Warning: Permanently added '10.128.0.53' (ECDSA) to the list of known hosts. syzkaller login: [ 93.225860][T11735] IPVS: ftp: loaded support on port[0] = 21 [ 93.296331][T11735] chnl_net:caif_netlink_parms(): no params data found [ 93.329339][T11735] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.336493][T11735] bridge0: port 1(bridge_slave_0) entered disabled state [ 93.344799][T11735] device bridge_slave_0 entered promiscuous mode [ 93.353377][T11735] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.360460][T11735] bridge0: port 2(bridge_slave_1) entered disabled state [ 93.368840][T11735] device bridge_slave_1 entered promiscuous mode [ 93.391068][T11735] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 93.402971][T11735] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 93.425839][T11735] team0: Port device team_slave_0 added [ 93.433711][T11735] team0: Port device team_slave_1 added [ 93.494569][T11735] device hsr_slave_0 entered promiscuous mode [ 93.532275][T11735] device hsr_slave_1 entered promiscuous mode [ 93.583189][T11735] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.590428][T11735] bridge0: port 2(bridge_slave_1) entered forwarding state [ 93.598212][T11735] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.605422][T11735] bridge0: port 1(bridge_slave_0) entered forwarding state [ 93.653599][T11735] 8021q: adding VLAN 0 to HW filter on device bond0 [ 93.667282][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 93.677969][ T5] bridge0: port 1(bridge_slave_0) entered disabled state [ 93.687107][ T5] bridge0: port 2(bridge_slave_1) entered disabled state [ 93.696267][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 93.709968][T11735] 8021q: adding VLAN 0 to HW filter on device team0 [ 93.722390][ T3931] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 93.730952][ T3931] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.738466][ T3931] bridge0: port 1(bridge_slave_0) entered forwarding state [ 93.751376][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 93.760207][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.767469][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 93.790449][ T3931] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 93.800692][ T3931] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 93.814160][ T947] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 93.827314][ T3931] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 93.841140][ T947] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 93.853629][T11735] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready executing program [ 93.877873][T11735] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 93.923133][T11735] bridge0: port 3(gretap0) entered blocking state [ 93.929636][T11735] bridge0: port 3(gretap0) entered disabled state [ 93.938136][T11735] device gretap0 entered promiscuous mode [ 93.944775][T11735] bridge0: port 3(gretap0) entered blocking state [ 93.951250][T11735] bridge0: port 3(gretap0) entered forwarding state [ 93.959573][T11735] ===================================================== [ 93.966535][T11735] BUG: KMSAN: uninit-value in ip_tunnel_xmit+0x3c6/0x3320 [ 93.973632][T11735] CPU: 1 PID: 11735 Comm: syz-executor679 Not tainted 5.4.0-rc3+ #0 [ 93.981607][T11735] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 93.991647][T11735] Call Trace: [ 93.994932][T11735] dump_stack+0x191/0x1f0 [ 93.999247][T11735] kmsan_report+0x128/0x220 [ 94.003740][T11735] __msan_warning+0x73/0xe0 [ 94.008224][T11735] ip_tunnel_xmit+0x3c6/0x3320 [ 94.012969][T11735] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 94.019047][T11735] ? skb_push+0x15b/0x250 [ 94.023366][T11735] ? gre_build_header+0x3ec/0x9f0 [ 94.028374][T11735] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 94.034255][T11735] ipgre_xmit+0xff3/0x1120 [ 94.038655][T11735] ? ipgre_close+0x240/0x240 [ 94.043265][T11735] dev_hard_start_xmit+0x51a/0xab0 [ 94.048360][T11735] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 94.054235][T11735] __dev_queue_xmit+0x35b6/0x4200 [ 94.059252][T11735] dev_queue_xmit+0x4b/0x60 [ 94.063734][T11735] ? netdev_core_pick_tx+0x4d0/0x4d0 [ 94.068997][T11735] packet_sendmsg+0x82d7/0x92e0 [ 94.073828][T11735] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 94.079873][T11735] ? aa_label_sk_perm+0x6d6/0x940 [ 94.084871][T11735] ? __sys_socket+0x27f/0x600 [ 94.089522][T11735] ? __se_sys_socket+0x8d/0xb0 [ 94.094259][T11735] ? __x64_sys_socket+0x4a/0x70 [ 94.099105][T11735] ? kmsan_get_metadata+0x39/0x350 [ 94.104206][T11735] ? kmsan_internal_set_origin+0x6a/0xb0 [ 94.109824][T11735] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 94.115705][T11735] ? aa_sk_perm+0x730/0xaf0 [ 94.120212][T11735] ? compat_packet_setsockopt+0x360/0x360 [ 94.126521][T11735] ___sys_sendmsg+0x14ff/0x1590 [ 94.131366][T11735] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 94.137241][T11735] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 94.143284][T11735] ? __fget_light+0x1b8/0x710 [ 94.147956][T11735] __se_sys_sendmsg+0x305/0x460 [ 94.152805][T11735] __x64_sys_sendmsg+0x4a/0x70 [ 94.157544][T11735] do_syscall_64+0xb6/0x160 [ 94.162033][T11735] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 94.167910][T11735] RIP: 0033:0x441a39 [ 94.171793][T11735] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b 10 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 94.191653][T11735] RSP: 002b:00007ffeb3bfe398 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 94.200043][T11735] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000441a39 [ 94.208091][T11735] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000004 [ 94.216042][T11735] RBP: 00007ffeb3bfe3b0 R08: 0000000001bbbbbb R09: 0000000001bbbbbb [ 94.224009][T11735] R10: 0000000001bbbbbb R11: 0000000000000246 R12: 0000000000000000 [ 94.231972][T11735] R13: 0000000000402fd0 R14: 0000000000000000 R15: 0000000000000000 [ 94.239947][T11735] [ 94.242268][T11735] Uninit was created at: [ 94.246496][T11735] kmsan_internal_poison_shadow+0x60/0x120 [ 94.252280][T11735] kmsan_slab_alloc+0xaa/0x120 [ 94.257021][T11735] __kmalloc_node_track_caller+0xda2/0x13d0 [ 94.262892][T11735] __alloc_skb+0x306/0xa10 [ 94.267285][T11735] alloc_skb_with_frags+0x18c/0xa80 [ 94.272460][T11735] sock_alloc_send_pskb+0xafd/0x10a0 [ 94.277721][T11735] packet_sendmsg+0x6785/0x92e0 [ 94.282554][T11735] ___sys_sendmsg+0x14ff/0x1590 [ 94.287385][T11735] __se_sys_sendmsg+0x305/0x460 [ 94.292217][T11735] __x64_sys_sendmsg+0x4a/0x70 [ 94.296956][T11735] do_syscall_64+0xb6/0x160 [ 94.301441][T11735] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 94.307314][T11735] ===================================================== [ 94.314226][T11735] Disabling lock debugging due to kernel taint [ 94.320360][T11735] Kernel panic - not syncing: panic_on_warn set ... [ 94.326952][T11735] CPU: 1 PID: 11735 Comm: syz-executor679 Tainted: G B 5.4.0-rc3+ #0 [ 94.336292][T11735] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 94.346322][T11735] Call Trace: [ 94.349602][T11735] dump_stack+0x191/0x1f0 [ 94.353925][T11735] panic+0x3c9/0xc1e [ 94.357818][T11735] kmsan_report+0x215/0x220 [ 94.362308][T11735] __msan_warning+0x73/0xe0 [ 94.366798][T11735] ip_tunnel_xmit+0x3c6/0x3320 [ 94.371549][T11735] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 94.377719][T11735] ? skb_push+0x15b/0x250 [ 94.382039][T11735] ? gre_build_header+0x3ec/0x9f0 [ 94.387058][T11735] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 94.392939][T11735] ipgre_xmit+0xff3/0x1120 [ 94.397344][T11735] ? ipgre_close+0x240/0x240 [ 94.401955][T11735] dev_hard_start_xmit+0x51a/0xab0 [ 94.407067][T11735] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 94.412955][T11735] __dev_queue_xmit+0x35b6/0x4200 [ 94.417987][T11735] dev_queue_xmit+0x4b/0x60 [ 94.422471][T11735] ? netdev_core_pick_tx+0x4d0/0x4d0 [ 94.427734][T11735] packet_sendmsg+0x82d7/0x92e0 [ 94.432578][T11735] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 94.438622][T11735] ? aa_label_sk_perm+0x6d6/0x940 [ 94.443623][T11735] ? __sys_socket+0x27f/0x600 [ 94.448349][T11735] ? __se_sys_socket+0x8d/0xb0 [ 94.453095][T11735] ? __x64_sys_socket+0x4a/0x70 [ 94.457934][T11735] ? kmsan_get_metadata+0x39/0x350 [ 94.463031][T11735] ? kmsan_internal_set_origin+0x6a/0xb0 [ 94.468648][T11735] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 94.474551][T11735] ? aa_sk_perm+0x730/0xaf0 [ 94.479053][T11735] ? compat_packet_setsockopt+0x360/0x360 [ 94.484763][T11735] ___sys_sendmsg+0x14ff/0x1590 [ 94.489604][T11735] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 94.495492][T11735] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 94.501536][T11735] ? __fget_light+0x1b8/0x710 [ 94.506203][T11735] __se_sys_sendmsg+0x305/0x460 [ 94.511050][T11735] __x64_sys_sendmsg+0x4a/0x70 [ 94.515793][T11735] do_syscall_64+0xb6/0x160 [ 94.520377][T11735] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 94.526295][T11735] RIP: 0033:0x441a39 [ 94.530175][T11735] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b 10 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 94.549763][T11735] RSP: 002b:00007ffeb3bfe398 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 94.558158][T11735] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000441a39 [ 94.566123][T11735] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000004 [ 94.574082][T11735] RBP: 00007ffeb3bfe3b0 R08: 0000000001bbbbbb R09: 0000000001bbbbbb [ 94.582035][T11735] R10: 0000000001bbbbbb R11: 0000000000000246 R12: 0000000000000000 [ 94.590687][T11735] R13: 0000000000402fd0 R14: 0000000000000000 R15: 0000000000000000 [ 94.600076][T11735] Kernel Offset: disabled [ 94.604401][T11735] Rebooting in 86400 seconds..