[ 56.373509] audit: type=1800 audit(1538614926.411:27): pid=6069 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 58.035001] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 62.689300] random: sshd: uninitialized urandom read (32 bytes read) [ 63.112022] random: sshd: uninitialized urandom read (32 bytes read) [ 65.374124] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.10.49' (ECDSA) to the list of known hosts. [ 71.253395] random: sshd: uninitialized urandom read (32 bytes read) 2018/10/04 01:02:23 fuzzer started [ 75.928667] random: cc1: uninitialized urandom read (8 bytes read) 2018/10/04 01:02:28 dialing manager at 10.128.0.26:36867 2018/10/04 01:02:28 syscalls: 1 2018/10/04 01:02:28 code coverage: enabled 2018/10/04 01:02:28 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled 2018/10/04 01:02:28 setuid sandbox: enabled 2018/10/04 01:02:28 namespace sandbox: enabled 2018/10/04 01:02:28 Android sandbox: /sys/fs/selinux/policy does not exist 2018/10/04 01:02:28 fault injection: enabled 2018/10/04 01:02:28 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2018/10/04 01:02:28 net packed injection: enabled 2018/10/04 01:02:28 net device setup: enabled [ 80.840177] random: crng init done 01:04:24 executing program 0: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000100)='./file0\x00', 0x0) rt_sigpending(&(0x7f0000000000), 0x8) [ 194.960567] IPVS: ftp: loaded support on port[0] = 21 [ 197.293140] bridge0: port 1(bridge_slave_0) entered blocking state [ 197.299632] bridge0: port 1(bridge_slave_0) entered disabled state [ 197.308296] device bridge_slave_0 entered promiscuous mode [ 197.472596] bridge0: port 2(bridge_slave_1) entered blocking state [ 197.479072] bridge0: port 2(bridge_slave_1) entered disabled state [ 197.487644] device bridge_slave_1 entered promiscuous mode [ 197.693778] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 197.858540] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready 01:04:28 executing program 1: r0 = socket$inet6(0xa, 0x2, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000180)=0x580, 0x4) connect(r0, &(0x7f00000001c0)=@in={0x2, 0x4e20, @local}, 0x80) sendto$inet6(r1, &(0x7f0000000140), 0x24a, 0x0, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @ipv4={[], [], @local}}, 0x1c) setsockopt$inet6_int(r1, 0x29, 0x31, &(0x7f0000000240)=0x8, 0x4) recvmsg(r1, &(0x7f0000000400)={&(0x7f0000000280)=@nl=@proc, 0x80, &(0x7f0000000040), 0x0, &(0x7f0000000080)=""/36, 0xffffffffffffff1b}, 0x2000) sendmmsg(r0, &(0x7f00000002c0), 0x40000000000001c, 0x0) [ 198.293763] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 198.439672] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 198.897396] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 198.904643] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 199.070420] IPVS: ftp: loaded support on port[0] = 21 [ 199.735461] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 199.744397] team0: Port device team_slave_0 added [ 200.008923] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 200.017103] team0: Port device team_slave_1 added [ 200.278325] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 200.285510] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 200.294652] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 200.578381] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 200.585571] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 200.594689] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 200.900313] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 200.908100] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 200.917314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 201.155298] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 201.163099] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 201.172412] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 202.803965] bridge0: port 1(bridge_slave_0) entered blocking state [ 202.810452] bridge0: port 1(bridge_slave_0) entered disabled state [ 202.819236] device bridge_slave_0 entered promiscuous mode [ 203.028732] bridge0: port 2(bridge_slave_1) entered blocking state [ 203.035407] bridge0: port 2(bridge_slave_1) entered disabled state [ 203.044049] device bridge_slave_1 entered promiscuous mode [ 203.325503] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 203.484797] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 204.010170] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 204.048820] bridge0: port 2(bridge_slave_1) entered blocking state [ 204.055379] bridge0: port 2(bridge_slave_1) entered forwarding state [ 204.062435] bridge0: port 1(bridge_slave_0) entered blocking state [ 204.068925] bridge0: port 1(bridge_slave_0) entered forwarding state [ 204.078218] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready 01:04:34 executing program 2: syz_emit_ethernet(0x1, &(0x7f0000000200)=ANY=[@ANYBLOB="5000000006780000"], &(0x7f00000004c0)) [ 204.319462] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 204.558671] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 204.571032] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 204.792424] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 204.876105] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 204.883276] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 205.135095] IPVS: ftp: loaded support on port[0] = 21 [ 205.840082] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 205.848298] team0: Port device team_slave_0 added [ 206.121039] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 206.129305] team0: Port device team_slave_1 added [ 206.436450] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 206.443651] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 206.452649] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 206.788601] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 206.795817] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 206.805071] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 207.115185] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 207.123111] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 207.132468] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 207.394754] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 207.402559] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 207.411930] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 210.157803] bridge0: port 1(bridge_slave_0) entered blocking state [ 210.164472] bridge0: port 1(bridge_slave_0) entered disabled state [ 210.173069] device bridge_slave_0 entered promiscuous mode [ 210.552043] bridge0: port 2(bridge_slave_1) entered blocking state [ 210.558522] bridge0: port 2(bridge_slave_1) entered disabled state [ 210.567151] device bridge_slave_1 entered promiscuous mode [ 210.817875] bridge0: port 2(bridge_slave_1) entered blocking state [ 210.824444] bridge0: port 2(bridge_slave_1) entered forwarding state [ 210.831356] bridge0: port 1(bridge_slave_0) entered blocking state [ 210.837948] bridge0: port 1(bridge_slave_0) entered forwarding state [ 210.846805] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 210.880447] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 211.135179] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 211.783198] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 211.976622] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 212.239648] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 212.492397] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 212.499449] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready 01:04:42 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair$inet6_udp(0xa, 0x2, 0x0, &(0x7f00000000c0)) setsockopt$inet_group_source_req(0xffffffffffffffff, 0x0, 0x2e, &(0x7f0000000280)={0x3e76, {{0x2, 0x4e24}}}, 0x108) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x5c831, 0xffffffffffffffff, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$FS_IOC_FSGETXATTR(0xffffffffffffffff, 0x801c581f, &(0x7f0000000040)={0x0, 0x0, 0x3}) perf_event_open(&(0x7f0000000140)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$netlink(0x10, 0x3, 0x14) ioctl$EVIOCGEFFECTS(0xffffffffffffffff, 0x80044584, &(0x7f0000000480)=""/141) write(r3, &(0x7f0000fa8000)="2700000014000707030e0000120f0a0011000100", 0x14) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000140)="360f303e0f01df6766c7442400090000006766c7442402020000006766c744240600000000670f011c240f20c06635200000000f22c0263356470f0764f30f2a342e260f0f970a008e0f08660f5808", 0x4f}], 0x1, 0x0, &(0x7f0000000200), 0x0) [ 212.797540] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 212.804767] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 213.711804] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 213.719846] team0: Port device team_slave_0 added [ 213.828664] IPVS: ftp: loaded support on port[0] = 21 [ 214.165177] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 214.173327] team0: Port device team_slave_1 added [ 214.556030] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 214.563335] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 214.572874] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 214.901271] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 214.908506] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 214.917405] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 215.299470] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 215.307187] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 215.316308] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 215.627175] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 215.635145] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 215.644257] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 216.762725] 8021q: adding VLAN 0 to HW filter on device bond0 [ 218.058868] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 219.401272] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 219.409604] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 219.417775] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 219.507051] bridge0: port 1(bridge_slave_0) entered blocking state [ 219.513724] bridge0: port 1(bridge_slave_0) entered disabled state [ 219.522366] device bridge_slave_0 entered promiscuous mode [ 219.786302] bridge0: port 2(bridge_slave_1) entered blocking state [ 219.792878] bridge0: port 2(bridge_slave_1) entered forwarding state [ 219.799803] bridge0: port 1(bridge_slave_0) entered blocking state [ 219.806404] bridge0: port 1(bridge_slave_0) entered forwarding state [ 219.815412] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 219.871988] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 219.915334] bridge0: port 2(bridge_slave_1) entered blocking state [ 219.921986] bridge0: port 2(bridge_slave_1) entered disabled state [ 219.930504] device bridge_slave_1 entered promiscuous mode [ 220.315349] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 220.683982] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 220.780282] 8021q: adding VLAN 0 to HW filter on device team0 [ 221.769865] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 222.154280] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 222.514835] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 222.522044] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 222.856212] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 222.863372] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 223.835871] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 223.844043] team0: Port device team_slave_0 added 01:04:54 executing program 4: r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x437, &(0x7f0000000700)={@local, @broadcast, [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev, @local, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000001780)) recvmmsg(r0, &(0x7f00000017c0)=[{{0x0, 0x0, &(0x7f0000000d80)}}], 0x1, 0x10002, &(0x7f0000000080)) [ 224.236568] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 224.244716] team0: Port device team_slave_1 added [ 224.704203] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 224.711257] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 224.720197] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 225.110026] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 225.117376] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 225.126544] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 225.459258] IPVS: ftp: loaded support on port[0] = 21 [ 225.613561] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 225.621138] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 225.630660] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 226.138760] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 226.146652] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 226.155765] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 226.260510] 8021q: adding VLAN 0 to HW filter on device bond0 [ 227.872073] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 229.376286] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 229.382885] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 229.390917] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready 01:05:00 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000001000), 0x1000) read$FUSE(r0, &(0x7f00000040c0), 0x1000) statfs(&(0x7f00000001c0)='./file0\x00', &(0x7f0000002000)=""/4096) write$FUSE_INIT(r0, &(0x7f0000000100)={0x50, 0x0, 0x1}, 0x50) [ 230.919654] bridge0: port 2(bridge_slave_1) entered blocking state [ 230.926566] bridge0: port 2(bridge_slave_1) entered forwarding state [ 230.933666] bridge0: port 1(bridge_slave_0) entered blocking state [ 230.940139] bridge0: port 1(bridge_slave_0) entered forwarding state [ 230.948738] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 231.042135] 8021q: adding VLAN 0 to HW filter on device team0 01:05:01 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) perf_event_open(&(0x7f0000000080)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x60, &(0x7f0000000040)={0x0, @empty, 0x4e24, 0x0, "6468edb40100030092230000000d00", 0x0, 0x200000, 0x80000}, 0x2c) [ 231.472170] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 232.618751] bridge0: port 1(bridge_slave_0) entered blocking state [ 232.625295] bridge0: port 1(bridge_slave_0) entered disabled state [ 232.633866] device bridge_slave_0 entered promiscuous mode 01:05:02 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ppoll(&(0x7f0000000400)=[{r0, 0x471}], 0x1, &(0x7f0000000440)={0x77359400}, &(0x7f0000000480)={0x5}, 0x8) ioctl(r0, 0x4000100000008911, &(0x7f0000000280)="88f96234488dd25d766070") bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1, 0x2, &(0x7f00000002c0)=ANY=[@ANYRESDEC=r0], &(0x7f0000000540)="73797a7a616c01007200"}, 0x48) recvmmsg(r0, &(0x7f0000000200)=[{{&(0x7f0000000080)=@xdp, 0x80, &(0x7f0000000180)=[{&(0x7f0000000100)=""/110, 0x6e}], 0x1, &(0x7f00000001c0)=""/30, 0x1e, 0x5}, 0x3}], 0x1, 0x20, &(0x7f0000000240)={0x0, 0x989680}) [ 233.140821] bridge0: port 2(bridge_slave_1) entered blocking state [ 233.147874] bridge0: port 2(bridge_slave_1) entered disabled state [ 233.156430] device bridge_slave_1 entered promiscuous mode [ 233.534313] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 233.911865] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready 01:05:04 executing program 0: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SCSI_IOCTL_START_UNIT(r0, 0x5) r1 = epoll_create(0x36e) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000001c0)={0x4000000c}) epoll_wait(r1, &(0x7f00000000c0)=[{}], 0x1, 0x0) 01:05:04 executing program 0: r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) setsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r0, 0x84, 0x7, &(0x7f00000001c0)={0x1}, 0x4) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000300)={0x0, 0xa0, &(0x7f0000000600)=[@in6={0xa, 0x4e23, 0xfffffffffffffffe, @local, 0x1}, @in6={0xa, 0x4e22, 0x8001, @local}, @in={0x2, 0x4e22, @local}, @in={0x2, 0x4e24}, @in={0x2, 0x4e22}, @in6={0xa, 0x4e20, 0x2, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x14}}, 0xf7}, @in6={0xa, 0x4e24, 0x200, @ipv4={[], [], @multicast2}, 0x4}]}, &(0x7f00000006c0)=0x10) setsockopt$inet_sctp_SCTP_SET_PEER_PRIMARY_ADDR(r0, 0x84, 0x5, &(0x7f0000000700)={r1, @in={{0x2, 0x4e20}}}, 0x84) r2 = socket(0x10, 0x803, 0x0) r3 = dup(r2) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000000)={r3, 0x50, &(0x7f0000000140)}, 0x10) sendto(r2, &(0x7f0000000280)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r2, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x5f}, {&(0x7f00000000c0)=""/85, 0x210}, {&(0x7f0000000fc0)=""/4096, 0x1000}, {&(0x7f0000000400)=""/120, 0x78}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x8}, {&(0x7f0000000340)=""/22, 0x16}], 0x6, &(0x7f0000002400)=""/191, 0xbf}}], 0x40000000000020a, 0x0, &(0x7f0000003700)={0x77359400}) ioctl$VHOST_SET_VRING_BASE(r3, 0x4008af12, &(0x7f00000002c0)={0x3, 0x15}) 01:05:05 executing program 0: r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev}, 0x1c) r1 = getegid() stat(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0, 0x0}, &(0x7f0000000280)=0xc) fstat(r0, &(0x7f0000000000)) getresgid(&(0x7f00000002c0), &(0x7f0000000300), &(0x7f0000000340)=0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000440)={0x0, 0x0, 0x0}, &(0x7f0000000480)=0xc) ioctl$sock_bt_bnep_BNEPCONNDEL(0xffffffffffffffff, 0x400442c9, &(0x7f0000000e40)={0x0, @remote}) getresgid(&(0x7f00000004c0)=0x0, &(0x7f0000000500), &(0x7f0000000540)) r7 = openat$cgroup_ro(r0, &(0x7f0000000580)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) setsockopt$bt_BT_SNDMTU(r7, 0x112, 0xc, &(0x7f00000005c0)=0xe8, 0x2) fstat(r0, &(0x7f0000000cc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setgroups(0x9, &(0x7f0000000600)=[0x0, r1, r2, r3, r4, 0x0, r5, r6, r8]) sendto$inet6(r0, &(0x7f0000000c00)="b0f3bfc1f751c39956d5c194a4b2c7e194878c6bfcfbbf4e809d5bf6adc3ecbb8ec9f60b77b5244094cad9595b82420bd1832cf75646dc2a7a91c951f849369c1afac84af4983b7ed24779b9ec5e47847828", 0x52, 0x0, 0x0, 0x0) ioctl$EVIOCGBITSND(0xffffffffffffffff, 0x80404532, &(0x7f0000000d40)=""/164) r9 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)="0100752e7374617400", 0x0, 0x0) sendmsg$alg(r9, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f0000000ac0)="8900dbb727000d0220729f5d43726c4a4e86c2cdb30c12b38f580871cc2963bed9090830cdafaf2750371b3385c455898bbf79399eb8d56f89a473310181a7c103dc421bea6af46d5b4040", 0x4b}], 0x1, 0x0, 0x0, 0x40}, 0x800) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) mkdirat(0xffffffffffffff9c, &(0x7f0000001380)='./file0\x00', 0x0) mount(&(0x7f0000000080)=ANY=[@ANYBLOB="d381956f0b233b408978f4df4e05bca5fbcca9d201b0e8979e5e56ab6e00e0"], &(0x7f0000001300)='./file0\x00', &(0x7f0000000100)='tmpfs\x00', 0x0, &(0x7f0000000140)="b4fb5b1caef4a9da31238cf5c953b7ae8fa0d3e0f85c12aef20d757c22f527721ef031826885879b723f37c290251ab95490c92c") [ 235.248926] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 235.386179] tmpfs: No value for mount option '[1#S\ u|"'r1hr?7%T' 01:05:05 executing program 0: r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev}, 0x1c) r1 = getegid() stat(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0, 0x0}, &(0x7f0000000280)=0xc) fstat(r0, &(0x7f0000000000)) getresgid(&(0x7f00000002c0), &(0x7f0000000300), &(0x7f0000000340)=0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000440)={0x0, 0x0, 0x0}, &(0x7f0000000480)=0xc) ioctl$sock_bt_bnep_BNEPCONNDEL(0xffffffffffffffff, 0x400442c9, &(0x7f0000000e40)={0x0, @remote}) getresgid(&(0x7f00000004c0)=0x0, &(0x7f0000000500), &(0x7f0000000540)) r7 = openat$cgroup_ro(r0, &(0x7f0000000580)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) setsockopt$bt_BT_SNDMTU(r7, 0x112, 0xc, &(0x7f00000005c0)=0xe8, 0x2) fstat(r0, &(0x7f0000000cc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setgroups(0x9, &(0x7f0000000600)=[0x0, r1, r2, r3, r4, 0x0, r5, r6, r8]) sendto$inet6(r0, &(0x7f0000000c00)="b0f3bfc1f751c39956d5c194a4b2c7e194878c6bfcfbbf4e809d5bf6adc3ecbb8ec9f60b77b5244094cad9595b82420bd1832cf75646dc2a7a91c951f849369c1afac84af4983b7ed24779b9ec5e47847828", 0x52, 0x0, 0x0, 0x0) ioctl$EVIOCGBITSND(0xffffffffffffffff, 0x80404532, &(0x7f0000000d40)=""/164) r9 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)="0100752e7374617400", 0x0, 0x0) sendmsg$alg(r9, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f0000000ac0)="8900dbb727000d0220729f5d43726c4a4e86c2cdb30c12b38f580871cc2963bed9090830cdafaf2750371b3385c455898bbf79399eb8d56f89a473310181a7c103dc421bea6af46d5b4040", 0x4b}], 0x1, 0x0, 0x0, 0x40}, 0x800) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) mkdirat(0xffffffffffffff9c, &(0x7f0000001380)='./file0\x00', 0x0) mount(&(0x7f0000000080)=ANY=[@ANYBLOB="d381956f0b233b408978f4df4e05bca5fbcca9d201b0e8979e5e56ab6e00e0"], &(0x7f0000001300)='./file0\x00', &(0x7f0000000100)='tmpfs\x00', 0x0, &(0x7f0000000140)="b4fb5b1caef4a9da31238cf5c953b7ae8fa0d3e0f85c12aef20d757c22f527721ef031826885879b723f37c290251ab95490c92c") [ 235.441844] tmpfs: No value for mount option '[1#S\ u|"'r1hr?7%T' 01:05:05 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f00000040c0), 0x1000) write$FUSE_INIT(r0, &(0x7f0000000280)={0x50, 0x0, 0x1}, 0x50) read$FUSE(r0, &(0x7f0000001000), 0x1000) setxattr$system_posix_acl(&(0x7f0000000380)='./file0\x00', &(0x7f00000003c0)='system/posix_acl_default\x00', &(0x7f00000005c0), 0x24, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='net/rt_acct\x00') r2 = syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x0, 0x80) ioctl$ION_IOC_ALLOC(r1, 0xc0184900, &(0x7f00000000c0)={0x800, 0x35, 0x1, r2}) write$FUSE_INTERRUPT(r0, &(0x7f0000000240)={0x10, 0x0, 0x2}, 0x10) [ 235.716686] tmpfs: No value for mount option '[1#S\ u|"'r1hr?7%T' [ 235.743693] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 236.175827] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 236.183050] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 236.499114] 8021q: adding VLAN 0 to HW filter on device bond0 [ 236.774419] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 236.781482] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 237.809127] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 237.817475] team0: Port device team_slave_0 added [ 237.833449] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 238.111858] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 238.120267] team0: Port device team_slave_1 added [ 238.328988] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 238.336217] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 238.345101] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 238.687692] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 238.694940] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 238.703705] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 238.910293] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 238.916804] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 238.924705] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 239.040782] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 239.048974] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 239.057952] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 239.374278] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 239.382209] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 239.391069] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 239.855817] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 240.012552] 8021q: adding VLAN 0 to HW filter on device team0 01:05:10 executing program 1: perf_event_open(&(0x7f0000000040)={0x0, 0xbd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000200)={0x26, 'hash\x00', 0x0, 0x0, 'sha1-generic\x00'}, 0x58) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg(r1, &(0x7f0000007f00)=[{{&(0x7f00000056c0)=@can, 0x3000, &(0x7f00000000c0)}}, {{&(0x7f0000005900)=@pppoe={0x18, 0x0, {0x0, @link_local, 'syzkaller0\x00'}}, 0x80, &(0x7f0000007ac0), 0x1a9, &(0x7f0000007b00)}}], 0x3fffffffffffe0d, 0x0) [ 242.148664] bridge0: port 2(bridge_slave_1) entered blocking state [ 242.155225] bridge0: port 2(bridge_slave_1) entered forwarding state [ 242.162267] bridge0: port 1(bridge_slave_0) entered blocking state [ 242.168730] bridge0: port 1(bridge_slave_0) entered forwarding state [ 242.177365] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 242.184135] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 243.637720] 8021q: adding VLAN 0 to HW filter on device bond0 [ 244.479931] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 245.392181] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 245.398606] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 245.406648] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready 01:05:15 executing program 2: r0 = socket$inet(0x10, 0x3, 0xc) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2400000002031f001cfffd946fa2830020200a000900010001e700000000a3a20404ff7e", 0x24}], 0x1}, 0x0) sendmsg(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000100)="2400000002031f001cfffd946fa283005b580a000900030009000000050015000404ff7e", 0x24}], 0x1}, 0x0) [ 245.824735] netlink: 4 bytes leftover after parsing attributes in process `syz-executor2'. [ 245.834093] netlink: 'syz-executor2': attribute type 3 has an invalid length. [ 245.841529] netlink: 4 bytes leftover after parsing attributes in process `syz-executor2'. [ 245.853338] netlink: 4 bytes leftover after parsing attributes in process `syz-executor2'. [ 245.882108] netlink: 'syz-executor2': attribute type 3 has an invalid length. [ 245.889577] netlink: 4 bytes leftover after parsing attributes in process `syz-executor2'. [ 246.317873] 8021q: adding VLAN 0 to HW filter on device team0 [ 249.473722] 8021q: adding VLAN 0 to HW filter on device bond0 [ 249.784396] hrtimer: interrupt took 44950 ns [ 249.889942] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html for details. [ 249.967254] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 250.011691] ================================================================== [ 250.019121] BUG: KMSAN: uninit-value in vmx_vcpu_load+0x10d5/0x1cf0 [ 250.025565] CPU: 0 PID: 7504 Comm: syz-executor3 Not tainted 4.19.0-rc4+ #63 [ 250.032776] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 250.042141] Call Trace: [ 250.044761] dump_stack+0x306/0x460 [ 250.048421] ? _raw_spin_lock_irqsave+0x227/0x340 [ 250.053289] ? vmx_vcpu_load+0x10d5/0x1cf0 [ 250.057581] kmsan_report+0x1a3/0x2d0 [ 250.061434] __msan_warning+0x7c/0xe0 [ 250.065270] vmx_vcpu_load+0x10d5/0x1cf0 [ 250.069418] vmx_create_vcpu+0x1e91/0x7920 [ 250.073701] ? kmsan_set_origin_inline+0x6b/0x120 [ 250.078596] ? __msan_poison_alloca+0x17a/0x210 [ 250.083321] ? vmx_vm_init+0x340/0x340 [ 250.087255] kvm_arch_vcpu_create+0x25d/0x2f0 [ 250.091800] kvm_vm_ioctl+0x13fd/0x33d0 [ 250.095919] ? __msan_poison_alloca+0x17a/0x210 [ 250.100646] ? do_vfs_ioctl+0x18a/0x2810 [ 250.104743] ? __se_sys_ioctl+0x1da/0x270 [ 250.108934] ? vcpu_stat_clear_per_vm+0x420/0x420 [ 250.113807] ? vcpu_stat_clear_per_vm+0x420/0x420 [ 250.118697] do_vfs_ioctl+0xcf3/0x2810 [ 250.122650] ? security_file_ioctl+0x92/0x200 [ 250.127194] __se_sys_ioctl+0x1da/0x270 [ 250.131217] __x64_sys_ioctl+0x4a/0x70 [ 250.135136] do_syscall_64+0xbe/0x100 [ 250.138978] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 250.144193] RIP: 0033:0x457579 [ 250.147419] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 250.166452] RSP: 002b:00007f65474fec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 250.174193] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457579 [ 250.181485] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000005 [ 250.188778] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 250.196074] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f65474ff6d4 [ 250.203369] R13: 00000000004bfc18 R14: 00000000004cfca0 R15: 00000000ffffffff [ 250.210682] [ 250.212331] Local variable description: ----error.i@vmx_vcpu_load [ 250.218568] Variable was created at: [ 250.222317] vmx_vcpu_load+0x1a0/0x1cf0 [ 250.226314] vmx_create_vcpu+0x1e91/0x7920 [ 250.230566] ================================================================== [ 250.237960] Disabling lock debugging due to kernel taint [ 250.243433] Kernel panic - not syncing: panic_on_warn set ... [ 250.243433] [ 250.250841] CPU: 0 PID: 7504 Comm: syz-executor3 Tainted: G B 4.19.0-rc4+ #63 [ 250.259442] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 250.268813] Call Trace: [ 250.271443] dump_stack+0x306/0x460 [ 250.275122] panic+0x54c/0xafa [ 250.278410] kmsan_report+0x2cd/0x2d0 [ 250.282262] __msan_warning+0x7c/0xe0 [ 250.286104] vmx_vcpu_load+0x10d5/0x1cf0 [ 250.290227] vmx_create_vcpu+0x1e91/0x7920 [ 250.294500] ? kmsan_set_origin_inline+0x6b/0x120 [ 250.299383] ? __msan_poison_alloca+0x17a/0x210 [ 250.304123] ? vmx_vm_init+0x340/0x340 [ 250.308050] kvm_arch_vcpu_create+0x25d/0x2f0 [ 250.312605] kvm_vm_ioctl+0x13fd/0x33d0 [ 250.316635] ? __msan_poison_alloca+0x17a/0x210 [ 250.321346] ? do_vfs_ioctl+0x18a/0x2810 [ 250.325438] ? __se_sys_ioctl+0x1da/0x270 [ 250.329621] ? vcpu_stat_clear_per_vm+0x420/0x420 [ 250.334497] ? vcpu_stat_clear_per_vm+0x420/0x420 [ 250.339372] do_vfs_ioctl+0xcf3/0x2810 [ 250.343307] ? security_file_ioctl+0x92/0x200 [ 250.347845] __se_sys_ioctl+0x1da/0x270 [ 250.351876] __x64_sys_ioctl+0x4a/0x70 [ 250.355795] do_syscall_64+0xbe/0x100 [ 250.359643] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 250.364864] RIP: 0033:0x457579 [ 250.368083] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 250.387004] RSP: 002b:00007f65474fec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 250.395364] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457579 [ 250.402656] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000005 [ 250.409945] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 250.417237] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f65474ff6d4 [ 250.424526] R13: 00000000004bfc18 R14: 00000000004cfca0 R15: 00000000ffffffff [ 250.432538] Kernel Offset: disabled [ 250.436180] Rebooting in 86400 seconds..