[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 39.294351] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 42.839800] random: sshd: uninitialized urandom read (32 bytes read) [ 43.371951] random: sshd: uninitialized urandom read (32 bytes read) [ 44.458673] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.0.9' (ECDSA) to the list of known hosts. [ 50.234514] random: sshd: uninitialized urandom read (32 bytes read) 2018/08/19 14:18:45 fuzzer started [ 51.850551] random: cc1: uninitialized urandom read (8 bytes read) 2018/08/19 14:18:48 dialing manager at 10.128.0.26:35925 2018/08/19 14:18:52 syscalls: 1 2018/08/19 14:18:52 code coverage: enabled 2018/08/19 14:18:52 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled 2018/08/19 14:18:52 setuid sandbox: enabled 2018/08/19 14:18:52 namespace sandbox: enabled 2018/08/19 14:18:52 fault injection: enabled 2018/08/19 14:18:52 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2018/08/19 14:18:52 net packed injection: enabled 2018/08/19 14:18:52 net device setup: enabled [ 59.690530] random: crng init done 14:20:35 executing program 0: r0 = inotify_init1(0x0) fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f000045fff8)={0x0, 0x0}) sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001300)={&(0x7f0000000000), 0xc, &(0x7f00000012c0)={&(0x7f0000000040)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, {}, [@nested={0x70, 0x0, [@generic="73f0b81caf513a082a8e4c206ac8c9fc21357e270dde82e73e70ce039834d77486757e74941908a0e0ee3120e7ad2f77cc078cbf70882eb0053c892d4e90aeb497df11a306222331b77b263ad956dd7b90c132626bf267a65a1d82041a27d6711fb73246241252d784ac"]}]}, 0x84}, 0x1, 0x0, 0x0, 0x4000000}, 0x80) ptrace$setopts(0x4206, r1, 0x0, 0x0) ptrace(0x4207, r1) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000040)) ptrace$cont(0x21, r1, 0x0, 0x0) 14:20:35 executing program 1: exit(0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', 0x0, 0x0) mkdirat(r0, &(0x7f0000000180)='./file0\x00', 0x0) faccessat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x410000000000005, 0x600) 14:20:35 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) getresuid(&(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)) sendmsg$nl_generic(r0, &(0x7f0000004fc8)={&(0x7f0000000040), 0xc, &(0x7f0000000180)={&(0x7f0000000340)={0x1c, 0x2000002d, 0x443, 0x0, 0x0, {}, [@typed={0x8, 0x0, @fd=r0}]}, 0x1c}}, 0x0) 14:20:35 executing program 4: creat(&(0x7f0000001380)='./file0\x00', 0x0) 14:20:35 executing program 7: munlock(&(0x7f0000fff000/0x1000)=nil, 0x1000) creat(&(0x7f0000000000)='./file0\x00', 0x0) setrlimit(0x7, &(0x7f0000a9cff8)) socket$unix(0x1, 0x1, 0x0) 14:20:35 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000100)) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000300)) r0 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/igmp\x00') preadv(r0, &(0x7f0000000000)=[{&(0x7f00000001c0)=""/246, 0xf6}], 0x1, 0x0) 14:20:35 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x3404c}, 0xc, &(0x7f0000000100)={&(0x7f00000001c0)={0x18, 0x31, 0x829, 0x0, 0x0, {0x2}, [@nested={0x4}]}, 0x18}}, 0x0) 14:20:35 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0xf0ffffff}, 0xc, &(0x7f00000000c0)={&(0x7f0000000500)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00\x00\x00\x00\x00'], 0x1}}, 0x0) [ 161.250944] IPVS: ftp: loaded support on port[0] = 21 [ 161.303797] IPVS: ftp: loaded support on port[0] = 21 [ 161.303810] IPVS: ftp: loaded support on port[0] = 21 [ 161.315347] IPVS: ftp: loaded support on port[0] = 21 [ 161.379637] IPVS: ftp: loaded support on port[0] = 21 [ 161.393557] IPVS: ftp: loaded support on port[0] = 21 [ 161.405585] IPVS: ftp: loaded support on port[0] = 21 [ 161.425280] IPVS: ftp: loaded support on port[0] = 21 [ 165.061150] ip (4701) used greatest stack depth: 53928 bytes left [ 165.616788] ip (4736) used greatest stack depth: 53688 bytes left [ 166.210693] bridge0: port 1(bridge_slave_0) entered blocking state [ 166.217261] bridge0: port 1(bridge_slave_0) entered disabled state [ 166.252545] device bridge_slave_0 entered promiscuous mode [ 166.290669] bridge0: port 1(bridge_slave_0) entered blocking state [ 166.297190] bridge0: port 1(bridge_slave_0) entered disabled state [ 166.348509] device bridge_slave_0 entered promiscuous mode [ 166.379168] bridge0: port 1(bridge_slave_0) entered blocking state [ 166.385739] bridge0: port 1(bridge_slave_0) entered disabled state [ 166.433510] device bridge_slave_0 entered promiscuous mode [ 166.511148] bridge0: port 1(bridge_slave_0) entered blocking state [ 166.517723] bridge0: port 1(bridge_slave_0) entered disabled state [ 166.539384] device bridge_slave_0 entered promiscuous mode [ 166.559623] bridge0: port 1(bridge_slave_0) entered blocking state [ 166.566202] bridge0: port 1(bridge_slave_0) entered disabled state [ 166.597652] device bridge_slave_0 entered promiscuous mode [ 166.616317] bridge0: port 2(bridge_slave_1) entered blocking state [ 166.622803] bridge0: port 2(bridge_slave_1) entered disabled state [ 166.656633] device bridge_slave_1 entered promiscuous mode [ 166.681709] bridge0: port 1(bridge_slave_0) entered blocking state [ 166.688307] bridge0: port 1(bridge_slave_0) entered disabled state [ 166.701067] device bridge_slave_0 entered promiscuous mode [ 166.737951] bridge0: port 1(bridge_slave_0) entered blocking state [ 166.744446] bridge0: port 1(bridge_slave_0) entered disabled state [ 166.781186] device bridge_slave_0 entered promiscuous mode [ 166.802099] bridge0: port 2(bridge_slave_1) entered blocking state [ 166.808630] bridge0: port 2(bridge_slave_1) entered disabled state [ 166.829824] device bridge_slave_1 entered promiscuous mode [ 166.851766] bridge0: port 2(bridge_slave_1) entered blocking state [ 166.858310] bridge0: port 2(bridge_slave_1) entered disabled state [ 166.873558] device bridge_slave_1 entered promiscuous mode [ 166.885256] bridge0: port 2(bridge_slave_1) entered blocking state [ 166.891775] bridge0: port 2(bridge_slave_1) entered disabled state [ 166.929324] device bridge_slave_1 entered promiscuous mode [ 166.942934] bridge0: port 2(bridge_slave_1) entered blocking state [ 166.949528] bridge0: port 2(bridge_slave_1) entered disabled state [ 166.977624] device bridge_slave_1 entered promiscuous mode [ 166.996786] bridge0: port 1(bridge_slave_0) entered blocking state [ 167.003282] bridge0: port 1(bridge_slave_0) entered disabled state [ 167.021316] device bridge_slave_0 entered promiscuous mode [ 167.030818] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 167.051570] bridge0: port 2(bridge_slave_1) entered blocking state [ 167.058130] bridge0: port 2(bridge_slave_1) entered disabled state [ 167.099704] device bridge_slave_1 entered promiscuous mode [ 167.120084] bridge0: port 2(bridge_slave_1) entered blocking state [ 167.126574] bridge0: port 2(bridge_slave_1) entered disabled state [ 167.159567] device bridge_slave_1 entered promiscuous mode [ 167.178245] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 167.186913] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 167.215154] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 167.226515] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 167.268106] bridge0: port 2(bridge_slave_1) entered blocking state [ 167.274614] bridge0: port 2(bridge_slave_1) entered disabled state [ 167.326405] device bridge_slave_1 entered promiscuous mode [ 167.373303] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 167.382351] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 167.443809] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 167.479110] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 167.492402] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 167.501091] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 167.542058] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 167.656228] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 167.675456] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 167.775885] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 167.955080] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 168.344730] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 168.356609] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 168.452888] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 168.468561] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 168.506657] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 168.592346] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 168.688597] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 168.699802] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 168.720330] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 168.771119] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 168.781474] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 168.836090] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 168.847920] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 168.880354] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 169.005577] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 169.012700] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 169.045941] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 169.053103] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 169.089150] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 169.096566] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 169.118151] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 169.125209] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 169.146189] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 169.153294] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 169.173490] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 169.194146] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 169.201229] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 169.247335] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 169.359461] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 169.366477] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 169.392944] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 169.400807] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 169.433505] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 169.441845] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 169.481596] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 169.488598] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 169.530342] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 169.538218] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 169.553781] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 169.565975] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 169.573679] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 169.580588] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 169.609823] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 169.635330] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 169.839682] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 169.851465] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 169.951587] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 169.958643] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 170.323444] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 170.356857] team0: Port device team_slave_0 added [ 170.381271] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 170.408742] team0: Port device team_slave_0 added [ 170.423250] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 170.442685] team0: Port device team_slave_0 added [ 170.462732] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 170.491284] team0: Port device team_slave_0 added [ 170.555883] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 170.573301] team0: Port device team_slave_0 added [ 170.598076] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 170.617185] team0: Port device team_slave_0 added [ 170.645420] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 170.685988] team0: Port device team_slave_1 added [ 170.732225] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 170.758691] team0: Port device team_slave_1 added [ 170.780148] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 170.797823] team0: Port device team_slave_1 added [ 170.824270] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 170.846147] team0: Port device team_slave_1 added [ 170.865210] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 170.890453] team0: Port device team_slave_0 added [ 170.906158] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 170.935995] team0: Port device team_slave_0 added [ 170.957952] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 170.984080] team0: Port device team_slave_1 added [ 171.005189] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 171.022890] team0: Port device team_slave_1 added [ 171.061105] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 171.068296] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 171.084697] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 171.112383] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 171.120313] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 171.132862] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 171.146301] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 171.171205] team0: Port device team_slave_1 added [ 171.191417] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 171.230487] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 171.270129] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 171.293533] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 171.320366] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 171.339597] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 171.361303] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 171.368825] team0: Port device team_slave_1 added [ 171.402111] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 171.414208] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 171.423254] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 171.432808] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 171.440512] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 171.447514] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 171.467121] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 171.509274] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 171.532349] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 171.549722] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 171.557514] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 171.564816] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 171.575303] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 171.603848] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 171.613631] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 171.630650] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 171.651557] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 171.671728] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 171.691095] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 171.702791] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 171.717377] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 171.724711] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 171.747938] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 171.769396] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 171.792970] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 171.822957] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 171.842949] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 171.862369] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 171.870625] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 171.895415] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 171.919653] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 171.931316] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 171.944858] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 171.968417] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 171.983538] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 171.992216] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 172.002954] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 172.037546] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 172.058907] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 172.076972] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 172.084836] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 172.093489] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 172.108201] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 172.117452] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 172.126772] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 172.139076] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 172.152629] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 172.163261] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 172.181457] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 172.210576] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 172.229984] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 172.262977] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 172.272766] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 172.287284] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 172.294711] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 172.333364] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 172.367613] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 172.391412] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 172.420171] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 172.435412] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 172.461590] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 172.475435] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 172.488230] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 172.505471] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 172.518712] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 172.528743] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 172.536429] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 172.564629] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 172.599938] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 172.628398] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 172.650910] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 172.680624] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 172.696695] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 172.704301] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 172.713425] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 172.735294] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 172.756694] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 172.767134] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 172.816525] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 172.824227] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 172.841290] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 173.101284] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 173.111112] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 173.132118] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 174.931545] ip (5183) used greatest stack depth: 53432 bytes left [ 175.622432] bridge0: port 2(bridge_slave_1) entered blocking state [ 175.628951] bridge0: port 2(bridge_slave_1) entered forwarding state [ 175.635901] bridge0: port 1(bridge_slave_0) entered blocking state [ 175.642375] bridge0: port 1(bridge_slave_0) entered forwarding state [ 175.720585] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 175.727941] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 175.775108] bridge0: port 2(bridge_slave_1) entered blocking state [ 175.781616] bridge0: port 2(bridge_slave_1) entered forwarding state [ 175.788554] bridge0: port 1(bridge_slave_0) entered blocking state [ 175.795094] bridge0: port 1(bridge_slave_0) entered forwarding state [ 175.810518] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 176.026660] bridge0: port 2(bridge_slave_1) entered blocking state [ 176.033193] bridge0: port 2(bridge_slave_1) entered forwarding state [ 176.040153] bridge0: port 1(bridge_slave_0) entered blocking state [ 176.046665] bridge0: port 1(bridge_slave_0) entered forwarding state [ 176.088837] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 176.135575] bridge0: port 2(bridge_slave_1) entered blocking state [ 176.142123] bridge0: port 2(bridge_slave_1) entered forwarding state [ 176.149084] bridge0: port 1(bridge_slave_0) entered blocking state [ 176.155563] bridge0: port 1(bridge_slave_0) entered forwarding state [ 176.198713] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 176.206095] bridge0: port 2(bridge_slave_1) entered blocking state [ 176.212550] bridge0: port 2(bridge_slave_1) entered forwarding state [ 176.219402] bridge0: port 1(bridge_slave_0) entered blocking state [ 176.225863] bridge0: port 1(bridge_slave_0) entered forwarding state [ 176.249614] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 176.310405] bridge0: port 2(bridge_slave_1) entered blocking state [ 176.316925] bridge0: port 2(bridge_slave_1) entered forwarding state [ 176.323829] bridge0: port 1(bridge_slave_0) entered blocking state [ 176.330291] bridge0: port 1(bridge_slave_0) entered forwarding state [ 176.403761] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 176.570768] bridge0: port 2(bridge_slave_1) entered blocking state [ 176.577290] bridge0: port 2(bridge_slave_1) entered forwarding state [ 176.584226] bridge0: port 1(bridge_slave_0) entered blocking state [ 176.590700] bridge0: port 1(bridge_slave_0) entered forwarding state [ 176.652601] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 176.661794] bridge0: port 2(bridge_slave_1) entered blocking state [ 176.668265] bridge0: port 2(bridge_slave_1) entered forwarding state [ 176.675171] bridge0: port 1(bridge_slave_0) entered blocking state [ 176.681639] bridge0: port 1(bridge_slave_0) entered forwarding state [ 176.691704] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 176.736244] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 176.761248] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 176.795609] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 176.824360] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 176.853112] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 176.881421] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 176.913109] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 188.179116] 8021q: adding VLAN 0 to HW filter on device bond0 [ 188.305114] 8021q: adding VLAN 0 to HW filter on device bond0 [ 188.698153] 8021q: adding VLAN 0 to HW filter on device bond0 [ 188.984552] 8021q: adding VLAN 0 to HW filter on device bond0 [ 189.051013] 8021q: adding VLAN 0 to HW filter on device bond0 [ 189.223864] 8021q: adding VLAN 0 to HW filter on device bond0 [ 189.316769] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 189.430239] 8021q: adding VLAN 0 to HW filter on device bond0 [ 189.524756] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 189.618501] 8021q: adding VLAN 0 to HW filter on device bond0 [ 189.894341] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 190.266877] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 190.286940] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 190.413483] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 190.476628] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 190.495862] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 190.514604] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 190.617656] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 190.721671] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 190.787503] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 190.793846] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 190.809317] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 191.036694] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 191.043180] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 191.060316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 191.413003] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 191.419438] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 191.431551] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 191.479756] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 191.491319] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 191.525403] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 191.717437] 8021q: adding VLAN 0 to HW filter on device team0 [ 191.825663] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 191.833088] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 191.843363] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 191.900863] 8021q: adding VLAN 0 to HW filter on device team0 [ 191.944271] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 191.950714] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 191.972270] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 192.073275] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 192.079664] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 192.103067] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 192.178079] 8021q: adding VLAN 0 to HW filter on device team0 [ 192.635260] 8021q: adding VLAN 0 to HW filter on device team0 [ 192.727463] 8021q: adding VLAN 0 to HW filter on device team0 [ 193.065191] 8021q: adding VLAN 0 to HW filter on device team0 [ 193.107462] 8021q: adding VLAN 0 to HW filter on device team0 [ 193.271320] 8021q: adding VLAN 0 to HW filter on device team0 14:21:14 executing program 5: r0 = socket$kcm(0x11, 0x2, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={&(0x7f0000000040)=@l2={0x1f, 0xffffdd86}, 0x80, &(0x7f00000000c0)}, 0x0) sendmsg$kcm(r0, &(0x7f0000000000)={&(0x7f0000000040)=@nfc={0x27, 0x8}, 0x80, &(0x7f00000004c0)}, 0x0) [ 199.814111] ================================================================== [ 199.821561] BUG: KMSAN: uninit-value in sit_tunnel_xmit+0x18c0/0x3640 [ 199.828177] CPU: 0 PID: 6560 Comm: syz-executor5 Not tainted 4.18.0-rc8+ #34 [ 199.835376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 199.844740] Call Trace: [ 199.847348] dump_stack+0x17c/0x1c0 [ 199.851005] kmsan_report+0x188/0x2a0 [ 199.854842] __msan_warning+0x70/0xc0 [ 199.858679] sit_tunnel_xmit+0x18c0/0x3640 [ 199.862948] ? validate_xmit_xfrm+0x73/0x13e0 [ 199.867507] ? ipip6_tunnel_uninit+0x7e0/0x7e0 [ 199.872108] dev_hard_start_xmit+0x5df/0xc20 [ 199.876566] __dev_queue_xmit+0x2eea/0x3a70 [ 199.880944] dev_queue_xmit+0x4b/0x60 [ 199.884769] ? __netdev_pick_tx+0xb20/0xb20 [ 199.889119] packet_sendmsg+0x7fb5/0x8ae0 [ 199.893290] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 199.898670] ? futex_wait+0x90b/0xbe0 [ 199.902700] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 199.908172] ? rw_copy_check_uvector+0x13f/0x710 [ 199.912951] ? __msan_poison_alloca+0x173/0x200 [ 199.917662] ? import_iovec+0xb4/0x5c0 [ 199.921576] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 199.927118] ___sys_sendmsg+0xe32/0x1250 [ 199.931210] ? compat_packet_setsockopt+0x360/0x360 [ 199.936310] __x64_sys_sendmsg+0x32d/0x460 [ 199.940606] ? ___sys_sendmsg+0x1250/0x1250 [ 199.944957] do_syscall_64+0x15b/0x220 [ 199.948888] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 199.954093] RIP: 0033:0x457089 [ 199.957286] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 199.976861] RSP: 002b:00007f78b0b44c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 199.984606] RAX: ffffffffffffffda RBX: 00007f78b0b456d4 RCX: 0000000000457089 [ 199.991904] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003 [ 199.999185] RBP: 00000000009300a0 R08: 0000000000000000 R09: 0000000000000000 [ 200.006466] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 200.013746] R13: 00000000004d3ff8 R14: 00000000004c8a56 R15: 0000000000000000 [ 200.021040] [ 200.022679] Uninit was created at: [ 200.026244] kmsan_internal_poison_shadow+0xb8/0x1b0 [ 200.031368] kmsan_kmalloc+0x98/0x100 [ 200.035185] kmsan_slab_alloc+0x10/0x20 [ 200.039177] __kmalloc_node_track_caller+0xb4c/0x11d0 [ 200.044389] __alloc_skb+0x2ce/0x9b0 [ 200.048129] alloc_skb_with_frags+0x1d0/0xac0 [ 200.052654] sock_alloc_send_pskb+0xb47/0x1120 [ 200.057261] packet_sendmsg+0x6480/0x8ae0 [ 200.061429] ___sys_sendmsg+0xe32/0x1250 14:21:15 executing program 1: 14:21:15 executing program 3: [ 200.065513] __x64_sys_sendmsg+0x32d/0x460 [ 200.069767] do_syscall_64+0x15b/0x220 [ 200.073681] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 200.078875] ================================================================== [ 200.086244] Disabling lock debugging due to kernel taint [ 200.091714] Kernel panic - not syncing: panic_on_warn set ... [ 200.091714] [ 200.099114] CPU: 0 PID: 6560 Comm: syz-executor5 Tainted: G B 4.18.0-rc8+ #34 [ 200.107700] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 200.117062] Call Trace: [ 200.119676] dump_stack+0x17c/0x1c0 [ 200.123334] panic+0x3c3/0x9a0 [ 200.126578] kmsan_report+0x29e/0x2a0 [ 200.130423] __msan_warning+0x70/0xc0 [ 200.134250] sit_tunnel_xmit+0x18c0/0x3640 [ 200.138508] ? validate_xmit_xfrm+0x73/0x13e0 [ 200.143074] ? ipip6_tunnel_uninit+0x7e0/0x7e0 [ 200.147678] dev_hard_start_xmit+0x5df/0xc20 [ 200.152127] __dev_queue_xmit+0x2eea/0x3a70 [ 200.156496] dev_queue_xmit+0x4b/0x60 [ 200.160316] ? __netdev_pick_tx+0xb20/0xb20 [ 200.164674] packet_sendmsg+0x7fb5/0x8ae0 [ 200.168846] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 200.174233] ? futex_wait+0x90b/0xbe0 [ 200.178067] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 200.183546] ? rw_copy_check_uvector+0x13f/0x710 [ 200.188323] ? __msan_poison_alloca+0x173/0x200 [ 200.193018] ? import_iovec+0xb4/0x5c0 [ 200.196929] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 200.202443] ___sys_sendmsg+0xe32/0x1250 [ 200.206536] ? compat_packet_setsockopt+0x360/0x360 [ 200.211644] __x64_sys_sendmsg+0x32d/0x460 14:21:15 executing program 0: r0 = inotify_init1(0x0) fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f000045fff8)={0x0, 0x0}) sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000001300)={&(0x7f0000000000), 0xc, &(0x7f00000012c0)={&(0x7f0000000040)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, {}, [@nested={0x70, 0x0, [@generic="73f0b81caf513a082a8e4c206ac8c9fc21357e270dde82e73e70ce039834d77486757e74941908a0e0ee3120e7ad2f77cc078cbf70882eb0053c892d4e90aeb497df11a306222331b77b263ad956dd7b90c132626bf267a65a1d82041a27d6711fb73246241252d784ac"]}]}, 0x84}, 0x1, 0x0, 0x0, 0x4000000}, 0x80) ptrace$setopts(0x4206, r1, 0x0, 0x0) ptrace(0x4207, r1) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000040)) ptrace$cont(0x21, r1, 0x0, 0x0) 14:21:15 executing program 1: 14:21:15 executing program 3: [ 200.215927] ? ___sys_sendmsg+0x1250/0x1250 [ 200.220274] do_syscall_64+0x15b/0x220 [ 200.224193] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 200.229393] RIP: 0033:0x457089 [ 200.232584] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 200.252089] RSP: 002b:00007f78b0b44c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 200.259835] RAX: ffffffffffffffda RBX: 00007f78b0b456d4 RCX: 0000000000457089 [ 200.267135] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003 [ 200.274438] RBP: 00000000009300a0 R08: 0000000000000000 R09: 0000000000000000 [ 200.281723] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 200.289014] R13: 00000000004d3ff8 R14: 00000000004c8a56 R15: 0000000000000000 [ 200.296639] Dumping ftrace buffer: [ 200.300168] (ftrace buffer empty) [ 200.303862] Kernel Offset: disabled [ 200.307487] Rebooting in 86400 seconds..