./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3431825591 <...> forked to background, child pid 3049 no interfaces have a carrier [ 71.626985][ T3050] 8021q: adding VLAN 0 to HW filter on device bond0 [ 71.644606][ T3050] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: OK syzkaller syzkaller login: [ 100.263684][ T25] cfg80211: failed to load regulatory.db Warning: Permanently added '10.128.0.134' (ECDSA) to the list of known hosts. execve("./syz-executor3431825591", ["./syz-executor3431825591"], 0x7ffce3611b10 /* 10 vars */) = 0 brk(NULL) = 0x555556a0e000 brk(0x555556a0ec40) = 0x555556a0ec40 arch_prctl(ARCH_SET_FS, 0x555556a0e300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 readlink("/proc/self/exe", "/root/syz-executor3431825591", 4096) = 28 brk(0x555556a2fc40) = 0x555556a2fc40 brk(0x555556a30000) = 0x555556a30000 mprotect(0x7f1507329000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 unshare(CLONE_NEWPID) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 3477 attached [pid 3477] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL [pid 3476] <... clone resumed>, child_tidptr=0x555556a0e5d0) = 3477 [pid 3477] <... mount resumed>) = -1 EBUSY (Device or resource busy) [pid 3477] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 3477] setsid() = 1 [pid 3477] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, NULL) = 0 [pid 3477] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0 [pid 3477] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, NULL) = 0 [pid 3477] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0 [pid 3477] prlimit64(0, RLIMIT_CORE, {rlim_cur=0, rlim_max=0}, NULL) = 0 [pid 3477] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, NULL) = 0 [pid 3477] unshare(CLONE_NEWNS) = 0 [pid 3477] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) = 0 [pid 3477] unshare(CLONE_NEWIPC) = 0 [pid 3477] unshare(CLONE_NEWCGROUP) = 0 [pid 3477] unshare(CLONE_NEWUTS) = 0 [pid 3477] unshare(CLONE_SYSVSEM) = 0 [pid 3477] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC) = 3 [pid 3477] write(3, "16777216", 8) = 8 [pid 3477] close(3) = 0 [pid 3477] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC) = 3 [pid 3477] write(3, "536870912", 9) = 9 [pid 3477] close(3) = 0 [pid 3477] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = 3 [pid 3477] write(3, "1024", 4) = 4 [pid 3477] close(3) = 0 [pid 3477] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC) = 3 [pid 3477] write(3, "8192", 4) = 4 [pid 3477] close(3) = 0 [pid 3477] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC) = 3 [pid 3477] write(3, "1024", 4) = 4 [pid 3477] close(3) = 0 [pid 3477] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = 3 [pid 3477] write(3, "1024", 4) = 4 [pid 3477] close(3) = 0 [pid 3477] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC) = 3 [pid 3477] write(3, "1024 1048576 500 1024", 21) = 21 [pid 3477] close(3) = 0 [pid 3477] getpid() = 1 [pid 3477] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1< [ 109.972884][ T3508] dump_stack_lvl+0x200/0x28c [ 109.977588][ T3508] dump_stack+0x29/0x2c [ 109.981764][ T3508] panic+0x502/0xc7a [ 109.985721][ T3508] ? add_taint+0x185/0x210 [ 109.990177][ T3508] ? console_unlock+0x1bb0/0x20e0 [ 109.995264][ T3508] kmsan_report+0x2cc/0x2d0 [ 109.999838][ T3508] ? kmsan_internal_poison_memory+0x78/0x90 [ 110.005789][ T3508] ? kmsan_internal_poison_memory+0x45/0x90 [ 110.011741][ T3508] ? kmsan_slab_alloc+0xd9/0x150 [ 110.016732][ T3508] ? __kmalloc+0xbfa/0x1260 [ 110.021254][ T3508] ? metadata_dst_alloc+0x92/0x4c0 [ 110.026396][ T3508] ? __ipgre_rcv+0x6ac/0xe50 [ 110.031040][ T3508] ? gre_rcv+0x4ca/0x1e50 [ 110.035397][ T3508] ? __msan_warning+0x92/0x110 [ 110.040191][ T3508] ? ip_tunnel_rcv+0x13fb/0x3a40 [ 110.045168][ T3508] ? __ipgre_rcv+0xaf0/0xe50 [ 110.049815][ T3508] ? gre_rcv+0x4ca/0x1e50 [ 110.054216][ T3508] ? gre_rcv+0x323/0x420 [ 110.058481][ T3508] ? ip_protocol_deliver_rcu+0x643/0xe30 [ 110.064141][ T3508] ? ip_local_deliver_finish+0x36c/0x500 [ 110.069811][ T3508] ? ip_local_deliver+0x34c/0x590 [ 110.074888][ T3508] ? ip_rcv+0x5b2/0x840 [ 110.079088][ T3508] ? __netif_receive_skb+0x1f1/0x640 [ 110.084437][ T3508] ? netif_receive_skb_internal+0x1b7/0x3d0 [ 110.090354][ T3508] ? netif_receive_skb+0x4d/0x360 [ 110.095399][ T3508] ? tun_rx_batched+0xa93/0xd00 [ 110.100285][ T3508] ? tun_get_user+0x4344/0x4e90 [ 110.105168][ T3508] ? tun_chr_write_iter+0x459/0x610 [ 110.110437][ T3508] ? vfs_write+0x10ab/0x1d40 [ 110.115060][ T3508] ? ksys_write+0x28f/0x510 [ 110.119609][ T3508] ? __x64_sys_write+0xdb/0x120 [ 110.124488][ T3508] ? do_syscall_64+0x3d/0xb0 [ 110.129124][ T3508] ? entry_SYSCALL_64_after_hwframe+0x44/0xae [ 110.135250][ T3508] ? kmsan_get_shadow_origin_ptr+0x9a/0xf0 [ 110.141128][ T3508] ? should_fail+0x79/0x9c0 [ 110.145693][ T3508] ? memcg_slab_post_alloc_hook+0x35/0xc50 [ 110.151548][ T3508] ? kmsan_get_metadata+0x33/0x220 [ 110.156789][ T3508] ? kmsan_get_metadata+0x33/0x220 [ 110.161962][ T3508] ? kmsan_get_metadata+0x33/0x220 [ 110.167120][ T3508] ? kmsan_get_shadow_origin_ptr+0x9a/0xf0 [ 110.172963][ T3508] __msan_warning+0x92/0x110 [ 110.177613][ T3508] ip_tunnel_rcv+0x13fb/0x3a40 [ 110.182425][ T3508] __ipgre_rcv+0xaf0/0xe50 [ 110.186926][ T3508] gre_rcv+0x4ca/0x1e50 [ 110.191132][ T3508] ? raw_local_deliver+0xe6/0x1e90 [ 110.196278][ T3508] ? __rcu_read_unlock+0x51/0xf0 [ 110.201267][ T3508] ? kmsan_get_metadata+0x33/0x220 [ 110.206457][ T3508] ? erspan_build_header_v2+0x6f0/0x6f0 [ 110.212041][ T3508] gre_rcv+0x323/0x420 [ 110.216165][ T3508] ? gre_parse_header+0x1fe0/0x1fe0 [ 110.221398][ T3508] ip_protocol_deliver_rcu+0x643/0xe30 [ 110.226924][ T3508] ip_local_deliver_finish+0x36c/0x500 [ 110.232423][ T3508] ip_local_deliver+0x34c/0x590 [ 110.237312][ T3508] ? ip_local_deliver+0x590/0x590 [ 110.242392][ T3508] ? ip_protocol_deliver_rcu+0xe30/0xe30 [ 110.248094][ T3508] ip_rcv+0x5b2/0x840 [ 110.252124][ T3508] ? ip_rcv_core+0x15c0/0x15c0 [ 110.256940][ T3508] __netif_receive_skb+0x1f1/0x640 [ 110.262093][ T3508] ? kmsan_get_metadata+0x33/0x220 [ 110.267266][ T3508] ? ip_local_deliver_finish+0x500/0x500 [ 110.272943][ T3508] netif_receive_skb_internal+0x1b7/0x3d0 [ 110.278698][ T3508] ? tun_rx_batched+0x22b/0xd00 [ 110.283645][ T3508] netif_receive_skb+0x4d/0x360 [ 110.288540][ T3508] tun_rx_batched+0xa93/0xd00 [ 110.293262][ T3508] ? kmsan_get_metadata+0x33/0x220 [ 110.298431][ T3508] ? kmsan_get_shadow_origin_ptr+0x9a/0xf0 [ 110.304303][ T3508] tun_get_user+0x4344/0x4e90 [ 110.309039][ T3508] ? kmsan_internal_set_shadow_origin+0x40/0xe0 [ 110.315331][ T3508] ? kmsan_get_metadata+0x33/0x220 [ 110.320489][ T3508] tun_chr_write_iter+0x459/0x610 [ 110.325591][ T3508] ? tun_chr_read_iter+0x720/0x720 [ 110.330740][ T3508] vfs_write+0x10ab/0x1d40 [ 110.335264][ T3508] ksys_write+0x28f/0x510 [ 110.339634][ T3508] __x64_sys_write+0xdb/0x120 [ 110.344348][ T3508] do_syscall_64+0x3d/0xb0 [ 110.349578][ T3508] ? asm_exc_page_fault+0x8/0x30 [ 110.354550][ T3508] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 110.360491][ T3508] RIP: 0033:0x7f1507276a03 [ 110.364941][ T3508] Code: e9 0e ec ff ff bf 01 00 00 00 e8 a8 6f 00 00 0f 1f 84 00 00 00 00 00 64 8b 04 25 18 00 00 00 85 c0 75 14 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 55 c3 0f 1f 40 00 48 83 ec 28 48 89 54 24 18 [ 110.384594][ T3508] RSP: 002b:00007ffcd6f329a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 110.393061][ T3508] RAX: ffffffffffffffda RBX: 00000000000f4240 RCX: 00007f1507276a03 [ 110.401102][ T3508] RDX: 0000000000000034 RSI: 0000000020000000 RDI: 00000000000000c8 [ 110.409112][ T3508] RBP: 00007ffcd6f32a00 R08: 0000000000000000 R09: 00007ffcd6f32420 [ 110.417143][ T3508] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffcd6f32a20 [ 110.425151][ T3508] R13: 0000000000000000 R14: 00007ffcd6f329e0 R15: 00007ffcd6f32a50 [ 110.433173][ T3508] [ 110.436320][ T3508] Kernel Offset: disabled [ 110.440665][ T3508] Rebooting in 86400 seconds..