Warning: Permanently added '10.128.0.88' (ECDSA) to the list of known hosts. 2020/07/19 19:24:13 fuzzer started 2020/07/19 19:24:14 dialing manager at 10.128.0.26:41463 2020/07/19 19:24:14 syscalls: 2944 2020/07/19 19:24:14 code coverage: enabled 2020/07/19 19:24:14 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled 2020/07/19 19:24:14 extra coverage: enabled 2020/07/19 19:24:14 setuid sandbox: enabled 2020/07/19 19:24:14 namespace sandbox: enabled 2020/07/19 19:24:14 Android sandbox: /sys/fs/selinux/policy does not exist 2020/07/19 19:24:14 fault injection: enabled 2020/07/19 19:24:14 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2020/07/19 19:24:14 net packet injection: enabled 2020/07/19 19:24:14 net device setup: enabled 2020/07/19 19:24:14 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2020/07/19 19:24:14 devlink PCI setup: PCI device 0000:00:10.0 is not available 2020/07/19 19:24:14 USB emulation: /dev/raw-gadget does not exist 19:28:46 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0xfffffffffffff8ed}, 0x0, 0x0, 0x0, 0x3, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x4204, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'sha512-generic\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/ipv6_route\x00') sendfile(r1, r2, 0x0, 0x7ffff00e) add_key$keyring(0x0, &(0x7f0000000140)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd) add_key$keyring(&(0x7f0000000540)='keyring\x00', 0x0, 0x0, 0x0, 0x0) add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) pipe(0x0) ioctl$TUNGETFILTER(0xffffffffffffffff, 0x801054db, 0x0) syzkaller login: [ 417.191775][ T8451] IPVS: ftp: loaded support on port[0] = 21 [ 417.505973][ T8451] chnl_net:caif_netlink_parms(): no params data found [ 417.769092][ T8451] bridge0: port 1(bridge_slave_0) entered blocking state [ 417.776570][ T8451] bridge0: port 1(bridge_slave_0) entered disabled state [ 417.786023][ T8451] device bridge_slave_0 entered promiscuous mode [ 417.799163][ T8451] bridge0: port 2(bridge_slave_1) entered blocking state [ 417.807442][ T8451] bridge0: port 2(bridge_slave_1) entered disabled state [ 417.816814][ T8451] device bridge_slave_1 entered promiscuous mode [ 417.874308][ T8451] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 417.892288][ T8451] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 417.962036][ T8451] team0: Port device team_slave_0 added [ 417.974242][ T8451] team0: Port device team_slave_1 added [ 418.043253][ T8451] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 418.050529][ T8451] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 418.078274][ T8451] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 418.092597][ T8451] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 418.099857][ T8451] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 418.127268][ T8451] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 418.232497][ T8451] device hsr_slave_0 entered promiscuous mode [ 418.306334][ T8451] device hsr_slave_1 entered promiscuous mode [ 418.727376][ T8451] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 418.784300][ T8451] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 418.842496][ T8451] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 418.903269][ T8451] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 419.182668][ T8451] 8021q: adding VLAN 0 to HW filter on device bond0 [ 419.208730][ T8610] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 419.218895][ T8610] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 419.237262][ T8451] 8021q: adding VLAN 0 to HW filter on device team0 [ 419.255919][ T8610] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 419.266411][ T8610] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 419.275816][ T8610] bridge0: port 1(bridge_slave_0) entered blocking state [ 419.283025][ T8610] bridge0: port 1(bridge_slave_0) entered forwarding state [ 419.335036][ T8610] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 419.344300][ T8610] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 419.354928][ T8610] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 419.364428][ T8610] bridge0: port 2(bridge_slave_1) entered blocking state [ 419.371815][ T8610] bridge0: port 2(bridge_slave_1) entered forwarding state [ 419.380849][ T8610] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 419.391727][ T8610] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 419.402589][ T8610] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 419.413404][ T8610] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 419.423763][ T8610] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 419.434533][ T8610] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 419.450516][ T8610] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 419.472815][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 419.482876][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 419.506910][ T8451] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 419.520508][ T8451] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 419.545590][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 419.555407][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 419.608441][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 419.618051][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 419.647426][ T8451] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 419.691699][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 419.702047][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 419.753066][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 419.763000][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 419.782584][ T8451] device veth0_vlan entered promiscuous mode [ 419.808573][ T8451] device veth1_vlan entered promiscuous mode [ 419.820013][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 419.829436][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 419.838540][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 419.892636][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 419.902682][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 419.912741][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 419.931957][ T8451] device veth0_macvtap entered promiscuous mode [ 419.948691][ T8451] device veth1_macvtap entered promiscuous mode [ 419.999098][ T8451] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 420.010807][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 420.020644][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 420.030247][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 420.040537][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 420.062528][ T8451] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 420.089695][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 420.099984][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 420.265973][ C0] hrtimer: interrupt took 44931 ns [ 420.299153][ T8658] ===================================================== [ 420.306527][ T8658] BUG: KMSAN: uninit-value in sha512_generic_block_fn+0x222a/0x2ac0 [ 420.314559][ T8658] CPU: 0 PID: 8658 Comm: syz-executor.0 Not tainted 5.8.0-rc5-syzkaller #0 [ 420.323171][ T8658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 420.333351][ T8658] Call Trace: [ 420.336680][ T8658] dump_stack+0x1df/0x240 [ 420.341046][ T8658] kmsan_report+0xf7/0x1e0 [ 420.345493][ T8658] __msan_warning+0x58/0xa0 [ 420.350022][ T8658] sha512_generic_block_fn+0x222a/0x2ac0 [ 420.355750][ T8658] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 420.361613][ T8658] ? kmsan_get_metadata+0x11d/0x180 [ 420.366852][ T8658] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 420.372702][ T8658] ? kmsan_get_metadata+0x4f/0x180 [ 420.377838][ T8658] ? kmsan_get_metadata+0x11d/0x180 [ 420.383062][ T8658] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 420.388897][ T8658] crypto_sha512_update+0x4cc/0x570 [ 420.394144][ T8658] ? crypto_sha224_init+0x210/0x210 [ 420.399366][ T8658] crypto_shash_update+0x4e9/0x550 [ 420.404496][ T8658] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 420.410705][ T8658] ? crypto_hash_walk_first+0x1fd/0x360 [ 420.416275][ T8658] ? kmsan_get_metadata+0x4f/0x180 [ 420.421408][ T8658] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 420.427246][ T8658] shash_async_update+0x113/0x1d0 [ 420.432305][ T8658] ? shash_async_init+0x1e0/0x1e0 [ 420.437354][ T8658] hash_sendpage+0x8ef/0xdf0 [ 420.442160][ T8658] ? hash_recvmsg+0xd30/0xd30 [ 420.446863][ T8658] sock_sendpage+0x1e1/0x2c0 [ 420.451488][ T8658] pipe_to_sendpage+0x38c/0x4c0 [ 420.456361][ T8658] ? sock_fasync+0x250/0x250 [ 420.460999][ T8658] __splice_from_pipe+0x565/0xf00 [ 420.466053][ T8658] ? generic_splice_sendpage+0x2d0/0x2d0 [ 420.471742][ T8658] generic_splice_sendpage+0x1d5/0x2d0 [ 420.477235][ T8658] ? iter_file_splice_write+0x1800/0x1800 [ 420.482975][ T8658] direct_splice_actor+0x1fd/0x580 [ 420.488117][ T8658] ? kmsan_get_metadata+0x4f/0x180 [ 420.493258][ T8658] splice_direct_to_actor+0x6b2/0xf50 [ 420.498646][ T8658] ? do_splice_direct+0x580/0x580 [ 420.503733][ T8658] do_splice_direct+0x342/0x580 [ 420.508630][ T8658] do_sendfile+0x101b/0x1d40 [ 420.513284][ T8658] __se_sys_sendfile64+0x2bb/0x360 [ 420.518433][ T8658] ? kmsan_get_metadata+0x4f/0x180 [ 420.523568][ T8658] __x64_sys_sendfile64+0x56/0x70 [ 420.528613][ T8658] do_syscall_64+0xb0/0x150 [ 420.533144][ T8658] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 420.539061][ T8658] RIP: 0033:0x45c1d9 [ 420.542966][ T8658] Code: Bad RIP value. [ 420.547043][ T8658] RSP: 002b:00007fd1a7b56c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 420.555468][ T8658] RAX: ffffffffffffffda RBX: 0000000000025a00 RCX: 000000000045c1d9 [ 420.563455][ T8658] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000006 [ 420.571450][ T8658] RBP: 000000000078bf48 R08: 0000000000000000 R09: 0000000000000000 [ 420.579438][ T8658] R10: 000000007ffff00e R11: 0000000000000246 R12: 000000000078bf0c [ 420.587426][ T8658] R13: 0000000000c9fb6f R14: 00007fd1a7b579c0 R15: 000000000078bf0c [ 420.595427][ T8658] [ 420.597754][ T8658] Uninit was created at: [ 420.602005][ T8658] kmsan_save_stack_with_flags+0x3c/0x90 [ 420.607644][ T8658] kmsan_alloc_page+0xb9/0x180 [ 420.612410][ T8658] __alloc_pages_nodemask+0x56a2/0x5dc0 [ 420.617964][ T8658] alloc_pages_current+0x672/0x990 [ 420.623093][ T8658] push_pipe+0x605/0xb70 [ 420.627349][ T8658] iov_iter_get_pages_alloc+0x18a9/0x21c0 [ 420.633090][ T8658] do_splice_to+0x4fc/0x14f0 [ 420.639621][ T8658] splice_direct_to_actor+0x45c/0xf50 [ 420.645005][ T8658] do_splice_direct+0x342/0x580 [ 420.649864][ T8658] do_sendfile+0x101b/0x1d40 [ 420.654464][ T8658] __se_sys_sendfile64+0x2bb/0x360 [ 420.659582][ T8658] __x64_sys_sendfile64+0x56/0x70 [ 420.664617][ T8658] do_syscall_64+0xb0/0x150 [ 420.669134][ T8658] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 420.675024][ T8658] ===================================================== [ 420.681961][ T8658] Disabling lock debugging due to kernel taint [ 420.688125][ T8658] Kernel panic - not syncing: panic_on_warn set ... [ 420.694736][ T8658] CPU: 0 PID: 8658 Comm: syz-executor.0 Tainted: G B 5.8.0-rc5-syzkaller #0 [ 420.704723][ T8658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 420.714792][ T8658] Call Trace: [ 420.718397][ T8658] dump_stack+0x1df/0x240 [ 420.722758][ T8658] panic+0x3d5/0xc3e [ 420.726733][ T8658] kmsan_report+0x1df/0x1e0 [ 420.731263][ T8658] __msan_warning+0x58/0xa0 [ 420.735804][ T8658] sha512_generic_block_fn+0x222a/0x2ac0 [ 420.741588][ T8658] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 420.747442][ T8658] ? kmsan_get_metadata+0x11d/0x180 [ 420.752664][ T8658] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 420.758574][ T8658] ? kmsan_get_metadata+0x4f/0x180 [ 420.763738][ T8658] ? kmsan_get_metadata+0x11d/0x180 [ 420.768952][ T8658] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 420.774797][ T8658] crypto_sha512_update+0x4cc/0x570 [ 420.780042][ T8658] ? crypto_sha224_init+0x210/0x210 [ 420.785969][ T8658] crypto_shash_update+0x4e9/0x550 [ 420.791095][ T8658] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 420.797292][ T8658] ? crypto_hash_walk_first+0x1fd/0x360 [ 420.802853][ T8658] ? kmsan_get_metadata+0x4f/0x180 [ 420.807988][ T8658] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 420.813821][ T8658] shash_async_update+0x113/0x1d0 [ 420.818874][ T8658] ? shash_async_init+0x1e0/0x1e0 [ 420.824519][ T8658] hash_sendpage+0x8ef/0xdf0 [ 420.829137][ T8658] ? hash_recvmsg+0xd30/0xd30 [ 420.833830][ T8658] sock_sendpage+0x1e1/0x2c0 [ 420.838453][ T8658] pipe_to_sendpage+0x38c/0x4c0 [ 420.843318][ T8658] ? sock_fasync+0x250/0x250 [ 420.847946][ T8658] __splice_from_pipe+0x565/0xf00 [ 420.852987][ T8658] ? generic_splice_sendpage+0x2d0/0x2d0 [ 420.858689][ T8658] generic_splice_sendpage+0x1d5/0x2d0 [ 420.864189][ T8658] ? iter_file_splice_write+0x1800/0x1800 [ 420.869919][ T8658] direct_splice_actor+0x1fd/0x580 [ 420.875056][ T8658] ? kmsan_get_metadata+0x4f/0x180 [ 420.880195][ T8658] splice_direct_to_actor+0x6b2/0xf50 [ 420.885593][ T8658] ? do_splice_direct+0x580/0x580 [ 420.890693][ T8658] do_splice_direct+0x342/0x580 [ 420.895589][ T8658] do_sendfile+0x101b/0x1d40 [ 420.900249][ T8658] __se_sys_sendfile64+0x2bb/0x360 [ 420.905374][ T8658] ? kmsan_get_metadata+0x4f/0x180 [ 420.910527][ T8658] __x64_sys_sendfile64+0x56/0x70 [ 420.915571][ T8658] do_syscall_64+0xb0/0x150 [ 420.920092][ T8658] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 420.925994][ T8658] RIP: 0033:0x45c1d9 [ 420.929885][ T8658] Code: Bad RIP value. [ 420.933948][ T8658] RSP: 002b:00007fd1a7b56c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 420.942368][ T8658] RAX: ffffffffffffffda RBX: 0000000000025a00 RCX: 000000000045c1d9 [ 420.950351][ T8658] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000006 [ 420.958330][ T8658] RBP: 000000000078bf48 R08: 0000000000000000 R09: 0000000000000000 [ 420.966308][ T8658] R10: 000000007ffff00e R11: 0000000000000246 R12: 000000000078bf0c [ 420.974282][ T8658] R13: 0000000000c9fb6f R14: 00007fd1a7b579c0 R15: 000000000078bf0c [ 420.983465][ T8658] Kernel Offset: 0x25200000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff) [ 420.995130][ T8658] Rebooting in 86400 seconds..