1: pipe(0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xff7d) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000080)="66b829018ec0b9800000c00f3235002000000f3066baf80cb8c8f61a8eef66bafc0ced0f787e0036400fc75a00c4e1f9e601c4018575504f0f87d485a71b64440f01c43e662666470f38804185", 0x4d}], 0x1, 0x0, 0x0, 0xfffffffffffffe96) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x40, 0x0, 0xfffffffffffffdd4) setxattr$security_evm(0x0, 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="b9"], 0x1, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 171.907829] chnl_net:caif_netlink_parms(): no params data found [ 172.003703] bridge0: port 1(bridge_slave_0) entered blocking state [ 172.019522] bridge0: port 1(bridge_slave_0) entered disabled state [ 172.039361] device bridge_slave_0 entered promiscuous mode [ 172.049534] bridge0: port 2(bridge_slave_1) entered blocking state [ 172.055967] bridge0: port 2(bridge_slave_1) entered disabled state [ 172.077587] device bridge_slave_1 entered promiscuous mode [ 172.093014] IPVS: ftp: loaded support on port[0] = 21 04:55:37 executing program 2: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ppp\x00', 0x0, 0x0) r1 = dup2(r0, r0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ppp\x00', 0x0, 0x0) r4 = dup2(r3, r1) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x38, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x18, 0x12, @ppp={{0x8, 0x1, 'ppp\x00'}, {0xc, 0x2, {0x8, 0x1, r4}}}}]}, 0x38}}, 0x0) [ 172.120024] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 172.160363] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 172.241341] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 172.260451] team0: Port device team_slave_0 added [ 172.302653] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 172.310532] team0: Port device team_slave_1 added [ 172.334408] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 172.342678] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready 04:55:37 executing program 3: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'teql0\x00', 0x103}) close(r0) [ 172.351943] chnl_net:caif_netlink_parms(): no params data found [ 172.368118] IPVS: ftp: loaded support on port[0] = 21 [ 172.461177] device hsr_slave_0 entered promiscuous mode [ 172.499683] device hsr_slave_1 entered promiscuous mode 04:55:37 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000d65000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={0x14, 0x0, 0x1, 0xffffffffffffffff}, 0x14}}, 0x0) [ 172.551462] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 172.584804] IPVS: ftp: loaded support on port[0] = 21 [ 172.614932] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 172.675384] bridge0: port 1(bridge_slave_0) entered blocking state [ 172.682238] bridge0: port 1(bridge_slave_0) entered disabled state [ 172.689620] device bridge_slave_0 entered promiscuous mode [ 172.705601] IPVS: ftp: loaded support on port[0] = 21 [ 172.712534] bridge0: port 2(bridge_slave_1) entered blocking state [ 172.719030] bridge0: port 2(bridge_slave_1) entered forwarding state [ 172.725967] bridge0: port 1(bridge_slave_0) entered blocking state [ 172.732376] bridge0: port 1(bridge_slave_0) entered forwarding state [ 172.760112] bridge0: port 2(bridge_slave_1) entered blocking state [ 172.766510] bridge0: port 2(bridge_slave_1) entered disabled state [ 172.774390] device bridge_slave_1 entered promiscuous mode 04:55:37 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$uinput(0xffffffffffffff9c, 0x0, 0x0, 0x0) io_setup(0x3, &(0x7f0000000100)=0x0) io_getevents(r0, 0x0, 0x3, &(0x7f0000000340)=[{}, {}, {}], 0x0) dup2(0xffffffffffffffff, 0xffffffffffffffff) recvmmsg(0xffffffffffffffff, &(0x7f0000008ec0)=[{{&(0x7f0000001f00)=@l2, 0x80, &(0x7f0000004200)=[{0x0}], 0x1}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0, 0x0) ioctl$UI_DEV_SETUP(0xffffffffffffffff, 0x405c5503, 0x0) creat(0x0, 0x0) [ 172.846656] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 172.870770] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 172.922824] bridge0: port 1(bridge_slave_0) entered disabled state [ 172.944209] bridge0: port 2(bridge_slave_1) entered disabled state [ 172.954473] chnl_net:caif_netlink_parms(): no params data found [ 172.973255] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 172.980649] team0: Port device team_slave_0 added [ 173.005491] 8021q: adding VLAN 0 to HW filter on device bond0 [ 173.033065] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 173.040616] team0: Port device team_slave_1 added [ 173.046061] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 173.056015] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 173.085008] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 173.093711] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 173.113771] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 173.122115] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 173.129462] bridge0: port 1(bridge_slave_0) entered blocking state [ 173.135806] bridge0: port 1(bridge_slave_0) entered disabled state [ 173.143249] device bridge_slave_0 entered promiscuous mode [ 173.151541] bridge0: port 2(bridge_slave_1) entered blocking state [ 173.157901] bridge0: port 2(bridge_slave_1) entered disabled state [ 173.165139] device bridge_slave_1 entered promiscuous mode [ 173.190570] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 173.193167] IPVS: ftp: loaded support on port[0] = 21 [ 173.196692] 8021q: adding VLAN 0 to HW filter on device team0 [ 173.211647] chnl_net:caif_netlink_parms(): no params data found [ 173.260402] device hsr_slave_0 entered promiscuous mode [ 173.298749] device hsr_slave_1 entered promiscuous mode [ 173.369824] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 173.377578] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 173.394100] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 173.415177] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 173.434609] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 173.461493] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 173.469581] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 173.477238] bridge0: port 1(bridge_slave_0) entered blocking state [ 173.483607] bridge0: port 1(bridge_slave_0) entered forwarding state [ 173.514789] bridge0: port 1(bridge_slave_0) entered blocking state [ 173.523858] bridge0: port 1(bridge_slave_0) entered disabled state [ 173.531711] device bridge_slave_0 entered promiscuous mode [ 173.540392] bridge0: port 2(bridge_slave_1) entered blocking state [ 173.546739] bridge0: port 2(bridge_slave_1) entered disabled state [ 173.553815] device bridge_slave_1 entered promiscuous mode [ 173.561652] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 173.569232] team0: Port device team_slave_0 added [ 173.577735] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 173.592686] chnl_net:caif_netlink_parms(): no params data found [ 173.607230] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 173.614765] team0: Port device team_slave_1 added [ 173.620295] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 173.628162] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 173.636031] bridge0: port 2(bridge_slave_1) entered blocking state [ 173.642426] bridge0: port 2(bridge_slave_1) entered forwarding state [ 173.652254] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 173.667335] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 173.682840] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 173.692126] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 173.701429] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 173.714317] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 173.743991] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 173.752954] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 173.767814] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 173.775907] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 173.782545] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 173.790363] team0: Port device team_slave_0 added [ 173.817141] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 173.825346] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 173.833260] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 173.843716] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 173.851557] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 173.859258] team0: Port device team_slave_1 added [ 173.900126] device hsr_slave_0 entered promiscuous mode [ 173.938584] device hsr_slave_1 entered promiscuous mode [ 173.978848] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 173.985941] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 173.993013] bridge0: port 1(bridge_slave_0) entered blocking state [ 173.999687] bridge0: port 1(bridge_slave_0) entered disabled state [ 174.006665] device bridge_slave_0 entered promiscuous mode [ 174.013807] bridge0: port 2(bridge_slave_1) entered blocking state [ 174.020649] bridge0: port 2(bridge_slave_1) entered disabled state [ 174.027592] device bridge_slave_1 entered promiscuous mode [ 174.034372] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 174.042352] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 174.052427] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 174.060190] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 174.069542] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 174.088025] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 174.095767] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 174.103506] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 174.111129] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 174.118953] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 174.128977] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 174.134987] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 174.189272] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 174.198881] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 174.214548] chnl_net:caif_netlink_parms(): no params data found [ 174.244023] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 174.251918] team0: Port device team_slave_0 added [ 174.311106] device hsr_slave_0 entered promiscuous mode [ 174.348673] device hsr_slave_1 entered promiscuous mode [ 174.390146] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 174.397218] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 174.407728] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 174.415083] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 174.422869] team0: Port device team_slave_1 added [ 174.454029] bridge0: port 1(bridge_slave_0) entered blocking state [ 174.461745] bridge0: port 1(bridge_slave_0) entered disabled state [ 174.469098] device bridge_slave_0 entered promiscuous mode [ 174.476114] bridge0: port 2(bridge_slave_1) entered blocking state [ 174.482912] bridge0: port 2(bridge_slave_1) entered disabled state [ 174.490411] device bridge_slave_1 entered promiscuous mode [ 174.496542] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 174.506302] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 174.530725] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 174.549695] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 174.562240] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 174.621316] device hsr_slave_0 entered promiscuous mode [ 174.688587] device hsr_slave_1 entered promiscuous mode [ 174.739026] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 174.747162] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 174.769205] 8021q: adding VLAN 0 to HW filter on device bond0 [ 174.775513] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 174.786035] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 174.823016] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 174.829972] audit: type=1400 audit(1569992139.758:38): avc: denied { associate } for pid=7561 comm="syz-executor.0" name="syz0" scontext=unconfined_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem permissive=1 [ 174.853447] team0: Port device team_slave_0 added [ 174.860392] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 174.869708] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 174.876909] team0: Port device team_slave_1 added [ 174.896105] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 174.923797] 8021q: adding VLAN 0 to HW filter on device bond0 [ 174.939345] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 174.949252] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 174.963988] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready 04:55:39 executing program 0: r0 = socket$inet(0x10, 0x4000000003, 0x0) sendmsg(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000140)="230000002c0007031dfffd946f610504000000000000fd21fe1c4095421ba3a20400ff7e280000001100ffffba16a0aa02e208b3ef090000000000008e3141eff24d8238cfa47e23f7efbf54", 0x4c}], 0x1}, 0x0) [ 174.977501] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 175.004395] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 175.014973] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 175.028777] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 175.034852] 8021q: adding VLAN 0 to HW filter on device team0 [ 175.059195] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 175.072171] 8021q: adding VLAN 0 to HW filter on device bond0 [ 175.083303] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 175.092007] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 175.101204] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 175.163115] device hsr_slave_0 entered promiscuous mode [ 175.228597] device hsr_slave_1 entered promiscuous mode 04:55:40 executing program 0: madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) r0 = gettid() process_vm_writev(r0, &(0x7f0000000080)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000001380)=[{&(0x7f00000000c0)=""/244, 0xf4}], 0x1, 0x0) perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x800000000000012, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mremap(&(0x7f00008d3000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f00005e3000/0x1000)=nil) [ 175.279126] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 175.286036] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 175.300514] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 175.313503] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 175.321648] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 175.339775] bridge0: port 1(bridge_slave_0) entered blocking state [ 175.346142] bridge0: port 1(bridge_slave_0) entered forwarding state [ 175.357434] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 175.366651] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 175.375953] 8021q: adding VLAN 0 to HW filter on device team0 [ 175.383812] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 175.392772] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 175.400275] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 175.408014] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 175.415718] bridge0: port 2(bridge_slave_1) entered blocking state [ 175.422106] bridge0: port 2(bridge_slave_1) entered forwarding state [ 175.432026] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 175.441819] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 175.451303] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 175.459578] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 175.468236] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 175.478250] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 175.487324] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 175.498101] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 175.506101] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 175.513795] bridge0: port 1(bridge_slave_0) entered blocking state [ 175.520170] bridge0: port 1(bridge_slave_0) entered forwarding state [ 175.527114] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 175.535046] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 175.542685] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 175.549637] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 175.559556] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 175.573556] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 175.582412] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 175.591636] 8021q: adding VLAN 0 to HW filter on device team0 04:55:40 executing program 0: madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) r0 = gettid() process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0) perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x800000000000012, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mremap(&(0x7f00008d3000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f00005e3000/0x1000)=nil) madvise(&(0x7f0000495000/0x400000)=nil, 0x400000, 0x8) [ 175.597787] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 175.616005] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 175.631567] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 175.640176] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 175.656430] bridge0: port 2(bridge_slave_1) entered blocking state [ 175.662839] bridge0: port 2(bridge_slave_1) entered forwarding state [ 175.670339] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 175.678256] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 175.686850] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 175.703795] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 175.712099] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 175.722533] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 175.731136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 175.739664] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 175.747091] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 175.754713] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 175.762614] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 175.770233] bridge0: port 1(bridge_slave_0) entered blocking state [ 175.776555] bridge0: port 1(bridge_slave_0) entered forwarding state [ 175.785088] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 175.799012] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 175.807879] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 175.822583] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 175.829029] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 175.838255] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready 04:55:40 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000140)='net/mcfilter\x00') preadv(r0, &(0x7f0000000440)=[{&(0x7f0000000240)=""/195, 0xc3}], 0x1, 0x0) [ 175.852110] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 175.859461] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 175.867302] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 175.875377] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 175.883425] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 175.893502] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 175.908918] bridge0: port 2(bridge_slave_1) entered blocking state [ 175.915298] bridge0: port 2(bridge_slave_1) entered forwarding state [ 175.926203] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 175.939032] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 175.951202] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready 04:55:40 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = add_key$user(&(0x7f0000000000)='user\x00', &(0x7f0000000180)={'syz', 0x0}, &(0x7f00000001c0)="9f7c0b", 0x3, 0xffffffffffffffff) keyctl$set_timeout(0xf, r0, 0xfffffff7) open(0x0, 0x0, 0x0) getuid() [ 175.967538] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 175.975381] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 175.986088] 8021q: adding VLAN 0 to HW filter on device bond0 [ 176.016621] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 176.018297] hrtimer: interrupt took 40672 ns [ 176.031589] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 176.045995] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 176.055035] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready 04:55:41 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000080)='./bus\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002500)=ANY=[@ANYBLOB='sb=9\\']) [ 176.062482] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 176.075991] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 176.089063] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 176.099301] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 176.107944] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 176.119477] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 176.129180] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 176.140308] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 176.147291] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 176.154581] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 176.162500] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 176.170660] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 176.178093] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 176.186134] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 176.195468] EXT4-fs: Invalid sb specification: sb=9\,errors=continue [ 176.206972] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 176.218928] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 176.225006] 8021q: adding VLAN 0 to HW filter on device team0 [ 176.231484] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 176.243773] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 176.252077] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 176.260494] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 176.267831] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 176.276369] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 176.286964] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 176.295989] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 176.302796] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 176.319861] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 176.356400] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready 04:55:41 executing program 0: creat(0x0, 0x0) r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000a40)='/dev/null\x00', 0x0, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) close(r1) r2 = socket$netlink(0x10, 0x3, 0xa) connect$netlink(r2, &(0x7f0000000000)=@kern={0x10, 0x0, 0x0, 0x14800008}, 0xc) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x800000141042, 0x0) ftruncate(r3, 0x200006) fcntl$F_SET_FILE_RW_HINT(r0, 0x40e, &(0x7f0000000140)) sendfile(r1, r3, 0x0, 0x8000fffffffe) [ 176.370523] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 176.384420] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 176.396458] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 176.411513] bridge0: port 1(bridge_slave_0) entered blocking state [ 176.419245] bridge0: port 1(bridge_slave_0) entered forwarding state [ 176.427110] audit: type=1400 audit(1569992141.358:39): avc: denied { create } for pid=7614 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_fib_lookup_socket permissive=1 [ 176.472000] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 176.482472] audit: type=1400 audit(1569992141.358:40): avc: denied { connect } for pid=7614 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_fib_lookup_socket permissive=1 [ 176.513119] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 176.513464] audit: type=1400 audit(1569992141.358:41): avc: denied { write } for pid=7614 comm="syz-executor.0" path="socket:[27377]" dev="sockfs" ino=27377 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_fib_lookup_socket permissive=1 [ 176.548857] audit: type=1800 audit(1569992141.448:42): pid=7615 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed comm="syz-executor.0" name="bus" dev="sda1" ino=16522 res=0 [ 176.559161] 8021q: adding VLAN 0 to HW filter on device bond0 [ 176.586553] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 176.597469] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 176.606062] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 176.621306] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 176.651858] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 176.658697] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 176.662727] bridge0: port 2(bridge_slave_1) entered blocking state [ 176.681642] bridge0: port 2(bridge_slave_1) entered forwarding state [ 176.690072] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 176.697704] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 176.712678] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 176.730060] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 176.737915] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 176.746098] ================================================================== [ 176.750637] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 176.753588] BUG: KASAN: null-ptr-deref in kvm_write_guest_virt_system+0x64/0x90 [ 176.768403] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 176.768469] Write of size 24 at addr 0000000000000000 by task syz-executor.1/7621 [ 176.779251] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 176.782196] [ 176.782213] CPU: 0 PID: 7621 Comm: syz-executor.1 Not tainted 4.19.76 #0 [ 176.790389] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 176.807260] Call Trace: [ 176.809858] dump_stack+0x172/0x1f0 [ 176.813503] ? kvm_write_guest_virt_system+0x64/0x90 [ 176.818616] kasan_report.cold+0x199/0x2ba [ 176.818635] check_memory_region+0x123/0x190 [ 176.818651] memset+0x24/0x40 [ 176.818667] kvm_write_guest_virt_system+0x64/0x90 [ 176.828586] handle_vmread+0x7fe/0xa10 [ 176.828605] ? handle_invpcid+0xa80/0xa80 [ 176.828626] ? __lock_is_held+0xb6/0x140 [ 176.849865] ? __lock_is_held+0xb6/0x140 [ 176.853941] ? handle_invpcid+0xa80/0xa80 [ 176.858087] vmx_handle_exit+0x276/0x16b0 [ 176.862228] ? lock_acquire+0x16f/0x3f0 [ 176.866195] ? vcpu_enter_guest+0xf15/0x5ed0 [ 176.870702] vcpu_enter_guest+0x10ca/0x5ed0 [ 176.875014] ? kvm_vcpu_ioctl+0x181/0xf90 [ 176.879156] ? emulator_read_emulated+0x50/0x50 [ 176.883816] ? lock_acquire+0x16f/0x3f0 [ 176.887780] ? kvm_check_async_pf_completion+0x2d8/0x440 [ 176.893226] kvm_arch_vcpu_ioctl_run+0x457/0x16b0 [ 176.898055] ? kvm_arch_vcpu_ioctl_run+0x457/0x16b0 [ 176.903067] kvm_vcpu_ioctl+0x4dc/0xf90 [ 176.907040] ? kvm_vcpu_block+0xcc0/0xcc0 [ 176.911187] ? mark_held_locks+0x100/0x100 [ 176.915412] ? __might_fault+0x12b/0x1e0 [ 176.919461] ? __fget+0x340/0x540 [ 176.922902] ? find_held_lock+0x35/0x130 [ 176.926950] ? __fget+0x340/0x540 [ 176.930393] ? kvm_vcpu_block+0xcc0/0xcc0 [ 176.934532] do_vfs_ioctl+0xd5f/0x1380 [ 176.938410] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 176.943935] ? selinux_file_ioctl+0x125/0x5e0 [ 176.948419] ? ioctl_preallocate+0x210/0x210 [ 176.952816] ? selinux_file_mprotect+0x620/0x620 [ 176.957563] ? iterate_fd+0x360/0x360 [ 176.961350] ? nsecs_to_jiffies+0x30/0x30 [ 176.965500] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 176.971025] ? security_file_ioctl+0x8d/0xc0 [ 176.975431] ksys_ioctl+0xab/0xd0 [ 176.978883] __x64_sys_ioctl+0x73/0xb0 [ 176.982761] do_syscall_64+0xfd/0x620 [ 176.986553] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 176.991731] RIP: 0033:0x459a29 [ 176.994911] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 177.013807] RSP: 002b:00007f7e1a207c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 177.021514] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459a29 [ 177.028770] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 177.036029] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 177.043283] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7e1a2086d4 [ 177.050542] R13: 00000000004c2ddb R14: 00000000004d68f8 R15: 00000000ffffffff [ 177.057807] ================================================================== [ 177.065146] Disabling lock debugging due to kernel taint [ 177.081699] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 177.088072] Kernel panic - not syncing: panic_on_warn set ... [ 177.088072] [ 177.089160] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 177.095457] CPU: 1 PID: 7621 Comm: syz-executor.1 Tainted: G B 4.19.76 #0 [ 177.106682] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 177.110496] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 177.110501] Call Trace: [ 177.110520] dump_stack+0x172/0x1f0 [ 177.110537] ? kvm_write_guest_virt_system+0x64/0x90 [ 177.110553] panic+0x263/0x507 [ 177.119211] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 177.126646] ? __warn_printk+0xf3/0xf3 [ 177.131110] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 177.133378] ? kvm_write_guest_virt_system+0x64/0x90 [ 177.140806] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 177.141638] ? preempt_schedule+0x4b/0x60 [ 177.150201] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 177.152239] ? ___preempt_schedule+0x16/0x18 [ 177.160090] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 177.164059] ? trace_hardirqs_on+0x5e/0x220 [ 177.170728] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 177.174829] ? kvm_write_guest_virt_system+0x64/0x90 [ 177.182062] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 177.185865] kasan_end_report+0x47/0x4f [ 177.200882] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 177.209382] kasan_report.cold+0xa9/0x2ba [ 177.209398] check_memory_region+0x123/0x190 [ 177.209410] memset+0x24/0x40 [ 177.209428] kvm_write_guest_virt_system+0x64/0x90 [ 177.218096] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 177.220494] handle_vmread+0x7fe/0xa10 [ 177.220508] ? handle_invpcid+0xa80/0xa80 [ 177.220527] ? __lock_is_held+0xb6/0x140 [ 177.220543] ? __lock_is_held+0xb6/0x140 [ 177.220559] ? handle_invpcid+0xa80/0xa80 [ 177.220573] vmx_handle_exit+0x276/0x16b0 [ 177.220583] ? lock_acquire+0x16f/0x3f0 [ 177.220594] ? vcpu_enter_guest+0xf15/0x5ed0 [ 177.220608] vcpu_enter_guest+0x10ca/0x5ed0 [ 177.220619] ? kvm_vcpu_ioctl+0x181/0xf90 [ 177.220634] ? emulator_read_emulated+0x50/0x50 [ 177.220645] ? lock_acquire+0x16f/0x3f0 [ 177.220659] ? kvm_check_async_pf_completion+0x2d8/0x440 [ 177.220673] kvm_arch_vcpu_ioctl_run+0x457/0x16b0 [ 177.220686] ? kvm_arch_vcpu_ioctl_run+0x457/0x16b0 [ 177.220702] kvm_vcpu_ioctl+0x4dc/0xf90 [ 177.220715] ? kvm_vcpu_block+0xcc0/0xcc0 [ 177.220727] ? mark_held_locks+0x100/0x100 [ 177.220750] ? __might_fault+0x12b/0x1e0 [ 177.220762] ? __fget+0x340/0x540 [ 177.220777] ? find_held_lock+0x35/0x130 [ 177.220788] ? __fget+0x340/0x540 [ 177.220802] ? kvm_vcpu_block+0xcc0/0xcc0 [ 177.220816] do_vfs_ioctl+0xd5f/0x1380 [ 177.220831] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 177.220846] ? selinux_file_ioctl+0x125/0x5e0 [ 177.220858] ? ioctl_preallocate+0x210/0x210 [ 177.220870] ? selinux_file_mprotect+0x620/0x620 [ 177.220884] ? iterate_fd+0x360/0x360 [ 177.220897] ? nsecs_to_jiffies+0x30/0x30 [ 177.220914] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 177.220927] ? security_file_ioctl+0x8d/0xc0 [ 177.220940] ksys_ioctl+0xab/0xd0 [ 177.220954] __x64_sys_ioctl+0x73/0xb0 [ 177.220969] do_syscall_64+0xfd/0x620 [ 177.220987] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 177.220999] RIP: 0033:0x459a29 [ 177.221010] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 177.221021] RSP: 002b:00007f7e1a207c78 EFLAGS: 00000246 [ 177.225129] kobject: 'vlan0' (00000000bebe6f98): kobject_add_internal: parent: 'mesh', set: '' [ 177.231116] ORIG_RAX: 0000000000000010 [ 177.231124] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459a29 [ 177.231131] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 177.231138] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 177.231145] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7e1a2086d4 [ 177.231152] R13: 00000000004c2ddb R14: 00000000004d68f8 R15: 00000000ffffffff [ 177.236711] Kernel Offset: disabled [ 177.490322] Rebooting in 86400 seconds..