[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 40.092219] random: sshd: uninitialized urandom read (32 bytes read) [ 40.407996] kauditd_printk_skb: 10 callbacks suppressed [ 40.408004] audit: type=1400 audit(1568669337.577:35): avc: denied { map } for pid=6902 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 [ 40.463041] random: sshd: uninitialized urandom read (32 bytes read) [ 41.072227] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.0.64' (ECDSA) to the list of known hosts. [ 46.615178] random: sshd: uninitialized urandom read (32 bytes read) 2019/09/16 21:29:04 fuzzer started [ 46.817202] audit: type=1400 audit(1568669343.987:36): avc: denied { map } for pid=6911 comm="syz-fuzzer" path="/root/syz-fuzzer" dev="sda1" ino=16482 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 [ 47.497319] random: cc1: uninitialized urandom read (8 bytes read) 2019/09/16 21:29:05 dialing manager at 10.128.0.105:38157 2019/09/16 21:29:12 syscalls: 2466 2019/09/16 21:29:12 code coverage: enabled 2019/09/16 21:29:12 comparison tracing: ioctl(KCOV_TRACE_CMP) failed: invalid argument 2019/09/16 21:29:12 extra coverage: extra coverage is not supported by the kernel 2019/09/16 21:29:12 setuid sandbox: enabled 2019/09/16 21:29:12 namespace sandbox: enabled 2019/09/16 21:29:12 Android sandbox: /sys/fs/selinux/policy does not exist 2019/09/16 21:29:12 fault injection: enabled 2019/09/16 21:29:12 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/09/16 21:29:12 net packet injection: enabled 2019/09/16 21:29:12 net device setup: enabled [ 56.220805] random: crng init done 21:30:38 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) r1 = dup2(r0, r0) setsockopt$packet_int(r1, 0x107, 0x13, 0x0, 0x0) 21:30:38 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000100)=0x1, 0x4) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000280)={@in6={{0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0xc}}}, 0x0, 0x7, 0x0, "4fbaecabfea8fd8bb1418c172bef86a444a56180a9d5c086ed999f76126fc94c453c22d9e06390f53aafe4012af659be8db0826cf75c58a51005391d05956c684975ff15ce0a1fa9ef9c9739f4d49063"}, 0xd8) connect$inet6(r0, &(0x7f0000000400)={0xa, 0x0, 0x0, @dev, 0x8}, 0x1c) 21:30:38 executing program 4: sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback}, 0x1c) r0 = semget$private(0x0, 0x207, 0x0) semop(r0, &(0x7f0000000140)=[{0x0, 0x23}], 0x1) semop(r0, &(0x7f0000000080)=[{}], 0x1) semop(r0, &(0x7f0000000040), 0x46) semctl$SETALL(r0, 0x0, 0x11, &(0x7f0000000040)) 21:30:38 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'aead\x00', 0x0, 0x0, 'generic-gcm-aesni\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000180)="71e67a15cdf0311cfcf33a52a7d86bd1", 0x10) r1 = accept4$alg(r0, 0x0, 0x0, 0x0) writev(r1, &(0x7f0000000580)=[{&(0x7f0000000340)="a0baab0d950c58eebb7462c9e217192c", 0x10}], 0x1) io_setup(0x20000000001005, &(0x7f0000000880)=0x0) io_submit(r2, 0x1, &(0x7f0000001440)=[&(0x7f0000000200)={0x5000000, 0x0, 0x700000000000000, 0x0, 0x0, r1, &(0x7f0000000340), 0xfdef}]) [ 141.493542] audit: type=1400 audit(1568669438.667:37): avc: denied { map } for pid=6911 comm="syz-fuzzer" path="/root/syzkaller-shm243555894" dev="sda1" ino=16500 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:file_t:s0 tclass=file permissive=1 21:30:38 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x5, 0x0, 0x0, 0x0, 0x0, 0x1, 0x80268, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$packet(0x11, 0x3, 0x300) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0) sendmsg$nl_route(r1, &(0x7f0000003740)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, @veth={{0xc, 0x1, 'veth\x00'}, {0x18, 0x2, @VETH_INFO_PEER={0x14, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8080}}}}}]}, 0x48}}, 0x0) syz_open_procfs(0x0, 0x0) syz_open_procfs(0x0, &(0x7f0000272000)) 21:30:38 executing program 5: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) preadv(r0, &(0x7f0000000740)=[{&(0x7f0000000600)=""/164, 0xa4}], 0x1, 0x0) chdir(&(0x7f0000000040)='./file0\x00') write$FUSE_INIT(r0, &(0x7f0000000300)={0x50, 0x0, 0x1}, 0x50) preadv(r0, &(0x7f00000001c0)=[{&(0x7f0000000180)=""/62, 0x3e}], 0x1, 0x0) write$FUSE_DIRENT(r0, &(0x7f00000000c0)={0x10, 0xffffffffffffffda, 0x2}, 0x10) [ 141.519934] audit: type=1400 audit(1568669438.667:38): avc: denied { map } for pid=6929 comm="syz-executor.0" path="/sys/kernel/debug/kcov" dev="debugfs" ino=1130 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:debugfs_t:s0 tclass=file permissive=1 [ 141.662122] IPVS: ftp: loaded support on port[0] = 21 [ 142.468093] chnl_net:caif_netlink_parms(): no params data found [ 142.476150] IPVS: ftp: loaded support on port[0] = 21 [ 142.527507] bridge0: port 1(bridge_slave_0) entered blocking state [ 142.534281] bridge0: port 1(bridge_slave_0) entered disabled state [ 142.541854] device bridge_slave_0 entered promiscuous mode [ 142.542721] IPVS: ftp: loaded support on port[0] = 21 [ 142.553301] bridge0: port 2(bridge_slave_1) entered blocking state [ 142.559689] bridge0: port 2(bridge_slave_1) entered disabled state [ 142.566948] device bridge_slave_1 entered promiscuous mode [ 142.585594] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 142.594446] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 142.614810] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 142.622142] team0: Port device team_slave_0 added [ 142.627637] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 142.634773] team0: Port device team_slave_1 added [ 142.646780] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 142.656541] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 142.741970] device hsr_slave_0 entered promiscuous mode [ 142.820316] device hsr_slave_1 entered promiscuous mode [ 142.862408] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 142.877190] chnl_net:caif_netlink_parms(): no params data found [ 142.886120] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 142.901068] IPVS: ftp: loaded support on port[0] = 21 [ 142.978560] bridge0: port 1(bridge_slave_0) entered blocking state [ 142.985081] bridge0: port 1(bridge_slave_0) entered disabled state [ 142.992521] device bridge_slave_0 entered promiscuous mode [ 143.003403] chnl_net:caif_netlink_parms(): no params data found [ 143.012793] bridge0: port 2(bridge_slave_1) entered blocking state [ 143.019220] bridge0: port 2(bridge_slave_1) entered disabled state [ 143.030489] device bridge_slave_1 entered promiscuous mode [ 143.049334] bridge0: port 2(bridge_slave_1) entered blocking state [ 143.055797] bridge0: port 2(bridge_slave_1) entered forwarding state [ 143.062590] bridge0: port 1(bridge_slave_0) entered blocking state [ 143.068909] bridge0: port 1(bridge_slave_0) entered forwarding state [ 143.086512] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 143.097165] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 143.118997] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 143.130141] team0: Port device team_slave_0 added [ 143.135707] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 143.144515] team0: Port device team_slave_1 added [ 143.154126] IPVS: ftp: loaded support on port[0] = 21 [ 143.162336] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 143.169663] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 143.252059] device hsr_slave_0 entered promiscuous mode [ 143.290386] device hsr_slave_1 entered promiscuous mode [ 143.367258] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 143.374020] bridge0: port 1(bridge_slave_0) entered blocking state [ 143.380572] bridge0: port 1(bridge_slave_0) entered disabled state [ 143.387604] device bridge_slave_0 entered promiscuous mode [ 143.403703] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 143.410886] bridge0: port 2(bridge_slave_1) entered blocking state [ 143.417219] bridge0: port 2(bridge_slave_1) entered disabled state [ 143.424321] device bridge_slave_1 entered promiscuous mode [ 143.468553] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 143.488081] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 143.508517] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 143.515739] team0: Port device team_slave_0 added [ 143.528280] chnl_net:caif_netlink_parms(): no params data found [ 143.546932] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 143.547257] IPVS: ftp: loaded support on port[0] = 21 [ 143.554515] team0: Port device team_slave_1 added [ 143.565017] bridge0: port 1(bridge_slave_0) entered disabled state [ 143.583266] bridge0: port 2(bridge_slave_1) entered disabled state [ 143.611223] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 143.623196] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 143.649165] bridge0: port 1(bridge_slave_0) entered blocking state [ 143.655863] bridge0: port 1(bridge_slave_0) entered disabled state [ 143.664193] device bridge_slave_0 entered promiscuous mode [ 143.672589] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 143.701872] bridge0: port 2(bridge_slave_1) entered blocking state [ 143.708224] bridge0: port 2(bridge_slave_1) entered disabled state [ 143.715196] device bridge_slave_1 entered promiscuous mode [ 143.754457] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 143.763391] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 143.777802] 8021q: adding VLAN 0 to HW filter on device bond0 [ 143.789634] chnl_net:caif_netlink_parms(): no params data found [ 143.852945] device hsr_slave_0 entered promiscuous mode [ 143.890547] device hsr_slave_1 entered promiscuous mode [ 143.973283] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 143.981217] team0: Port device team_slave_0 added [ 143.986474] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 144.000844] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 144.014091] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 144.021393] team0: Port device team_slave_1 added [ 144.027340] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 144.039052] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 144.057838] bridge0: port 1(bridge_slave_0) entered blocking state [ 144.064588] bridge0: port 1(bridge_slave_0) entered disabled state [ 144.071550] device bridge_slave_0 entered promiscuous mode [ 144.077863] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 144.094978] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 144.107066] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 144.114711] bridge0: port 2(bridge_slave_1) entered blocking state [ 144.123087] bridge0: port 2(bridge_slave_1) entered disabled state [ 144.129976] device bridge_slave_1 entered promiscuous mode [ 144.142726] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 144.150493] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 144.159914] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 144.166721] 8021q: adding VLAN 0 to HW filter on device team0 [ 144.203612] device hsr_slave_0 entered promiscuous mode [ 144.250292] device hsr_slave_1 entered promiscuous mode [ 144.292721] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 144.312937] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 144.322770] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 144.329953] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 144.339593] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 144.347285] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 144.354933] bridge0: port 1(bridge_slave_0) entered blocking state [ 144.361383] bridge0: port 1(bridge_slave_0) entered forwarding state [ 144.369351] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 144.388199] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 144.398190] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 144.407849] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 144.425442] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 144.433615] team0: Port device team_slave_0 added [ 144.439256] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 144.446406] team0: Port device team_slave_1 added [ 144.452109] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 144.459759] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 144.467395] bridge0: port 2(bridge_slave_1) entered blocking state [ 144.473749] bridge0: port 2(bridge_slave_1) entered forwarding state [ 144.480975] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 144.554134] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 144.565416] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 144.579074] chnl_net:caif_netlink_parms(): no params data found [ 144.632760] device hsr_slave_0 entered promiscuous mode [ 144.680520] device hsr_slave_1 entered promiscuous mode [ 144.721086] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 144.731341] 8021q: adding VLAN 0 to HW filter on device bond0 [ 144.739726] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 144.755858] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 144.764825] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 144.771982] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 144.792723] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 144.813450] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 144.828078] 8021q: adding VLAN 0 to HW filter on device bond0 [ 144.836285] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 144.844117] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 144.851698] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 144.858472] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 144.865585] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 144.873223] bridge0: port 1(bridge_slave_0) entered blocking state [ 144.879670] bridge0: port 1(bridge_slave_0) entered disabled state [ 144.887163] device bridge_slave_0 entered promiscuous mode [ 144.893842] bridge0: port 2(bridge_slave_1) entered blocking state [ 144.900553] bridge0: port 2(bridge_slave_1) entered disabled state [ 144.907478] device bridge_slave_1 entered promiscuous mode [ 144.925854] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 144.936522] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 144.946675] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 144.952817] 8021q: adding VLAN 0 to HW filter on device team0 [ 144.961383] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 144.973960] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 144.982780] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 144.988853] 8021q: adding VLAN 0 to HW filter on device team0 [ 144.995378] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 145.003343] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 145.011166] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 145.018025] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 145.026709] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 145.035799] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 145.047069] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 145.055008] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 145.064927] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 145.073282] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 145.082530] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 145.103148] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 145.112687] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 145.121749] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 145.129362] bridge0: port 1(bridge_slave_0) entered blocking state [ 145.135736] bridge0: port 1(bridge_slave_0) entered forwarding state [ 145.143171] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 145.150723] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 145.158001] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 145.166053] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 145.173630] bridge0: port 1(bridge_slave_0) entered blocking state [ 145.179954] bridge0: port 1(bridge_slave_0) entered forwarding state [ 145.188235] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 145.194518] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 145.203675] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 145.211051] team0: Port device team_slave_0 added [ 145.218810] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 145.226733] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 145.234293] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 145.241646] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 145.248562] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 145.256437] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 145.264045] bridge0: port 2(bridge_slave_1) entered blocking state [ 145.270420] bridge0: port 2(bridge_slave_1) entered forwarding state [ 145.277472] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 145.285443] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 145.293053] bridge0: port 2(bridge_slave_1) entered blocking state [ 145.299400] bridge0: port 2(bridge_slave_1) entered forwarding state [ 145.316353] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 145.323497] team0: Port device team_slave_1 added [ 145.328903] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 145.336597] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 145.347773] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 145.366956] 8021q: adding VLAN 0 to HW filter on device bond0 [ 145.374700] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 145.384118] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 145.392154] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 145.408284] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 145.417465] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 145.429093] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 145.436973] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 145.445609] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 145.492382] device hsr_slave_0 entered promiscuous mode [ 145.530336] device hsr_slave_1 entered promiscuous mode [ 145.570915] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 145.579658] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 145.591243] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 145.599837] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 145.609755] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 145.621496] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 145.628293] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 145.635704] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 145.643499] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 145.651186] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 145.658961] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 145.667519] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 145.673665] 8021q: adding VLAN 0 to HW filter on device team0 [ 145.682490] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 145.693035] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 145.708720] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 145.716144] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 145.725640] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 145.733929] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 145.741894] bridge0: port 1(bridge_slave_0) entered blocking state [ 145.748240] bridge0: port 1(bridge_slave_0) entered forwarding state [ 145.755279] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 145.763027] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 145.770663] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 145.778279] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 145.786245] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 145.793303] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 145.803823] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 145.813174] 8021q: adding VLAN 0 to HW filter on device bond0 [ 145.823327] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 145.832040] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 145.843350] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 145.850295] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 145.858033] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 145.866315] bridge0: port 2(bridge_slave_1) entered blocking state [ 145.872703] bridge0: port 2(bridge_slave_1) entered forwarding state [ 145.880221] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 145.890316] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 145.897965] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 145.906208] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 145.916136] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready 21:30:43 executing program 0: setrlimit(0x2, &(0x7f0000000000)) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000b7e000/0x1000)=nil) [ 145.925157] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 145.939367] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 145.949372] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 145.957841] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready 21:30:43 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) r1 = memfd_create(&(0x7f0000000500)='\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00v\x8e\x05\xf7\xc1U\xad}\xc6\x94|W>Zi$Nv8,\n\xa6=W^\xa3Y\x7f\x8b\x17(\'~\xf7k0TM{\xa9-\xcf\x97\x8f\x1f\x81\xdc\x1b\x7f\x8f{4Q\xda\xda\x02\xec\xb4\xf1\xdd\xcc\x8bRA\xda\x89Efn\x00s\xc2Zb\x01\x00M\xbe\xa3z\xab\xd3\xeb\x98\x88\xc4\xc6)A\x9fP\x93zhH\xe0\xd2\x81\xdb\xeeV\x8cM\xe9\xa06\xc2o\x19\"\xf6Iq\xd4\xdf\x97\xfb\xab\x04\xe8\xceI8\xb3\x1d\xcf%\x9bK\xc6\t\x01\xe1\x86a\xfa\xb8\xfb)\x88\xcd+\xc2`\xc2\xf5r5>k\xb0\xa0\x02\xfc\x16MO\x18\x9b\x06\x80b\xd1\x01\x00\x00\x00\x00\x00\x00\x00@\f\fL\xa5{Tk\x940\x17.\xa56.\xe0\x14\x1b=\xf0j\xd25\xe8\x15\xd8\x9e\xea\xd3\xd9G4\t\xc0\x9c.\'\xa9R3z$\xf2\x01\x88\xc0\x13\x12<\xc01j3\xd8\xb4CE7s\xe4\xa0\x9e\xdd\x801\x12M\xee\x13\xce\x9cu(\x8f.\xc83\xc7\xe6j\xf5\xb1\x9a\x00\x00\x00\x00\x00\x00\x00', 0x0) unshare(0x8000400) r2 = dup2(r1, r0) pread64(r2, 0x0, 0x0, 0x0) [ 145.969452] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 145.977454] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 145.985950] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 145.995557] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 146.003832] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 146.013587] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready 21:30:43 executing program 0: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video35\x00', 0x2, 0x0) mmap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x1000000000000) [ 146.030612] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 146.037393] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 146.045262] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 146.052983] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 146.060640] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 146.067949] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 146.075622] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 146.083825] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 146.094169] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 146.102283] audit: type=1400 audit(1568669443.277:39): avc: denied { map } for pid=6974 comm="syz-executor.0" path="/dev/video35" dev="devtmpfs" ino=15466 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:v4l_device_t:s0 tclass=chr_file permissive=1 21:30:43 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = socket$inet_udp(0x2, 0x2, 0x0) close(r3) r4 = socket(0x10, 0x2, 0xc) write(r4, &(0x7f0000594000)="1f0000000104ff00fd4354c007110000f305010008000100010423dcffdf00", 0x1f) write(0xffffffffffffffff, &(0x7f0000000140)="1f0000000104ff", 0x7) write$binfmt_misc(r2, &(0x7f0000000140)=ANY=[], 0x4240a2a0) splice(r1, 0x0, r3, 0x0, 0x4ffe0, 0x0) [ 146.130271] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 146.136298] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 146.146988] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 146.156753] 8021q: adding VLAN 0 to HW filter on device team0 [ 146.178135] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 146.184782] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 146.199593] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 146.203402] audit: type=1400 audit(1568669443.377:40): avc: denied { create } for pid=6977 comm="syz-executor.0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 [ 146.212173] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 146.239349] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.0'. [ 146.248269] audit: type=1400 audit(1568669443.407:41): avc: denied { write } for pid=6977 comm="syz-executor.0" path="socket:[27651]" dev="sockfs" ino=27651 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 [ 146.278374] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 146.286626] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 146.294721] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 146.302461] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 146.310199] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 146.317730] bridge0: port 1(bridge_slave_0) entered blocking state [ 146.324097] bridge0: port 1(bridge_slave_0) entered forwarding state [ 146.333874] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 146.341421] netlink: 11 bytes leftover after parsing attributes in process `syz-executor.0'. [ 146.345756] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 146.363757] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 146.381634] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 146.389902] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 146.403213] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 146.420666] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 146.428461] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 146.436123] bridge0: port 2(bridge_slave_1) entered blocking state [ 146.442506] bridge0: port 2(bridge_slave_1) entered forwarding state [ 146.451749] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 146.459641] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 146.470301] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 146.476326] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 146.492958] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 146.503581] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 146.512614] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 146.520456] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 146.527811] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 146.550761] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 146.558367] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 146.569539] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 146.583180] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 146.596571] 8021q: adding VLAN 0 to HW filter on device bond0 [ 146.604596] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 146.617889] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 146.625176] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 146.633825] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 146.642338] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 146.665864] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 146.681040] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 146.689910] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 146.700924] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 146.709245] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 146.717636] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 146.725786] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 146.738265] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 146.749049] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 146.759379] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready 21:30:44 executing program 2: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x005\n\xff\xd9\x15\xc1m\xd6\xcc\x05\xed\xac\xb3\xfe\x13\xadD\x1ai\xfck\x948\xcfT\xa4Q8\xcb\x9d\x80\x01V\xea\x8a\x112\xd8\xfe\x7f\x0f\"pX\xa4>\xf9\x00r\x14+\x1e\xdc\xb3]N\b\x00\x00\x00 +\xf4\xe1.\xb6\xde\xce\xe7`\xb2{\xeeu\x88b\xd7j`\xa8z\x89H\xcb\xfb\xc0\x06\xf8.\aA\xcf', 0x200002, 0x0) r2 = openat$cgroup_procs(r1, &(0x7f00000000c0)='tasks\x00', 0x2, 0x0) r3 = openat$cgroup_int(r1, &(0x7f0000000140)='cpuset.mem_hardwall\x00', 0x2, 0x0) sendfile(r3, r2, &(0x7f00000001c0)=0xc000ffd, 0x10a000d02) [ 146.767619] 8021q: adding VLAN 0 to HW filter on device team0 [ 146.774659] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 146.786948] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 146.795136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 146.808993] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 146.833592] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 146.839922] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 146.853858] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 146.865660] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 146.874514] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 146.883087] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 146.891082] bridge0: port 1(bridge_slave_0) entered blocking state [ 146.897412] bridge0: port 1(bridge_slave_0) entered forwarding state [ 146.904654] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 146.913040] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 146.920825] bridge0: port 2(bridge_slave_1) entered blocking state [ 146.927193] bridge0: port 2(bridge_slave_1) entered forwarding state 21:30:44 executing program 2: accept(0xffffffffffffffff, &(0x7f0000000440)=@ethernet={0x0, @broadcast}, &(0x7f0000000300)=0x12) r0 = syz_open_dev$cec(&(0x7f0000000040)='/dev/cec#\x00', 0xffffffffffffffff, 0x2) ioctl$sock_inet6_tcp_SIOCINQ(r0, 0x40046109, &(0x7f0000000300)) close(r0) [ 146.937564] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 146.945177] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 146.952738] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready 21:30:44 executing program 0: r0 = syz_open_dev$dspn(&(0x7f00000000c0)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(r0, 0x208008000000500e, 0x0) 21:30:44 executing program 2: socketpair$unix(0x1, 0x0, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) dup(0xffffffffffffffff) symlink(&(0x7f0000000140)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//../file0\x00', &(0x7f00000002c0)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) geteuid() creat(&(0x7f00000001c0)='./bus\x00', 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(0xffffffffffffffff, 0x84, 0x6e, &(0x7f0000961fe4), 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040), &(0x7f0000000280)=0x8) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, 0x0, &(0x7f000095dffc)) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000100)={0x0, 0x5c8b}, 0x0) unlink(&(0x7f0000000040)='./file0\x00') r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000780)=ANY=[@ANYBLOB="b702000014000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000001600006a0a00fe00000000850000000d000000b7000000000000009500000000000000e3a333a0daf2f73451c0e17a606fe530cb7d7f933eda02ba18ad181867514fe60077d4dd90123d3ee7cf43548ee858e07dfbdfd43307c529a4ce6be614c2c794f72cbf5fe31789e70233bfd8115efd90c8c48258f8dbe82e16cf8db95f5b068a9e0000000000000000000000000000000000000000000000000000000000000018287ba7d8807cf077cc420efca6785deb269d0a91985602763e0d70d404da006a3d6eef8fb7fcdd82eb1e4841"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000780)=ANY=[@ANYBLOB="b702000014000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000001600006a0a00fe00000000850000000d000000b7000000000000009500000000000000e3a333a0daf2f73451c0e17a606fe530cb7d7f933eda02ba18ad181867514fe60077d4dd90123d3ee7cf43548ee858e07dfbdfd43307c529a4ce6be614c2c794f72cbf5fe31789e70233bfd8115efd90c8c48258f8dbe82e16cf8db95f5b068a9e0000000000000000000000000000000000000000000000000000000000000018287ba7d8807cf077cc420efca6785deb269d0a91985602763e0d70d404da006a3d6eef8fb7fcdd82eb1e4841"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) dup3(r3, r4, 0x0) [ 146.989289] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 147.019896] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 147.029994] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 147.048523] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 147.073069] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 147.093219] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 147.105488] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 147.133627] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 147.141746] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 147.149591] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 147.166615] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 147.177152] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 147.194704] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 147.219688] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 147.237611] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 147.251937] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 147.259962] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 147.269232] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 147.272233] hrtimer: interrupt took 26971 ns [ 147.280397] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 147.319561] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 147.347365] 8021q: adding VLAN 0 to HW filter on device batadv0 21:30:44 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) add_key$keyring(&(0x7f00000001c0)='keyring\x00', 0x0, 0x0, 0x0, 0xffffffffffffffff) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) fstat(r0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setresgid(0x0, r1, 0x0) chdir(0x0) [ 148.204910] ------------[ cut here ]------------ [ 148.209745] kernel BUG at ./include/linux/scatterlist.h:124! [ 148.217163] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 148.222536] Modules linked in: [ 148.225718] CPU: 0 PID: 7058 Comm: syz-executor.3 Not tainted 4.14.144 #0 [ 148.232630] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 148.241968] task: ffff8880617720c0 task.stack: ffff888061778000 [ 148.248043] RIP: 0010:gcmaes_decrypt.constprop.0+0x910/0xd20 [ 148.253820] RSP: 0018:ffff88806177f7a8 EFLAGS: 00010212 [ 148.259197] RAX: 0000000000040000 RBX: ffff8880a62b1588 RCX: ffffc9000ac54000 [ 148.266481] RDX: 00000000000002da RSI: ffffffff812ecd40 RDI: ffff8880a62b1224 [ 148.273732] RBP: ffff88806177f880 R08: ffff8880a6ff80a0 R09: ffffed100c2eff18 [ 148.280978] R10: ffffed100c2eff17 R11: ffff88806177f8bb R12: ffffea000284b342 [ 148.288233] R13: ffff8880a62b15bc R14: 0000000000000010 R15: ffff8880a01b7e80 [ 148.295495] FS: 00007fef5a309700(0000) GS:ffff8880aee00000(0000) knlGS:0000000000000000 [ 148.303706] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 148.309564] CR2: 000000000075c000 CR3: 0000000096a64000 CR4: 00000000001406f0 [ 148.316824] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 148.324077] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 148.331329] Call Trace: [ 148.333912] ? aesni_gcm_enc_avx2+0x140/0x140 [ 148.338386] generic_gcmaes_decrypt+0xf4/0x130 [ 148.342954] ? helper_rfc4106_decrypt+0x320/0x320 [ 148.347775] gcmaes_wrapper_decrypt+0x162/0x200 [ 148.352469] aead_recvmsg+0xf47/0x1d70 [ 148.356337] ? __kernel_text_address+0xd/0x40 [ 148.360815] ? aead_release+0x50/0x50 [ 148.364593] ? selinux_socket_recvmsg+0x36/0x40 [ 148.369240] ? security_socket_recvmsg+0x91/0xc0 [ 148.373993] ? aead_release+0x50/0x50 [ 148.377771] sock_recvmsg+0xc6/0x110 [ 148.381461] sock_read_iter+0x22f/0x340 [ 148.385411] ? sock_recvmsg+0x110/0x110 [ 148.389621] ? selinux_file_permission+0x85/0x480 [ 148.394447] ? rw_verify_area+0xea/0x2b0 [ 148.398487] aio_read+0x221/0x300 [ 148.401936] ? aio_write+0x4f0/0x4f0 [ 148.405640] ? find_held_lock+0x35/0x130 [ 148.409677] ? __might_fault+0x110/0x1d0 [ 148.413720] ? __might_fault+0x110/0x1d0 [ 148.417762] ? lock_downgrade+0x6e0/0x6e0 [ 148.421890] do_io_submit+0x1027/0x13f0 [ 148.425842] ? free_ioctx_users+0x3e0/0x3e0 [ 148.430153] ? kasan_check_read+0x11/0x20 [ 148.434292] ? _copy_to_user+0x87/0xd0 [ 148.438169] ? put_timespec64+0xb4/0x100 [ 148.442207] ? nsecs_to_jiffies+0x30/0x30 [ 148.446334] ? SyS_clock_gettime+0xf8/0x180 [ 148.450637] ? SyS_io_destroy+0x310/0x310 [ 148.454773] SyS_io_submit+0x28/0x30 [ 148.458473] ? SyS_io_submit+0x28/0x30 [ 148.462428] do_syscall_64+0x1e8/0x640 [ 148.466290] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 148.471132] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 148.476307] RIP: 0033:0x4598e9 [ 148.479474] RSP: 002b:00007fef5a308c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 148.487165] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004598e9 [ 148.494414] RDX: 0000000020001440 RSI: 0000000000000001 RDI: 00007fef5a30a000 [ 148.501662] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 148.508909] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fef5a3096d4 [ 148.516157] R13: 00000000004c0cb2 R14: 00000000004d3d80 R15: 00000000ffffffff [ 148.523417] Code: 0f 0b e8 d4 15 2e 00 0f 0b e8 cd 15 2e 00 0f 0b e8 c6 15 2e 00 0f 0b e8 bf 15 2e 00 e8 36 75 d1 ff e9 63 ff ff ff e8 b0 15 2e 00 <0f> 0b e8 a9 15 2e 00 0f 0b 4c 89 85 58 ff ff ff e8 9b 15 2e 00 [ 148.542511] RIP: gcmaes_decrypt.constprop.0+0x910/0xd20 RSP: ffff88806177f7a8 [ 148.552565] ---[ end trace 97e5ef99ef2871b3 ]--- [ 148.557467] Kernel panic - not syncing: Fatal exception [ 148.564282] Kernel Offset: disabled [ 148.568009] Rebooting in 86400 seconds..