Warning: Permanently added '10.128.1.22' (ECDSA) to the list of known hosts. 2020/08/07 23:56:37 fuzzer started 2020/08/07 23:56:38 dialing manager at 10.128.0.26:45279 2020/08/07 23:56:38 syscalls: 3107 2020/08/07 23:56:38 code coverage: enabled 2020/08/07 23:56:38 comparison tracing: enabled 2020/08/07 23:56:38 extra coverage: enabled 2020/08/07 23:56:38 setuid sandbox: enabled 2020/08/07 23:56:38 namespace sandbox: enabled 2020/08/07 23:56:38 Android sandbox: /sys/fs/selinux/policy does not exist 2020/08/07 23:56:38 fault injection: enabled 2020/08/07 23:56:38 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2020/08/07 23:56:38 net packet injection: enabled 2020/08/07 23:56:38 net device setup: enabled 2020/08/07 23:56:38 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2020/08/07 23:56:38 devlink PCI setup: PCI device 0000:00:10.0 is not available 2020/08/07 23:56:38 USB emulation: enabled 2020/08/07 23:56:38 hci packet injection: enabled 23:56:45 executing program 0: r0 = socket$inet6(0xa, 0x2, 0x0) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x8, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x16}, [@ldst={0x3, 0x0, 0x3, 0xa, 0x0, 0xff00}]}, &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48) syzkaller login: [ 151.961731][ T8486] IPVS: ftp: loaded support on port[0] = 21 [ 152.234811][ T8486] chnl_net:caif_netlink_parms(): no params data found [ 152.390434][ T8486] bridge0: port 1(bridge_slave_0) entered blocking state [ 152.397903][ T8486] bridge0: port 1(bridge_slave_0) entered disabled state [ 152.407747][ T8486] device bridge_slave_0 entered promiscuous mode [ 152.428218][ T8486] bridge0: port 2(bridge_slave_1) entered blocking state [ 152.436018][ T8486] bridge0: port 2(bridge_slave_1) entered disabled state [ 152.445533][ T8486] device bridge_slave_1 entered promiscuous mode [ 152.495782][ T8486] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 152.514089][ T8486] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 152.566292][ T8486] team0: Port device team_slave_0 added [ 152.580438][ T8486] team0: Port device team_slave_1 added [ 152.625697][ T8486] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 152.632796][ T8486] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 152.659448][ T8486] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 152.676182][ T8486] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 152.683356][ T8486] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 152.709556][ T8486] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 152.772491][ T8486] device hsr_slave_0 entered promiscuous mode [ 152.782755][ T8486] device hsr_slave_1 entered promiscuous mode [ 153.080174][ T8486] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 153.097581][ T8486] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 153.116862][ T8486] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 153.135737][ T8486] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 153.451191][ T8486] 8021q: adding VLAN 0 to HW filter on device bond0 [ 153.483948][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 153.494257][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 153.516165][ T8486] 8021q: adding VLAN 0 to HW filter on device team0 [ 153.537679][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 153.548066][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 153.557604][ T3217] bridge0: port 1(bridge_slave_0) entered blocking state [ 153.564972][ T3217] bridge0: port 1(bridge_slave_0) entered forwarding state [ 153.608098][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 153.617570][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 153.627696][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 153.637350][ T3217] bridge0: port 2(bridge_slave_1) entered blocking state [ 153.644738][ T3217] bridge0: port 2(bridge_slave_1) entered forwarding state [ 153.653800][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 153.724453][ T8486] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 153.735372][ T8486] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 153.752250][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 153.763646][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 153.774248][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 153.784883][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 153.795371][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 153.805839][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 153.815584][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 153.826065][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 153.835756][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 153.905932][ T8486] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 153.957952][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 153.967834][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 153.977287][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 153.985166][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 153.998164][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 154.008694][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 154.082769][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 154.092973][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 154.119102][ T8486] device veth0_vlan entered promiscuous mode [ 154.129711][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 154.138975][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 154.172860][ T8486] device veth1_vlan entered promiscuous mode [ 154.216676][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 154.226262][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 154.277850][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 154.287826][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 154.322750][ T8486] device veth0_macvtap entered promiscuous mode [ 154.349246][ T8486] device veth1_macvtap entered promiscuous mode [ 154.410698][ T8486] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 154.419288][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 154.429284][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 154.439118][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 154.449196][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 154.476942][ T8486] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 154.504019][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 154.515809][ T3217] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 155.770047][ T349] tipc: TX() has been purged, node left! [ 157.292184][ T8735] IPVS: ftp: loaded support on port[0] = 21 [ 157.759713][ T8735] chnl_net:caif_netlink_parms(): no params data found [ 158.048912][ T349] device hsr_slave_0 left promiscuous mode [ 158.059390][ T349] device hsr_slave_1 left promiscuous mode [ 158.075324][ T349] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 158.082824][ T349] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 158.098412][ T349] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 158.106199][ T349] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 158.121698][ T349] device bridge_slave_1 left promiscuous mode [ 158.128761][ T349] bridge0: port 2(bridge_slave_1) entered disabled state [ 158.145175][ T349] device bridge_slave_0 left promiscuous mode [ 158.151940][ T349] bridge0: port 1(bridge_slave_0) entered disabled state [ 158.175640][ T349] device veth1_macvtap left promiscuous mode [ 158.181756][ T349] device veth0_macvtap left promiscuous mode [ 158.188396][ T349] device veth1_vlan left promiscuous mode [ 158.194439][ T349] device veth0_vlan left promiscuous mode [ 161.684993][ T349] team0 (unregistering): Port device team_slave_1 removed [ 161.707987][ T349] team0 (unregistering): Port device team_slave_0 removed [ 161.736351][ T349] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 161.765534][ T349] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 161.880023][ T349] bond0 (unregistering): Released all slaves [ 162.057128][ T8735] bridge0: port 1(bridge_slave_0) entered blocking state [ 162.064568][ T8735] bridge0: port 1(bridge_slave_0) entered disabled state [ 162.073755][ T8735] device bridge_slave_0 entered promiscuous mode [ 162.091892][ T8735] bridge0: port 2(bridge_slave_1) entered blocking state [ 162.099664][ T8735] bridge0: port 2(bridge_slave_1) entered disabled state [ 162.109101][ T8735] device bridge_slave_1 entered promiscuous mode [ 162.166660][ T8735] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 162.186451][ T8735] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 162.234532][ T8735] team0: Port device team_slave_0 added [ 162.251211][ T8735] team0: Port device team_slave_1 added [ 162.299132][ T8735] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 162.306348][ T8735] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 162.332638][ T8735] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 162.351051][ T8735] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 162.359626][ T8735] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 162.385793][ T8735] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 162.457354][ T8735] device hsr_slave_0 entered promiscuous mode [ 162.470405][ T8735] device hsr_slave_1 entered promiscuous mode 23:56:56 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000000800400000000000000", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="38000000240007050000004007a2a30005000000", @ANYRES32=r4, @ANYBLOB="00000800ffffffff00000000090001006866736300000000080002"], 0x38}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB="240000006600010100"/20, @ANYRES32=r4, @ANYBLOB='\x00\x00\x00\x00\x00\x00\b'], 0x24}}, 0x0) [ 163.341249][ T8735] 8021q: adding VLAN 0 to HW filter on device bond0 [ 163.410605][ T8694] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 163.420107][ T8694] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 163.449878][ T8735] 8021q: adding VLAN 0 to HW filter on device team0 [ 163.482263][ T8694] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 163.492245][ T8694] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 163.501875][ T8694] bridge0: port 1(bridge_slave_0) entered blocking state [ 163.509188][ T8694] bridge0: port 1(bridge_slave_0) entered forwarding state [ 163.577777][ T8694] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 163.587482][ T8694] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 163.597466][ T8694] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 163.606876][ T8694] bridge0: port 2(bridge_slave_1) entered blocking state [ 163.614186][ T8694] bridge0: port 2(bridge_slave_1) entered forwarding state [ 163.623990][ T8694] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 163.634976][ T8694] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 163.725356][ T8735] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 163.736352][ T8735] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 163.769028][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 163.779902][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 163.790506][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 163.804630][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 163.814650][ T8933] IPVS: ftp: loaded support on port[0] = 21 [ 163.814984][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 163.830306][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 163.840687][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 163.850351][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 163.888885][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 163.898569][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 164.076793][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 164.084639][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 164.145804][ T8933] chnl_net:caif_netlink_parms(): no params data found [ 164.213731][ T8735] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 164.308018][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 164.318371][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 164.407845][ T8933] bridge0: port 1(bridge_slave_0) entered blocking state [ 164.416331][ T8933] bridge0: port 1(bridge_slave_0) entered disabled state [ 164.425946][ T8933] device bridge_slave_0 entered promiscuous mode [ 164.455339][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 164.465141][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 164.494491][ T8735] device veth0_vlan entered promiscuous mode [ 164.509572][ T8933] bridge0: port 2(bridge_slave_1) entered blocking state [ 164.517276][ T8933] bridge0: port 2(bridge_slave_1) entered disabled state [ 164.526761][ T8933] device bridge_slave_1 entered promiscuous mode [ 164.541866][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 164.551540][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 164.614455][ T8933] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 164.634512][ T8933] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 164.684269][ T8735] device veth1_vlan entered promiscuous mode [ 164.704523][ T8933] team0: Port device team_slave_0 added [ 164.717814][ T8933] team0: Port device team_slave_1 added [ 164.787464][ T8933] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 164.795437][ T8933] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 164.821651][ T8933] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 164.873039][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 164.882717][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 164.902454][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 164.912967][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 164.929862][ T8933] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 164.937107][ T8933] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 164.963971][ T8933] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 164.981221][ T8735] device veth0_macvtap entered promiscuous mode [ 165.058085][ T8933] device hsr_slave_0 entered promiscuous mode [ 165.067545][ T8933] device hsr_slave_1 entered promiscuous mode [ 165.076763][ T8933] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 165.084932][ T8933] Cannot create hsr debugfs directory [ 165.092423][ T8735] device veth1_macvtap entered promiscuous mode [ 165.188111][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 165.197182][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 165.247663][ T8735] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 165.257183][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 165.267452][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 165.333269][ T8735] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 165.341427][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 165.352614][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 165.738600][ T8933] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 165.800325][ T8933] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 166.061736][ T8933] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 166.080457][ T8933] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 166.111927][ T7] tipc: TX() has been purged, node left! [ 167.092042][ T8933] 8021q: adding VLAN 0 to HW filter on device bond0 [ 167.214078][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 167.223194][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 167.334727][ T8933] 8021q: adding VLAN 0 to HW filter on device team0 [ 167.363618][ T8694] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 167.374218][ T8694] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 167.383614][ T8694] bridge0: port 1(bridge_slave_0) entered blocking state [ 167.390901][ T8694] bridge0: port 1(bridge_slave_0) entered forwarding state [ 167.541834][ T8698] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 167.551270][ T8698] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 167.561419][ T8698] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 167.571673][ T8698] bridge0: port 2(bridge_slave_1) entered blocking state [ 167.579010][ T8698] bridge0: port 2(bridge_slave_1) entered forwarding state [ 167.602681][ T8698] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 167.630955][ T7] device hsr_slave_0 left promiscuous mode [ 167.640901][ T7] device hsr_slave_1 left promiscuous mode [ 167.658035][ T7] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 167.666186][ T7] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 167.681307][ T7] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 167.689198][ T7] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 167.705713][ T7] device bridge_slave_1 left promiscuous mode [ 167.712561][ T7] bridge0: port 2(bridge_slave_1) entered disabled state [ 167.729590][ T7] device bridge_slave_0 left promiscuous mode [ 167.736560][ T7] bridge0: port 1(bridge_slave_0) entered disabled state [ 167.768875][ T7] device veth1_macvtap left promiscuous mode [ 167.775559][ T7] device veth0_macvtap left promiscuous mode [ 167.781776][ T7] device veth1_vlan left promiscuous mode [ 167.787866][ T7] device veth0_vlan left promiscuous mode [ 168.000021][ T9146] IPVS: ftp: loaded support on port[0] = 21 [ 171.352051][ T7] team0 (unregistering): Port device team_slave_1 removed [ 171.375533][ T7] team0 (unregistering): Port device team_slave_0 removed [ 171.396895][ T7] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 171.421713][ T7] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 171.540781][ T7] bond0 (unregistering): Released all slaves [ 171.688016][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 171.719546][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 171.730134][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 171.744740][ T8698] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 171.785147][ T8695] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 171.796043][ T8695] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 171.844587][ T8695] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 171.854936][ T8695] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 171.864515][ T8695] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 171.874127][ T8695] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 171.898041][ T8933] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 172.017727][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 172.026132][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 172.057537][ T8933] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 172.155584][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 172.166055][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 172.204001][ T9146] chnl_net:caif_netlink_parms(): no params data found [ 172.286360][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 172.296055][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 172.329446][ T8933] device veth0_vlan entered promiscuous mode [ 172.347754][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 172.357924][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 172.450351][ T8933] device veth1_vlan entered promiscuous mode [ 172.522304][ T9146] bridge0: port 1(bridge_slave_0) entered blocking state [ 172.529887][ T9146] bridge0: port 1(bridge_slave_0) entered disabled state [ 172.539700][ T9146] device bridge_slave_0 entered promiscuous mode [ 172.633582][ C0] ===================================================== [ 172.640581][ C0] BUG: KMSAN: uninit-value in expire_timers+0x38d/0x780 [ 172.647519][ C0] CPU: 0 PID: 9146 Comm: syz-executor.0 Not tainted 5.8.0-rc5-syzkaller #0 [ 172.656086][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 172.666141][ C0] Call Trace: [ 172.669412][ C0] [ 172.672264][ C0] dump_stack+0x21c/0x280 [ 172.676603][ C0] kmsan_report+0xf7/0x1e0 [ 172.681019][ C0] __msan_warning+0x58/0xa0 [ 172.685518][ C0] expire_timers+0x38d/0x780 [ 172.690147][ C0] __run_timers+0xaf4/0xd30 [ 172.694694][ C0] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 172.700840][ C0] ? irqtime_account_irq+0xcb/0x2d0 [ 172.706030][ C0] ? kmsan_get_metadata+0x116/0x180 [ 172.711225][ C0] run_timer_softirq+0x2d/0x50 [ 172.715996][ C0] ? migrate_timer_list+0x780/0x780 [ 172.721185][ C0] __do_softirq+0x2ea/0x7f5 [ 172.725703][ C0] asm_call_on_stack+0xf/0x20 [ 172.730499][ C0] [ 172.733441][ C0] do_softirq_own_stack+0x7c/0xa0 [ 172.738465][ C0] __irq_exit_rcu+0x226/0x270 [ 172.743148][ C0] irq_exit_rcu+0xe/0x10 [ 172.747390][ C0] sysvec_apic_timer_interrupt+0x107/0x130 [ 172.753193][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 172.759165][ C0] RIP: 0010:virt_to_page_or_null+0x56/0xf0 [ 172.764964][ C0] Code: 89 d6 48 d3 ee 48 85 f6 75 44 48 89 d1 48 c1 e9 2e 75 3b 48 8b 0d fa 4a c8 10 48 85 c9 74 2f 48 89 d6 48 c1 ee 22 4c 8b 0c f1 <4d> 85 c9 74 1f 48 89 d6 48 c1 ee 1b 83 e6 7f 48 c1 e6 05 4c 89 c9 [ 172.784560][ C0] RSP: 0018:ffff8880902f7890 EFLAGS: 00000246 [ 172.790616][ C0] RAX: ffff8881011230e4 RBX: ffff8880811230e4 RCX: ffff88821fff0000 [ 172.798605][ C0] RDX: 00000000811230e4 RSI: 0000000000000000 RDI: ffff8880811230e4 [ 172.806566][ C0] RBP: ffff8880902f7890 R08: ffffea000000000f R09: ffff88812fffa000 [ 172.814526][ C0] R10: ffff88808af5f000 R11: ffff88808af5f000 R12: 0000000000000000 [ 172.822490][ C0] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000000 [ 172.830476][ C0] kmsan_get_metadata+0x116/0x180 [ 172.835495][ C0] kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 172.841124][ C0] __msan_metadata_ptr_for_load_1+0x10/0x20 [ 172.847026][ C0] strstr+0x1b6/0x2e0 [ 172.851012][ C0] tomoyo_supervisor+0xc5b/0x2840 [ 172.856059][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 172.861860][ C0] tomoyo_path_number_perm+0x88e/0xaf0 [ 172.867328][ C0] ? kmsan_get_metadata+0x116/0x180 [ 172.872543][ C0] ? kmsan_get_metadata+0x116/0x180 [ 172.877738][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 172.883540][ C0] tomoyo_file_ioctl+0x74/0x90 [ 172.888385][ C0] ? tomoyo_inode_getattr+0x60/0x60 [ 172.893575][ C0] security_file_ioctl+0x10a/0x210 [ 172.898684][ C0] __se_sys_ioctl+0x143/0x4d0 [ 172.903359][ C0] __x64_sys_ioctl+0x4a/0x70 [ 172.907957][ C0] do_syscall_64+0xad/0x160 [ 172.912454][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 172.918352][ C0] RIP: 0033:0x45cb47 [ 172.922242][ C0] Code: Bad RIP value. [ 172.926307][ C0] RSP: 002b:0000000000c9f768 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 172.934708][ C0] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000045cb47 [ 172.942667][ C0] RDX: 0000000000c9f770 RSI: 0000000000008933 RDI: 0000000000000004 [ 172.950628][ C0] RBP: 0000000000c9fe80 R08: 0000000000000008 R09: 0000000000c9f7d0 [ 172.958585][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000c9ff10 [ 172.966545][ C0] R13: 0000000000000000 R14: 0000000000000003 R15: 0000000000000000 [ 172.974508][ C0] [ 172.976819][ C0] Uninit was created at: [ 172.981059][ C0] kmsan_save_stack_with_flags+0x3c/0x90 [ 172.986678][ C0] kmsan_alloc_page+0xc5/0x1a0 [ 172.991435][ C0] __alloc_pages_nodemask+0xdf0/0x1030 [ 172.996886][ C0] __kmalloc_node+0x43b/0x1280 [ 173.001644][ C0] kvmalloc_node+0x205/0x490 [ 173.006227][ C0] wg_pubkey_hashtable_alloc+0x4c/0x120 [ 173.011758][ C0] wg_newlink+0x2ae/0x12e0 [ 173.016165][ C0] rtnl_newlink+0x2e03/0x3ed0 [ 173.020832][ C0] rtnetlink_rcv_msg+0x142b/0x18c0 [ 173.025937][ C0] netlink_rcv_skb+0x6d7/0x7e0 [ 173.030719][ C0] rtnetlink_rcv+0x50/0x60 [ 173.035136][ C0] netlink_unicast+0x11c8/0x1490 [ 173.040098][ C0] netlink_sendmsg+0x173a/0x1840 [ 173.045027][ C0] __sys_sendto+0x9f8/0xca0 [ 173.049518][ C0] __se_sys_sendto+0x107/0x130 [ 173.054271][ C0] __x64_sys_sendto+0x6e/0x90 [ 173.058968][ C0] do_syscall_64+0xad/0x160 [ 173.063463][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 173.069339][ C0] ===================================================== [ 173.076256][ C0] Disabling lock debugging due to kernel taint [ 173.082392][ C0] Kernel panic - not syncing: panic_on_warn set ... [ 173.088975][ C0] CPU: 0 PID: 9146 Comm: syz-executor.0 Tainted: G B 5.8.0-rc5-syzkaller #0 [ 173.098932][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 173.108990][ C0] Call Trace: [ 173.112263][ C0] [ 173.115205][ C0] dump_stack+0x21c/0x280 [ 173.119532][ C0] panic+0x4d7/0xef7 [ 173.123433][ C0] ? add_taint+0x17c/0x210 [ 173.127851][ C0] kmsan_report+0x1df/0x1e0 [ 173.132350][ C0] __msan_warning+0x58/0xa0 [ 173.136848][ C0] expire_timers+0x38d/0x780 [ 173.141442][ C0] __run_timers+0xaf4/0xd30 [ 173.145952][ C0] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 173.152096][ C0] ? irqtime_account_irq+0xcb/0x2d0 [ 173.157287][ C0] ? kmsan_get_metadata+0x116/0x180 [ 173.162483][ C0] run_timer_softirq+0x2d/0x50 [ 173.167237][ C0] ? migrate_timer_list+0x780/0x780 [ 173.172425][ C0] __do_softirq+0x2ea/0x7f5 [ 173.176933][ C0] asm_call_on_stack+0xf/0x20 [ 173.181592][ C0] [ 173.184558][ C0] do_softirq_own_stack+0x7c/0xa0 [ 173.189636][ C0] __irq_exit_rcu+0x226/0x270 [ 173.194308][ C0] irq_exit_rcu+0xe/0x10 [ 173.198547][ C0] sysvec_apic_timer_interrupt+0x107/0x130 [ 173.204350][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 173.210326][ C0] RIP: 0010:virt_to_page_or_null+0x56/0xf0 [ 173.216124][ C0] Code: 89 d6 48 d3 ee 48 85 f6 75 44 48 89 d1 48 c1 e9 2e 75 3b 48 8b 0d fa 4a c8 10 48 85 c9 74 2f 48 89 d6 48 c1 ee 22 4c 8b 0c f1 <4d> 85 c9 74 1f 48 89 d6 48 c1 ee 1b 83 e6 7f 48 c1 e6 05 4c 89 c9 [ 173.235718][ C0] RSP: 0018:ffff8880902f7890 EFLAGS: 00000246 [ 173.241789][ C0] RAX: ffff8881011230e4 RBX: ffff8880811230e4 RCX: ffff88821fff0000 [ 173.249840][ C0] RDX: 00000000811230e4 RSI: 0000000000000000 RDI: ffff8880811230e4 [ 173.257802][ C0] RBP: ffff8880902f7890 R08: ffffea000000000f R09: ffff88812fffa000 [ 173.265761][ C0] R10: ffff88808af5f000 R11: ffff88808af5f000 R12: 0000000000000000 [ 173.273722][ C0] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000000 [ 173.281703][ C0] kmsan_get_metadata+0x116/0x180 [ 173.286722][ C0] kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 173.292347][ C0] __msan_metadata_ptr_for_load_1+0x10/0x20 [ 173.298229][ C0] strstr+0x1b6/0x2e0 [ 173.302228][ C0] tomoyo_supervisor+0xc5b/0x2840 [ 173.307275][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 173.313074][ C0] tomoyo_path_number_perm+0x88e/0xaf0 [ 173.318525][ C0] ? kmsan_get_metadata+0x116/0x180 [ 173.323738][ C0] ? kmsan_get_metadata+0x116/0x180 [ 173.328930][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 173.334728][ C0] tomoyo_file_ioctl+0x74/0x90 [ 173.339512][ C0] ? tomoyo_inode_getattr+0x60/0x60 [ 173.344724][ C0] security_file_ioctl+0x10a/0x210 [ 173.349841][ C0] __se_sys_ioctl+0x143/0x4d0 [ 173.354518][ C0] __x64_sys_ioctl+0x4a/0x70 [ 173.359102][ C0] do_syscall_64+0xad/0x160 [ 173.363600][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 173.369479][ C0] RIP: 0033:0x45cb47 [ 173.373356][ C0] Code: Bad RIP value. [ 173.377409][ C0] RSP: 002b:0000000000c9f768 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 173.385824][ C0] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000045cb47 [ 173.393788][ C0] RDX: 0000000000c9f770 RSI: 0000000000008933 RDI: 0000000000000004 [ 173.401749][ C0] RBP: 0000000000c9fe80 R08: 0000000000000008 R09: 0000000000c9f7d0 [ 173.409710][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000c9ff10 [ 173.417697][ C0] R13: 0000000000000000 R14: 0000000000000003 R15: 0000000000000000 [ 174.650519][ C0] Shutting down cpus with NMI [ 174.669122][ C0] Kernel Offset: disabled [ 174.673467][ C0] Rebooting in 86400 seconds..