Warning: Permanently added '10.128.0.122' (ECDSA) to the list of known hosts. 2020/07/18 05:59:47 fuzzer started 2020/07/18 05:59:47 dialing manager at 10.128.0.26:41463 2020/07/18 05:59:48 syscalls: 2944 2020/07/18 05:59:48 code coverage: enabled 2020/07/18 05:59:48 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled 2020/07/18 05:59:48 extra coverage: enabled 2020/07/18 05:59:48 setuid sandbox: enabled 2020/07/18 05:59:48 namespace sandbox: enabled 2020/07/18 05:59:48 Android sandbox: /sys/fs/selinux/policy does not exist 2020/07/18 05:59:48 fault injection: enabled 2020/07/18 05:59:48 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2020/07/18 05:59:48 net packet injection: enabled 2020/07/18 05:59:48 net device setup: enabled 2020/07/18 05:59:48 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2020/07/18 05:59:48 devlink PCI setup: PCI device 0000:00:10.0 is not available 2020/07/18 05:59:48 USB emulation: /dev/raw-gadget does not exist 06:03:04 executing program 0: unshare(0x20600) r0 = socket$pptp(0x18, 0x1, 0x2) connect$pptp(r0, 0x0, 0x0) syzkaller login: [ 313.128766][ T8472] IPVS: ftp: loaded support on port[0] = 21 [ 313.390216][ T8472] chnl_net:caif_netlink_parms(): no params data found [ 313.625943][ T8472] bridge0: port 1(bridge_slave_0) entered blocking state [ 313.634108][ T8472] bridge0: port 1(bridge_slave_0) entered disabled state [ 313.643212][ T8472] device bridge_slave_0 entered promiscuous mode [ 313.673272][ T8472] bridge0: port 2(bridge_slave_1) entered blocking state [ 313.680629][ T8472] bridge0: port 2(bridge_slave_1) entered disabled state [ 313.690328][ T8472] device bridge_slave_1 entered promiscuous mode [ 313.742783][ T8472] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 313.757327][ T8472] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 313.810946][ T8472] team0: Port device team_slave_0 added [ 313.827667][ T8472] team0: Port device team_slave_1 added [ 313.864621][ T8472] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 313.871805][ T8472] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 313.897896][ T8472] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 313.912632][ T8472] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 313.919901][ T8472] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 313.946733][ T8472] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 314.213181][ T8472] device hsr_slave_0 entered promiscuous mode [ 314.368565][ T8472] device hsr_slave_1 entered promiscuous mode [ 314.795436][ T8472] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 314.854124][ T8472] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 314.914139][ T8472] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 315.163672][ T8472] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 315.455764][ T8472] 8021q: adding VLAN 0 to HW filter on device bond0 [ 315.489846][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 315.498757][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 315.534383][ T8472] 8021q: adding VLAN 0 to HW filter on device team0 [ 315.559960][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 315.569609][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 315.578829][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 315.586001][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 315.623201][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 315.632623][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 315.642335][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 315.651841][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 315.659112][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 315.668047][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 315.723193][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 315.733787][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 315.744166][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 315.754571][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 315.764724][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 315.774822][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 315.784252][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 315.802071][ T8472] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 315.815228][ T8472] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 315.852927][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 315.862550][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 315.874702][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 315.914844][ T3077] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 315.922577][ T3077] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 315.943482][ T8472] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 315.982698][ T3077] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 315.992498][ T3077] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 316.032382][ T3077] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 316.042517][ T3077] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 316.060737][ T8472] device veth0_vlan entered promiscuous mode [ 316.081271][ T3077] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 316.090246][ T3077] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 316.102404][ T8472] device veth1_vlan entered promiscuous mode [ 316.145197][ T3077] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 316.155118][ T3077] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 316.164333][ T3077] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 316.173972][ T3077] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 316.199967][ T8472] device veth0_macvtap entered promiscuous mode [ 316.219170][ T8472] device veth1_macvtap entered promiscuous mode [ 316.262698][ T8472] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 316.271154][ T3077] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 316.280820][ T3077] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 316.289958][ T3077] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 316.299618][ T3077] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 316.325611][ T8472] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 316.347306][ T3077] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 316.357053][ T3077] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready 06:03:08 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)=""/12, 0xc}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x40) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x189, &(0x7f0000000280)="0100000087e7322758c6834e198cdd0032a5b60a00008024c30e478947d190ac004c45bec9c683f53b506b8c5893d35500c52c65ec345a8b75c1c317c3da822e15355c2ae26ba533fad72a1d53a9ff5b4ac51e08dcaeeb01eeb2dd9b56de54fcea571b152f7d37491e04451c39d280ce8f3e884f9fb89a03d9044039c0000000315b94e725cbeb577a6c389d700a86f72fef2d3ef6a652b3b6ac4da4bef79bf691e77dcc77507a000cda091ab030cbd53f8ee4144a07828645b627f995961d26131b108bc38ad3037a2c09dfccd5064d1252927049f1d306bf13ea27d7abbb8db2a77d45b79969e0792337566e931e9bc186bbfd390ce64f9e4601c14c8d50b27ff91ad196da5b1987300067519b6999532d49718007aee8253f7c8e8ea04ef9b4bd8604839df549ed93a80f7443b368e8fa8cde07ae8ed61a0f1fd8a856725d07342542610d4d482d6e92090624dfba6b4cae3da69c219acd5e2f70191547192af747da0176c400c83b80f77a2752fa9c71398ab67af724fc6a53af2dbcec3301dd9a75f4c3f92d6d"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 06:03:09 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ppp\x00', 0x0, 0x0) r4 = socket(0x11, 0x800000003, 0x0) bind(r4, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r4, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000140)=0x14) sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000b80)=@newlink={0x40, 0x10, 0xffffff1f, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @ppp={{0x8, 0x1, 'ppp\x00'}, {0xc, 0x2, 0x0, 0x1, {0x8, 0x1, r3}}}}, @IFLA_MASTER={0x8, 0xa, r5}]}, 0x40}}, 0x0) [ 318.364994][ T8687] IPVS: ftp: loaded support on port[0] = 21 [ 318.642732][ T8687] chnl_net:caif_netlink_parms(): no params data found [ 318.777526][ T8687] bridge0: port 1(bridge_slave_0) entered blocking state [ 318.785351][ T8687] bridge0: port 1(bridge_slave_0) entered disabled state [ 318.794474][ T8687] device bridge_slave_0 entered promiscuous mode [ 318.807227][ T8687] bridge0: port 2(bridge_slave_1) entered blocking state [ 318.815377][ T8687] bridge0: port 2(bridge_slave_1) entered disabled state [ 318.824644][ T8687] device bridge_slave_1 entered promiscuous mode [ 318.868831][ T8687] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 318.883062][ T8687] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 318.926045][ T8687] team0: Port device team_slave_0 added [ 318.937174][ T8687] team0: Port device team_slave_1 added [ 318.974318][ T8687] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 318.982561][ T8687] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 319.008784][ T8687] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 319.022597][ T8687] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 319.029978][ T8687] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 319.056755][ T8687] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 319.171484][ T8687] device hsr_slave_0 entered promiscuous mode [ 319.219918][ T8687] device hsr_slave_1 entered promiscuous mode [ 319.248953][ T8687] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 319.256546][ T8687] Cannot create hsr debugfs directory [ 319.511343][ T8687] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 319.568307][ T8687] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 319.684337][ T8687] netdevsim netdevsim1 netdevsim2: renamed from eth2 06:03:11 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)=""/12, 0xc}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x40) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x189, &(0x7f0000000280)="0100000087e7322758c6834e198cdd0032a5b60a00008024c30e478947d190ac004c45bec9c683f53b506b8c5893d35500c52c65ec345a8b75c1c317c3da822e15355c2ae26ba533fad72a1d53a9ff5b4ac51e08dcaeeb01eeb2dd9b56de54fcea571b152f7d37491e04451c39d280ce8f3e884f9fb89a03d9044039c0000000315b94e725cbeb577a6c389d700a86f72fef2d3ef6a652b3b6ac4da4bef79bf691e77dcc77507a000cda091ab030cbd53f8ee4144a07828645b627f995961d26131b108bc38ad3037a2c09dfccd5064d1252927049f1d306bf13ea27d7abbb8db2a77d45b79969e0792337566e931e9bc186bbfd390ce64f9e4601c14c8d50b27ff91ad196da5b1987300067519b6999532d49718007aee8253f7c8e8ea04ef9b4bd8604839df549ed93a80f7443b368e8fa8cde07ae8ed61a0f1fd8a856725d07342542610d4d482d6e92090624dfba6b4cae3da69c219acd5e2f70191547192af747da0176c400c83b80f77a2752fa9c71398ab67af724fc6a53af2dbcec3301dd9a75f4c3f92d6d"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 319.802485][ T8687] netdevsim netdevsim1 netdevsim3: renamed from eth3 06:03:11 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000140)=""/12, 0xc}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x40) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x189, &(0x7f0000000280)="0100000087e7322758c6834e198cdd0032a5b60a00008024c30e478947d190ac004c45bec9c683f53b506b8c5893d35500c52c65ec345a8b75c1c317c3da822e15355c2ae26ba533fad72a1d53a9ff5b4ac51e08dcaeeb01eeb2dd9b56de54fcea571b152f7d37491e04451c39d280ce8f3e884f9fb89a03d9044039c0000000315b94e725cbeb577a6c389d700a86f72fef2d3ef6a652b3b6ac4da4bef79bf691e77dcc77507a000cda091ab030cbd53f8ee4144a07828645b627f995961d26131b108bc38ad3037a2c09dfccd5064d1252927049f1d306bf13ea27d7abbb8db2a77d45b79969e0792337566e931e9bc186bbfd390ce64f9e4601c14c8d50b27ff91ad196da5b1987300067519b6999532d49718007aee8253f7c8e8ea04ef9b4bd8604839df549ed93a80f7443b368e8fa8cde07ae8ed61a0f1fd8a856725d07342542610d4d482d6e92090624dfba6b4cae3da69c219acd5e2f70191547192af747da0176c400c83b80f77a2752fa9c71398ab67af724fc6a53af2dbcec3301dd9a75f4c3f92d6d"}}], 0x1c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 320.106334][ T8687] 8021q: adding VLAN 0 to HW filter on device bond0 [ 320.155579][ T4616] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 320.164305][ T4616] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 320.196656][ T8687] 8021q: adding VLAN 0 to HW filter on device team0 [ 320.217829][ T4616] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 320.227491][ T4616] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 320.237611][ T4616] bridge0: port 1(bridge_slave_0) entered blocking state [ 320.244847][ T4616] bridge0: port 1(bridge_slave_0) entered forwarding state [ 320.305470][ T8687] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 320.316299][ T8687] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 320.332806][ T4616] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 320.342355][ T4616] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 320.351960][ T4616] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 320.361444][ T4616] bridge0: port 2(bridge_slave_1) entered blocking state [ 320.368684][ T4616] bridge0: port 2(bridge_slave_1) entered forwarding state [ 320.377547][ T4616] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 320.388244][ T4616] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 320.398792][ T4616] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 320.408944][ T4616] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 320.418960][ T4616] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 320.429151][ T4616] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 320.439182][ T4616] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 320.448629][ T4616] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 320.458581][ T4616] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 320.467847][ T4616] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 320.523231][ T4616] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 320.532883][ T4616] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 320.541891][ T4616] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 320.550030][ T4616] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 320.563810][ T8687] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 320.615225][ T4885] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 320.625331][ T4885] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 320.666732][ T4885] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 320.676413][ T4885] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 320.694474][ T8687] device veth0_vlan entered promiscuous mode [ 320.713157][ T4885] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 320.722149][ T4885] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 320.733719][ T8687] device veth1_vlan entered promiscuous mode [ 320.770567][ T4885] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 320.780087][ T4885] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 320.813524][ T4885] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 320.824444][ T4885] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 320.842107][ T8687] device veth0_macvtap entered promiscuous mode [ 320.859674][ T8687] device veth1_macvtap entered promiscuous mode [ 320.893987][ T8687] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 320.906072][ T8687] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 320.919122][ T8687] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 320.929087][ T4885] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 320.938399][ T4885] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 320.947450][ T4885] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 320.957306][ T4885] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 320.975832][ T8687] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 320.987311][ T8687] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 321.000449][ T8687] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 321.010506][ T4885] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 321.020290][ T4885] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready 06:03:13 executing program 1: r0 = syz_open_dev$sndmidi(&(0x7f0000000040)='/dev/snd/midiC#D#\x00', 0xd496, 0x0) r1 = socket$unix(0x1, 0x2, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r0, 0x40045731, &(0x7f0000000140)={0x1}) 06:03:13 executing program 1: syz_open_procfs(0x0, &(0x7f0000000180)='net/unix\x00') r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001780)=@delsa={0x48, 0x11, 0x1, 0x0, 0x0, {@in=@local}, [@mark={0xc}, @srcaddr={0x14, 0xd, @in6=@remote}]}, 0x48}}, 0x0) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ttyS3\x00', 0x802, 0x0) socket$nl_generic(0x10, 0x3, 0x10) 06:03:13 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000040)={0x26, 'hash\x00', 0x0, 0x0, 'crc32\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ipv6_route\x00') sendfile(r1, r2, 0x0, 0x1fe) [ 321.830045][ T8921] ===================================================== [ 321.837025][ T8921] BUG: KMSAN: uninit-value in crc32_le_base+0x4d2/0xd10 [ 321.843962][ T8921] CPU: 1 PID: 8921 Comm: syz-executor.1 Not tainted 5.8.0-rc5-syzkaller #0 [ 321.852538][ T8921] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 321.866636][ T8921] Call Trace: [ 321.870034][ T8921] dump_stack+0x1df/0x240 [ 321.874369][ T8921] kmsan_report+0xf7/0x1e0 [ 321.878797][ T8921] __msan_warning+0x58/0xa0 [ 321.883301][ T8921] crc32_le_base+0x4d2/0xd10 [ 321.887891][ T8921] ? sock_kmalloc+0x157/0x2d0 [ 321.892564][ T8921] ? hash_sendpage+0x48c/0xdf0 [ 321.897342][ T8921] ? sock_sendpage+0x1e1/0x2c0 [ 321.902126][ T8921] ? pipe_to_sendpage+0x38c/0x4c0 [ 321.907161][ T8921] ? __splice_from_pipe+0x565/0xf00 [ 321.912366][ T8921] ? direct_splice_actor+0x1fd/0x580 [ 321.917650][ T8921] ? splice_direct_to_actor+0x6b2/0xf50 [ 321.923200][ T8921] ? do_splice_direct+0x342/0x580 [ 321.928217][ T8921] ? do_sendfile+0x101b/0x1d40 [ 321.932975][ T8921] ? __se_sys_sendfile64+0x2bb/0x360 [ 321.938337][ T8921] ? __x64_sys_sendfile64+0x56/0x70 [ 321.943538][ T8921] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 321.949609][ T8921] crc32_digest+0xdc/0x140 [ 321.954026][ T8921] ? crc32_finup+0x120/0x120 [ 321.958613][ T8921] shash_ahash_digest+0x788/0x8a0 [ 321.963650][ T8921] shash_async_digest+0xbb/0x110 [ 321.968603][ T8921] crypto_ahash_op+0x1c6/0x6c0 [ 321.973362][ T8921] ? __kmalloc+0x115/0x460 [ 321.977777][ T8921] ? kmsan_get_metadata+0x11d/0x180 [ 321.982972][ T8921] ? kmsan_get_metadata+0x11d/0x180 [ 321.988164][ T8921] ? shash_async_finup+0x110/0x110 [ 321.993272][ T8921] ? shash_async_finup+0x110/0x110 [ 321.998396][ T8921] crypto_ahash_digest+0xdc/0x150 [ 322.003418][ T8921] hash_sendpage+0x9cc/0xdf0 [ 322.008008][ T8921] ? hash_recvmsg+0xd30/0xd30 [ 322.012686][ T8921] sock_sendpage+0x1e1/0x2c0 [ 322.017284][ T8921] pipe_to_sendpage+0x38c/0x4c0 [ 322.022131][ T8921] ? sock_fasync+0x250/0x250 [ 322.026728][ T8921] __splice_from_pipe+0x565/0xf00 [ 322.031839][ T8921] ? generic_splice_sendpage+0x2d0/0x2d0 [ 322.037485][ T8921] generic_splice_sendpage+0x1d5/0x2d0 [ 322.042948][ T8921] ? iter_file_splice_write+0x1800/0x1800 [ 322.048683][ T8921] direct_splice_actor+0x1fd/0x580 [ 322.053801][ T8921] ? kmsan_get_metadata+0x4f/0x180 [ 322.058912][ T8921] splice_direct_to_actor+0x6b2/0xf50 [ 322.064280][ T8921] ? do_splice_direct+0x580/0x580 [ 322.069324][ T8921] do_splice_direct+0x342/0x580 [ 322.074190][ T8921] do_sendfile+0x101b/0x1d40 [ 322.078799][ T8921] __se_sys_sendfile64+0x2bb/0x360 [ 322.083909][ T8921] ? kmsan_get_metadata+0x4f/0x180 [ 322.089028][ T8921] __x64_sys_sendfile64+0x56/0x70 [ 322.094057][ T8921] do_syscall_64+0xb0/0x150 [ 322.098568][ T8921] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 322.104449][ T8921] RIP: 0033:0x45c1d9 [ 322.108327][ T8921] Code: Bad RIP value. [ 322.112390][ T8921] RSP: 002b:00007fa8f4300c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 322.120794][ T8921] RAX: ffffffffffffffda RBX: 0000000000025a00 RCX: 000000000045c1d9 [ 322.128768][ T8921] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 322.136733][ T8921] RBP: 000000000078bf48 R08: 0000000000000000 R09: 0000000000000000 [ 322.144693][ T8921] R10: 00000000000001fe R11: 0000000000000246 R12: 000000000078bf0c [ 322.152657][ T8921] R13: 0000000000c9fb6f R14: 00007fa8f43019c0 R15: 000000000078bf0c [ 322.160627][ T8921] [ 322.162941][ T8921] Uninit was created at: [ 322.167183][ T8921] kmsan_save_stack_with_flags+0x3c/0x90 [ 322.172806][ T8921] kmsan_alloc_page+0xb9/0x180 [ 322.177558][ T8921] __alloc_pages_nodemask+0x56a2/0x5dc0 [ 322.183093][ T8921] alloc_pages_current+0x672/0x990 [ 322.188195][ T8921] push_pipe+0x605/0xb70 [ 322.192427][ T8921] iov_iter_get_pages_alloc+0x18a9/0x21c0 [ 322.198145][ T8921] do_splice_to+0x4fc/0x14f0 [ 322.202730][ T8921] splice_direct_to_actor+0x45c/0xf50 [ 322.208092][ T8921] do_splice_direct+0x342/0x580 [ 322.212933][ T8921] do_sendfile+0x101b/0x1d40 [ 322.217510][ T8921] __se_sys_sendfile64+0x2bb/0x360 [ 322.222619][ T8921] __x64_sys_sendfile64+0x56/0x70 [ 322.227640][ T8921] do_syscall_64+0xb0/0x150 [ 322.232138][ T8921] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 322.238017][ T8921] ===================================================== [ 322.244933][ T8921] Disabling lock debugging due to kernel taint [ 322.251074][ T8921] Kernel panic - not syncing: panic_on_warn set ... [ 322.257656][ T8921] CPU: 1 PID: 8921 Comm: syz-executor.1 Tainted: G B 5.8.0-rc5-syzkaller #0 [ 322.267621][ T8921] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 322.277668][ T8921] Call Trace: [ 322.280965][ T8921] dump_stack+0x1df/0x240 [ 322.285297][ T8921] panic+0x3d5/0xc3e [ 322.289215][ T8921] kmsan_report+0x1df/0x1e0 [ 322.293721][ T8921] __msan_warning+0x58/0xa0 [ 322.298221][ T8921] crc32_le_base+0x4d2/0xd10 [ 322.302808][ T8921] ? sock_kmalloc+0x157/0x2d0 [ 322.307476][ T8921] ? hash_sendpage+0x48c/0xdf0 [ 322.312238][ T8921] ? sock_sendpage+0x1e1/0x2c0 [ 322.316995][ T8921] ? pipe_to_sendpage+0x38c/0x4c0 [ 322.322014][ T8921] ? __splice_from_pipe+0x565/0xf00 [ 322.327207][ T8921] ? direct_splice_actor+0x1fd/0x580 [ 322.332491][ T8921] ? splice_direct_to_actor+0x6b2/0xf50 [ 322.338029][ T8921] ? do_splice_direct+0x342/0x580 [ 322.343045][ T8921] ? do_sendfile+0x101b/0x1d40 [ 322.347801][ T8921] ? __se_sys_sendfile64+0x2bb/0x360 [ 322.353081][ T8921] ? __x64_sys_sendfile64+0x56/0x70 [ 322.358278][ T8921] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 322.364348][ T8921] crc32_digest+0xdc/0x140 [ 322.368792][ T8921] ? crc32_finup+0x120/0x120 [ 322.373389][ T8921] shash_ahash_digest+0x788/0x8a0 [ 322.378422][ T8921] shash_async_digest+0xbb/0x110 [ 322.383359][ T8921] crypto_ahash_op+0x1c6/0x6c0 [ 322.388122][ T8921] ? __kmalloc+0x115/0x460 [ 322.392537][ T8921] ? kmsan_get_metadata+0x11d/0x180 [ 322.397733][ T8921] ? kmsan_get_metadata+0x11d/0x180 [ 322.402927][ T8921] ? shash_async_finup+0x110/0x110 [ 322.408043][ T8921] ? shash_async_finup+0x110/0x110 [ 322.413150][ T8921] crypto_ahash_digest+0xdc/0x150 [ 322.418170][ T8921] hash_sendpage+0x9cc/0xdf0 [ 322.422763][ T8921] ? hash_recvmsg+0xd30/0xd30 [ 322.427874][ T8921] sock_sendpage+0x1e1/0x2c0 [ 322.432472][ T8921] pipe_to_sendpage+0x38c/0x4c0 [ 322.437319][ T8921] ? sock_fasync+0x250/0x250 [ 322.441919][ T8921] __splice_from_pipe+0x565/0xf00 [ 322.446943][ T8921] ? generic_splice_sendpage+0x2d0/0x2d0 [ 322.452588][ T8921] generic_splice_sendpage+0x1d5/0x2d0 [ 322.458055][ T8921] ? iter_file_splice_write+0x1800/0x1800 [ 322.463779][ T8921] direct_splice_actor+0x1fd/0x580 [ 322.468896][ T8921] ? kmsan_get_metadata+0x4f/0x180 [ 322.474017][ T8921] splice_direct_to_actor+0x6b2/0xf50 [ 322.479385][ T8921] ? do_splice_direct+0x580/0x580 [ 322.484430][ T8921] do_splice_direct+0x342/0x580 [ 322.489297][ T8921] do_sendfile+0x101b/0x1d40 [ 322.493906][ T8921] __se_sys_sendfile64+0x2bb/0x360 [ 322.499013][ T8921] ? kmsan_get_metadata+0x4f/0x180 [ 322.504121][ T8921] __x64_sys_sendfile64+0x56/0x70 [ 322.509142][ T8921] do_syscall_64+0xb0/0x150 [ 322.513646][ T8921] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 322.519531][ T8921] RIP: 0033:0x45c1d9 [ 322.523498][ T8921] Code: Bad RIP value. [ 322.527552][ T8921] RSP: 002b:00007fa8f4300c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 322.535958][ T8921] RAX: ffffffffffffffda RBX: 0000000000025a00 RCX: 000000000045c1d9 [ 322.543919][ T8921] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 322.551898][ T8921] RBP: 000000000078bf48 R08: 0000000000000000 R09: 0000000000000000 [ 322.559859][ T8921] R10: 00000000000001fe R11: 0000000000000246 R12: 000000000078bf0c [ 322.567906][ T8921] R13: 0000000000c9fb6f R14: 00007fa8f43019c0 R15: 000000000078bf0c [ 322.577134][ T8921] Kernel Offset: 0x1e000000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff) [ 322.588739][ T8921] Rebooting in 86400 seconds..