[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 80.368568][ T31] audit: type=1800 audit(1569337015.436:25): pid=11860 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 80.391584][ T31] audit: type=1800 audit(1569337015.456:26): pid=11860 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 80.426352][ T31] audit: type=1800 audit(1569337015.486:27): pid=11860 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.10.63' (ECDSA) to the list of known hosts. 2019/09/24 14:57:11 fuzzer started 2019/09/24 14:57:15 dialing manager at 10.128.0.26:32923 2019/09/24 14:57:15 syscalls: 2382 2019/09/24 14:57:15 code coverage: enabled 2019/09/24 14:57:15 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled 2019/09/24 14:57:15 extra coverage: enabled 2019/09/24 14:57:15 setuid sandbox: enabled 2019/09/24 14:57:15 namespace sandbox: enabled 2019/09/24 14:57:15 Android sandbox: /sys/fs/selinux/policy does not exist 2019/09/24 14:57:15 fault injection: enabled 2019/09/24 14:57:15 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/09/24 14:57:15 net packet injection: enabled 2019/09/24 14:57:15 net device setup: enabled 14:59:47 executing program 0: r0 = socket$l2tp(0x18, 0x1, 0x1) getsockopt$sock_buf(r0, 0x1, 0x1f, 0x0, &(0x7f0000000c00)) syzkaller login: [ 252.607660][T12024] IPVS: ftp: loaded support on port[0] = 21 [ 252.742408][T12024] chnl_net:caif_netlink_parms(): no params data found [ 252.796590][T12024] bridge0: port 1(bridge_slave_0) entered blocking state [ 252.803900][T12024] bridge0: port 1(bridge_slave_0) entered disabled state [ 252.812592][T12024] device bridge_slave_0 entered promiscuous mode [ 252.822113][T12024] bridge0: port 2(bridge_slave_1) entered blocking state [ 252.829306][T12024] bridge0: port 2(bridge_slave_1) entered disabled state [ 252.838427][T12024] device bridge_slave_1 entered promiscuous mode [ 252.870240][T12024] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 252.882964][T12024] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 252.914783][T12024] team0: Port device team_slave_0 added [ 252.923921][T12024] team0: Port device team_slave_1 added [ 253.056507][T12024] device hsr_slave_0 entered promiscuous mode [ 253.123083][T12024] device hsr_slave_1 entered promiscuous mode [ 253.401656][T12024] bridge0: port 2(bridge_slave_1) entered blocking state [ 253.408927][T12024] bridge0: port 2(bridge_slave_1) entered forwarding state [ 253.416699][T12024] bridge0: port 1(bridge_slave_0) entered blocking state [ 253.423910][T12024] bridge0: port 1(bridge_slave_0) entered forwarding state [ 253.497569][T12024] 8021q: adding VLAN 0 to HW filter on device bond0 [ 253.517943][ T3371] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 253.529109][ T3371] bridge0: port 1(bridge_slave_0) entered disabled state [ 253.541390][ T3371] bridge0: port 2(bridge_slave_1) entered disabled state [ 253.552264][ T3371] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 253.572694][T12024] 8021q: adding VLAN 0 to HW filter on device team0 [ 253.595385][ T3371] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 253.604836][ T3371] bridge0: port 1(bridge_slave_0) entered blocking state [ 253.612084][ T3371] bridge0: port 1(bridge_slave_0) entered forwarding state [ 253.620699][ T3371] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 253.630095][ T3371] bridge0: port 2(bridge_slave_1) entered blocking state [ 253.637315][ T3371] bridge0: port 2(bridge_slave_1) entered forwarding state [ 253.681684][T12024] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 253.693020][T12024] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 253.713620][ T3371] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 253.723656][ T3371] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 253.733621][ T3371] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 253.743269][ T3371] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 253.774951][T12024] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 253.814675][ T3371] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 253.823521][ T3371] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready 14:59:49 executing program 0: r0 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x200000004e20}, 0x1c) r1 = socket$inet_dccp(0x2, 0x6, 0x0) listen(r0, 0x4d) connect$inet(r1, &(0x7f0000e5c000)={0x2, 0x4e20, @loopback=0x7f000002}, 0x10) getsockopt$inet_int(r1, 0x10d, 0xd3, &(0x7f0000000280), &(0x7f0000000240)=0x4) 14:59:49 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff}) pipe(&(0x7f0000000300)={0xffffffffffffffff}) r4 = dup3(r2, r3, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$RTC_ALM_SET(0xffffffffffffffff, 0x40247007, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x10001f}) r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaaae88, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000c000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f0000000140)="b9000400000f3266ba430066eddc0f0f01c442c20100b9050400000f32430f01c2c482198e5200c4e16d75572ab9800000c00f3235001000000f30", 0x3b}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000002000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, 0x0, 0x289}], 0x0, 0x0, 0x0, 0x0) utimes(&(0x7f0000000080)='./file0\x00', 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) [ 254.060403][T12037] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. 14:59:49 executing program 0: pipe(&(0x7f0000000300)={0xffffffffffffffff}) mmap(&(0x7f0000bab000/0x3000)=nil, 0x3000, 0x0, 0x120010, r0, 0x0) 14:59:49 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendmsg$IPVS_CMD_SET_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="864009000000070016204ac075d9a4b94a6d5c9848ca6b3a82ea701cc2c01763c5bb8bd8f1a335c73206e07310b5995b15672c27a823b3483f540f35158a5879ffb13f08983aa383a9fdd53849c746c5cac0ef778fd3623cadbf0f230bdef0c3e8d37a19e9b7b0d1c073d703ef00c6891e5c1f2f3535e737863819bdb0a58ab51b414f454cfc6a230dafb645005b6b18bcc7eeae617ec7ac4ec808d41a843c8beb"], 0x1}}, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xffffffffffffff77, 0x0, 0x0, 0x0) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000340)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff]}) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000040)=0x1) ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:59:49 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendmsg$IPVS_CMD_SET_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="864009000000070016204ac075d9a4b94a6d5c9848ca6b3a82ea701cc2c01763c5bb8bd8f1a335c73206e07310b5995b15672c27a823b3483f540f35158a5879ffb13f08983aa383a9fdd53849c746c5cac0ef778fd3623cadbf0f230bdef0c3e8d37a19e9b7b0d1c073d703ef00c6891e5c1f2f3535e737863819bdb0a58ab51b414f454cfc6a230dafb645005b6b18bcc7eeae617ec7ac4ec808d41a843c8beb"], 0x1}}, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xffffffffffffff77, 0x0, 0x0, 0x0) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000340)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff]}) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000040)=0x1) ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:59:49 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendmsg$IPVS_CMD_SET_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="864009000000070016204ac075d9a4b94a6d5c9848ca6b3a82ea701cc2c01763c5bb8bd8f1a335c73206e07310b5995b15672c27a823b3483f540f35158a5879ffb13f08983aa383a9fdd53849c746c5cac0ef778fd3623cadbf0f230bdef0c3e8d37a19e9b7b0d1c073d703ef00c6891e5c1f2f3535e737863819bdb0a58ab51b414f454cfc6a230dafb645005b6b18bcc7eeae617ec7ac4ec808d41a843c8beb"], 0x1}}, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xffffffffffffff77, 0x0, 0x0, 0x0) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000340)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff]}) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000040)=0x1) ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:59:49 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendmsg$IPVS_CMD_SET_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="864009000000070016204ac075d9a4b94a6d5c9848ca6b3a82ea701cc2c01763c5bb8bd8f1a335c73206e07310b5995b15672c27a823b3483f540f35158a5879ffb13f08983aa383a9fdd53849c746c5cac0ef778fd3623cadbf0f230bdef0c3e8d37a19e9b7b0d1c073d703ef00c6891e5c1f2f3535e737863819bdb0a58ab51b414f454cfc6a230dafb645005b6b18bcc7eeae617ec7ac4ec808d41a843c8beb"], 0x1}}, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0xffffffffffffff77, 0x0, 0x0, 0x0) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000340)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff]}) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000040)=0x1) ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:59:50 executing program 0: unshare(0x24020400) mmap(&(0x7f0000002000/0x1000)=nil, 0x1000, 0x0, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa04, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}}) 14:59:50 executing program 0: unshare(0x24020400) mmap(&(0x7f0000002000/0x1000)=nil, 0x1000, 0x0, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa04, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}}) 14:59:50 executing program 0: unshare(0x24020400) mmap(&(0x7f0000002000/0x1000)=nil, 0x1000, 0x0, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa04, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}}) 14:59:50 executing program 0: unshare(0x24020400) mmap(&(0x7f0000002000/0x1000)=nil, 0x1000, 0x0, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa04, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}}) 14:59:50 executing program 0: r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c) sendmmsg(r0, &(0x7f00000082c0)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000a80)=@in6={0xa, 0x4e22, 0x0, @rand_addr="bd28023a030000c8b9293850f35c3be8", 0x401}, 0x80, 0x0}}], 0x2, 0x0) r1 = socket(0x40000000015, 0x805, 0x0) r2 = socket(0x40000000015, 0x805, 0x0) getsockopt(r2, 0x114, 0x2711, 0x0, &(0x7f000033bffc)) r3 = socket(0x3, 0x800000003, 0x0) bind(r3, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r3, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000140)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000b00)=ANY=[@ANYBLOB="640400002400070528bd70000000000000000000", @ANYRES32=r4, @ANYBLOB="00000000f1ffffff000000000800010074626600380402000404020019300000ff070000060000000400000001000000060000000500000008000000090000000700000001800000ffff0000010000000900000001000080040000009d010000d2070000d6644c7eb3240000070000000600000020000000030000002000000006000000acb100003e2400000400000008000000000000004f53000004000000ffff0000030000004bdd00003f000000883a0000060000000300000001000000400000000000000001000000ff0300000200000040000000050000008000000007000000e10200000500000017f1ffff71000000ad0a000000000000c700000000000080000800000300d3000300000081000000ffffffff001000000300000007000000040000000000000080000000000001000900000040e80000ff010000050000000900000004000000080000000800000000000100000004000000ff03000007000000010426455b00b4fe939cd82faa000005000000fbfc000000000000050000000300000001010000010000007f0000100800000006000000001100000e00ffff000000000400000000100000ab0a000008000000070000000100000001000000000000000700000009000000070000000400000009000000fcffffff00000080ff07000003000000ff00090000000000000000000000000400000002000000018000000900000000000000070000000000000000000000ffffff7fe1ffffff5a000000f0040000d3360000000001008100000000000000aa0000000a00000081000000290100000800000008000000400000001f00000001000000030000000500000006000000d300000008000000010000000000010003000000cd85000007000000ffd19a8a126c029f9900000006000000ff7f0000090000001f000000def9ffff070000000100000001000000ffffffff07000000000000800500000001000000000000003f00000000000000c8f18c3b0300000000000080400000000300000000000000b5000000fe0000000300000006000000040000002e0700007c3100000000000000080000000000000101000001000000f9ffffff000000800400000080ffffff090000000c06000004000000ff07000000000000020000000900000081000000265600000600000000000000070000000000c00002000000cb060000000800001a0000000500000000000000080000007200000001000000f9f8621201000080cbc7086a05000000060000000200000002000000d6a29b150900000004000000629c00004b000000860d0000d2000000f7fffffff53400000004000008000000ff03000008000000d21c00000300000000040000010000000200000008000000ffffffff00ffffff06000000660800002000000011400000ffff0000cb030000040000000180000008000700130b000010000100ff01070000040900ffffff7f1000010006000000000000000000000008000700b9130000000000000000000000b464dd3ea776a32d55e8b4ae451a58c5c5f527c5053c801a0050c9c776d2bfc06d87de14eacda8231a536a34f3effc"], 0x464}}, 0x0) ioctl$sock_inet6_SIOCADDRT(r2, 0x890b, &(0x7f0000000080)={@mcast1, @rand_addr="e17f0dfc13e915045cce328d4e9fe1dc", @ipv4={[], [], @multicast2}, 0x1, 0x1, 0x0, 0x400, 0xffffffffffffff62, 0x9203a2, r4}) getsockopt(r1, 0x114, 0x2711, 0x0, &(0x7f000033bffc)) socket(0x2, 0x80000, 0x5) r5 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x80000) getsockopt$inet_buf(r5, 0x0, 0xa748f2d49cfb67a1, &(0x7f0000000100)=""/11, &(0x7f0000000180)=0xb) ioctl$FS_IOC_SETVERSION(r1, 0x40087602, &(0x7f0000000040)=0x8001) 14:59:50 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="c0dca5055e0bcfec7be070") r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = userfaultfd(0x0) r3 = dup2(r2, r2) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)) pipe(&(0x7f0000000080)={0xffffffffffffffff}) renameat2(r3, &(0x7f0000000000)='./file0\x00', r4, &(0x7f00000000c0)='./file0\x00', 0xb) sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x18, 0x23, 0x829, 0x0, 0x0, {0x2804}, [@typed={0x4, 0xe}]}, 0x18}, 0x1, 0x6087ffffffff}, 0x0) 14:59:50 executing program 0: ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000240)=ANY=[@ANYBLOB="000000000000000075020000000000000000000000f6000000000000000000000095d1ec5fdc3eb90e0001000000000000000011010000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000004000000000000001e00000000000080"]) mknod(&(0x7f0000000040)='./bus\x00', 0xffe, 0x0) execve(&(0x7f0000000000)='./bus\x00', 0x0, &(0x7f00000002c0)) openat$vnet(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhost-net\x00', 0x2, 0x0) 14:59:50 executing program 0: r0 = socket$inet(0x2, 0x80001, 0x84) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10) sendmsg(r0, &(0x7f0000000000)={&(0x7f0000006000)=@rc={0x1f, {0x81, 0x40, 0xfd, 0x8, 0x1, 0xa6}, 0x80}, 0x80, &(0x7f00000002c0)=[{&(0x7f0000001840)}], 0x100000000000026f}, 0x0) shutdown(r0, 0x1) getsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000000), &(0x7f0000000040)=0x10) 14:59:50 executing program 0: r0 = socket$inet(0x2, 0x80001, 0x84) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10) sendmsg(r0, &(0x7f0000000000)={&(0x7f0000006000)=@rc={0x1f, {0x81, 0x40, 0xfd, 0x8, 0x1, 0xa6}, 0x80}, 0x80, &(0x7f00000002c0)=[{&(0x7f0000001840)}], 0x100000000000026f}, 0x0) shutdown(r0, 0x1) getsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000000), &(0x7f0000000040)=0x10) 14:59:51 executing program 0: r0 = socket$inet(0x2, 0x80001, 0x84) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10) sendmsg(r0, &(0x7f0000000000)={&(0x7f0000006000)=@rc={0x1f, {0x81, 0x40, 0xfd, 0x8, 0x1, 0xa6}, 0x80}, 0x80, &(0x7f00000002c0)=[{&(0x7f0000001840)}], 0x100000000000026f}, 0x0) shutdown(r0, 0x1) getsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000000), &(0x7f0000000040)=0x10) 14:59:51 executing program 0: r0 = socket$inet(0x2, 0x80001, 0x84) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10) sendmsg(r0, &(0x7f0000000000)={&(0x7f0000006000)=@rc={0x1f, {0x81, 0x40, 0xfd, 0x8, 0x1, 0xa6}, 0x80}, 0x80, &(0x7f00000002c0)=[{&(0x7f0000001840)}], 0x100000000000026f}, 0x0) shutdown(r0, 0x1) getsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000000), &(0x7f0000000040)=0x10) 14:59:51 executing program 0: r0 = socket$inet(0x2, 0x80001, 0x84) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10) sendmsg(r0, &(0x7f0000000000)={&(0x7f0000006000)=@rc={0x1f, {0x81, 0x40, 0xfd, 0x8, 0x1, 0xa6}, 0x80}, 0x80, &(0x7f00000002c0)=[{&(0x7f0000001840)}], 0x100000000000026f}, 0x0) getsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000000), &(0x7f0000000040)=0x10) 14:59:51 executing program 0: r0 = socket$inet(0x2, 0x80001, 0x84) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10) getsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000000), &(0x7f0000000040)=0x10) 14:59:51 executing program 0: r0 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000000), &(0x7f0000000040)=0x10) 14:59:51 executing program 0: getsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000000000), &(0x7f0000000040)=0x10) 14:59:51 executing program 0: getsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000000000), &(0x7f0000000040)=0x10) 14:59:51 executing program 0: getsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000000000), &(0x7f0000000040)=0x10) 14:59:51 executing program 1: r0 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x8, 0x6480c0) ioctl$SIOCNRDECOBS(r0, 0x89e2) r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mixer\x00', 0x0, 0x0) sendmsg$key(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000080)={0x2, 0x12, 0x8, 0x8, 0x42, 0x0, 0x70bd28, 0x25dfdbfe, [@sadb_address={0x5, 0x17, 0x6c, 0x0, 0x0, @in6={0xa, 0x4e23, 0x2, @mcast1, 0x80}}, @sadb_x_sa2={0x2, 0x13, 0x40, 0x0, 0x0, 0x70bd26, 0x3505}, @sadb_x_policy={0x8, 0x12, 0x4, 0x0, 0x0, 0x6e6bbd, 0x3, {0x6, 0x2b, 0x3f, 0x6, 0x0, 0x9, 0x0, @in6=@mcast1, @in6=@local}}, @sadb_x_filter={0x5, 0x1a, @in6=@dev={0xfe, 0x80, [], 0x15}, @in6=@empty, 0x11, 0x4, 0x26}, @sadb_sa={0x2, 0x1, 0x4d4, 0x9, 0x9, 0x8a, 0x4, 0x20000000}, @sadb_x_kmaddress={0x7, 0x19, 0x0, @in6={0xa, 0x4e23, 0x69, @rand_addr="a22c2965f9a3f024cc0862790e60c4e1"}, @in={0x2, 0x4e21, @multicast2}}, @sadb_key={0x1c, 0x9, 0x690, 0x0, "79d1065383a1f15869487a120f34ac89050d517af39d7bccaafab53b6b83a34dcc39f2645dbaafd5712a98d9af598fc5b21f083c707b14d5ab65693cc26232f26cb936a0ce2b59d52cc470ba7473b0a8545cbf60cdf248ef66aaffd35d7f3162932a73e89dc127907e1c90e0a022721a74b2955747ab7a3e76282201147f7421cd42af8f67e3b9f4a93af81338af98cec9052991ac82d4c430bd24cad7f4998dc39be50bb2eb01d6435913be55dccad29f597d79f649d27b573eb858eb97ad4faba156129c597f1039d1efd5fc936d218779"}, @sadb_address={0x5, 0x17, 0x2b, 0x90, 0x0, @in6={0xa, 0x4e24, 0x5, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0x401}}, @sadb_x_sa2={0x2, 0x13, 0x80, 0x0, 0x0, 0x70bd29, 0x3503}]}, 0x210}}, 0x840) r2 = fcntl$dupfd(r1, 0x605, r1) inotify_add_watch(r2, &(0x7f0000000340)='./file0\x00', 0xf6359c0686e0809e) epoll_pwait(r2, &(0x7f0000000380)=[{}, {}], 0x2, 0x6, &(0x7f00000003c0)={0x84}, 0x8) ioctl$PPPIOCSFLAGS(0xffffffffffffffff, 0x40047459, &(0x7f0000000400)=0x1) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f0000000440)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast1}}}, 0x80, &(0x7f0000000500)=[{&(0x7f00000004c0)=""/53, 0x35}], 0x1, &(0x7f0000000540)=""/44, 0x2c}, 0x40002000) ioctl$PPPIOCGFLAGS(r3, 0x8004745a, &(0x7f00000005c0)) r4 = accept(0xffffffffffffffff, &(0x7f0000000600)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000680)=0x80) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r4, 0x10e, 0x1, &(0x7f00000006c0)=0x1e, 0x4) r5 = socket$inet_smc(0x2b, 0x1, 0x0) ioctl$SIOCGSTAMPNS(r5, 0x8907, &(0x7f0000000700)) r6 = syz_open_dev$usb(&(0x7f0000000740)='/dev/bus/usb/00#/00#\x00', 0xffff, 0x200) setsockopt$inet6_MCAST_JOIN_GROUP(r6, 0x29, 0x2a, &(0x7f0000000780)={0x1, {{0xa, 0x4e24, 0xffffffff, @empty, 0x8000}}}, 0x88) r7 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000840)='/dev/qat_adf_ctl\x00', 0x200000, 0x0) ioctl$SNDRV_CTL_IOCTL_TLV_READ(r7, 0xc008551a, &(0x7f0000000880)={0x1, 0x14, [0x6, 0xfff, 0x3, 0x8, 0x6f1]}) r8 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000008c0)='/proc/sys/net/ipv4/vs/nat_icmp_send\x00', 0x2, 0x0) inotify_add_watch(r8, &(0x7f0000000900)='./file0\x00', 0x14) ioctl$SCSI_IOCTL_BENCHMARK_COMMAND(r8, 0x3) r9 = socket$nl_crypto(0x10, 0x3, 0x15) ioctl$sock_inet_SIOCSIFADDR(r9, 0x8916, &(0x7f0000000940)={'veth0_to_hsr\x00', {0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x11}}}) ioctl$TIOCOUTQ(r8, 0x5411, &(0x7f0000000980)) connect$tipc(0xffffffffffffffff, &(0x7f00000009c0)=@name={0x1e, 0x2, 0x5, {{0x40, 0x1}, 0x4}}, 0x10) ioctl$KVM_ASSIGN_PCI_DEVICE(r8, 0x8040ae69, &(0x7f0000000a00)={0x4, 0x23, 0x6510, 0xb, 0xffff0000}) r10 = dup(0xffffffffffffffff) ioctl$PPPIOCSNPMODE(r10, 0x4008744b, &(0x7f0000000a40)={0x2d, 0x3}) r11 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r11, 0x84, 0x12, &(0x7f0000000a80), &(0x7f0000000ac0)=0x4) 14:59:51 executing program 0: r0 = socket$inet(0x2, 0x0, 0x84) getsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000000), &(0x7f0000000040)=0x10) 14:59:51 executing program 0: r0 = socket$inet(0x2, 0x0, 0x84) getsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000000), &(0x7f0000000040)=0x10) [ 256.936894][T12127] IPVS: ftp: loaded support on port[0] = 21 14:59:52 executing program 0: r0 = socket$inet(0x2, 0x0, 0x84) getsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000000), &(0x7f0000000040)=0x10) [ 257.086822][T12127] chnl_net:caif_netlink_parms(): no params data found 14:59:52 executing program 0: r0 = socket$inet(0x2, 0x80001, 0x0) getsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000000), &(0x7f0000000040)=0x10) [ 257.168531][T12127] bridge0: port 1(bridge_slave_0) entered blocking state [ 257.175801][T12127] bridge0: port 1(bridge_slave_0) entered disabled state [ 257.184590][T12127] device bridge_slave_0 entered promiscuous mode [ 257.194679][T12127] bridge0: port 2(bridge_slave_1) entered blocking state [ 257.201862][T12127] bridge0: port 2(bridge_slave_1) entered disabled state [ 257.210747][T12127] device bridge_slave_1 entered promiscuous mode 14:59:52 executing program 0: r0 = socket$inet(0x2, 0x80001, 0x0) getsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000000), &(0x7f0000000040)=0x10) [ 257.287848][T12127] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 257.321507][T12127] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link 14:59:52 executing program 0: r0 = socket$inet(0x2, 0x80001, 0x0) getsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000000), &(0x7f0000000040)=0x10) [ 257.357363][T12127] team0: Port device team_slave_0 added [ 257.366685][T12127] team0: Port device team_slave_1 added 14:59:52 executing program 0: socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000000000), &(0x7f0000000040)=0x10) [ 257.447168][T12127] device hsr_slave_0 entered promiscuous mode 14:59:52 executing program 0: socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000000000), &(0x7f0000000040)=0x10) [ 257.503414][T12127] device hsr_slave_1 entered promiscuous mode [ 257.533902][T12127] debugfs: Directory 'hsr0' with parent '/' already present! [ 257.566397][T12127] bridge0: port 2(bridge_slave_1) entered blocking state [ 257.573643][T12127] bridge0: port 2(bridge_slave_1) entered forwarding state [ 257.581429][T12127] bridge0: port 1(bridge_slave_0) entered blocking state [ 257.588777][T12127] bridge0: port 1(bridge_slave_0) entered forwarding state 14:59:52 executing program 0: socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000000000), &(0x7f0000000040)=0x10) [ 257.707378][T12127] 8021q: adding VLAN 0 to HW filter on device bond0 [ 257.733603][ T3371] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 257.753454][ T3371] bridge0: port 1(bridge_slave_0) entered disabled state [ 257.774522][ T3371] bridge0: port 2(bridge_slave_1) entered disabled state [ 257.786284][ T3371] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready 14:59:52 executing program 0: r0 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, 0x0, &(0x7f0000000040)) [ 257.823081][T12127] 8021q: adding VLAN 0 to HW filter on device team0 [ 257.840842][ T3371] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 257.850224][ T3371] bridge0: port 1(bridge_slave_0) entered blocking state [ 257.857454][ T3371] bridge0: port 1(bridge_slave_0) entered forwarding state [ 257.900484][ T3371] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 257.909348][ T3371] bridge0: port 2(bridge_slave_1) entered blocking state [ 257.916559][ T3371] bridge0: port 2(bridge_slave_1) entered forwarding state [ 257.959485][T12127] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 257.970213][T12127] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 257.987548][ T3371] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 257.997963][ T3371] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready 14:59:53 executing program 0: r0 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, 0x0, &(0x7f0000000040)) [ 258.007634][ T3371] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 258.017225][ T3371] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 258.083418][ T3371] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 258.091835][ T3371] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 258.110117][T12127] 8021q: adding VLAN 0 to HW filter on device batadv0 14:59:53 executing program 1: r0 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, 0x0, &(0x7f0000000040)) 14:59:53 executing program 0: r0 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, 0x0, &(0x7f0000000040)) 14:59:53 executing program 0: r0 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000000), 0x0) 14:59:53 executing program 0: r0 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000000), 0x0) 14:59:53 executing program 1: r0 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, 0x0, &(0x7f0000000040)) 14:59:53 executing program 1: r0 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, 0x0, &(0x7f0000000040)) 14:59:53 executing program 0: r0 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000000), 0x0) 14:59:53 executing program 0 (fault-call:1 fault-nth:0): r0 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000000), &(0x7f0000000040)=0x10) 14:59:53 executing program 1: getsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, 0x0, &(0x7f0000000040)) 14:59:53 executing program 0: getsockopt$inet_sctp_SCTP_AUTOCLOSE(0xffffffffffffffff, 0x84, 0x4, &(0x7f0000000080), &(0x7f00000000c0)=0x4) r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x802800, 0x0) ioctl$RTC_VL_READ(r0, 0x80047013, &(0x7f0000000140)) 14:59:53 executing program 1: getsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, 0x0, &(0x7f0000000040)) 14:59:53 executing program 1: getsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, 0x0, &(0x7f0000000040)) [ 258.954557][ C0] ================================================================== [ 258.962803][ C0] BUG: KMSAN: uninit-value in kmem_cache_alloc_node+0x5d0/0xe70 [ 258.970456][ C0] CPU: 0 PID: 12024 Comm: syz-executor.0 Not tainted 5.3.0-rc7+ #0 [ 258.979049][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 258.989116][ C0] Call Trace: [ 258.992409][ C0] [ 258.995389][ C0] dump_stack+0x191/0x1f0 [ 258.999761][ C0] kmsan_report+0x162/0x2d0 [ 259.004280][ C0] __msan_warning+0x75/0xe0 [ 259.008832][ C0] kmem_cache_alloc_node+0x5d0/0xe70 [ 259.014282][ C0] ? kmsan_get_shadow_origin_ptr+0x71/0x4c0 [ 259.020470][ C0] ? __alloc_skb+0x215/0xa10 [ 259.025095][ C0] __alloc_skb+0x215/0xa10 [ 259.029531][ C0] ? kmsan_get_shadow_origin_ptr+0x1/0x4c0 [ 259.035432][ C0] aoecmd_cfg+0x205/0xa80 [ 259.039798][ C0] discover_timer+0x86/0xa0 [ 259.044392][ C0] call_timer_fn+0x232/0x530 [ 259.050044][ C0] ? skbfree+0x4a0/0x4a0 [ 259.054312][ C0] __run_timers+0xcdc/0x11a0 [ 259.058901][ C0] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 259.064964][ C0] ? skbfree+0x4a0/0x4a0 [ 259.069207][ C0] ? timers_dead_cpu+0x9d0/0x9d0 [ 259.074139][ C0] ? kmsan_get_shadow_origin_ptr+0x71/0x4c0 [ 259.080025][ C0] run_timer_softirq+0x2d/0x50 [ 259.084776][ C0] ? timers_dead_cpu+0x9d0/0x9d0 [ 259.089942][ C0] __do_softirq+0x4a1/0x83a [ 259.094487][ C0] irq_exit+0x230/0x280 [ 259.098648][ C0] exiting_irq+0xe/0x10 [ 259.102809][ C0] smp_apic_timer_interrupt+0x48/0x70 [ 259.108283][ C0] apic_timer_interrupt+0x2e/0x40 [ 259.113393][ C0] [ 259.116326][ C0] RIP: 0010:kmsan_slab_alloc+0xd5/0x120 [ 259.121863][ C0] Code: 0a ba 01 00 00 00 e8 ca e5 ff ff 65 ff 0d 17 0e ff 7d 65 8b 05 10 0e ff 7d 85 c0 75 30 e8 63 3f 38 ff 4c 89 65 c8 ff 75 c8 9d <65> 48 8b 04 25 28 00 00 00 48 3b 45 d8 75 0d 48 83 c4 18 5b 41 5c [ 259.144672][ C0] RSP: 0018:ffff88805da8f408 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13 [ 259.153249][ C0] RAX: 0000000000000000 RBX: ffff888059e45e18 RCX: 0000000000000017 [ 259.162776][ C0] RDX: 0000000000000016 RSI: ffffea000000000f RDI: ffff888059e45e18 [ 259.170782][ C0] RBP: ffff88805da8f440 R08: 0000000000000003 R09: ffff88805da8f244 [ 259.178937][ C0] R10: 0000000000000012 R11: ffffffff8182a660 R12: 0000000000000246 [ 259.186922][ C0] R13: ffffffffffffff00 R14: 0000000000000cc0 R15: ffff88812f8188c0 [ 259.194960][ C0] ? stack_trace_save+0x1b0/0x1b0 [ 259.199994][ C0] kmem_cache_alloc_node+0x8f8/0xe70 [ 259.206759][ C0] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 259.212942][ C0] ? alloc_vmap_area+0x22a/0x3da0 [ 259.217969][ C0] alloc_vmap_area+0x22a/0x3da0 [ 259.223093][ C0] ? kmsan_get_shadow_origin_ptr+0x71/0x4c0 [ 259.228996][ C0] ? __get_vm_area_node+0x2ba/0x7f0 [ 259.234460][ C0] __get_vm_area_node+0x3ea/0x7f0 [ 259.239491][ C0] __vmalloc_node_range+0x283/0x14b0 [ 259.244837][ C0] ? alloc_counters+0x99/0x8c0 [ 259.249621][ C0] vzalloc+0xd7/0xf0 [ 259.253520][ C0] ? alloc_counters+0x99/0x8c0 [ 259.258276][ C0] alloc_counters+0x99/0x8c0 [ 259.262917][ C0] ? xt_find_table_lock+0x35e/0x930 [ 259.268130][ C0] do_ipt_get_ctl+0x7da/0x1010 [ 259.272995][ C0] ? compat_do_ipt_set_ctl+0x3c20/0x3c20 [ 259.278685][ C0] nf_getsockopt+0x481/0x4e0 [ 259.283309][ C0] ip_getsockopt+0x29a/0x460 [ 259.287997][ C0] ? compat_ip_setsockopt+0x380/0x380 [ 259.293358][ C0] tcp_getsockopt+0x1c6/0x1f0 [ 259.298044][ C0] ? tcp_get_timestamping_opt_stats+0x1850/0x1850 [ 259.304467][ C0] sock_common_getsockopt+0x13f/0x180 [ 259.309836][ C0] ? sock_recv_errqueue+0x8f0/0x8f0 [ 259.315214][ C0] __sys_getsockopt+0x533/0x7b0 [ 259.320067][ C0] __se_sys_getsockopt+0xe1/0x100 [ 259.325090][ C0] __x64_sys_getsockopt+0x62/0x80 [ 259.331416][ C0] do_syscall_64+0xbc/0xf0 [ 259.335827][ C0] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 259.341717][ C0] RIP: 0033:0x45c53a [ 259.345775][ C0] Code: b8 34 01 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 37 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8c fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 259.365370][ C0] RSP: 002b:0000000000a6f618 EFLAGS: 00000216 ORIG_RAX: 0000000000000037 [ 259.373768][ C0] RAX: ffffffffffffffda RBX: 0000000000a6f640 RCX: 000000000045c53a [ 259.381737][ C0] RDX: 0000000000000041 RSI: 0000000000000000 RDI: 0000000000000003 [ 259.389735][ C0] RBP: 0000000000714e80 R08: 0000000000a6f63c R09: 0000000000004000 [ 259.397708][ C0] R10: 0000000000a6f740 R11: 0000000000000216 R12: 0000000000000003 [ 259.405763][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000712cc0 [ 259.413749][ C0] [ 259.416061][ C0] Uninit was stored to memory at: [ 259.421082][ C0] kmsan_internal_chain_origin+0xcc/0x150 [ 259.426786][ C0] __msan_chain_origin+0x6b/0xe0 [ 259.431724][ C0] ___slab_alloc+0x1dbc/0x1fb0 [ 259.436477][ C0] kmem_cache_alloc_node+0x769/0xe70 [ 259.441750][ C0] __alloc_skb+0x215/0xa10 [ 259.446149][ C0] aoecmd_cfg+0x205/0xa80 [ 259.450475][ C0] discover_timer+0x86/0xa0 [ 259.454977][ C0] call_timer_fn+0x232/0x530 [ 259.459551][ C0] __run_timers+0xcdc/0x11a0 [ 259.464124][ C0] run_timer_softirq+0x2d/0x50 [ 259.468870][ C0] __do_softirq+0x4a1/0x83a [ 259.473356][ C0] irq_exit+0x230/0x280 [ 259.477493][ C0] exiting_irq+0xe/0x10 [ 259.481635][ C0] smp_apic_timer_interrupt+0x48/0x70 [ 259.487006][ C0] apic_timer_interrupt+0x2e/0x40 [ 259.492015][ C0] kmsan_slab_alloc+0xd5/0x120 [ 259.496775][ C0] kmem_cache_alloc_node+0x8f8/0xe70 [ 259.502050][ C0] alloc_vmap_area+0x22a/0x3da0 [ 259.506887][ C0] __get_vm_area_node+0x3ea/0x7f0 [ 259.511908][ C0] __vmalloc_node_range+0x283/0x14b0 [ 259.517190][ C0] vzalloc+0xd7/0xf0 [ 259.521106][ C0] alloc_counters+0x99/0x8c0 [ 259.525681][ C0] do_ipt_get_ctl+0x7da/0x1010 [ 259.530518][ C0] nf_getsockopt+0x481/0x4e0 [ 259.535096][ C0] ip_getsockopt+0x29a/0x460 [ 259.539677][ C0] tcp_getsockopt+0x1c6/0x1f0 [ 259.544342][ C0] sock_common_getsockopt+0x13f/0x180 [ 259.549698][ C0] __sys_getsockopt+0x533/0x7b0 [ 259.554534][ C0] __se_sys_getsockopt+0xe1/0x100 [ 259.559668][ C0] __x64_sys_getsockopt+0x62/0x80 [ 259.564701][ C0] do_syscall_64+0xbc/0xf0 [ 259.569112][ C0] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 259.575020][ C0] [ 259.577364][ C0] Uninit was created at: [ 259.581613][ C0] kmsan_internal_poison_shadow+0x58/0xb0 [ 259.587328][ C0] kmsan_slab_free+0x8d/0x100 [ 259.592000][ C0] kmem_cache_free_bulk+0x3ad9/0x3f50 [ 259.597360][ C0] napi_consume_skb+0x593/0x5d0 [ 259.602288][ C0] free_old_xmit_skbs+0x1a1/0x450 [ 259.607316][ C0] virtnet_poll_tx+0x24c/0x4c0 [ 259.612110][ C0] net_rx_action+0x74b/0x1950 [ 259.616898][ C0] __do_softirq+0x4a1/0x83a [ 259.621403][ C0] irq_exit+0x230/0x280 [ 259.625555][ C0] do_IRQ+0x20d/0x3a0 [ 259.629537][ C0] ret_from_intr+0x0/0x33 [ 259.633872][ C0] default_idle+0x53/0x90 [ 259.638243][ C0] arch_cpu_idle+0x25/0x30 [ 259.642692][ C0] do_idle+0x1d7/0x790 [ 259.646752][ C0] cpu_startup_entry+0x45/0x50 [ 259.651638][ C0] start_secondary+0x370/0x470 [ 259.656403][ C0] secondary_startup_64+0xa4/0xb0 [ 259.661417][ C0] ================================================================== [ 259.669463][ C0] Disabling lock debugging due to kernel taint [ 259.675613][ C0] Kernel panic - not syncing: panic_on_warn set ... [ 259.682203][ C0] CPU: 0 PID: 12024 Comm: syz-executor.0 Tainted: G B 5.3.0-rc7+ #0 [ 259.691462][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 259.701515][ C0] Call Trace: [ 259.704789][ C0] [ 259.707650][ C0] dump_stack+0x191/0x1f0 [ 259.712113][ C0] panic+0x3c9/0xc1e [ 259.716026][ C0] kmsan_report+0x2ca/0x2d0 [ 259.720552][ C0] __msan_warning+0x75/0xe0 [ 259.725051][ C0] kmem_cache_alloc_node+0x5d0/0xe70 [ 259.730323][ C0] ? kmsan_get_shadow_origin_ptr+0x71/0x4c0 [ 259.736206][ C0] ? __alloc_skb+0x215/0xa10 [ 259.740796][ C0] __alloc_skb+0x215/0xa10 [ 259.745205][ C0] ? kmsan_get_shadow_origin_ptr+0x1/0x4c0 [ 259.751003][ C0] aoecmd_cfg+0x205/0xa80 [ 259.755348][ C0] discover_timer+0x86/0xa0 [ 259.759840][ C0] call_timer_fn+0x232/0x530 [ 259.764417][ C0] ? skbfree+0x4a0/0x4a0 [ 259.768654][ C0] __run_timers+0xcdc/0x11a0 [ 259.773230][ C0] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 259.779291][ C0] ? skbfree+0x4a0/0x4a0 [ 259.783529][ C0] ? timers_dead_cpu+0x9d0/0x9d0 [ 259.788457][ C0] ? kmsan_get_shadow_origin_ptr+0x71/0x4c0 [ 259.794336][ C0] run_timer_softirq+0x2d/0x50 [ 259.799086][ C0] ? timers_dead_cpu+0x9d0/0x9d0 [ 259.804027][ C0] __do_softirq+0x4a1/0x83a [ 259.808536][ C0] irq_exit+0x230/0x280 [ 259.812705][ C0] exiting_irq+0xe/0x10 [ 259.816855][ C0] smp_apic_timer_interrupt+0x48/0x70 [ 259.822225][ C0] apic_timer_interrupt+0x2e/0x40 [ 259.827236][ C0] [ 259.830168][ C0] RIP: 0010:kmsan_slab_alloc+0xd5/0x120 [ 259.835703][ C0] Code: 0a ba 01 00 00 00 e8 ca e5 ff ff 65 ff 0d 17 0e ff 7d 65 8b 05 10 0e ff 7d 85 c0 75 30 e8 63 3f 38 ff 4c 89 65 c8 ff 75 c8 9d <65> 48 8b 04 25 28 00 00 00 48 3b 45 d8 75 0d 48 83 c4 18 5b 41 5c [ 259.855293][ C0] RSP: 0018:ffff88805da8f408 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13 [ 259.863697][ C0] RAX: 0000000000000000 RBX: ffff888059e45e18 RCX: 0000000000000017 [ 259.871656][ C0] RDX: 0000000000000016 RSI: ffffea000000000f RDI: ffff888059e45e18 [ 259.879616][ C0] RBP: ffff88805da8f440 R08: 0000000000000003 R09: ffff88805da8f244 [ 259.887584][ C0] R10: 0000000000000012 R11: ffffffff8182a660 R12: 0000000000000246 [ 259.896939][ C0] R13: ffffffffffffff00 R14: 0000000000000cc0 R15: ffff88812f8188c0 [ 259.904914][ C0] ? stack_trace_save+0x1b0/0x1b0 [ 259.909944][ C0] kmem_cache_alloc_node+0x8f8/0xe70 [ 259.915246][ C0] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 259.921396][ C0] ? alloc_vmap_area+0x22a/0x3da0 [ 259.926440][ C0] alloc_vmap_area+0x22a/0x3da0 [ 259.931286][ C0] ? kmsan_get_shadow_origin_ptr+0x71/0x4c0 [ 259.937193][ C0] ? __get_vm_area_node+0x2ba/0x7f0 [ 259.942394][ C0] __get_vm_area_node+0x3ea/0x7f0 [ 259.947430][ C0] __vmalloc_node_range+0x283/0x14b0 [ 259.952703][ C0] ? alloc_counters+0x99/0x8c0 [ 259.957472][ C0] vzalloc+0xd7/0xf0 [ 259.961354][ C0] ? alloc_counters+0x99/0x8c0 [ 259.966104][ C0] alloc_counters+0x99/0x8c0 [ 259.970687][ C0] ? xt_find_table_lock+0x35e/0x930 [ 259.975891][ C0] do_ipt_get_ctl+0x7da/0x1010 [ 259.980663][ C0] ? compat_do_ipt_set_ctl+0x3c20/0x3c20 [ 259.986287][ C0] nf_getsockopt+0x481/0x4e0 [ 259.990888][ C0] ip_getsockopt+0x29a/0x460 [ 259.995487][ C0] ? compat_ip_setsockopt+0x380/0x380 [ 260.000850][ C0] tcp_getsockopt+0x1c6/0x1f0 [ 260.005520][ C0] ? tcp_get_timestamping_opt_stats+0x1850/0x1850 [ 260.011931][ C0] sock_common_getsockopt+0x13f/0x180 [ 260.017301][ C0] ? sock_recv_errqueue+0x8f0/0x8f0 [ 260.022578][ C0] __sys_getsockopt+0x533/0x7b0 [ 260.027427][ C0] __se_sys_getsockopt+0xe1/0x100 [ 260.032445][ C0] __x64_sys_getsockopt+0x62/0x80 [ 260.037467][ C0] do_syscall_64+0xbc/0xf0 [ 260.041875][ C0] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 260.047754][ C0] RIP: 0033:0x45c53a [ 260.051655][ C0] Code: b8 34 01 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 37 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8c fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 260.071508][ C0] RSP: 002b:0000000000a6f618 EFLAGS: 00000216 ORIG_RAX: 0000000000000037 [ 260.079912][ C0] RAX: ffffffffffffffda RBX: 0000000000a6f640 RCX: 000000000045c53a [ 260.087870][ C0] RDX: 0000000000000041 RSI: 0000000000000000 RDI: 0000000000000003 [ 260.095848][ C0] RBP: 0000000000714e80 R08: 0000000000a6f63c R09: 0000000000004000 [ 260.103816][ C0] R10: 0000000000a6f740 R11: 0000000000000216 R12: 0000000000000003 [ 260.111770][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000712cc0 [ 260.121354][ C0] Kernel Offset: disabled [ 260.125778][ C0] Rebooting in 86400 seconds..