[ 59.766149] audit: type=1800 audit(1539245592.803:27): pid=6075 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 61.263200] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[ ok 8[?25h[?0c. [ 62.878759] random: sshd: uninitialized urandom read (32 bytes read) Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 63.315160] random: sshd: uninitialized urandom read (32 bytes read) [ 66.062410] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.10.33' (ECDSA) to the list of known hosts. [ 71.972431] random: sshd: uninitialized urandom read (32 bytes read) 2018/10/11 08:13:27 fuzzer started [ 76.677399] random: cc1: uninitialized urandom read (8 bytes read) 2018/10/11 08:13:31 dialing manager at 10.128.0.26:39089 2018/10/11 08:13:31 syscalls: 1 2018/10/11 08:13:31 code coverage: enabled 2018/10/11 08:13:31 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled 2018/10/11 08:13:31 setuid sandbox: enabled 2018/10/11 08:13:31 namespace sandbox: enabled 2018/10/11 08:13:31 Android sandbox: /sys/fs/selinux/policy does not exist 2018/10/11 08:13:31 fault injection: enabled 2018/10/11 08:13:31 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2018/10/11 08:13:31 net packed injection: /dev/net/tun can't be opened (open /dev/net/tun: cannot allocate memory) 2018/10/11 08:13:31 net device setup: enabled [ 82.015725] random: crng init done 08:15:40 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(blowfish)\x00'}, 0x58) r1 = accept4(r0, 0x0, &(0x7f0000000000), 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='pagemap\x00') sendfile(r1, r2, &(0x7f0000000040)=0x6b6b6b00, 0x10000000000443) [ 208.061071] IPVS: ftp: loaded support on port[0] = 21 [ 209.646128] bridge0: port 1(bridge_slave_0) entered blocking state [ 209.652784] bridge0: port 1(bridge_slave_0) entered disabled state [ 209.661485] device bridge_slave_0 entered promiscuous mode [ 209.827009] bridge0: port 2(bridge_slave_1) entered blocking state [ 209.833563] bridge0: port 2(bridge_slave_1) entered disabled state [ 209.842385] device bridge_slave_1 entered promiscuous mode [ 209.988569] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 210.131712] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 210.582604] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 210.736991] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 210.886563] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 210.893918] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 211.045715] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 211.052955] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready 08:15:44 executing program 1: r0 = syz_open_dev$usb(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0xffffff, 0x1) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000240)={0x200040323}) [ 211.508302] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 211.516704] team0: Port device team_slave_0 added [ 211.749787] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 211.758437] team0: Port device team_slave_1 added [ 212.105932] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 212.113153] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 212.122288] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 212.326187] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 212.333377] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 212.342399] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 212.434785] IPVS: ftp: loaded support on port[0] = 21 [ 212.540925] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 212.548843] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 212.558182] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 212.745984] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 212.753889] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 212.763361] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 214.539128] bridge0: port 1(bridge_slave_0) entered blocking state [ 214.545729] bridge0: port 1(bridge_slave_0) entered disabled state [ 214.554600] device bridge_slave_0 entered promiscuous mode [ 214.778010] bridge0: port 2(bridge_slave_1) entered blocking state [ 214.784638] bridge0: port 2(bridge_slave_1) entered disabled state [ 214.793413] device bridge_slave_1 entered promiscuous mode [ 215.054029] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 215.275571] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 215.323228] bridge0: port 2(bridge_slave_1) entered blocking state [ 215.329766] bridge0: port 2(bridge_slave_1) entered forwarding state [ 215.336913] bridge0: port 1(bridge_slave_0) entered blocking state [ 215.343464] bridge0: port 1(bridge_slave_0) entered forwarding state [ 215.352879] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 215.912298] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 215.998570] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 216.275875] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 216.548221] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 216.555405] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 216.878326] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 216.885644] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 217.600937] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 217.609432] team0: Port device team_slave_0 added 08:15:50 executing program 2: r0 = socket$can_bcm(0x1d, 0x2, 0x2) connect(r0, &(0x7f0000002000)=@ethernet, 0x10) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000002fd8)={'vcan0\x00', 0x0}) sendmsg$can_bcm(r0, &(0x7f0000000280)={&(0x7f0000000180)={0x1d, r1}, 0x10, &(0x7f0000000240)={&(0x7f00000001c0)={0x1, 0x0, 0x0, {0x77359400}, {0x0, 0x2710}, {}, 0x300, @can={{}, 0x0, 0x0, 0x0, 0x0, "a7284b28a18e079b"}}, 0x48}}, 0x0) [ 217.801751] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 217.810170] team0: Port device team_slave_1 added [ 218.118530] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 218.126037] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 218.135050] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 218.390219] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 218.397489] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 218.406685] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 218.577388] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 218.585279] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 218.594754] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 218.907588] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 218.915189] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 218.924639] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 219.104290] IPVS: ftp: loaded support on port[0] = 21 [ 221.905736] bridge0: port 1(bridge_slave_0) entered blocking state [ 221.912514] bridge0: port 1(bridge_slave_0) entered disabled state [ 221.921276] device bridge_slave_0 entered promiscuous mode [ 222.267066] bridge0: port 2(bridge_slave_1) entered blocking state [ 222.273723] bridge0: port 2(bridge_slave_1) entered disabled state [ 222.282801] device bridge_slave_1 entered promiscuous mode [ 222.390297] bridge0: port 2(bridge_slave_1) entered blocking state [ 222.396856] bridge0: port 2(bridge_slave_1) entered forwarding state [ 222.404060] bridge0: port 1(bridge_slave_0) entered blocking state [ 222.410577] bridge0: port 1(bridge_slave_0) entered forwarding state [ 222.419779] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 222.426578] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 222.633635] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 222.802389] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 223.614751] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 223.932989] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 224.207830] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 224.215114] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 224.490150] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 224.497448] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 225.410277] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 225.418732] team0: Port device team_slave_0 added [ 225.715289] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 225.723683] team0: Port device team_slave_1 added [ 225.990765] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 225.998108] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 226.007446] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 226.307985] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 226.315218] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 226.324369] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 226.667683] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 226.675557] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 226.684979] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready 08:15:59 executing program 3: r0 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) perf_event_open(&(0x7f0000aaa000)={0x2, 0x70, 0x85b, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r0) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x0, 0x0) ioctl$INOTIFY_IOC_SETNEXTWD(r1, 0x40044900, 0x0) [ 227.043879] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 227.051509] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 227.060945] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 227.474712] 8021q: adding VLAN 0 to HW filter on device bond0 [ 228.385297] IPVS: ftp: loaded support on port[0] = 21 [ 229.009546] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 230.485636] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 230.492259] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 230.500297] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 231.328593] bridge0: port 2(bridge_slave_1) entered blocking state [ 231.335166] bridge0: port 2(bridge_slave_1) entered forwarding state [ 231.342236] bridge0: port 1(bridge_slave_0) entered blocking state [ 231.348712] bridge0: port 1(bridge_slave_0) entered forwarding state [ 231.358064] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 231.942237] 8021q: adding VLAN 0 to HW filter on device team0 [ 232.025968] bridge0: port 1(bridge_slave_0) entered blocking state [ 232.032747] bridge0: port 1(bridge_slave_0) entered disabled state [ 232.041312] device bridge_slave_0 entered promiscuous mode [ 232.105767] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 232.457236] bridge0: port 2(bridge_slave_1) entered blocking state [ 232.464054] bridge0: port 2(bridge_slave_1) entered disabled state [ 232.472811] device bridge_slave_1 entered promiscuous mode [ 232.861085] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 233.255408] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 234.364570] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 234.778730] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 235.141200] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 235.149357] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 235.530568] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 235.537845] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 236.753325] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 236.761516] team0: Port device team_slave_0 added [ 237.085732] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 237.094416] team0: Port device team_slave_1 added 08:16:10 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x1000, &(0x7f0000003000/0x1000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f00000000c0)="c744240006000000c744240200000080c7442406000000000f01142466b8c2008ec80f070f0f369a0f2002674669f9c12c000026660f38157e0f660f0dbead00000066baf80cb8bcecb281ef66bafc0cb80b000000ef0f20d835080000000f22d8", 0x61}], 0x1, 0x0, &(0x7f0000000040), 0x0) ioctl$KVM_NMI(r2, 0xae9a) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000027000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000240)="0f21abd9f6b8fc0d8ec03e0cfcd8fa2e3e0f00d9baf80c66b89c39008866efbafc0c66b80a5e000066efbaf80c66b884929d8f66efbafc0c66b8e100000066eff2f30f19809988260f06", 0x4a}], 0x1, 0x0, &(0x7f00000001c0), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 237.411222] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 237.418419] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 237.427622] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 237.567264] 8021q: adding VLAN 0 to HW filter on device bond0 [ 237.815631] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 237.822871] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 237.832214] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 238.343601] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 238.351309] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 238.360754] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 238.784650] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 238.792986] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 238.801996] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 239.131244] IPVS: ftp: loaded support on port[0] = 21 [ 239.188734] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 240.858396] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 240.865122] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 240.873515] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 242.486161] 8021q: adding VLAN 0 to HW filter on device team0 08:16:15 executing program 0: perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff) r1 = memfd_create(&(0x7f0000000e40)="0000000000007225f78380807dde5053601841a0d0f82b74374852b01f125997622dc4a5e71d2ce5ac32ff90824fa25e59073487cf36ad576e32926b04894da740f7e9c0ffb42c356a1f285bfc8f0b8c6f72ef151dab4c5c2a5a751f04bfc69ac5c3b5168a6d13d826b1ed0c7527d58f54adc12fca1f25c8fc2586ea4d90f84dabcdec291fb780a39a117d12b0893b182098dceed33b222a1d413709ae355d4d297fe42c5d4e9d8bbd9d0c709cae47e88f8aa22a505b3e995b501f0d3753cd3510e87436612b401305f316177f6d4d4c70fd9d2621c3707ad88da7852596d89a59cb74505e675ac6ebc03faa3ee99889176b571135031afc973c52c5f6437b8143002b30d8fb92011c4994cc024e40497b2daeb06ad5308af486d0178a418f6bdb6940f07dc6e5cf1a3c852b401e3ecec45d22fd687928411b83f68bf7be4b21fdf0033cf949b8a76aa65d68ad885967c2cc3c2d60ec74fcf5de162c94ffe3e15775c1a1cfd9818d4c17a2f8d0a7302538f079e7b128ef123c8bb909000000000000003814c2aea86c35fbf4244a64635d32ff12e4dcb3df56e5d5d3882a9984993f8a7fef72d875d21c1e3bb2bc3e6e79a2b6d322f710f0378abc2095d32139e39f3223db9961309295e4c3c8e1b0001dd757aa000000000000000000000000000008eca80c7b0c", 0x0) execveat(r1, &(0x7f0000000000)='\x00', &(0x7f00000001c0), &(0x7f00000001c0), 0x1000) process_vm_writev(r0, &(0x7f0000000080)=[{&(0x7f0000000180)=""/247, 0xf7}], 0x1, &(0x7f0000000040)=[{&(0x7f0000217f28)=""/231, 0x28}], 0x1, 0x0) perf_event_open(&(0x7f0000000300)={0x0, 0x70, 0x0, 0x18ec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x0, @perf_config_ext={0x80000000}, 0x0, 0x0, 0x4}, 0x0, 0xa, 0xffffffffffffffff, 0x0) setpriority(0x0, r0, 0x6c7) 08:16:16 executing program 0: r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) r1 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x26d, 0x0) getsockopt$inet_sctp_SCTP_EVENTS(r2, 0x84, 0xb, &(0x7f0000000040), &(0x7f00000000c0)=0xb) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000180)={0x44, 0x0, &(0x7f0000000480)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, &(0x7f0000000040), &(0x7f0000000080)=[0x0]}}], 0x0, 0x0, &(0x7f0000000500)}) [ 243.445681] binder: 6922:6925 got transaction with invalid offset (0, min 0 max 0) or object. [ 243.454984] binder: 6922:6925 transaction failed 29201/-22, size 0-8 line 3033 [ 243.497383] binder_alloc: binder_alloc_mmap_handler: 6922 20001000-20004000 already mapped failed -16 [ 243.523916] binder: BINDER_SET_CONTEXT_MGR already set [ 243.529260] binder: 6922:6925 ioctl 40046207 0 returned -16 [ 243.553750] binder_alloc: 6922: binder_alloc_buf, no vma [ 243.559390] binder: 6922:6928 transaction failed 29189/-3, size 0-8 line 2970 [ 243.583846] binder: undelivered TRANSACTION_ERROR: 29201 [ 243.594689] binder: undelivered TRANSACTION_ERROR: 29189 [ 243.649861] bridge0: port 1(bridge_slave_0) entered blocking state [ 243.656490] bridge0: port 1(bridge_slave_0) entered disabled state [ 243.665369] device bridge_slave_0 entered promiscuous mode 08:16:16 executing program 0: unshare(0x20000000) r0 = mq_open(&(0x7f0000000000)='-$\x00', 0x6e93ebbbcc0884f2, 0x0, &(0x7f0000664fc0)={0x0, 0x5, 0x71a}) pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) ioctl$TCXONC(r2, 0x540a, 0x7) getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r1, 0x84, 0x70, &(0x7f0000000140)={0x0, @in6={{0xa, 0x4e22, 0x5, @mcast2, 0x6}}, [0x0, 0x4, 0x1, 0x8000, 0x81, 0x6, 0x2, 0x5, 0x7fffffff, 0x7, 0x8a3, 0x4, 0x5, 0x5, 0x9]}, &(0x7f0000000080)=0x100) setsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f00000000c0)=@assoc_value={r3, 0x9}, 0x8) mq_timedreceive(r0, &(0x7f0000000400)=""/186, 0xba, 0x0, &(0x7f0000000100)={0x0, 0x989680}) [ 244.141125] bridge0: port 2(bridge_slave_1) entered blocking state [ 244.147780] bridge0: port 2(bridge_slave_1) entered disabled state [ 244.156655] device bridge_slave_1 entered promiscuous mode [ 244.229152] bridge0: port 2(bridge_slave_1) entered blocking state [ 244.235722] bridge0: port 2(bridge_slave_1) entered forwarding state [ 244.242832] bridge0: port 1(bridge_slave_0) entered blocking state [ 244.249311] bridge0: port 1(bridge_slave_0) entered forwarding state [ 244.257921] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready 08:16:17 executing program 0: unshare(0x20000000) r0 = mq_open(&(0x7f0000000000)='-$\x00', 0x6e93ebbbcc0884f2, 0x0, &(0x7f0000664fc0)={0x0, 0x5, 0x71a}) pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) ioctl$TCXONC(r2, 0x540a, 0x7) getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r1, 0x84, 0x70, &(0x7f0000000140)={0x0, @in6={{0xa, 0x4e22, 0x5, @mcast2, 0x6}}, [0x0, 0x4, 0x1, 0x8000, 0x81, 0x6, 0x2, 0x5, 0x7fffffff, 0x7, 0x8a3, 0x4, 0x5, 0x5, 0x9]}, &(0x7f0000000080)=0x100) setsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f00000000c0)=@assoc_value={r3, 0x9}, 0x8) mq_timedreceive(r0, &(0x7f0000000400)=""/186, 0xba, 0x0, &(0x7f0000000100)={0x0, 0x989680}) [ 244.652066] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready 08:16:17 executing program 0: process_vm_writev(0x0, &(0x7f0000001fc0), 0x0, &(0x7f0000000b00)=[{&(0x7f0000002040)=""/224, 0xe0}], 0x1, 0x0) r0 = socket(0x10, 0x803, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000700)=@vsock={0x28, 0x0, 0x0, @my}, 0x80, &(0x7f00000002c0), 0x0, &(0x7f0000000e00)=""/241, 0xf1}, 0x0) sendto(r0, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) sysfs$2(0x2, 0xd50, &(0x7f0000000280)=""/5) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) recvmsg(r0, &(0x7f0000000b40)={&(0x7f0000000140)=@hci, 0x80, &(0x7f0000000d00), 0x0, &(0x7f0000000a00)=""/129, 0x81}, 0x0) sendmsg$IPVS_CMD_DEL_SERVICE(0xffffffffffffffff, &(0x7f0000000780)={&(0x7f00000001c0), 0xc, &(0x7f00000006c0)={&(0x7f0000000300)={0x20, 0x0, 0x0, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_SERVICE={0xc, 0x1, [@IPVS_SVC_ATTR_FWMARK={0x8}]}]}, 0x20}}, 0x0) process_vm_writev(0x0, &(0x7f0000000b80)=[{&(0x7f00000007c0)=""/186, 0xba}, {&(0x7f0000000900)=""/124, 0x7c}, {&(0x7f0000000d00)=""/226, 0xe2}, {&(0x7f0000000980)=""/69, 0x45}], 0x4, &(0x7f0000002180), 0x0, 0x0) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x14b}, {&(0x7f00000000c0)=""/85, 0xb}, {&(0x7f0000000fc0)=""/4096, 0x1000}, {&(0x7f0000000400)=""/120, 0x6c}, {&(0x7f0000000480)=""/60, 0x3dd}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x40d}, {&(0x7f0000000340)=""/22, 0x16}], 0x161, &(0x7f0000000600)=""/191, 0xbf}}], 0x40000000000020a, 0x0, &(0x7f0000003700)={0x77359400}) [ 244.982291] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 245.117091] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready 08:16:18 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'sha3-224\x00'}, 0x58) r1 = accept$alg(r0, 0x0, 0x0) getsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000), 0x10) sendmmsg$alg(r1, &(0x7f0000003e80)=[{0x0, 0x0, &(0x7f0000002a80), 0x159, &(0x7f0000000100)=[@op={0x18}], 0x24}], 0x4924924924924b1, 0x0) 08:16:19 executing program 0: r0 = socket$inet_dccp(0x2, 0x6, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x90) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) getsockopt$inet_int(r0, 0x10d, 0x0, &(0x7f0000000040), &(0x7f0000000140)=0xffffffffffffff5e) r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/pfkey\x00', 0x800, 0x0) ioctl$VT_GETSTATE(r2, 0x5603, &(0x7f0000000100)={0x2, 0x5}) 08:16:19 executing program 0: set_mempolicy(0x3, &(0x7f0000000040)=0x80000000000003ff, 0x4) r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000200)='/dev/sequencer2\x00', 0x404000, 0x0) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r0, 0x84, 0x70, &(0x7f0000000340)={0x0, @in={{0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x17}}}, [0x401, 0x3, 0x2, 0xfffffffffffffff7, 0x80000000, 0x800, 0x3, 0x83c, 0xffffffffffffff95, 0x101, 0x4, 0xf140, 0x400, 0x1f, 0x5]}, &(0x7f0000000080)=0x100) getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r0, 0x84, 0x1a, &(0x7f0000000440)={r1, 0xfffffffffffffe1c, "cef865697a5ac5d46ca3e891dcca5923cf5269d4087f90dce1375ac37a9d7a6bc45035ef52647ad71ebf02f32e82215adfc32cca5c594d015903d41507a2f89a3ae4fa8a47bbd59dc264bdb792ca7ffaaf32d3bd454b5587"}, &(0x7f00000004c0)=0x3f2) setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f00000002c0)=@assoc_value={r2, 0x5}, 0x8) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = syz_open_dev$dspn(&(0x7f00000001c0)='/dev/dsp#\x00', 0x7d, 0x101000) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r5, 0x84, 0x7c, &(0x7f0000000300)={0x0, 0x8000, 0x1ff}, &(0x7f0000000180)=0x8) setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r3, 0x84, 0x10, &(0x7f0000000100)=@sack_info={0x0, 0x0, 0x9}, 0xc) ioctl$RTC_PLL_GET(r4, 0x80207011, &(0x7f00000000c0)) ioctl$TIOCGPGRP(r3, 0x540f, &(0x7f0000000500)=0x0) perf_event_open(&(0x7f0000000240)={0x3, 0x70, 0x7, 0x2, 0x6, 0x9, 0x0, 0x101, 0x210c, 0x5378f686172775f4, 0x5, 0x10000, 0x4, 0x1, 0x200, 0xfffffffffffffffa, 0x6, 0xfffffffffffffffc, 0x0, 0x3, 0x1a, 0x5, 0xffff, 0x2, 0x0, 0x80, 0x53, 0x1800000000000, 0x8000, 0xfffffffffffffffa, 0x800, 0x2, 0x800000000000, 0x0, 0x0, 0x4, 0x8, 0x7, 0x0, 0x7ff, 0x1, @perf_config_ext={0x8, 0x2}, 0xa02, 0x82e2, 0x5, 0x5, 0x9, 0xc037, 0x2bd}, r6, 0xe, r0, 0x9) write$P9_RREMOVE(r4, &(0x7f0000000140)={0x7, 0x7b, 0x2}, 0x7) unshare(0x12010004) [ 246.624777] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 247.139224] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 247.576204] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 247.583527] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 247.986703] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 247.994094] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 248.793180] 8021q: adding VLAN 0 to HW filter on device bond0 [ 249.112360] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 249.120728] team0: Port device team_slave_0 added [ 249.479614] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 249.487972] team0: Port device team_slave_1 added [ 249.727257] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 249.734547] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 249.743627] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 249.931141] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 249.938455] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 249.947435] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 250.060858] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 250.291297] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 250.299259] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 250.308515] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 250.569755] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 250.577506] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 250.586617] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 251.147478] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 251.154030] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 251.162031] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready 08:16:25 executing program 0: r0 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x20, 0xa400) getpid() sendmsg$nl_generic(r0, &(0x7f0000000340)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000300)={&(0x7f0000000400)=ANY=[@ANYBLOB="20010000310000082dbd7000fddbdf250a00000046fa55a66f238c9b0000000008008d00", @ANYPTR64, @ANYBLOB="f8005b005311130e547f9c50872a0ef237cb5f3935cea21a381ddb40dd1efd82a459880b39d0f4cd0d31ba9d66d08cda906f9dc21837663bae16eef146c704d4409b9bddd9013a2e9cf8ca9466fb8bf46fb119ffa43a00333d18cab5bafc7d8d0e65a5c24e7c65b6621582613bbbaa7a0ef84754bee7d097eaf4fc5ef0fe355cf12a7a46d0e7f96d4b58604dd5473bb0bcea99ec558f11aaa707c8d092439c6fc402f62f0d007894466b9ada6ec030d9abce70b5b8b88da1a501f3041cf5ae2430393bd17d8eb3e7b4a05dc2bbcb90db668998fea1ecd034edc418bcc1a919c2ba0817e813960193061705a3a8227b6e341cfb3a2d4d0000"], 0x3}, 0x1, 0x0, 0x0, 0x8000}, 0x4000) r1 = syz_open_dev$sndtimer(&(0x7f0000000040)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_GINFO(r1, 0xc0f85403, &(0x7f0000000080)={{0x3, 0x0, 0x1, 0xfffffffffffffffc}, 0x0, 0x0, 'id1\x00', 'timer1\x00'}) openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000380)='/proc/self/attr/exec\x00', 0x2, 0x0) getsockopt$inet_sctp6_SCTP_PR_STREAM_STATUS(r0, 0x84, 0x74, &(0x7f0000000180)=""/194, &(0x7f0000000280)=0xc2) [ 252.334202] 8021q: adding VLAN 0 to HW filter on device team0 [ 253.734225] bridge0: port 2(bridge_slave_1) entered blocking state [ 253.740746] bridge0: port 2(bridge_slave_1) entered forwarding state [ 253.747966] bridge0: port 1(bridge_slave_0) entered blocking state [ 253.754570] bridge0: port 1(bridge_slave_0) entered forwarding state [ 253.763289] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 253.769978] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 256.576922] 8021q: adding VLAN 0 to HW filter on device bond0 [ 257.368382] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready 08:16:31 executing program 2: r0 = socket$rds(0x15, 0x5, 0x0) bind$rds(r0, &(0x7f0000000380)={0x2, 0x0, @remote}, 0x10) sendmsg$rds(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x2, 0x0, @dev, [0x3f00000000000000]}, 0x10, &(0x7f0000000840), 0x0, &(0x7f00000002c0)}, 0x0) [ 258.218172] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 258.224771] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 258.233074] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 258.880835] 8021q: adding VLAN 0 to HW filter on device team0 [ 261.713706] 8021q: adding VLAN 0 to HW filter on device bond0 [ 262.285661] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready 08:16:35 executing program 3: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0) r1 = dup2(r0, r0) ioctl$ASHMEM_SET_NAME(r1, 0x41007701, &(0x7f0000000080)="2f64ff010000000000002f65ef7926091003") [ 262.866097] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 262.872509] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 262.880228] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 263.187301] 8021q: adding VLAN 0 to HW filter on device team0 [ 265.162663] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html for details. [ 265.185555] ================================================================== [ 265.192992] BUG: KMSAN: uninit-value in vmx_set_constant_host_state+0x1778/0x1830 [ 265.200627] CPU: 0 PID: 7504 Comm: syz-executor4 Not tainted 4.19.0-rc4+ #66 [ 265.207802] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 265.217146] Call Trace: [ 265.219740] dump_stack+0x306/0x460 [ 265.223380] ? vmx_set_constant_host_state+0x1778/0x1830 [ 265.228847] kmsan_report+0x1a2/0x2e0 [ 265.232660] __msan_warning+0x7c/0xe0 [ 265.236477] vmx_set_constant_host_state+0x1778/0x1830 [ 265.241787] vmx_create_vcpu+0x3e6f/0x7870 [ 265.246043] ? kmsan_set_origin_inline+0x6b/0x120 [ 265.251061] ? __msan_poison_alloca+0x17a/0x210 [ 265.255764] ? vmx_vm_init+0x340/0x340 [ 265.259652] kvm_arch_vcpu_create+0x25d/0x2f0 [ 265.264152] kvm_vm_ioctl+0x13fd/0x33d0 [ 265.268164] ? __msan_poison_alloca+0x17a/0x210 [ 265.272859] ? do_vfs_ioctl+0x18a/0x2810 [ 265.276924] ? __se_sys_ioctl+0x1da/0x270 [ 265.281073] ? vcpu_stat_clear_per_vm+0x420/0x420 [ 265.285913] ? vcpu_stat_clear_per_vm+0x420/0x420 [ 265.290777] do_vfs_ioctl+0xcf3/0x2810 [ 265.294699] ? security_file_ioctl+0x92/0x200 [ 265.299246] __se_sys_ioctl+0x1da/0x270 [ 265.303299] __x64_sys_ioctl+0x4a/0x70 [ 265.307198] do_syscall_64+0xbe/0x100 [ 265.311003] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 265.316193] RIP: 0033:0x457519 [ 265.319384] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 265.338287] RSP: 002b:00007f0d25f66c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 265.346000] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457519 [ 265.353267] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000004 [ 265.360541] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 265.367812] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0d25f676d4 [ 265.375252] R13: 00000000004bfbb7 R14: 00000000004cfc40 R15: 00000000ffffffff [ 265.382580] [ 265.384201] Local variable description: ----dt@vmx_set_constant_host_state [ 265.391211] Variable was created at: [ 265.394962] vmx_set_constant_host_state+0x2b0/0x1830 [ 265.400154] vmx_create_vcpu+0x3e6f/0x7870 [ 265.404393] ================================================================== [ 265.411780] Disabling lock debugging due to kernel taint [ 265.417239] Kernel panic - not syncing: panic_on_warn set ... [ 265.417239] [ 265.424619] CPU: 0 PID: 7504 Comm: syz-executor4 Tainted: G B 4.19.0-rc4+ #66 [ 265.433208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 265.442578] Call Trace: [ 265.445209] dump_stack+0x306/0x460 [ 265.448909] panic+0x54c/0xafa [ 265.452168] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 265.457656] kmsan_report+0x2d3/0x2e0 [ 265.461469] __msan_warning+0x7c/0xe0 [ 265.465278] vmx_set_constant_host_state+0x1778/0x1830 [ 265.470586] vmx_create_vcpu+0x3e6f/0x7870 [ 265.474834] ? kmsan_set_origin_inline+0x6b/0x120 [ 265.479688] ? __msan_poison_alloca+0x17a/0x210 [ 265.484372] ? vmx_vm_init+0x340/0x340 [ 265.488292] kvm_arch_vcpu_create+0x25d/0x2f0 [ 265.492797] kvm_vm_ioctl+0x13fd/0x33d0 [ 265.496788] ? __msan_poison_alloca+0x17a/0x210 [ 265.501464] ? do_vfs_ioctl+0x18a/0x2810 [ 265.505520] ? __se_sys_ioctl+0x1da/0x270 [ 265.509719] ? vcpu_stat_clear_per_vm+0x420/0x420 [ 265.514570] ? vcpu_stat_clear_per_vm+0x420/0x420 [ 265.519410] do_vfs_ioctl+0xcf3/0x2810 [ 265.523307] ? security_file_ioctl+0x92/0x200 [ 265.528968] __se_sys_ioctl+0x1da/0x270 [ 265.534007] __x64_sys_ioctl+0x4a/0x70 [ 265.537952] do_syscall_64+0xbe/0x100 [ 265.541770] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 265.546965] RIP: 0033:0x457519 [ 265.550158] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 265.569052] RSP: 002b:00007f0d25f66c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 265.576759] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457519 [ 265.584021] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000004 [ 265.591295] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 265.598554] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0d25f676d4 [ 265.605814] R13: 00000000004bfbb7 R14: 00000000004cfc40 R15: 00000000ffffffff [ 265.614109] Kernel Offset: disabled [ 265.617749] Rebooting in 86400 seconds..