Warning: Permanently added '10.128.10.31' (ECDSA) to the list of known hosts. [ 68.187664] random: sshd: uninitialized urandom read (32 bytes read) 2018/10/06 01:02:23 fuzzer started [ 72.852998] random: cc1: uninitialized urandom read (8 bytes read) [ 72.963869] cc1 (6234) used greatest stack depth: 53184 bytes left 2018/10/06 01:02:28 dialing manager at 10.128.0.26:36867 2018/10/06 01:02:28 syscalls: 1 2018/10/06 01:02:28 code coverage: enabled 2018/10/06 01:02:28 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled 2018/10/06 01:02:28 setuid sandbox: enabled 2018/10/06 01:02:28 namespace sandbox: enabled 2018/10/06 01:02:28 Android sandbox: /sys/fs/selinux/policy does not exist 2018/10/06 01:02:28 fault injection: enabled 2018/10/06 01:02:28 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2018/10/06 01:02:28 net packed injection: enabled 2018/10/06 01:02:28 net device setup: enabled [ 78.913083] random: crng init done 01:04:33 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000340)='/dev/ptmx\x00', 0x0, 0x0) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x0) r2 = add_key$keyring(&(0x7f0000000180)='keyring\x00', &(0x7f0000000240)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$setperm(0x5, r2, 0x2100030) pipe(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}) write(r4, &(0x7f00000001c0), 0xffffffea) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clock_gettime(0x6, &(0x7f00000001c0)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), &(0x7f00000004c0)={0x20}, &(0x7f0000000140)={0x8, 0x0, 0x3f000000}, &(0x7f0000000200)={0x0, r5+30000000}, &(0x7f0000000300)={&(0x7f00000002c0), 0x8}) ioctl$KVM_SIGNAL_MSI(r0, 0x4020aea5, &(0x7f0000000380)={0x7000, 0x0, 0x27a064bb, 0x9, 0x7fffffff}) semctl$IPC_STAT(0x0, 0x0, 0x2, &(0x7f00000003c0)=""/145) vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r1, 0x4010ae74, &(0x7f0000000500)={0xffffffffffffffff, 0x8001, 0xfffffffffffffff9}) mremap(&(0x7f0000ffb000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000ffc000/0x2000)=nil) ioctl$PERF_EVENT_IOC_ID(0xffffffffffffffff, 0x80082407, &(0x7f0000000100)) ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0x4008ae48, &(0x7f0000000280)=0x2000) [ 201.426245] IPVS: ftp: loaded support on port[0] = 21 [ 203.810197] bridge0: port 1(bridge_slave_0) entered blocking state [ 203.816783] bridge0: port 1(bridge_slave_0) entered disabled state [ 203.825626] device bridge_slave_0 entered promiscuous mode [ 203.967784] bridge0: port 2(bridge_slave_1) entered blocking state [ 203.974381] bridge0: port 2(bridge_slave_1) entered disabled state [ 203.982911] device bridge_slave_1 entered promiscuous mode [ 204.125188] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 204.267365] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 204.697617] bond0: Enslaving bond_slave_0 as an active interface with an up link 01:04:37 executing program 1: r0 = socket$inet6(0xa, 0x3, 0x800000000000004) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d5c6070") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000580)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="b7f2288a911993f0265df5cf1cdd8b55b062950b86bc01abc8464d4f8a906151", 0x20) r2 = accept$alg(r1, 0x0, 0x0) socketpair(0x0, 0x0, 0x0, &(0x7f0000000480)) sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000), 0x0, &(0x7f0000000140)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write$binfmt_script(r2, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmmsg(r2, &(0x7f0000001680)=[{{&(0x7f0000000980)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast1}}}, 0x80, &(0x7f0000000f40)=[{&(0x7f0000001f40)=""/4096, 0x1000}], 0x1, &(0x7f0000001000)=""/202, 0xca}}], 0x1, 0x0, &(0x7f00000017c0)={0x77359400}) [ 204.888031] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 205.216418] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 205.223595] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 205.667960] IPVS: ftp: loaded support on port[0] = 21 [ 205.909615] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 205.917858] team0: Port device team_slave_0 added [ 206.158232] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 206.166361] team0: Port device team_slave_1 added [ 206.406438] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 206.413587] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 206.422631] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 206.646636] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 206.653828] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 206.662920] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 206.929997] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 206.938139] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 206.947329] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 207.176418] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 207.184289] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 207.193471] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 208.457067] ip (6352) used greatest stack depth: 53056 bytes left [ 209.136402] bridge0: port 1(bridge_slave_0) entered blocking state [ 209.143298] bridge0: port 1(bridge_slave_0) entered disabled state [ 209.151882] device bridge_slave_0 entered promiscuous mode [ 209.437053] bridge0: port 2(bridge_slave_1) entered blocking state [ 209.443723] bridge0: port 2(bridge_slave_1) entered disabled state [ 209.452367] device bridge_slave_1 entered promiscuous mode [ 209.664085] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 209.950354] bridge0: port 2(bridge_slave_1) entered blocking state [ 209.956901] bridge0: port 2(bridge_slave_1) entered forwarding state [ 209.963945] bridge0: port 1(bridge_slave_0) entered blocking state [ 209.970392] bridge0: port 1(bridge_slave_0) entered forwarding state [ 209.979400] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 209.990880] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready 01:04:43 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000180)={&(0x7f0000000000), 0xc, &(0x7f0000000140)={&(0x7f0000000040)=@newlink={0x30, 0x10, 0xf0b, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, @gre={{0x8, 0x1, 'gre\x00'}, {0x4}}}]}, 0x30}}, 0x0) [ 210.311958] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 210.717711] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 211.034239] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 211.078190] IPVS: ftp: loaded support on port[0] = 21 [ 211.331487] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 211.340564] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 211.589222] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 211.596532] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 212.436454] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 212.444738] team0: Port device team_slave_0 added [ 212.743177] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 212.751128] team0: Port device team_slave_1 added [ 213.081118] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 213.088353] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 213.097333] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 213.406537] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 213.413718] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 213.422491] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 213.708825] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 213.716469] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 213.726026] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 214.008145] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 214.015851] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 214.025225] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 216.074001] bridge0: port 1(bridge_slave_0) entered blocking state [ 216.080488] bridge0: port 1(bridge_slave_0) entered disabled state [ 216.088979] device bridge_slave_0 entered promiscuous mode [ 216.414194] bridge0: port 2(bridge_slave_1) entered blocking state [ 216.420663] bridge0: port 2(bridge_slave_1) entered disabled state [ 216.429499] device bridge_slave_1 entered promiscuous mode [ 216.672312] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 216.943361] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 217.170932] bridge0: port 2(bridge_slave_1) entered blocking state [ 217.177540] bridge0: port 2(bridge_slave_1) entered forwarding state [ 217.184725] bridge0: port 1(bridge_slave_0) entered blocking state [ 217.191211] bridge0: port 1(bridge_slave_0) entered forwarding state [ 217.200113] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 217.681952] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 217.818273] bond0: Enslaving bond_slave_0 as an active interface with an up link 01:04:51 executing program 3: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) sendto$inet6(r1, &(0x7f0000000040)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback, 0x4000000000000000}, 0x1c) r2 = socket$netlink(0x10, 0x3, 0x4) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) writev(r2, &(0x7f0000000000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560a84470080ffe0064e230f00000000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x48}], 0x1) [ 218.112024] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 218.436844] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 218.444048] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 218.882916] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 218.890275] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 219.359383] IPVS: ftp: loaded support on port[0] = 21 [ 219.509340] ip (6572) used greatest stack depth: 52832 bytes left [ 219.866814] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 219.874999] team0: Port device team_slave_0 added [ 220.251761] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 220.259777] team0: Port device team_slave_1 added [ 220.606179] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 220.613414] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 220.622167] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 220.898984] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 220.906321] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 220.915159] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 221.230297] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 221.238168] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 221.247559] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 221.616086] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 221.623780] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 221.632879] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 223.067219] 8021q: adding VLAN 0 to HW filter on device bond0 [ 224.307106] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 225.516733] bridge0: port 1(bridge_slave_0) entered blocking state [ 225.523333] bridge0: port 1(bridge_slave_0) entered disabled state [ 225.532028] device bridge_slave_0 entered promiscuous mode [ 225.779527] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 225.786084] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 225.794372] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 225.971671] bridge0: port 2(bridge_slave_1) entered blocking state [ 225.978157] bridge0: port 2(bridge_slave_1) entered forwarding state [ 225.985177] bridge0: port 1(bridge_slave_0) entered blocking state [ 225.991816] bridge0: port 1(bridge_slave_0) entered forwarding state [ 226.000752] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 226.016972] bridge0: port 2(bridge_slave_1) entered blocking state [ 226.023656] bridge0: port 2(bridge_slave_1) entered disabled state [ 226.032318] device bridge_slave_1 entered promiscuous mode [ 226.347483] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 226.686639] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 226.823430] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 227.361925] 8021q: adding VLAN 0 to HW filter on device team0 [ 227.922639] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 228.310923] bond0: Enslaving bond_slave_1 as an active interface with an up link 01:05:01 executing program 4: r0 = open(&(0x7f0000000000)='./file0\x00', 0x72be9c096e871b71, 0x0) close(r0) socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6}]}, 0x10) [ 228.704941] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 228.712147] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 229.129221] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 229.136521] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 229.908218] IPVS: ftp: loaded support on port[0] = 21 [ 230.422103] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 230.430100] team0: Port device team_slave_0 added [ 230.867796] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 230.876037] team0: Port device team_slave_1 added [ 231.246083] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 231.253333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 231.262348] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 231.366539] 8021q: adding VLAN 0 to HW filter on device bond0 [ 231.692983] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 231.700089] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 231.709218] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 232.104549] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 232.112350] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 232.121148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 232.548867] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 232.556627] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 232.565891] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 232.940229] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 234.468849] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 234.475431] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 234.483725] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 236.161469] 8021q: adding VLAN 0 to HW filter on device team0 [ 236.937133] bridge0: port 1(bridge_slave_0) entered blocking state [ 236.943753] bridge0: port 1(bridge_slave_0) entered disabled state [ 236.952264] device bridge_slave_0 entered promiscuous mode [ 237.452785] hrtimer: interrupt took 34937 ns [ 237.456407] bridge0: port 2(bridge_slave_1) entered blocking state [ 237.463880] bridge0: port 2(bridge_slave_1) entered forwarding state [ 237.470829] bridge0: port 1(bridge_slave_0) entered blocking state [ 237.477416] bridge0: port 1(bridge_slave_0) entered forwarding state [ 237.486276] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 237.495644] bridge0: port 2(bridge_slave_1) entered blocking state [ 237.502201] bridge0: port 2(bridge_slave_1) entered disabled state [ 237.510693] device bridge_slave_1 entered promiscuous mode [ 237.522600] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 238.170316] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 239.139012] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 241.005020] bond0: Enslaving bond_slave_0 as an active interface with an up link 01:05:14 executing program 5: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = accept4$unix(0xffffffffffffff9c, 0x0, &(0x7f0000000140), 0x0) bind$unix(r1, &(0x7f00000001c0)=@abs={0x1, 0x0, 0x4e24}, 0x6e) r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000240)='/dev/null\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(r2, 0xc08c5334, &(0x7f0000000280)={0x7, 0x71, 0x8, 'queue0\x00', 0x2}) close(r0) r3 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x8000, 0x0) ioctl$ASHMEM_GET_NAME(r3, 0x81007702, &(0x7f0000000340)=""/171) socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, &(0x7f0000000040)) ioctl$sock_SIOCGPGRP(0xffffffffffffff9c, 0x8904, &(0x7f0000000100)) r4 = epoll_create(0xfffffffffffffff7) ioctl$FS_IOC_FIEMAP(r4, 0xc020660b, &(0x7f0000000500)=ANY=[]) fcntl$getownex(r1, 0x10, &(0x7f0000000440)) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x15f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000380)='./file0\x00', 0x0) pipe(&(0x7f00000001c0)) mount(&(0x7f0000000280)=ANY=[], &(0x7f000000aff8)='./file0\x00', &(0x7f0000000400)='devtmpfs\x00', 0x0, &(0x7f000001c000)) chdir(&(0x7f0000000180)='./file0\x00') r5 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f0000000000)={0x0, 'veth1_to_bridge\x00'}, 0x18) write$eventfd(r5, &(0x7f0000000080), 0xfffffe5e) ioctl$TCSETSW(0xffffffffffffffff, 0x5403, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x2000000000000000, 0x0, 0x1, 0x0, 0x4}) munmap(&(0x7f0000443000/0x400000)=nil, 0x400000) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x0) mmap(&(0x7f000029d000/0x200000)=nil, 0x200000, 0x4, 0x10, 0xffffffffffffffff, 0x0) [ 241.660346] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 242.207833] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 242.215051] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 242.873157] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 242.880243] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 243.356666] IPVS: ftp: loaded support on port[0] = 21 [ 245.065147] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 245.073644] team0: Port device team_slave_0 added [ 245.793551] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 245.801786] team0: Port device team_slave_1 added [ 246.522329] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 246.529482] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 246.538478] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 247.166658] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 247.173925] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 247.182810] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 247.910144] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 247.918299] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 247.927483] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 248.014440] 8021q: adding VLAN 0 to HW filter on device bond0 [ 248.899293] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 248.907554] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 248.916565] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready 01:05:22 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f00000000c0)="c744240006000000c744240200000080c7442406000000000f01142466b8c2008ec80f070f0f369a0f2002674669f9c12c000026660f38157e0f660f0dbead00000066baf80cb8bcecb281ef66bafc0cb80b000000ef0f20d835080000000f22d8", 0x61}], 0x1, 0x0, &(0x7f0000000040), 0x0) ioctl$KVM_NMI(r3, 0xae9a) getsockopt(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000640)=""/226, &(0x7f0000000000)=0xffffffd7) ioctl$KVM_RUN(r3, 0xae80, 0x0) openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0) [ 250.123641] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html for details. [ 250.222748] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 250.303259] ================================================================== [ 250.310803] BUG: KMSAN: uninit-value in loaded_vmcs_init+0x343/0x590 [ 250.317326] CPU: 0 PID: 13 Comm: kworker/0:1 Not tainted 4.19.0-rc4+ #63 [ 250.324179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 250.333575] Workqueue: rcu_gp process_srcu [ 250.337836] Call Trace: [ 250.340432] [ 250.342610] dump_stack+0x306/0x460 [ 250.346257] ? loaded_vmcs_init+0x343/0x590 [ 250.350615] kmsan_report+0x1a3/0x2d0 [ 250.354449] __msan_warning+0x7c/0xe0 [ 250.358277] loaded_vmcs_init+0x343/0x590 [ 250.362489] __loaded_vmcs_clear+0x2fb/0x3c0 [ 250.366964] flush_smp_call_function_queue+0x404/0x770 [ 250.372258] ? vmx_get_msr_feature+0x180/0x180 [ 250.376871] generic_smp_call_function_single_interrupt+0x1f/0x30 [ 250.383122] smp_call_function_single_interrupt+0x2f7/0x530 [ 250.388856] call_function_single_interrupt+0xf/0x20 [ 250.393965] [ 250.396223] RIP: 0010:process_srcu+0xa00/0x1980 [ 250.400908] Code: c7 03 00 00 00 00 48 83 7d c0 00 0f 85 d4 04 00 00 48 8b 9d 70 ff ff ff 48 89 df e8 6a a1 83 00 c6 00 00 c6 03 00 fb 45 84 e4 <0f> 85 c2 04 00 00 45 84 ed 4c 8b 6d a8 0f 84 0d 05 00 00 48 8b 9d [ 250.421219] RSP: 0018:ffff8801d16dfaf8 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff04 [ 250.428951] RAX: ffff8801a721a120 RBX: ffffc9000da02120 RCX: ffff880143dd4120 [ 250.436276] RDX: ffff880143dd4120 RSI: aaaaaaaaaaaab000 RDI: ffffea000798a2c0 [ 250.443563] RBP: ffff8801d16dfc48 R08: ffffffff7fffff00 R09: ffff88021fc38f50 [ 250.450842] R10: 0000000000000000 R11: ffffffff813f17c0 R12: 0000000000000000 [ 250.458125] R13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000000 [ 250.465436] ? __set_cyc2ns_scale+0x3f0/0x3f0 [ 250.469963] ? process_srcu+0x9f6/0x1980 [ 250.474038] ? task_kmsan_context_state+0x6b/0x120 [ 250.479028] ? srcu_torture_stats_print+0x770/0x770 [ 250.484070] process_one_work+0x19c4/0x24f0 [ 250.488444] worker_thread+0x206d/0x2b30 [ 250.492575] kthread+0x59c/0x5d0 [ 250.495958] ? process_one_work+0x24f0/0x24f0 [ 250.500480] ? INIT_BOOL+0x30/0x30 [ 250.504071] ret_from_fork+0x35/0x40 [ 250.507810] [ 250.509440] Local variable description: ----error.i@loaded_vmcs_init [ 250.515933] Variable was created at: [ 250.519663] loaded_vmcs_init+0x8a/0x590 [ 250.524387] __loaded_vmcs_clear+0x2fb/0x3c0 [ 250.528794] ================================================================== [ 250.536155] Disabling lock debugging due to kernel taint [ 250.541614] Kernel panic - not syncing: panic_on_warn set ... [ 250.541614] [ 250.549006] CPU: 0 PID: 13 Comm: kworker/0:1 Tainted: G B 4.19.0-rc4+ #63 [ 250.557245] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 250.566627] Workqueue: rcu_gp process_srcu [ 250.570877] Call Trace: [ 250.573472] [ 250.575652] dump_stack+0x306/0x460 [ 250.579312] panic+0x54c/0xafa [ 250.582577] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 250.589010] kmsan_report+0x2cd/0x2d0 [ 250.593450] __msan_warning+0x7c/0xe0 [ 250.597317] loaded_vmcs_init+0x343/0x590 [ 250.601517] __loaded_vmcs_clear+0x2fb/0x3c0 [ 250.605992] flush_smp_call_function_queue+0x404/0x770 [ 250.611289] ? vmx_get_msr_feature+0x180/0x180 [ 250.615904] generic_smp_call_function_single_interrupt+0x1f/0x30 [ 250.622155] smp_call_function_single_interrupt+0x2f7/0x530 [ 250.627889] call_function_single_interrupt+0xf/0x20 [ 250.632996] [ 250.635256] RIP: 0010:process_srcu+0xa00/0x1980 [ 250.639940] Code: c7 03 00 00 00 00 48 83 7d c0 00 0f 85 d4 04 00 00 48 8b 9d 70 ff ff ff 48 89 df e8 6a a1 83 00 c6 00 00 c6 03 00 fb 45 84 e4 <0f> 85 c2 04 00 00 45 84 ed 4c 8b 6d a8 0f 84 0d 05 00 00 48 8b 9d [ 250.659476] RSP: 0018:ffff8801d16dfaf8 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff04 [ 250.667224] RAX: ffff8801a721a120 RBX: ffffc9000da02120 RCX: ffff880143dd4120 [ 250.674513] RDX: ffff880143dd4120 RSI: aaaaaaaaaaaab000 RDI: ffffea000798a2c0 [ 250.681805] RBP: ffff8801d16dfc48 R08: ffffffff7fffff00 R09: ffff88021fc38f50 [ 250.689085] R10: 0000000000000000 R11: ffffffff813f17c0 R12: 0000000000000000 [ 250.696364] R13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000000 [ 250.703681] ? __set_cyc2ns_scale+0x3f0/0x3f0 [ 250.708821] ? process_srcu+0x9f6/0x1980 [ 250.712903] ? task_kmsan_context_state+0x6b/0x120 [ 250.717888] ? srcu_torture_stats_print+0x770/0x770 [ 250.722925] process_one_work+0x19c4/0x24f0 [ 250.727303] worker_thread+0x206d/0x2b30 [ 250.731417] kthread+0x59c/0x5d0 [ 250.734803] ? process_one_work+0x24f0/0x24f0 [ 250.739324] ? INIT_BOOL+0x30/0x30 [ 250.742893] ret_from_fork+0x35/0x40 [ 250.747683] Kernel Offset: disabled [ 250.751321] Rebooting in 86400 seconds..