[ 55.968823] audit: type=1800 audit(1538960767.001:27): pid=6007 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 57.496735] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[ ok 8[?25h[?0c. [ 58.477118] random: sshd: uninitialized urandom read (32 bytes read) [ 58.868345] random: sshd: uninitialized urandom read (32 bytes read) Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 61.246079] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.0.19' (ECDSA) to the list of known hosts. [ 66.991333] random: sshd: uninitialized urandom read (32 bytes read) 2018/10/08 01:06:20 fuzzer started [ 71.426359] random: cc1: uninitialized urandom read (8 bytes read) 2018/10/08 01:06:24 dialing manager at 10.128.0.26:36867 2018/10/08 01:06:24 syscalls: 1 2018/10/08 01:06:24 code coverage: enabled 2018/10/08 01:06:24 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled 2018/10/08 01:06:24 setuid sandbox: enabled 2018/10/08 01:06:24 namespace sandbox: enabled 2018/10/08 01:06:24 Android sandbox: /sys/fs/selinux/policy does not exist 2018/10/08 01:06:24 fault injection: enabled 2018/10/08 01:06:24 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2018/10/08 01:06:24 net packed injection: enabled 2018/10/08 01:06:24 net device setup: enabled [ 75.885135] random: crng init done 01:08:21 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000180)="153f6234488dd25d766070") r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000180)={&(0x7f0000000000), 0xc, &(0x7f0000000140)={&(0x7f00000005c0)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_UPDELAY={0x8, 0x18}]}}}]}, 0x3c}}, 0x0) [ 190.848648] IPVS: ftp: loaded support on port[0] = 21 [ 193.161375] bridge0: port 1(bridge_slave_0) entered blocking state [ 193.169850] bridge0: port 1(bridge_slave_0) entered disabled state [ 193.180294] device bridge_slave_0 entered promiscuous mode [ 193.319293] bridge0: port 2(bridge_slave_1) entered blocking state [ 193.325817] bridge0: port 2(bridge_slave_1) entered disabled state [ 193.334264] device bridge_slave_1 entered promiscuous mode [ 193.468515] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 193.603417] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready 01:08:25 executing program 1: r0 = syz_open_dev$sndctrl(&(0x7f0000000000)='/dev/snd/controlC#\x00', 0x1, 0x0) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_INFO(r0, 0xc4c85513, &(0x7f0000000440)={0x3}) [ 194.186213] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 194.322739] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 194.584274] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 194.591317] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 194.907348] IPVS: ftp: loaded support on port[0] = 21 [ 195.128280] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 195.136568] team0: Port device team_slave_0 added [ 195.283296] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 195.291277] team0: Port device team_slave_1 added [ 195.503210] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 195.796210] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 195.803727] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 195.812709] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 196.079191] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 196.086969] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 196.096115] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 196.366515] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 196.374166] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 196.383381] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 198.611260] bridge0: port 1(bridge_slave_0) entered blocking state [ 198.617899] bridge0: port 1(bridge_slave_0) entered disabled state [ 198.626430] device bridge_slave_0 entered promiscuous mode [ 198.872115] bridge0: port 2(bridge_slave_1) entered blocking state [ 198.878610] bridge0: port 2(bridge_slave_1) entered disabled state [ 198.887326] device bridge_slave_1 entered promiscuous mode [ 199.090047] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 199.148002] bridge0: port 2(bridge_slave_1) entered blocking state [ 199.154562] bridge0: port 2(bridge_slave_1) entered forwarding state [ 199.161524] bridge0: port 1(bridge_slave_0) entered blocking state [ 199.168101] bridge0: port 1(bridge_slave_0) entered forwarding state [ 199.176985] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 199.337994] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready 01:08:30 executing program 2: r0 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x9011, r0, 0x0) getgroups(0x1, &(0x7f0000000a80)=[0x0]) [ 199.462818] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 200.246917] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 200.401183] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 200.433652] IPVS: ftp: loaded support on port[0] = 21 [ 200.696750] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 200.703965] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 200.948386] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 200.955633] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 201.882740] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 201.890784] team0: Port device team_slave_0 added [ 202.167768] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 202.176097] team0: Port device team_slave_1 added [ 202.413598] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 202.432170] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 202.441066] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 202.703338] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 202.710399] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 202.719587] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 202.996772] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 203.004487] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 203.013470] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 203.298141] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 203.305886] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 203.315025] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 205.197086] bridge0: port 1(bridge_slave_0) entered blocking state [ 205.203686] bridge0: port 1(bridge_slave_0) entered disabled state [ 205.212203] device bridge_slave_0 entered promiscuous mode [ 205.560776] bridge0: port 2(bridge_slave_1) entered blocking state [ 205.567440] bridge0: port 2(bridge_slave_1) entered disabled state [ 205.575990] device bridge_slave_1 entered promiscuous mode [ 205.884603] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 206.175299] bridge0: port 2(bridge_slave_1) entered blocking state [ 206.181840] bridge0: port 2(bridge_slave_1) entered forwarding state [ 206.188727] bridge0: port 1(bridge_slave_0) entered blocking state [ 206.195282] bridge0: port 1(bridge_slave_0) entered forwarding state [ 206.204345] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 206.232863] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 206.792519] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 207.076003] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 207.337365] bond0: Enslaving bond_slave_1 as an active interface with an up link 01:08:38 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000040)="153f6234488dd25d766070") r1 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r1, &(0x7f0000000000)={0x2, 0x10000004e20, @multicast1}, 0x10) connect$inet(r1, &(0x7f0000ccb000)={0x2, 0x4e20}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x3, &(0x7f00009ff000)=ANY=[@ANYBLOB="18000000030000000000000000000000950000fe00000000"], &(0x7f00002bf000)='syzkaller\x00', 0x1, 0xb7, &(0x7f0000000440)=""/183}, 0x48) r3 = socket$kcm(0x29, 0x1000000000002, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r3, 0x89e2, &(0x7f0000000200)={0xffffffffffffffff}) sendmsg$rds(r4, &(0x7f0000001a40)={&(0x7f0000000080)={0x2, 0x0, @remote}, 0x10, &(0x7f0000000780)=[{&(0x7f0000000900)=""/4096, 0x1000}], 0x1, &(0x7f0000001980)}, 0x0) ioctl$sock_kcm_SIOCKCMATTACH(r4, 0x89e0, &(0x7f00000003c0)={r1, r2}) close(r4) close(r3) [ 207.673000] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 207.692168] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 208.065365] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 208.072578] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 208.574318] IPVS: ftp: loaded support on port[0] = 21 [ 209.041204] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 209.049340] team0: Port device team_slave_0 added [ 209.413481] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 209.421467] team0: Port device team_slave_1 added [ 209.760882] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 209.768074] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 209.777393] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 210.108757] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 210.116008] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 210.124835] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 210.435140] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 210.442805] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 210.451854] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 210.820853] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 210.828772] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 210.837891] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 211.386373] 8021q: adding VLAN 0 to HW filter on device bond0 [ 212.749527] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 214.056563] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 214.063051] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 214.070977] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 214.458345] bridge0: port 1(bridge_slave_0) entered blocking state [ 214.464933] bridge0: port 1(bridge_slave_0) entered disabled state [ 214.473594] device bridge_slave_0 entered promiscuous mode [ 214.687893] bridge0: port 2(bridge_slave_1) entered blocking state [ 214.694483] bridge0: port 2(bridge_slave_1) entered forwarding state [ 214.701376] bridge0: port 1(bridge_slave_0) entered blocking state [ 214.707986] bridge0: port 1(bridge_slave_0) entered forwarding state [ 214.716803] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 214.723295] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 214.807563] bridge0: port 2(bridge_slave_1) entered blocking state [ 214.814178] bridge0: port 2(bridge_slave_1) entered disabled state [ 214.823037] device bridge_slave_1 entered promiscuous mode [ 215.173604] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 215.340505] 8021q: adding VLAN 0 to HW filter on device team0 [ 215.565695] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 216.549383] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 216.885438] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 217.164647] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 217.171885] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 217.488495] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 217.495827] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready 01:08:48 executing program 4: [ 218.733099] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 218.741087] team0: Port device team_slave_0 added [ 219.112724] IPVS: ftp: loaded support on port[0] = 21 [ 219.181375] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 219.189572] team0: Port device team_slave_1 added [ 219.613828] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 219.620856] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 219.629752] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 220.013841] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 220.020893] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 220.030158] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 220.495846] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 220.503570] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 220.512619] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 220.888994] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 220.896670] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 220.906048] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 221.724550] 8021q: adding VLAN 0 to HW filter on device bond0 [ 223.308260] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 224.524156] netlink: 'syz-executor0': attribute type 24 has an invalid length. [ 224.532025] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0) 01:08:55 executing program 0: [ 224.956667] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 224.963124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 224.970800] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready 01:08:56 executing program 0: r0 = epoll_create(0x5) finit_module(r0, &(0x7f0000000000)='$eth1\x00', 0x1) r1 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_MRT6_ADD_MFC_PROXY(r1, 0x29, 0xca, &(0x7f0000000300)={{0xa, 0x4e23, 0x3, @local, 0x1}, {0xa, 0x4e20, 0x1000, @mcast1, 0x7d}}, 0x5c) 01:08:56 executing program 0: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x3, 0x4, 0x4, 0x1, 0x0, 0x1}, 0xe) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000100)={r1, 0x28, &(0x7f0000000080)}, 0x10) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000200)={r1, &(0x7f00000000c0)="92", &(0x7f00000001c0)}, 0x18) [ 225.725654] bridge0: port 2(bridge_slave_1) entered blocking state [ 225.732197] bridge0: port 2(bridge_slave_1) entered forwarding state [ 225.739099] bridge0: port 1(bridge_slave_0) entered blocking state [ 225.745665] bridge0: port 1(bridge_slave_0) entered forwarding state [ 225.754516] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready 01:08:57 executing program 0: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x3, 0x4, 0x4, 0x1, 0x0, 0x1}, 0xe) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000100)={r1, 0x28, &(0x7f0000000080)}, 0x10) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000200)={r1, &(0x7f00000000c0)="92", &(0x7f00000001c0)}, 0x18) [ 226.082699] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 226.360487] bridge0: port 1(bridge_slave_0) entered blocking state [ 226.367052] bridge0: port 1(bridge_slave_0) entered disabled state [ 226.375682] device bridge_slave_0 entered promiscuous mode 01:08:57 executing program 0: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x3, 0x4, 0x4, 0x1, 0x0, 0x1}, 0xe) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000100)={r1, 0x28, &(0x7f0000000080)}, 0x10) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000200)={r1, &(0x7f00000000c0)="92", &(0x7f00000001c0)}, 0x18) [ 226.657421] 8021q: adding VLAN 0 to HW filter on device team0 01:08:57 executing program 0: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x3, 0x4, 0x4, 0x1, 0x0, 0x1}, 0xe) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000100)={r1, 0x28, &(0x7f0000000080)}, 0x10) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000200)={r1, &(0x7f00000000c0)="92", &(0x7f00000001c0)}, 0x18) [ 226.853084] bridge0: port 2(bridge_slave_1) entered blocking state [ 226.859561] bridge0: port 2(bridge_slave_1) entered disabled state [ 226.868052] device bridge_slave_1 entered promiscuous mode 01:08:58 executing program 0: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x3, 0x4, 0x4, 0x1, 0x0, 0x1}, 0xe) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000100)={r1, 0x28, &(0x7f0000000080)}, 0x10) [ 227.355211] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 227.766036] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready 01:08:58 executing program 0: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000100)={0xffffffffffffffff, 0x28, &(0x7f0000000080)}, 0x10) [ 228.992811] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 229.332649] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 229.671995] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 229.679072] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 229.930160] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 229.937329] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 230.842164] 8021q: adding VLAN 0 to HW filter on device bond0 [ 230.925823] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 230.934001] team0: Port device team_slave_0 added [ 231.306672] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 231.315020] team0: Port device team_slave_1 added [ 231.655879] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 231.663128] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 231.672015] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 231.850517] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 231.857752] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 231.866897] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 231.890561] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 232.201492] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 232.209236] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 232.218298] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 232.444909] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 232.452581] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 232.461276] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 232.981184] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 232.988419] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 232.996395] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 233.824143] 8021q: adding VLAN 0 to HW filter on device team0 01:09:05 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000000)='/dev/net/tun\x00', 0x200000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0x81a0ae8c, 0x0) r3 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/qat_adf_ctl\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(r3, r2, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, &(0x7f0000000180)="0f32430f30f2f3660f0f73f29066baf80cb80c943180ef66bafc0c66b81fab66ef66ba4100ecf4b93a0000000f320f01b000000000660f3880add9a34199f2410fc246f104", 0x45}], 0x1, 0x0, &(0x7f0000000240), 0x0) name_to_handle_at(r3, &(0x7f0000000280)='./file0/file0\x00', &(0x7f00000002c0)={0x8}, &(0x7f0000000380), 0x0) ioctl$TIOCGSOFTCAR(r3, 0x5419, &(0x7f0000000240)) [ 235.053871] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html for details. [ 235.097418] QAT: Invalid ioctl [ 235.101008] QAT: Invalid ioctl [ 235.117274] QAT: Invalid ioctl [ 235.120740] QAT: Invalid ioctl [ 235.131875] QAT: Invalid ioctl [ 235.143777] QAT: Invalid ioctl [ 235.147393] QAT: Invalid ioctl [ 235.154408] QAT: Invalid ioctl [ 235.157993] QAT: Invalid ioctl [ 235.162435] QAT: Invalid ioctl [ 235.166032] QAT: Invalid ioctl [ 235.169598] QAT: Invalid ioctl [ 235.174131] QAT: Invalid ioctl [ 235.177690] QAT: Invalid ioctl [ 235.181236] QAT: Invalid ioctl [ 235.185635] QAT: Invalid ioctl [ 235.189250] QAT: Invalid ioctl [ 235.201824] QAT: Invalid ioctl [ 235.205363] QAT: Invalid ioctl [ 235.208949] QAT: Invalid ioctl [ 235.242634] QAT: Invalid ioctl [ 235.246173] QAT: Invalid ioctl [ 235.260734] QAT: Invalid ioctl [ 235.273514] QAT: Invalid ioctl [ 235.276960] QAT: Invalid ioctl [ 235.304763] QAT: Invalid ioctl [ 235.345999] ================================================================== [ 235.353421] BUG: KMSAN: uninit-value in vmx_create_vcpu+0x10df/0x7920 [ 235.360027] CPU: 0 PID: 7179 Comm: syz-executor1 Not tainted 4.19.0-rc4+ #63 [ 235.367220] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 235.376583] Call Trace: [ 235.379201] dump_stack+0x306/0x460 [ 235.382853] ? _raw_spin_lock_irqsave+0x227/0x340 [ 235.387720] ? vmx_create_vcpu+0x10df/0x7920 [ 235.392169] kmsan_report+0x1a3/0x2d0 [ 235.396022] __msan_warning+0x7c/0xe0 [ 235.399858] vmx_create_vcpu+0x10df/0x7920 [ 235.404124] ? kmsan_set_origin_inline+0x6b/0x120 [ 235.409017] ? __msan_poison_alloca+0x17a/0x210 [ 235.413736] ? vmx_vm_init+0x340/0x340 [ 235.417662] kvm_arch_vcpu_create+0x25d/0x2f0 [ 235.422198] kvm_vm_ioctl+0x13fd/0x33d0 [ 235.426208] ? __msan_poison_alloca+0x17a/0x210 [ 235.430911] ? do_vfs_ioctl+0x18a/0x2810 [ 235.435005] ? __se_sys_ioctl+0x1da/0x270 [ 235.439183] ? vcpu_stat_clear_per_vm+0x420/0x420 [ 235.444057] ? vcpu_stat_clear_per_vm+0x420/0x420 [ 235.448930] do_vfs_ioctl+0xcf3/0x2810 [ 235.452885] ? security_file_ioctl+0x92/0x200 [ 235.457424] __se_sys_ioctl+0x1da/0x270 [ 235.461445] __x64_sys_ioctl+0x4a/0x70 [ 235.465367] do_syscall_64+0xbe/0x100 [ 235.469213] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 235.474423] RIP: 0033:0x457579 [ 235.477642] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 235.484036] bridge0: port 2(bridge_slave_1) entered blocking state [ 235.496560] RSP: 002b:00007f402decfc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 235.496589] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457579 [ 235.496604] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000009 [ 235.496620] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 235.496650] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f402ded06d4 [ 235.503115] bridge0: port 2(bridge_slave_1) entered forwarding state [ 235.510690] R13: 00000000004bfc18 R14: 00000000004cfca0 R15: 00000000ffffffff [ 235.510722] [ 235.518465] bridge0: port 1(bridge_slave_0) entered blocking state [ 235.525249] Local variable description: ----c.i.i.i.i.i.i@vmx_create_vcpu [ 235.525257] Variable was created at: [ 235.525283] vmx_create_vcpu+0xd5/0x7920 [ 235.525306] kvm_arch_vcpu_create+0x25d/0x2f0 [ 235.525328] Disabling lock debugging due to kernel taint [ 235.532742] bridge0: port 1(bridge_slave_0) entered forwarding state [ 235.539873] Kernel panic - not syncing: panic_on_warn set ... [ 235.539873] [ 235.548066] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 235.553635] CPU: 0 PID: 7179 Comm: syz-executor1 Tainted: G B 4.19.0-rc4+ #63 [ 235.553648] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 235.553657] Call Trace: [ 235.553690] dump_stack+0x306/0x460 [ 235.553732] panic+0x54c/0xafa [ 235.555810] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 235.561710] kmsan_report+0x2cd/0x2d0 [ 235.561747] __msan_warning+0x7c/0xe0 [ 235.561795] vmx_create_vcpu+0x10df/0x7920 [ 235.652820] ? kmsan_set_origin_inline+0x6b/0x120 [ 235.657687] ? __msan_poison_alloca+0x17a/0x210 [ 235.662422] ? vmx_vm_init+0x340/0x340 [ 235.666336] kvm_arch_vcpu_create+0x25d/0x2f0 [ 235.670871] kvm_vm_ioctl+0x13fd/0x33d0 [ 235.674893] ? __msan_poison_alloca+0x17a/0x210 [ 235.679597] ? do_vfs_ioctl+0x18a/0x2810 [ 235.683687] ? __se_sys_ioctl+0x1da/0x270 [ 235.687875] ? vcpu_stat_clear_per_vm+0x420/0x420 [ 235.692749] ? vcpu_stat_clear_per_vm+0x420/0x420 [ 235.697621] do_vfs_ioctl+0xcf3/0x2810 [ 235.701586] ? security_file_ioctl+0x92/0x200 [ 235.706140] __se_sys_ioctl+0x1da/0x270 [ 235.710185] __x64_sys_ioctl+0x4a/0x70 [ 235.714111] do_syscall_64+0xbe/0x100 [ 235.717947] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 235.723173] RIP: 0033:0x457579 [ 235.726386] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 235.745311] RSP: 002b:00007f402decfc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 235.753061] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457579 [ 235.760358] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000009 [ 235.767646] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 235.775133] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f402ded06d4 [ 235.782422] R13: 00000000004bfc18 R14: 00000000004cfca0 R15: 00000000ffffffff [ 235.790737] Kernel Offset: disabled [ 235.794376] Rebooting in 86400 seconds..