[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 33.650601] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[ ok 8[?25h[?0c. [ 34.829869] random: sshd: uninitialized urandom read (32 bytes read) Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 35.181514] random: sshd: uninitialized urandom read (32 bytes read) [ 36.713216] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.0.34' (ECDSA) to the list of known hosts. [ 42.288781] random: sshd: uninitialized urandom read (32 bytes read) 2018/07/16 13:37:41 fuzzer started [ 44.115589] random: cc1: uninitialized urandom read (8 bytes read) 2018/07/16 13:37:44 dialing manager at 10.128.0.26:38497 2018/07/16 13:37:46 syscalls: 1605 2018/07/16 13:37:46 code coverage: enabled 2018/07/16 13:37:46 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled 2018/07/16 13:37:46 setuid sandbox: enabled 2018/07/16 13:37:46 namespace sandbox: enabled 2018/07/16 13:37:46 fault injection: enabled 2018/07/16 13:37:46 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2018/07/16 13:37:46 net packed injection: enabled 2018/07/16 13:37:46 net device setup: enabled [ 49.382204] random: crng init done 13:39:22 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000)=0x7, 0x4) sendto$inet6(r0, &(0x7f0000000080)="050100000500000000000000ffb25ba32f938207d903378c398d5375c5f73f2e55067d1a80e19e33e3c2e7725f584c634dfc90f7feb35bd961f7402810fadc57e87c9ffec008e26575efe5eb8f5972eaecff8b30ac32030e80fafc2bd9e9", 0x5e, 0x0, &(0x7f0000000040)={0xa, 0x100202020800, 0x2, @empty, 0x6}, 0x1c) 13:39:22 executing program 1: r0 = socket$inet(0x2, 0xa, 0x0) vmsplice(r0, &(0x7f00000000c0)=[{}], 0x1, 0x0) 13:39:22 executing program 7: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000ddfffc)=0x1, 0xfe8c) setsockopt$inet_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000100)=0x1, 0xfde7) connect$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x5343, &(0x7f0000004b40), 0x218, &(0x7f0000004bc0)}}], 0x400000000000284, 0x0) 13:39:22 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000300)='./cgroup\x00', 0x200002, 0x0) r2 = openat$cgroup_int(r1, &(0x7f00000000c0)='pids.max\x00', 0x2, 0x0) sendfile(r2, r2, &(0x7f0000000000), 0x80000000000fd) 13:39:22 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = socket$inet6(0xa, 0x6, 0x0) dup3(r1, r0, 0x0) 13:39:22 executing program 2: readv(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000080)=""/20, 0x14}], 0x1) r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) fallocate(r0, 0x0, 0x0, 0x4003ff) request_key(&(0x7f0000000480)='cifs.idmap\x00', &(0x7f00000004c0)={0x73, 0x79, 0x7a, 0x2}, &(0x7f0000000500)="2d232a656d30b400", 0xfffffffffffffffe) write$cgroup_type(r0, &(0x7f00000009c0)='threaded\x00', 0xd4b9afd) fallocate(r0, 0x10, 0x7fff, 0x8000) fallocate(r0, 0x0, 0x0, 0x0) lstat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000380)) 13:39:22 executing program 3: r0 = add_key$keyring(&(0x7f00000001c0)='keyring\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) keyctl$get_persistent(0x16, 0x0, r0) 13:39:22 executing program 6: r0 = socket$inet6_udp(0xa, 0x2, 0x0) sendmsg(r0, &(0x7f0000000780)={&(0x7f0000000140)=@generic={0xa, "f3167fa831e87a04dd0fb999913980774a23503634cf61d82e053f4ab144c88f83a2c296414637cddcfa1b960aa343cc1ee4141b0f4c0bc06d5a5d72850bcbcd8ae58ea9b0dd68d881f4a9fc32b83d1678817add28eed995a518a2a9f3f8b528e1af935ad492b8db7aa0653764ec6e2d2c3ae059a5e3c2c66e7f530b4082"}, 0x80, &(0x7f00000006c0), 0x0, &(0x7f0000001a80)=ANY=[]}, 0x0) [ 144.264959] IPVS: ftp: loaded support on port[0] = 21 [ 144.282767] IPVS: ftp: loaded support on port[0] = 21 [ 144.389330] IPVS: ftp: loaded support on port[0] = 21 [ 144.393718] IPVS: ftp: loaded support on port[0] = 21 [ 144.398271] IPVS: ftp: loaded support on port[0] = 21 [ 144.428504] IPVS: ftp: loaded support on port[0] = 21 [ 144.446640] IPVS: ftp: loaded support on port[0] = 21 [ 144.474723] IPVS: ftp: loaded support on port[0] = 21 [ 147.400770] ip (4780) used greatest stack depth: 53744 bytes left [ 147.641619] ip (4798) used greatest stack depth: 53504 bytes left [ 148.305914] bridge0: port 1(bridge_slave_0) entered blocking state [ 148.312425] bridge0: port 1(bridge_slave_0) entered disabled state [ 148.375392] device bridge_slave_0 entered promiscuous mode [ 148.507724] bridge0: port 1(bridge_slave_0) entered blocking state [ 148.514606] bridge0: port 1(bridge_slave_0) entered disabled state [ 148.544171] device bridge_slave_0 entered promiscuous mode [ 148.606020] bridge0: port 1(bridge_slave_0) entered blocking state [ 148.612524] bridge0: port 1(bridge_slave_0) entered disabled state [ 148.643363] device bridge_slave_0 entered promiscuous mode [ 148.677140] bridge0: port 1(bridge_slave_0) entered blocking state [ 148.683586] bridge0: port 1(bridge_slave_0) entered disabled state [ 148.707326] device bridge_slave_0 entered promiscuous mode [ 148.731139] bridge0: port 1(bridge_slave_0) entered blocking state [ 148.737623] bridge0: port 1(bridge_slave_0) entered disabled state [ 148.753614] device bridge_slave_0 entered promiscuous mode [ 148.761721] bridge0: port 1(bridge_slave_0) entered blocking state [ 148.768218] bridge0: port 1(bridge_slave_0) entered disabled state [ 148.786146] device bridge_slave_0 entered promiscuous mode [ 148.800827] bridge0: port 2(bridge_slave_1) entered blocking state [ 148.807264] bridge0: port 2(bridge_slave_1) entered disabled state [ 148.820240] device bridge_slave_1 entered promiscuous mode [ 148.832268] bridge0: port 2(bridge_slave_1) entered blocking state [ 148.838691] bridge0: port 2(bridge_slave_1) entered disabled state [ 148.859849] device bridge_slave_1 entered promiscuous mode [ 148.887881] bridge0: port 1(bridge_slave_0) entered blocking state [ 148.894283] bridge0: port 1(bridge_slave_0) entered disabled state [ 148.925117] device bridge_slave_0 entered promiscuous mode [ 148.947017] bridge0: port 2(bridge_slave_1) entered blocking state [ 148.953521] bridge0: port 2(bridge_slave_1) entered disabled state [ 148.993332] device bridge_slave_1 entered promiscuous mode [ 149.011736] bridge0: port 2(bridge_slave_1) entered blocking state [ 149.018186] bridge0: port 2(bridge_slave_1) entered disabled state [ 149.038561] device bridge_slave_1 entered promiscuous mode [ 149.046709] bridge0: port 2(bridge_slave_1) entered blocking state [ 149.053132] bridge0: port 2(bridge_slave_1) entered disabled state [ 149.071102] device bridge_slave_1 entered promiscuous mode [ 149.086792] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 149.096522] bridge0: port 1(bridge_slave_0) entered blocking state [ 149.102936] bridge0: port 1(bridge_slave_0) entered disabled state [ 149.128235] device bridge_slave_0 entered promiscuous mode [ 149.147372] bridge0: port 2(bridge_slave_1) entered blocking state [ 149.153804] bridge0: port 2(bridge_slave_1) entered disabled state [ 149.179100] device bridge_slave_1 entered promiscuous mode [ 149.193548] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 149.205430] bridge0: port 2(bridge_slave_1) entered blocking state [ 149.211860] bridge0: port 2(bridge_slave_1) entered disabled state [ 149.256634] device bridge_slave_1 entered promiscuous mode [ 149.274574] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 149.289187] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 149.311638] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 149.320357] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 149.352289] bridge0: port 2(bridge_slave_1) entered blocking state [ 149.358733] bridge0: port 2(bridge_slave_1) entered disabled state [ 149.401319] device bridge_slave_1 entered promiscuous mode [ 149.459778] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 149.475752] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 149.500202] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 149.507848] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 149.553986] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 149.587812] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 149.714296] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 149.722446] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 149.763175] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 149.975491] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 150.129315] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 150.142785] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 150.308343] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 150.362516] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 150.380172] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 150.393481] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 150.446595] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 150.512471] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 150.595502] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 150.604879] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 150.615480] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 150.670458] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 150.682335] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 150.689244] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 150.718855] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 150.729811] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 150.736789] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 150.782946] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 150.874031] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 150.882474] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 150.892175] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 150.914990] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 150.930720] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 150.937712] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 150.965967] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 151.009576] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 151.016563] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 151.031935] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 151.041495] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 151.049704] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 151.085925] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 151.092905] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 151.137001] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 151.143953] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 151.165276] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 151.175260] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 151.189907] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 151.196816] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 151.239912] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 151.246856] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 151.355426] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 151.362390] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 151.380887] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 151.389151] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 151.410171] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 151.417133] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 151.559176] ip (5027) used greatest stack depth: 53232 bytes left [ 151.664099] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 151.671013] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 151.801660] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 151.820582] team0: Port device team_slave_0 added [ 151.896310] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 151.919541] team0: Port device team_slave_0 added [ 151.966857] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 151.988877] team0: Port device team_slave_0 added [ 152.010408] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 152.038140] team0: Port device team_slave_0 added [ 152.063079] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 152.093990] team0: Port device team_slave_1 added [ 152.114331] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 152.135877] team0: Port device team_slave_0 added [ 152.168218] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 152.193112] team0: Port device team_slave_1 added [ 152.217864] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 152.243928] team0: Port device team_slave_0 added [ 152.264689] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 152.286848] team0: Port device team_slave_1 added [ 152.311596] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 152.329633] team0: Port device team_slave_1 added [ 152.335372] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 152.354866] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 152.376891] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 152.418572] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 152.435512] team0: Port device team_slave_0 added [ 152.456108] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 152.471941] team0: Port device team_slave_1 added [ 152.493586] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 152.507709] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 152.515903] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 152.536460] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 152.558607] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 152.573932] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 152.586463] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 152.599964] team0: Port device team_slave_0 added [ 152.622719] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 152.629667] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 152.657761] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 152.680324] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 152.687612] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 152.702881] team0: Port device team_slave_1 added [ 152.728217] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 152.742107] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 152.759231] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 152.772638] team0: Port device team_slave_1 added [ 152.790740] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 152.804455] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 152.823652] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 152.841279] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 152.850570] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 152.863816] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 152.879644] team0: Port device team_slave_1 added [ 152.890473] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 152.918614] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 152.934183] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 152.951253] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 152.973021] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 152.982709] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 152.991329] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 153.015971] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 153.038737] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 153.059490] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 153.078345] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 153.088389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 153.101929] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 153.121328] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 153.138148] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 153.145652] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 153.160170] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 153.168234] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 153.176556] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 153.200243] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 153.248479] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 153.277896] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 153.307723] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 153.349203] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 153.366513] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 153.375603] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 153.385751] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 153.393805] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 153.403913] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 153.414828] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 153.423719] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 153.452185] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 153.461134] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 153.470101] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 153.479385] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 153.488667] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 153.497980] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 153.506467] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 153.525978] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 153.551379] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 153.585820] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 153.621095] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 153.648291] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 153.669652] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 153.694930] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 153.702979] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 153.711105] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 153.718699] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 153.726860] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 153.735333] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 153.742808] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 153.751733] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 153.783103] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 153.791611] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 153.803203] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 153.821020] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 153.833190] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 153.842630] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 153.852490] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 153.878765] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 153.910642] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 153.945326] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 153.987879] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 154.019241] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 154.052397] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 154.061842] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 154.074239] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 154.127222] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 154.134555] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 154.146589] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 154.179021] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 154.186990] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 154.207892] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 154.261889] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 154.273553] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 154.294280] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 156.463910] bridge0: port 2(bridge_slave_1) entered blocking state [ 156.470377] bridge0: port 2(bridge_slave_1) entered forwarding state [ 156.477216] bridge0: port 1(bridge_slave_0) entered blocking state [ 156.483683] bridge0: port 1(bridge_slave_0) entered forwarding state [ 156.520952] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 156.527480] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 156.555802] bridge0: port 2(bridge_slave_1) entered blocking state [ 156.562233] bridge0: port 2(bridge_slave_1) entered forwarding state [ 156.569022] bridge0: port 1(bridge_slave_0) entered blocking state [ 156.575517] bridge0: port 1(bridge_slave_0) entered forwarding state [ 156.599166] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 156.608088] bridge0: port 2(bridge_slave_1) entered blocking state [ 156.614490] bridge0: port 2(bridge_slave_1) entered forwarding state [ 156.621289] bridge0: port 1(bridge_slave_0) entered blocking state [ 156.627704] bridge0: port 1(bridge_slave_0) entered forwarding state [ 156.664578] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 156.699496] bridge0: port 2(bridge_slave_1) entered blocking state [ 156.705933] bridge0: port 2(bridge_slave_1) entered forwarding state [ 156.712683] bridge0: port 1(bridge_slave_0) entered blocking state [ 156.719124] bridge0: port 1(bridge_slave_0) entered forwarding state [ 156.788100] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 157.045481] bridge0: port 2(bridge_slave_1) entered blocking state [ 157.051951] bridge0: port 2(bridge_slave_1) entered forwarding state [ 157.058720] bridge0: port 1(bridge_slave_0) entered blocking state [ 157.065152] bridge0: port 1(bridge_slave_0) entered forwarding state [ 157.099718] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 157.123003] bridge0: port 2(bridge_slave_1) entered blocking state [ 157.129443] bridge0: port 2(bridge_slave_1) entered forwarding state [ 157.136263] bridge0: port 1(bridge_slave_0) entered blocking state [ 157.142684] bridge0: port 1(bridge_slave_0) entered forwarding state [ 157.183331] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 157.198600] bridge0: port 2(bridge_slave_1) entered blocking state [ 157.205085] bridge0: port 2(bridge_slave_1) entered forwarding state [ 157.211835] bridge0: port 1(bridge_slave_0) entered blocking state [ 157.218270] bridge0: port 1(bridge_slave_0) entered forwarding state [ 157.292354] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 157.383799] bridge0: port 2(bridge_slave_1) entered blocking state [ 157.390270] bridge0: port 2(bridge_slave_1) entered forwarding state [ 157.397122] bridge0: port 1(bridge_slave_0) entered blocking state [ 157.403550] bridge0: port 1(bridge_slave_0) entered forwarding state [ 157.412665] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 157.540823] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 157.555157] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 157.579880] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 157.596906] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 157.614842] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 157.623128] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 157.631095] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 163.213957] ip (5739) used greatest stack depth: 53216 bytes left [ 167.168510] 8021q: adding VLAN 0 to HW filter on device bond0 [ 167.361864] 8021q: adding VLAN 0 to HW filter on device bond0 [ 167.595261] 8021q: adding VLAN 0 to HW filter on device bond0 [ 167.808705] 8021q: adding VLAN 0 to HW filter on device bond0 [ 167.868661] 8021q: adding VLAN 0 to HW filter on device bond0 [ 167.940778] 8021q: adding VLAN 0 to HW filter on device bond0 [ 167.995352] 8021q: adding VLAN 0 to HW filter on device bond0 [ 168.200001] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 168.339387] 8021q: adding VLAN 0 to HW filter on device bond0 [ 168.428464] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 168.662120] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 168.796482] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 168.841487] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 168.958410] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 169.017134] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 169.117194] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 169.123610] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 169.137843] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 169.427088] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 169.500807] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 169.507220] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 169.521190] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 169.731842] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 169.738260] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 169.752687] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 169.856713] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 169.863154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 169.877915] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 169.906001] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 169.912420] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 169.932171] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 169.988147] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 169.994447] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 170.012900] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 170.093927] 8021q: adding VLAN 0 to HW filter on device team0 [ 170.141935] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 170.154719] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 170.171535] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 170.483308] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 170.489660] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 170.501469] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 170.634664] 8021q: adding VLAN 0 to HW filter on device team0 [ 170.844107] 8021q: adding VLAN 0 to HW filter on device team0 [ 170.944904] 8021q: adding VLAN 0 to HW filter on device team0 [ 170.996392] 8021q: adding VLAN 0 to HW filter on device team0 [ 171.029353] 8021q: adding VLAN 0 to HW filter on device team0 [ 171.227305] 8021q: adding VLAN 0 to HW filter on device team0 [ 171.625154] 8021q: adding VLAN 0 to HW filter on device team0 13:39:55 executing program 4: r0 = socket$inet_sctp(0x2, 0x100000003, 0x84) connect$inet(r0, &(0x7f0000f6fff0)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}, 0x10) 13:39:55 executing program 4: perf_event_open(&(0x7f000001d000)={0x200000002, 0x70, 0x5, 0x108000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000b32fff)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) dup2(r1, r0) 13:39:56 executing program 4: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)="2e2f6367726f757000361a6f74a1b774b8642f3dfdd313d92946ff0167415d8dc22791dcd496520c1c99f4b07d3b2a11090000000229210b73abdcd2986fc290ac9b6ace278586d39949a54fb276eb1fd3964b0cad27e417b33abb8d3b00e64e75e4dff47de27536dccdde5fc746b04faafcec347560a31b3a35a5f20bc949d75cbb763987", 0x200002, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0) r2 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setreuid(0x0, r3) fchown(r1, 0x0, 0x0) 13:39:56 executing program 0: r0 = dup3(0xffffffffffffffff, 0xffffffffffffff9c, 0x0) accept$unix(r0, &(0x7f00000000c0)=@abs, &(0x7f0000000240)=0x6e) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000080)="025cc83d6d345f72762070") r2 = socket$inet(0x10, 0x2, 0x0) sendmsg(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000140)="24000000220007031dfffd946f61830002200a00090000e7fe1c40000c1ba3a20400ff7e280000001100ffffba16a0aa1ce208b3ebea8653b1cc7e63975c02007b6268e3966cf055d90f15a3", 0x4c}], 0x1}, 0x0) 13:39:56 executing program 6: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0x4006, 0xf5) recvmsg(r0, &(0x7f00000004c0)={&(0x7f0000000440)=@can, 0x80, &(0x7f0000000280)}, 0x0) [ 177.173497] netlink: 8 bytes leftover after parsing attributes in process `syz-executor0'. 13:39:56 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x1c, 0x22, 0x1, 0x0, 0x0, {0x4}, [@typed={0x8, 0x9, @pid}]}, 0x1c}, 0x1}, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') r1 = semget(0x0, 0x1, 0x400) semctl$IPC_STAT(r1, 0x0, 0x2, &(0x7f0000000340)) [ 177.286528] syz-executor1 uses obsolete (PF_INET,SOCK_PACKET) 13:39:56 executing program 7: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000240)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)=@ipv4_delroute={0x1c, 0x19, 0xb, 0x0, 0x0, {0x2}}, 0x1c}, 0x1}, 0x0) 13:39:56 executing program 0: 13:39:56 executing program 1: 13:39:56 executing program 5: 13:39:56 executing program 0: 13:39:56 executing program 7: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000240)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)=@ipv4_delroute={0x1c, 0x19, 0xb, 0x0, 0x0, {0x2, 0x0, 0x0, 0x8001}}, 0x1c}, 0x1}, 0x0) 13:39:56 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bond0\x00'}) sendmsg$nl_route(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[@ANYBLOB="400000001400090500000000000000000a000000", @ANYBLOB="140008000006000000000000000000000000ff0014000100ff01000000000101000000000000000134926f3c055b0152894b8438bca1f8d5444a8ddf99d15874c03b21243d318d8e1f25062de08f2d8a2d49d4aa12a84bd13cb899b7a6cbdf322ed239eef9c6b15663dfd76d10614fbfa1dffad5db21dac2342cef385244bde5fce8f77db5f4cc31caccf7c1c7a0a26316f30ebfc171dfc8851932f59c29981194941ecaa1cd1f29b085ce960ba25ef2f5370632478bbd7100d422a9c129b1f80b67fd64250816a01c7aa1eee132362f7be8121d0250bd9dcb6af57bf6a51739757319fe6942a62c5a0a6b4b820ca833edcf"], 0x2}, 0x1}, 0x0) 13:39:57 executing program 2: 13:39:57 executing program 1: pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f00000001c0), 0xfffffef3) write$binfmt_misc(r1, &(0x7f0000000200)={'syz1'}, 0x4) vmsplice(r0, &(0x7f0000000100)=[{&(0x7f0000001300), 0x100000012}], 0x1, 0xffffffffffffffff) 13:39:57 executing program 5: r0 = socket$inet6(0xa, 0x80002, 0x100000000000088) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e23}, 0x1c) read(r0, &(0x7f0000000100)=""/222, 0xde) r1 = socket$inet6(0xa, 0x802, 0x88) read(r0, &(0x7f0000000380)=""/4096, 0x1000) setsockopt$inet6_udp_int(r1, 0x11, 0x100000000a, &(0x7f00005b1ffc)=0x1, 0x4) sendto$inet6(r1, &(0x7f0000000000)="96", 0x1, 0x0, &(0x7f0000000340)={0xa, 0x4e23, 0x0, @mcast2={0xff, 0x2, [], 0x1}}, 0x1c) 13:39:57 executing program 6: r0 = socket$kcm(0x11, 0x3, 0x0) setsockopt$sock_attach_bpf(r0, 0x107, 0x14, &(0x7f0000000000), 0x4) sendmsg(r0, &(0x7f0000000600)={&(0x7f0000000280)=@in6={0xa, 0x0, 0x3, @mcast1={0xff, 0x1, [], 0x1}}, 0x80, &(0x7f00000004c0), 0x0, &(0x7f0000000500)}, 0x0) 13:39:57 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'bridge_slave_0\x00'}) sendmsg$nl_route(r0, &(0x7f0000000040)={&(0x7f0000db4000)={0x10}, 0xc, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="280000001300290a000000000000000007000000", @ANYBLOB="000000000000000008000c8044c8b923"], 0x2}, 0x1}, 0x0) 13:39:57 executing program 7: 13:39:57 executing program 3: 13:39:57 executing program 4: 13:39:57 executing program 7: 13:39:57 executing program 2: [ 178.395711] ================================================================== [ 178.403159] BUG: KMSAN: uninit-value in ip_tunnel_xmit+0x63a/0x3b10 [ 178.409583] CPU: 1 PID: 6704 Comm: syz-executor6 Not tainted 4.18.0-rc4+ #27 [ 178.416770] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 178.426128] Call Trace: [ 178.428736] dump_stack+0x185/0x1e0 [ 178.432385] kmsan_report+0x195/0x2c0 [ 178.436199] __msan_warning+0x7d/0xe0 [ 178.440020] ip_tunnel_xmit+0x63a/0x3b10 [ 178.444096] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 178.449473] ? validate_xmit_skb+0xfea/0x1320 [ 178.453984] ? gre_build_header+0x5ab/0xaa0 [ 178.458342] ipgre_xmit+0xe16/0xef0 [ 178.461989] ? ipgre_close+0x230/0x230 [ 178.465889] dev_direct_xmit+0x8ee/0xc30 [ 178.469977] packet_direct_xmit+0x204/0x3c0 [ 178.474317] ? __packet_rcv_has_room+0xba0/0xba0 [ 178.479086] packet_sendmsg+0x8469/0x9010 [ 178.483256] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 178.488634] ? __msan_metadata_ptr_for_store_8+0x13/0x20 13:39:57 executing program 7: 13:39:57 executing program 2: [ 178.494094] ? rw_copy_check_uvector+0x630/0x710 [ 178.498862] ? copy_msghdr_from_user+0x75e/0x8c0 [ 178.503634] ? xfs_rtfind_forw+0xbc3/0x1140 [ 178.507980] ? copy_msghdr_from_user+0x75e/0x8c0 [ 178.512765] ? compat_packet_setsockopt+0x360/0x360 [ 178.517793] ___sys_sendmsg+0xed9/0x1350 [ 178.521877] ? __msan_poison_alloca+0x183/0x220 [ 178.526563] ? __fdget+0x4e/0x60 [ 178.529941] ? __fget_light+0x67/0x760 [ 178.533831] ? __fdget+0x4e/0x60 [ 178.537212] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 178.542590] ? __fget_light+0x6e6/0x760 [ 178.546595] __x64_sys_sendmsg+0x3b0/0x520 [ 178.550852] ? ___sys_sendmsg+0x1350/0x1350 [ 178.555185] do_syscall_64+0x15b/0x230 [ 178.559092] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 178.564286] RIP: 0033:0x455ab9 [ 178.567468] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 178.586848] RSP: 002b:00007f865c674c68 EFLAGS: 00000246 ORIG_RAX: 000000000000002e 13:39:57 executing program 7: 13:39:57 executing program 2: [ 178.594575] RAX: ffffffffffffffda RBX: 00007f865c6756d4 RCX: 0000000000455ab9 [ 178.601846] RDX: 0000000000000000 RSI: 0000000020000600 RDI: 0000000000000013 [ 178.609121] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 178.616395] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 178.623674] R13: 00000000004c0dcb R14: 00000000004d1410 R15: 0000000000000000 [ 178.630954] [ 178.632581] Uninit was created at: [ 178.636132] kmsan_internal_poison_shadow+0xc8/0x1d0 [ 178.641246] kmsan_kmalloc+0xa1/0x120 13:39:57 executing program 7: [ 178.645052] kmsan_slab_alloc+0x10/0x20 [ 178.649032] __kmalloc_node_track_caller+0xb48/0x11d0 [ 178.654224] __alloc_skb+0x2cb/0x9e0 [ 178.657955] alloc_skb_with_frags+0x1e6/0xb80 [ 178.662452] sock_alloc_send_pskb+0xb59/0x11e0 [ 178.667040] packet_sendmsg+0x68cb/0x9010 [ 178.671191] ___sys_sendmsg+0xed9/0x1350 [ 178.675258] __x64_sys_sendmsg+0x3b0/0x520 [ 178.679495] do_syscall_64+0x15b/0x230 [ 178.683392] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 178.688579] ================================================================== 13:39:57 executing program 2: [ 178.695929] Disabling lock debugging due to kernel taint [ 178.701371] Kernel panic - not syncing: panic_on_warn set ... [ 178.701371] [ 178.708745] CPU: 1 PID: 6704 Comm: syz-executor6 Tainted: G B 4.18.0-rc4+ #27 [ 178.717322] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 178.726676] Call Trace: [ 178.729273] dump_stack+0x185/0x1e0 [ 178.732912] panic+0x3d0/0x9b0 [ 178.736129] kmsan_report+0x2bf/0x2c0 [ 178.740041] __msan_warning+0x7d/0xe0 13:39:57 executing program 7: [ 178.743853] ip_tunnel_xmit+0x63a/0x3b10 [ 178.747918] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 178.753294] ? validate_xmit_skb+0xfea/0x1320 [ 178.757809] ? gre_build_header+0x5ab/0xaa0 [ 178.762153] ipgre_xmit+0xe16/0xef0 [ 178.765793] ? ipgre_close+0x230/0x230 [ 178.769689] dev_direct_xmit+0x8ee/0xc30 [ 178.773776] packet_direct_xmit+0x204/0x3c0 [ 178.778111] ? __packet_rcv_has_room+0xba0/0xba0 [ 178.782883] packet_sendmsg+0x8469/0x9010 [ 178.787041] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 178.792417] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 178.797875] ? rw_copy_check_uvector+0x630/0x710 [ 178.802640] ? copy_msghdr_from_user+0x75e/0x8c0 [ 178.807412] ? xfs_rtfind_forw+0xbc3/0x1140 [ 178.811759] ? copy_msghdr_from_user+0x75e/0x8c0 [ 178.816539] ? compat_packet_setsockopt+0x360/0x360 [ 178.821572] ___sys_sendmsg+0xed9/0x1350 [ 178.825648] ? __msan_poison_alloca+0x183/0x220 [ 178.830322] ? __fdget+0x4e/0x60 [ 178.833704] ? __fget_light+0x67/0x760 [ 178.837599] ? __fdget+0x4e/0x60 [ 178.840978] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 178.846346] ? __fget_light+0x6e6/0x760 [ 178.850342] __x64_sys_sendmsg+0x3b0/0x520 [ 178.854606] ? ___sys_sendmsg+0x1350/0x1350 [ 178.858938] do_syscall_64+0x15b/0x230 [ 178.862861] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 178.868053] RIP: 0033:0x455ab9 [ 178.871235] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 178.890542] RSP: 002b:00007f865c674c68 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 178.898274] RAX: ffffffffffffffda RBX: 00007f865c6756d4 RCX: 0000000000455ab9 [ 178.905554] RDX: 0000000000000000 RSI: 0000000020000600 RDI: 0000000000000013 [ 178.912834] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 178.920117] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 178.927392] R13: 00000000004c0dcb R14: 00000000004d1410 R15: 0000000000000000 [ 178.935185] Dumping ftrace buffer: [ 178.938711] (ftrace buffer empty) [ 178.942400] Kernel Offset: disabled [ 178.946006] Rebooting in 86400 seconds..