Warning: Permanently added '10.128.0.155' (ECDSA) to the list of known hosts. 2019/01/20 20:11:29 fuzzer started 2019/01/20 20:11:35 dialing manager at 10.128.0.26:39359 2019/01/20 20:11:35 syscalls: 1 2019/01/20 20:11:35 code coverage: enabled 2019/01/20 20:11:35 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled 2019/01/20 20:11:35 extra coverage: extra coverage is not supported by the kernel 2019/01/20 20:11:35 setuid sandbox: enabled 2019/01/20 20:11:35 namespace sandbox: enabled 2019/01/20 20:11:35 Android sandbox: /sys/fs/selinux/policy does not exist 2019/01/20 20:11:35 fault injection: enabled 2019/01/20 20:11:35 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/01/20 20:11:35 net packet injection: enabled 2019/01/20 20:11:35 net device setup: enabled 20:14:48 executing program 0: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000080)=ANY=[@ANYBLOB="340000001e0009010000000000000000070000000c000000080000000000000014000a00d724f462090053ff02000000000000010b8c84c0c75c2c42d260451333c9cade265c3a3b04cfa55376cfb0f4e1948e5cd2199d0f2dd97426baa9fc6c"], 0x1}}, 0x0) r0 = socket(0x10, 0x80002, 0x0) sendmmsg$alg(r0, &(0x7f0000000140)=[{0x0, 0x0, &(0x7f0000000100), 0x0, &(0x7f0000000100)}], 0x492492492492805, 0x0) syzkaller login: [ 310.925996] IPVS: ftp: loaded support on port[0] = 21 [ 311.093437] chnl_net:caif_netlink_parms(): no params data found [ 311.169373] bridge0: port 1(bridge_slave_0) entered blocking state [ 311.176004] bridge0: port 1(bridge_slave_0) entered disabled state [ 311.184712] device bridge_slave_0 entered promiscuous mode [ 311.194100] bridge0: port 2(bridge_slave_1) entered blocking state [ 311.200627] bridge0: port 2(bridge_slave_1) entered disabled state [ 311.209179] device bridge_slave_1 entered promiscuous mode [ 311.245335] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 311.256803] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 311.290077] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 311.298978] team0: Port device team_slave_0 added [ 311.305530] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 311.314270] team0: Port device team_slave_1 added [ 311.320497] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 311.329442] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 311.487195] device hsr_slave_0 entered promiscuous mode [ 311.722725] device hsr_slave_1 entered promiscuous mode [ 311.983625] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 311.991312] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 312.024046] bridge0: port 2(bridge_slave_1) entered blocking state [ 312.030612] bridge0: port 2(bridge_slave_1) entered forwarding state [ 312.037955] bridge0: port 1(bridge_slave_0) entered blocking state [ 312.044544] bridge0: port 1(bridge_slave_0) entered forwarding state [ 312.107829] bridge0: port 1(bridge_slave_0) entered disabled state [ 312.118183] bridge0: port 2(bridge_slave_1) entered disabled state [ 312.168101] 8021q: adding VLAN 0 to HW filter on device bond0 [ 312.183924] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 312.201072] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 312.208071] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 312.216535] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 312.234248] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 312.240357] 8021q: adding VLAN 0 to HW filter on device team0 [ 312.256625] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 312.263957] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 312.272718] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 312.281354] bridge0: port 1(bridge_slave_0) entered blocking state [ 312.287894] bridge0: port 1(bridge_slave_0) entered forwarding state [ 312.304490] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 312.317543] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 312.325901] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 312.334696] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 312.342996] bridge0: port 2(bridge_slave_1) entered blocking state [ 312.349482] bridge0: port 2(bridge_slave_1) entered forwarding state [ 312.358230] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 312.374837] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 312.387804] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 312.401866] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 312.409395] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 312.418893] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 312.428219] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 312.437836] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 312.447223] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 312.459021] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 312.473283] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 312.480664] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 312.490187] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 312.509896] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 312.523324] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 312.532402] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 312.544102] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 312.550201] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 312.582688] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 312.606730] 8021q: adding VLAN 0 to HW filter on device batadv0 20:14:50 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f123c123f319bc070") sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000080)=ANY=[@ANYBLOB="340000001e0009010000000000000000070000000c000000080000000000000014000a00d724f462090053ff02000000000000010b8c84c0c75c2c42d260451333c9cade265c3a3b04cfa55376cfb0f4e1948e5cd2199d0f2dd97426baa9fc6c"], 0x1}}, 0x0) r1 = socket(0x10, 0x80002, 0x0) sendmmsg$alg(r1, &(0x7f0000000140)=[{0x0, 0x0, &(0x7f0000000100), 0x0, &(0x7f0000000100)}], 0x492492492492805, 0x0) 20:14:51 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x100000}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="0f0189"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 313.051380] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html for details. 20:14:52 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000100)='/group.stat\x00', 0x2761, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086604, 0x7fffff) 20:14:52 executing program 0: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)={0x4, 0x4, 0x80000000004, 0xe657}, 0x2c) close(r0) recvmsg(0xffffffffffffff9c, 0x0, 0x0) mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff) 20:14:52 executing program 0: r0 = socket$kcm(0x11, 0x3, 0x0) sendmsg$kcm(r0, &(0x7f0000000100)={&(0x7f0000000040)=@nfc={0x27, 0x3}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000200)="c10900000000000005011fe4ac141417e0", 0x11}], 0x1}, 0x0) [ 314.295209] ================================================================== [ 314.302651] BUG: KMSAN: uninit-value in arp_mc_map+0x6a0/0x9b0 [ 314.308650] CPU: 1 PID: 10972 Comm: syz-executor0 Not tainted 5.0.0-rc1+ #7 [ 314.315760] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 314.325138] Call Trace: [ 314.327771] dump_stack+0x173/0x1d0 [ 314.331444] kmsan_report+0x12e/0x2a0 [ 314.335299] __msan_warning+0x82/0xf0 [ 314.339137] arp_mc_map+0x6a0/0x9b0 [ 314.342808] arp_constructor+0x422/0xa50 [ 314.346912] ? arp_key_eq+0xd0/0xd0 [ 314.350563] ___neigh_create+0xe19/0x2890 [ 314.354782] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 314.360182] __neigh_create+0xbd/0xd0 [ 314.364018] ip_finish_output2+0xa0f/0x1820 [ 314.368397] ip_finish_output+0xd2b/0xfd0 [ 314.372593] ip_output+0x53f/0x610 [ 314.376183] ? ip_mc_finish_output+0x3b0/0x3b0 [ 314.380783] ? ip_finish_output+0xfd0/0xfd0 [ 314.385138] ip_local_out+0x164/0x1d0 [ 314.388975] iptunnel_xmit+0x8a7/0xde0 [ 314.392929] ip_tunnel_xmit+0x35b9/0x3980 [ 314.397166] ipgre_xmit+0x1098/0x11c0 [ 314.401012] ? ipgre_close+0x230/0x230 [ 314.404923] dev_hard_start_xmit+0x604/0xc40 [ 314.409387] __dev_queue_xmit+0x2e48/0x3b80 [ 314.413776] dev_queue_xmit+0x4b/0x60 [ 314.417597] ? __netdev_pick_tx+0x1260/0x1260 [ 314.422152] packet_sendmsg+0x79bb/0x9760 [ 314.426344] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 314.431823] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 314.437050] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 314.442530] ___sys_sendmsg+0xdb9/0x11b0 [ 314.446631] ? compat_packet_setsockopt+0x360/0x360 [ 314.451695] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 314.456926] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 314.462308] ? __fget_light+0x6e1/0x750 [ 314.466332] __se_sys_sendmsg+0x305/0x460 [ 314.470532] __x64_sys_sendmsg+0x4a/0x70 [ 314.474619] do_syscall_64+0xbc/0xf0 [ 314.478368] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 314.483572] RIP: 0033:0x458099 [ 314.486783] Code: 6d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 314.505693] RSP: 002b:00007f75f4adec78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 314.513413] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000458099 [ 314.520690] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003 [ 314.527982] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 314.535265] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f75f4adf6d4 20:14:52 executing program 1: openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video35\x00', 0x2, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000040)={{{@in6=@ipv4={[], [], @remote}, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@broadcast}, 0x0, @in=@local}}, &(0x7f0000000140)=0xe8) ioprio_get$uid(0x3, r0) r1 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000180)='/dev/cachefiles\x00', 0x800, 0x0) ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r1, 0xc0305710, &(0x7f00000001c0)={0x1, 0x8000, 0x3, 0x7fff}) r2 = socket$bt_rfcomm(0x1f, 0x1, 0x3) getresgid(&(0x7f0000000200)=0x0, &(0x7f0000000240), &(0x7f0000000280)) write$P9_RSTATu(r1, &(0x7f00000002c0)={0x83, 0x7d, 0x2, {{0x0, 0x61, 0x8f7, 0x3, {0x80, 0x0, 0x4}, 0x0, 0x8, 0xcd, 0x3, 0x7, '#-user&', 0xd, '/dev/video35\x00', 0xd, '/dev/video35\x00', 0xd, '/dev/video35\x00'}, 0xd, '/dev/video35\x00', r0, r3, r0}}, 0x83) ioctl$sock_inet6_tcp_SIOCOUTQ(r1, 0x5411, &(0x7f0000000380)) connect$pppoe(r1, &(0x7f00000003c0)={0x18, 0x0, {0x0, @dev={[], 0xa}, 'veth0_to_bond\x00'}}, 0x1e) ioctl$FS_IOC_GETVERSION(r2, 0x80087601, &(0x7f0000000400)) stat(&(0x7f0000000440)='./file0\x00', &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0}) clock_gettime(0x0, &(0x7f0000000540)={0x0, 0x0}) futex(&(0x7f0000000500)=0x1, 0x8b, 0x0, &(0x7f0000000580)={r5, r6+10000000}, &(0x7f00000005c0)=0x1, 0x1) setsockopt$TIPC_MCAST_REPLICAST(r2, 0x10f, 0x86) getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffff9c, 0x84, 0x1a, &(0x7f0000000600)={0x0, 0x7f, "8c3a0e1899c6106590230830475f07f4b3d17f2d737bc7ef9e67a6055de714b9e8c6e03ba5b160ae9c5dac62847ee232c5dd33d709ecc7c4e23f442b72a3cf9613e43b2204b49b5b1072a0f35c965ef39293df690dbf7e4b26e61ed9023ded6707a977fad72338eae37f431c26bd8c86a83d7a4c40670d388fc6801e560800"}, &(0x7f00000006c0)=0x87) setsockopt$inet_sctp_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f0000000700)=@sack_info={r7, 0x81, 0x1de}, 0xc) fchmod(r2, 0x23) setresuid(r4, r0, r4) fsetxattr$trusted_overlay_origin(r2, &(0x7f0000000740)='trusted.overlay.origin\x00', &(0x7f0000000780)='y\x00', 0x2, 0x0) getresgid(&(0x7f00000007c0)=0x0, &(0x7f0000000800)=0x0, &(0x7f0000000840)) ioctl$RTC_IRQP_SET(r1, 0x4008700c, 0x5f9) r10 = open(&(0x7f0000000880)='./file0\x00', 0x20000, 0x20) ioctl$sock_SIOCGPGRP(r2, 0x8904, &(0x7f0000000bc0)=0x0) ioctl$TIOCGSID(r10, 0x5429, &(0x7f0000000c00)=0x0) sendmsg$unix(r1, &(0x7f0000000c80)={&(0x7f00000008c0)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000b80)=[{&(0x7f0000000940)="7387ec2d811418d967e5eb199d4c7fe6d390d150b2f43be1fa8c6f9a2064d125107b", 0x22}, {&(0x7f0000000980)="4d6df5033672622be465b02060201ba974870bd9df9843111fec1e311e2c39a475cfdb7e5254dc847ee6cfe5ba85a7a7af4532213da4047bdd54d5fa39a9de9d717a03c3d3f3f7b32b042e854c46c547c2e38b6d10ee89c1e4f0c39fe7dac0a368b3b39e9ae91ea44af086db21a14fba0e5a1f76d73c44c8d3e10e88001a01d562e1e9c650748125f846d8323fc03680952ea7e4fa0db040007c73945800aa5cd227d7056db48beb0646cae2db87725cf7f4a65dbbdba4d27cf5254d", 0xbc}, {&(0x7f0000000a40)="39df8930b1bb45953b3695b0", 0xc}, {&(0x7f0000000a80)="512b922ed96bbf40add9ce37a72151af03c34fa959bf144887d47e5b62374b632bf1658f23ac18cf60af9df031c117e163c66c273f53959989e879a9659c8db9ed14888f7010d46376f9994e2bab72ec1c7c2801c219f2795f5476af102762668b419929a15aacc5d0a4741d4e76ea186cbc60970c135de25565297ab1825dbd28c0d03757379adddfbf770d4372b0bee994ded6c7c68f15a2241df462639344711e96fb479307a7a99df071d7a4b524de3c2115039771ae607cb2b66052a527d88d5b0b1f631291db8f5e880d585096c936d1d84cbe0cdaf6f7ccb962d4f13d45205a7fcdd662a35a21d3cb1fc0502efcbcbc108d575996", 0xf8}], 0x4, &(0x7f0000000c40)=[@cred={0x20, 0x1, 0x2, r11, r0, r8}, @cred={0x20, 0x1, 0x2, r12, r0, r9}], 0x40, 0x24000044}, 0x40000) rt_sigsuspend(&(0x7f0000000cc0)={0x20}, 0x8) write$FUSE_BMAP(r1, &(0x7f0000000d00)={0x18, 0xfffffffffffffff5, 0x8}, 0x18) r13 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000d80)='TIPCv2\x00') sendmsg$TIPC_NL_NET_GET(r10, &(0x7f0000000fc0)={&(0x7f0000000d40)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000f80)={&(0x7f0000000dc0)={0x1a4, r13, 0x4, 0x70bd26, 0x25dfdbfd, {}, [@TIPC_NLA_LINK={0x1c, 0x4, [@TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}]}, @TIPC_NLA_NET={0x18, 0x7, [@TIPC_NLA_NET_NODEID_W1={0xc}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x5}]}, @TIPC_NLA_MEDIA={0x4c, 0x5, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1c}]}, @TIPC_NLA_MEDIA_PROP={0x2c, 0x2, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_PRIO={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x17}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1c}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}]}, @TIPC_NLA_NODE={0x38, 0x6, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x40}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0xffff}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x73}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x7}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x2}]}, @TIPC_NLA_BEARER={0x94, 0x1, [@TIPC_NLA_BEARER_NAME={0x10, 0x1, @udp='udp:syz0\x00'}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x1, 0x0}}}, {0x14, 0x2, @in={0x2, 0x4e20, @local}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x8}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e20, 0x7f, @dev={0xfe, 0x80, [], 0x1b}, 0x3b}}, {0x14, 0x2, @in={0x2, 0x4e23, @empty}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0xa40}, @TIPC_NLA_BEARER_NAME={0xc, 0x1, @l2={'ib', 0x3a, 'gre0\x00'}}]}, @TIPC_NLA_NET={0x44, 0x7, [@TIPC_NLA_NET_ID={0x8, 0x1, 0xfffffffffffffffa}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x3}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x4}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x3}, @TIPC_NLA_NET_ID={0x8, 0x1, 0xffff}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x98c}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x8}]}]}, 0x1a4}}, 0x4000000) [ 314.542547] R13: 00000000004c5590 R14: 00000000004d91c0 R15: 00000000ffffffff [ 314.549881] [ 314.551519] Uninit was created at: [ 314.555065] No stack [ 314.557393] ================================================================== [ 314.564756] Disabling lock debugging due to kernel taint [ 314.570215] Kernel panic - not syncing: panic_on_warn set ... [ 314.576131] CPU: 1 PID: 10972 Comm: syz-executor0 Tainted: G B 5.0.0-rc1+ #7 [ 314.584624] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 314.594004] Call Trace: [ 314.596620] dump_stack+0x173/0x1d0 [ 314.600289] panic+0x3d1/0xb01 [ 314.603557] kmsan_report+0x293/0x2a0 [ 314.607392] __msan_warning+0x82/0xf0 [ 314.611220] arp_mc_map+0x6a0/0x9b0 [ 314.614886] arp_constructor+0x422/0xa50 [ 314.618985] ? arp_key_eq+0xd0/0xd0 [ 314.622646] ___neigh_create+0xe19/0x2890 [ 314.626856] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 314.632261] __neigh_create+0xbd/0xd0 [ 314.636096] ip_finish_output2+0xa0f/0x1820 [ 314.640687] ip_finish_output+0xd2b/0xfd0 [ 314.644886] ip_output+0x53f/0x610 [ 314.648472] ? ip_mc_finish_output+0x3b0/0x3b0 [ 314.653074] ? ip_finish_output+0xfd0/0xfd0 [ 314.657421] ip_local_out+0x164/0x1d0 [ 314.661255] iptunnel_xmit+0x8a7/0xde0 [ 314.665205] ip_tunnel_xmit+0x35b9/0x3980 [ 314.669431] ipgre_xmit+0x1098/0x11c0 [ 314.673268] ? ipgre_close+0x230/0x230 [ 314.677179] dev_hard_start_xmit+0x604/0xc40 [ 314.681684] __dev_queue_xmit+0x2e48/0x3b80 [ 314.686070] dev_queue_xmit+0x4b/0x60 [ 314.689885] ? __netdev_pick_tx+0x1260/0x1260 [ 314.694402] packet_sendmsg+0x79bb/0x9760 [ 314.698594] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 314.704075] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 314.709304] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 314.714759] ___sys_sendmsg+0xdb9/0x11b0 [ 314.718854] ? compat_packet_setsockopt+0x360/0x360 [ 314.723905] ? kmsan_get_shadow_origin_ptr+0x60/0x440 [ 314.729130] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 314.734554] ? __fget_light+0x6e1/0x750 [ 314.738651] __se_sys_sendmsg+0x305/0x460 [ 314.742845] __x64_sys_sendmsg+0x4a/0x70 [ 314.746941] do_syscall_64+0xbc/0xf0 [ 314.750685] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 314.755887] RIP: 0033:0x458099 [ 314.759092] Code: 6d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 314.778023] RSP: 002b:00007f75f4adec78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 314.785754] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000458099 [ 314.793026] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003 [ 314.800355] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 314.807664] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f75f4adf6d4 [ 314.814942] R13: 00000000004c5590 R14: 00000000004d91c0 R15: 00000000ffffffff [ 314.823174] Kernel Offset: disabled [ 314.826805] Rebooting in 86400 seconds..