INIT: Entering runlevel: 2 [info] Using makefile-style concurrent boot in runlevel 2. [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.35' (ECDSA) to the list of known hosts. 2018/04/07 03:52:50 fuzzer started 2018/04/07 03:52:50 dialing manager at 10.128.0.26:38639 2018/04/07 03:52:57 kcov=true, comps=false 2018/04/07 03:53:00 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'rfc4543(gcm(aes))\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="d179f2508fb13583605d0008a230e7a657f9cc6e", 0x14) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f00000036c0)=[{0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000000640)="3e59fe04bae75cfd14f526e0acc3c48c", 0x10}], 0x1}], 0x1, 0x0) recvmsg(r1, &(0x7f00000001c0)={&(0x7f0000000140)=@nfc_llcp, 0x80, &(0x7f0000000200)=[{&(0x7f0000000300)=""/88, 0x58}], 0x1, &(0x7f00009f2000)=""/190, 0xbe}, 0x140) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts-cast6-avx\x00'}, 0x58) 2018/04/07 03:53:00 executing program 2: r0 = socket(0x1e, 0x1, 0x0) getsockopt(r0, 0x800000010f, 0x87, &(0x7f0000000000), &(0x7f0000000040)=0x53) socket$inet_tcp(0x2, 0x1, 0x0) 2018/04/07 03:53:00 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000000000)={&(0x7f0000de2ff4)={0x10}, 0xc, &(0x7f0000000080)={&(0x7f000074e000)={0x14, 0x0, 0x1008, 0xa5838aebecb24ff7}, 0x14}, 0x1}, 0x0) 2018/04/07 03:53:00 executing program 3: r0 = socket$netlink(0x10, 0x3, 0x0) writev(r0, &(0x7f0000ed4ff0)=[{&(0x7f0000000040)="390000001100094701bb61e1c30500ff58d423ae0200000045efffff08009b0019001a000f000000000000030002090933f75ce7f0a28dee0540bf437e837ba4", 0x40}], 0x1) r1 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$inet_group_source_req(r1, 0x0, 0x2f, &(0x7f0000000100)={0x1, {{0x2, 0x4e20, @multicast2=0xe0000002}}, {{0x2, 0x4e23, @broadcast=0xffffffff}}}, 0x108) 2018/04/07 03:53:00 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = accept4(r0, &(0x7f0000001100)=@pppoe={0x0, 0x0, {0x0, @link_local}}, &(0x7f0000001180)=0x80, 0x800) bind$nfc_llcp(0xffffffffffffffff, &(0x7f00000011c0)={0x27, 0x1, 0x2, 0x7, 0x0, 0xc1, "4eeda24019275aa01c9e09403cfac9896edc271139fe8aeedb1e6b4eba8f248f8f8fa615fef6b2dc242a1f95f7db54870ad4c8353770bb2a574eb2d5faa83c", 0x15}, 0x60) read(r0, &(0x7f0000000000)=""/146, 0xc3ed9ab1f543712a) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffff9c, 0x84, 0x10, &(0x7f0000000240)=@sack_info={0x0, 0x0, 0x401}, &(0x7f0000000280)=0xc) socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_sctp_SCTP_RESET_ASSOC(0xffffffffffffffff, 0x84, 0x78, &(0x7f00000002c0)=r2, 0x4) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000000)={&(0x7f0000000040)={0x10}, 0xc, &(0x7f00000000c0)={&(0x7f0000000700)={0x18, 0x1d, 0xffffffffffffffff, 0x0, 0x0, {0x5}, [@generic='@']}, 0x18}, 0x1}, 0x0) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(0xffffffffffffffff, 0xc00c642e, &(0x7f0000000080)={0x0, 0x80000}) ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffff9c, 0xc0086420, &(0x7f0000000100)) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f00000001c0)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000040)=@ipv4_newroute={0x1c, 0x18, 0x303, 0xffffffffffffffff, 0xffffffffffffffff, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfe, 0x2}}, 0x1c}, 0x1}, 0x0) recvmsg(r3, &(0x7f0000000680)={&(0x7f00000003c0)=@un=@abs, 0x80, &(0x7f0000000580)=[{&(0x7f0000000440)=""/148, 0x94}, {&(0x7f0000000500)=""/104, 0x68}], 0x2, &(0x7f00000005c0)=""/142, 0x8e, 0x2}, 0x0) r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000180)='IPVS\x00') getsockopt$IP_VS_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x481, &(0x7f0000001540), &(0x7f0000001580)=0xc) setsockopt$inet6_group_source_req(r1, 0x29, 0x2f, &(0x7f0000001400)={0x9, {{0xa, 0x4e22, 0x7f, @local={0xfe, 0x80, [], 0xaa}, 0x9}}, {{0xa, 0x4e24, 0x5, @loopback={0x0, 0x1}, 0x5}}}, 0x108) sendmsg$IPVS_CMD_SET_INFO(r0, &(0x7f0000000300)={&(0x7f0000000140)={0x10}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x24, r5, 0x8, 0x70bd29, 0x25dfdbfc, {0xe}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x2}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x6}]}, 0x24}, 0x1}, 0x80c0) 2018/04/07 03:53:00 executing program 6: pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000300)={&(0x7f00000005c0)={0xec, r2, 0x2, 0x70bd26, 0x25dfdbff, {0x3}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x4}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x6}, @IPVS_CMD_ATTR_DAEMON={0x34, 0x3, [@IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x2}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x1}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x3}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e22}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x3}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x100000001}, @IPVS_CMD_ATTR_DAEMON={0x1c, 0x3, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x3}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @remote={0xac, 0x14, 0x14, 0xbb}}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @dev={0xac, 0x14, 0x14, 0x17}}]}, @IPVS_CMD_ATTR_SERVICE={0x54, 0x1, [@IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0xf611}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x3}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@ipv4={[], [0xff, 0xff], @multicast2=0xe0000002}}, @IPVS_SVC_ATTR_PORT={0x8, 0x4, 0x4e24}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@ipv4={[], [0xff, 0xff], @dev={0xac, 0x14, 0x14, 0x16}}}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x4}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0xcc0}, @IPVS_CMD_ATTR_SERVICE={0xc, 0x1, [@IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x4}]}, 0x370}, 0x1, 0x0, 0x0, 0x4040000}, 0x0) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r4, 0xc00c642d, &(0x7f0000000100)={0x0, 0x80000, r4}) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r4, 0xc00c642e, &(0x7f0000000140)={r5, 0x80000, r3}) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000180)={r3, 0x46, &(0x7f00000001c0)}, 0x4) r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_int(r6, 0x29, 0xd0, &(0x7f0000000080)=0x20000000008, 0x4) r7 = socket$netlink(0x10, 0x3, 0x0) sendmsg$IPVS_CMD_FLUSH(r4, &(0x7f0000000840)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000800)={&(0x7f0000000740)={0xa4, r2, 0x10, 0x70bd2d, 0x25dfdbfc, {0x11}, [@IPVS_CMD_ATTR_DAEMON={0x38, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @local={0xfe, 0x80, [], 0xaa}}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @remote={0xac, 0x14, 0x14, 0xbb}}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @broadcast=0xffffffff}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0xffffffffffff0001}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x3800}, @IPVS_CMD_ATTR_SERVICE={0x14, 0x1, [@IPVS_SVC_ATTR_AF={0x8, 0x1, 0x2}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x6}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x7fffffff}, @IPVS_CMD_ATTR_SERVICE={0x2c, 0x1, [@IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'lc\x00'}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_AF={0x8, 0x1, 0x2}, @IPVS_SVC_ATTR_AF={0x8, 0x1, 0x2}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x5}]}, 0xa4}, 0x1, 0x0, 0x0, 0x1}, 0x44084) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f00000000c0)={0x0, 0x5}, &(0x7f0000000500)=0x8) setsockopt$inet_sctp_SCTP_RESET_ASSOC(r3, 0x84, 0x78, &(0x7f00000006c0)=r8, 0x4) syz_genetlink_get_family_id$ipvs(&(0x7f0000000400)='IPVS\x00') sendmsg$IPVS_CMD_SET_INFO(r7, &(0x7f0000000580)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x18}, 0xc, &(0x7f0000000540)={&(0x7f0000000440)=ANY=[@ANYBLOB="c4000000", @ANYBLOB="000429bd7000fedbdf250e0000e808000500040000001800010008000800ff0300000c00070028000000100000000003000800040005000000080008009000000008000300010000000800030001fffe0040000100080002004e24000008000b0000000000080006000100e000000200000000000000000000000008000400f300000008000b000a00000008000400000000001c000200080006000100000008000500060000000800060008000000000000000000000000"], 0x2}, 0x1, 0x0, 0x0, 0x4}, 0x40) unshare(0x1100002) accept4$inet6(r6, &(0x7f0000000000)={0x0, 0x0, 0x0, @ipv4={[], [], @multicast1}}, &(0x7f0000000380)=0x1c, 0x80000) epoll_create(0x31c94486) 2018/04/07 03:53:00 executing program 1: 2018/04/07 03:53:00 executing program 4: socketpair(0x10, 0x6, 0x704b078d, &(0x7f0000000000)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0x1) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000389000)}, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000100), 0xc) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000740)='./file0/file0\x00', &(0x7f00000002c0)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000140)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) mount(&(0x7f0000000180)='./file0\x00', &(0x7f0000000280)='./file0/file0\x00', &(0x7f0000000200)='ramfs\x00', 0x0, &(0x7f0000000500)) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={0xffffffffffffffff, 0x0, 0x0, 0x86, &(0x7f0000000300), &(0x7f0000000380)=""/134}, 0x28) syzkaller login: [ 69.344198] ip (3743) used greatest stack depth: 54688 bytes left [ 69.845931] ip (3793) used greatest stack depth: 54672 bytes left [ 69.966567] ip (3804) used greatest stack depth: 54072 bytes left [ 71.317460] ip (3931) used greatest stack depth: 53656 bytes left [ 72.876674] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 72.955286] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 73.043664] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 73.094551] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 73.173491] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 73.189648] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 73.206666] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 73.444743] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 81.461909] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 81.686545] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 81.704535] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 81.873220] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 81.958365] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 81.968772] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 82.161929] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 82.168248] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 82.179723] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 82.211681] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 82.220529] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 82.396106] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 82.402540] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 82.417776] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 82.455604] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 82.461797] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 82.484836] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 82.700246] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 82.706479] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 82.714832] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 82.753065] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 82.759367] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 82.788378] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 82.820195] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 82.828150] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 82.839550] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 83.023919] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 83.030201] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 83.039384] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 83.086988] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 83.093559] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 83.104374] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 83.434337] ================================================================== [ 83.441749] BUG: KMSAN: uninit-value in gcmaes_decrypt+0x2ec/0xea0 [ 83.448067] CPU: 0 PID: 4978 Comm: syz-executor0 Not tainted 4.16.0+ #81 [ 83.454901] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 83.464245] Call Trace: [ 83.466833] dump_stack+0x185/0x1d0 [ 83.470467] ? gcmaes_decrypt+0x2ec/0xea0 [ 83.474989] kmsan_report+0x142/0x240 [ 83.478790] __msan_warning_32+0x6c/0xb0 [ 83.482851] gcmaes_decrypt+0x2ec/0xea0 [ 83.486834] generic_gcmaes_decrypt+0x181/0x1e0 [ 83.491502] ? generic_gcmaes_encrypt+0x1e0/0x1e0 [ 83.496344] gcmaes_wrapper_decrypt+0x2f5/0x340 [ 83.501010] ? gcmaes_wrapper_encrypt+0x2d0/0x2d0 [ 83.505851] crypto_rfc4543_crypt+0xaec/0xb40 [ 83.510350] ? crypto_has_alg+0x280/0x280 [ 83.514503] crypto_rfc4543_decrypt+0x47/0x50 [ 83.519002] ? crypto_rfc4543_encrypt+0x60/0x60 [ 83.523671] aead_recvmsg+0x25b5/0x2960 [ 83.527753] sock_recvmsg+0x1d0/0x230 2018/04/07 03:53:16 executing program 2: ioctl$sock_inet_SIOCSIFDSTADDR(0xffffffffffffffff, 0x8918, &(0x7f0000000140)={'nr0\x00', {0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}}) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) syz_genetlink_get_family_id$fou(&(0x7f0000000180)='fou\x00') write(r1, &(0x7f00000001c0), 0xfffffef3) getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f0000001600)=ANY=[@ANYRES32=0x0], &(0x7f0000001640)=0x1) setsockopt$inet_sctp_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0), 0x4) read(r0, &(0x7f0000000200)=""/250, 0x50c7e3e3) readv(r0, &(0x7f0000000000)=[{&(0x7f0000000300)=""/9, 0x9}, {&(0x7f00000003c0)=""/4096, 0xfffffef9}], 0x2) setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f00000001c0)={0x0, 0x1}, 0x8) connect$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x4e21, @multicast1=0xe0000001}, 0x10) tee(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) [ 83.531552] ? aead_sendmsg+0x1b0/0x1b0 [ 83.535527] ___sys_recvmsg+0x3fb/0x810 [ 83.539502] ? __fget_light+0x56/0x710 [ 83.543387] ? __fdget+0x4e/0x60 [ 83.546758] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 83.552123] ? __fget_light+0x6b9/0x710 [ 83.556110] SYSC_recvmsg+0x298/0x3c0 [ 83.559919] SyS_recvmsg+0x54/0x80 [ 83.563459] do_syscall_64+0x309/0x430 [ 83.567349] ? ___sys_recvmsg+0x810/0x810 [ 83.571500] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 83.576681] RIP: 0033:0x455259 [ 83.579863] RSP: 002b:00007f1389563c68 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 83.587569] RAX: ffffffffffffffda RBX: 00007f13895646d4 RCX: 0000000000455259 [ 83.594850] RDX: 0000000000000140 RSI: 00000000200001c0 RDI: 0000000000000014 [ 83.602113] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 83.609376] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 83.616644] R13: 0000000000000496 R14: 00000000006f9eb0 R15: 0000000000000000 [ 83.623912] [ 83.625531] Uninit was created at: [ 83.629076] kmsan_internal_poison_shadow+0xb8/0x1b0 [ 83.634184] kmsan_kmalloc+0x94/0x100 [ 83.637987] __kmalloc+0x23c/0x350 [ 83.641527] sock_kmalloc+0x14e/0x270 [ 83.645327] af_alg_alloc_areq+0x85/0x320 [ 83.649473] aead_recvmsg+0x65a/0x2960 [ 83.653363] sock_recvmsg+0x1d0/0x230 [ 83.657166] ___sys_recvmsg+0x3fb/0x810 [ 83.661138] SYSC_recvmsg+0x298/0x3c0 [ 83.664936] SyS_recvmsg+0x54/0x80 [ 83.668473] do_syscall_64+0x309/0x430 [ 83.672362] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 83.677540] ================================================================== [ 83.684886] Disabling lock debugging due to kernel taint [ 83.690330] Kernel panic - not syncing: panic_on_warn set ... [ 83.690330] [ 83.697696] CPU: 0 PID: 4978 Comm: syz-executor0 Tainted: G B 4.16.0+ #81 [ 83.705823] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 83.715169] Call Trace: [ 83.717755] dump_stack+0x185/0x1d0 [ 83.721378] panic+0x39d/0x940 [ 83.724585] ? gcmaes_decrypt+0x2ec/0xea0 [ 83.728732] kmsan_report+0x238/0x240 [ 83.732530] __msan_warning_32+0x6c/0xb0 [ 83.736588] gcmaes_decrypt+0x2ec/0xea0 [ 83.740572] generic_gcmaes_decrypt+0x181/0x1e0 [ 83.745249] ? generic_gcmaes_encrypt+0x1e0/0x1e0 [ 83.750087] gcmaes_wrapper_decrypt+0x2f5/0x340 [ 83.754758] ? gcmaes_wrapper_encrypt+0x2d0/0x2d0 [ 83.759605] crypto_rfc4543_crypt+0xaec/0xb40 [ 83.764098] ? crypto_has_alg+0x280/0x280 [ 83.768258] crypto_rfc4543_decrypt+0x47/0x50 [ 83.772753] ? crypto_rfc4543_encrypt+0x60/0x60 [ 83.777422] aead_recvmsg+0x25b5/0x2960 [ 83.781418] sock_recvmsg+0x1d0/0x230 [ 83.785221] ? aead_sendmsg+0x1b0/0x1b0 [ 83.789199] ___sys_recvmsg+0x3fb/0x810 [ 83.793180] ? __fget_light+0x56/0x710 [ 83.797066] ? __fdget+0x4e/0x60 [ 83.800435] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 83.805800] ? __fget_light+0x6b9/0x710 [ 83.809787] SYSC_recvmsg+0x298/0x3c0 [ 83.813604] SyS_recvmsg+0x54/0x80 [ 83.817143] do_syscall_64+0x309/0x430 [ 83.821038] ? ___sys_recvmsg+0x810/0x810 [ 83.825191] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 [ 83.830375] RIP: 0033:0x455259 [ 83.833559] RSP: 002b:00007f1389563c68 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 83.841262] RAX: ffffffffffffffda RBX: 00007f13895646d4 RCX: 0000000000455259 [ 83.848527] RDX: 0000000000000140 RSI: 00000000200001c0 RDI: 0000000000000014 [ 83.855796] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 83.863060] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 83.870326] R13: 0000000000000496 R14: 00000000006f9eb0 R15: 0000000000000000 [ 83.878039] Dumping ftrace buffer: [ 83.881557] (ftrace buffer empty) [ 83.885250] Kernel Offset: disabled [ 83.888847] Rebooting in 86400 seconds..