[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 32.856614] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 36.983751] random: sshd: uninitialized urandom read (32 bytes read) [ 37.334930] random: sshd: uninitialized urandom read (32 bytes read) [ 38.975463] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.0.55' (ECDSA) to the list of known hosts. [ 44.655128] random: sshd: uninitialized urandom read (32 bytes read) 2018/07/17 17:50:36 fuzzer started [ 46.144318] random: cc1: uninitialized urandom read (8 bytes read) 2018/07/17 17:50:39 dialing manager at 10.128.0.26:45973 2018/07/17 17:50:41 syscalls: 1605 2018/07/17 17:50:41 code coverage: enabled 2018/07/17 17:50:41 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled 2018/07/17 17:50:41 setuid sandbox: enabled 2018/07/17 17:50:41 namespace sandbox: enabled 2018/07/17 17:50:41 fault injection: enabled 2018/07/17 17:50:41 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2018/07/17 17:50:41 net packed injection: enabled 2018/07/17 17:50:41 net device setup: enabled [ 51.218891] random: crng init done 17:52:08 executing program 0: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.cpu\x00', 0x200002, 0x0) perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f00000005c0)='tasks\x00', 0x2, 0x0) fchown(0xffffffffffffffff, 0x0, 0x0) write$cgroup_pid(r1, &(0x7f0000000040), 0x12) 17:52:08 executing program 1: r0 = syz_open_dev$sndctrl(&(0x7f00000000c0)='/dev/snd/controlC#\x00', 0x8000000000000004, 0x0) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_INFO(r0, 0xc10c5541, &(0x7f0000000240)={0x2}) 17:52:08 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000240)="025cc83d6d345f8f762070") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f00000000c0)={0x26, 'aead\x00', 0x0, 0x0, 'rfc4106-gcm-aesni\x00'}, 0x58) 17:52:08 executing program 2: r0 = socket$pppoe(0x18, 0x1, 0x0) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") connect$pppoe(r0, &(0x7f0000000040)={0x18, 0x0, {0x4, @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xa}, 'lo\x00'}}, 0x1e) ioctl$PPPIOCGCHAN(r0, 0x80047437, &(0x7f0000000000)) sendmmsg(r0, &(0x7f0000005b40)=[{{&(0x7f0000001b40)=@in={0x2, 0x0, @multicast1=0xe0000001}, 0x80, &(0x7f0000001cc0)=[{&(0x7f0000001c80)="40b6", 0x2}], 0x1, &(0x7f0000002340)}}], 0x1, 0x0) 17:52:08 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xbb}, 0x9}, 0x1c) write$binfmt_elf32(r1, &(0x7f0000000b40)={{0x21, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20}, [{}], "1755c8e12ad2a082d91103cc4528a073f43b512b5a3354d7b2f679be23c527e5d37f7c02a5b2ad2c11315d25430de3b1a81f1c96c6f4b951121079d794daaffd3e67fbe270709fd2bf930e0b99e4a51fed447cd158f1667d36a6d474fd8da5af7507839b356aee01969fefaa0e9ebee23c16d95029c6c135493211eb475636d2b29f19697db13cc9551382092afeb0f31782e4108681db82c492028c7cb1a529252f39937f0a87f9abc5dedf76ff086af5965914fbb81997491af0ebfcbf964c1886c9209ce220570fa6cad2d2d792607eb305cebdfc936b0d64ec87abfac56c381a21369f685f4b8258cf6e8ef98198c0334d45c1569c34c5eb799d9a87ffb16012422e1cd36506af07d1b9aa40385c0f1d65a9de02ccf28179240a9400e3322a8514551fe96318af13bb410f71ca8053f3bbeaa0dbf89e74c91c7bd867099befd6c907c7ce722e56b89e34d285cc0e91a1a6c340a5001b4e5ef8d39d320f40a92021df8a5ea0b7ffddea4365e5ec18d029170e7b4b23521eb2f67e073e8d09403539a5a3aa62523d34218a4e877e7bcb3927e4e6516e65dda514c87a9d7247719012c8ef01fb6ecc913e50ec7a7bf2952764e9c4d6c41716609a54cd7e7ea9b8bd4e74c3172d5b4256331575b61530e73c30c623e60ed085e36ffc2af2a8f4d3", [[]]}, 0x339) 17:52:08 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) sendmsg(r0, &(0x7f0000014fc8)={&(0x7f0000006ff0)=@in={0x2, 0x4e23, @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}, 0x80, &(0x7f0000000040), 0x0, &(0x7f000001ef80)=ANY=[@ANYBLOB="2000000000000000000000000700000044100f0300ef00009700000000000000"], 0x20}, 0x0) 17:52:08 executing program 6: perf_event_open(&(0x7f000001d000)={0x200000002, 0x70, 0x5, 0x108000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x200000002, 0x70, 0xfffffffffffff11d, 0x108000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sync() 17:52:08 executing program 4: syz_emit_ethernet(0x3e, &(0x7f00000000c0)={@broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x8, 0x11, 0x0, @empty, @mcast2={0xff, 0x2, [], 0x1}, {[], @udp={0x0, 0x0, 0x8}}}}}}, &(0x7f0000775000)) [ 137.079212] IPVS: ftp: loaded support on port[0] = 21 [ 137.138188] IPVS: ftp: loaded support on port[0] = 21 [ 137.220107] IPVS: ftp: loaded support on port[0] = 21 [ 137.244248] IPVS: ftp: loaded support on port[0] = 21 [ 137.250473] IPVS: ftp: loaded support on port[0] = 21 [ 137.285980] IPVS: ftp: loaded support on port[0] = 21 [ 137.296118] IPVS: ftp: loaded support on port[0] = 21 [ 137.297160] IPVS: ftp: loaded support on port[0] = 21 [ 139.108782] ip (4682) used greatest stack depth: 53312 bytes left [ 141.416759] bridge0: port 1(bridge_slave_0) entered blocking state [ 141.423275] bridge0: port 1(bridge_slave_0) entered disabled state [ 141.466446] device bridge_slave_0 entered promiscuous mode [ 141.525111] bridge0: port 1(bridge_slave_0) entered blocking state [ 141.531641] bridge0: port 1(bridge_slave_0) entered disabled state [ 141.560743] device bridge_slave_0 entered promiscuous mode [ 141.602615] bridge0: port 2(bridge_slave_1) entered blocking state [ 141.609115] bridge0: port 2(bridge_slave_1) entered disabled state [ 141.634885] device bridge_slave_1 entered promiscuous mode [ 141.662499] bridge0: port 1(bridge_slave_0) entered blocking state [ 141.669003] bridge0: port 1(bridge_slave_0) entered disabled state [ 141.699286] device bridge_slave_0 entered promiscuous mode [ 141.722263] bridge0: port 1(bridge_slave_0) entered blocking state [ 141.728838] bridge0: port 1(bridge_slave_0) entered disabled state [ 141.759308] device bridge_slave_0 entered promiscuous mode [ 141.774875] bridge0: port 1(bridge_slave_0) entered blocking state [ 141.781371] bridge0: port 1(bridge_slave_0) entered disabled state [ 141.799672] device bridge_slave_0 entered promiscuous mode [ 141.817330] bridge0: port 1(bridge_slave_0) entered blocking state [ 141.823826] bridge0: port 1(bridge_slave_0) entered disabled state [ 141.840186] device bridge_slave_0 entered promiscuous mode [ 141.857979] bridge0: port 2(bridge_slave_1) entered blocking state [ 141.864538] bridge0: port 2(bridge_slave_1) entered disabled state [ 141.882481] device bridge_slave_1 entered promiscuous mode [ 141.897814] bridge0: port 1(bridge_slave_0) entered blocking state [ 141.904340] bridge0: port 1(bridge_slave_0) entered disabled state [ 141.930475] device bridge_slave_0 entered promiscuous mode [ 141.947421] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 141.969166] bridge0: port 2(bridge_slave_1) entered blocking state [ 141.975684] bridge0: port 2(bridge_slave_1) entered disabled state [ 142.023287] device bridge_slave_1 entered promiscuous mode [ 142.038191] bridge0: port 1(bridge_slave_0) entered blocking state [ 142.044675] bridge0: port 1(bridge_slave_0) entered disabled state [ 142.073364] device bridge_slave_0 entered promiscuous mode [ 142.085135] bridge0: port 2(bridge_slave_1) entered blocking state [ 142.091577] bridge0: port 2(bridge_slave_1) entered disabled state [ 142.117069] device bridge_slave_1 entered promiscuous mode [ 142.125829] bridge0: port 2(bridge_slave_1) entered blocking state [ 142.132587] bridge0: port 2(bridge_slave_1) entered disabled state [ 142.148593] device bridge_slave_1 entered promiscuous mode [ 142.186792] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 142.197712] bridge0: port 2(bridge_slave_1) entered blocking state [ 142.204183] bridge0: port 2(bridge_slave_1) entered disabled state [ 142.230518] device bridge_slave_1 entered promiscuous mode [ 142.237773] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 142.249175] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 142.259069] bridge0: port 2(bridge_slave_1) entered blocking state [ 142.265535] bridge0: port 2(bridge_slave_1) entered disabled state [ 142.297860] device bridge_slave_1 entered promiscuous mode [ 142.326455] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 142.334393] bridge0: port 2(bridge_slave_1) entered blocking state [ 142.340875] bridge0: port 2(bridge_slave_1) entered disabled state [ 142.398237] device bridge_slave_1 entered promiscuous mode [ 142.418232] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 142.471372] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 142.500828] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 142.517767] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 142.541679] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 142.590093] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 142.643912] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 142.722192] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 142.789301] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 142.845135] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 142.931145] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 142.951924] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 143.247860] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 143.316558] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 143.385966] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 143.398791] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 143.474345] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 143.541232] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 143.548337] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 143.572245] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 143.599118] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 143.662905] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 143.676602] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 143.697827] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 143.718753] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 143.801301] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 143.811135] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 143.820515] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 143.892187] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 143.899337] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 143.916445] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 143.951502] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 143.965863] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 143.987635] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 143.997720] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 144.007115] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 144.050712] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 144.094752] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 144.102401] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 144.164961] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 144.172131] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 144.191389] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 144.198451] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 144.252460] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 144.259555] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 144.284156] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 144.291541] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 144.308822] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 144.315916] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 144.387709] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 144.394781] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 144.414668] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 144.437551] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 144.465000] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 144.472024] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 144.524492] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 144.531517] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 144.685192] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 144.703149] team0: Port device team_slave_0 added [ 144.725871] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 144.755218] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 145.014240] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 145.035135] team0: Port device team_slave_0 added [ 145.065653] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 145.079431] team0: Port device team_slave_0 added [ 145.096415] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 145.114623] team0: Port device team_slave_1 added [ 145.166370] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 145.190188] team0: Port device team_slave_0 added [ 145.280339] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 145.311734] team0: Port device team_slave_1 added [ 145.332493] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 145.343105] team0: Port device team_slave_1 added [ 145.366066] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 145.398104] team0: Port device team_slave_0 added [ 145.406289] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 145.429722] team0: Port device team_slave_0 added [ 145.455095] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 145.462212] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 145.478827] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 145.524516] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 145.539271] team0: Port device team_slave_0 added [ 145.545453] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 145.558632] team0: Port device team_slave_0 added [ 145.568885] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 145.599850] team0: Port device team_slave_1 added [ 145.637531] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 145.644926] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 145.657923] team0: Port device team_slave_1 added [ 145.680769] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 145.701155] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 145.723407] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 145.730998] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 145.746952] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 145.779241] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 145.798641] team0: Port device team_slave_1 added [ 145.834824] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 145.843576] team0: Port device team_slave_1 added [ 145.851970] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 145.862376] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 145.882390] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 145.912201] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 145.925023] team0: Port device team_slave_1 added [ 145.939516] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 145.953917] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 145.977943] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 145.989709] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 145.997497] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 146.008335] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 146.021833] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 146.028998] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 146.049998] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 146.059093] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 146.078013] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 146.107122] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 146.137896] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 146.170315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 146.194170] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 146.213544] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 146.234168] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 146.243990] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 146.256891] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 146.266822] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 146.289466] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 146.300811] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 146.309900] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 146.319078] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 146.326856] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 146.343209] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 146.393200] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 146.419863] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 146.445275] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 146.475811] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 146.490837] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 146.498949] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 146.507620] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 146.516507] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 146.524501] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 146.533479] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 146.542622] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 146.554338] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 146.563427] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 146.596938] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 146.604110] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 146.616807] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 146.625609] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 146.635111] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 146.642810] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 146.654118] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 146.662508] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 146.670316] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 146.728842] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 146.762593] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 146.797730] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 146.828875] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 146.849079] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 146.864120] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 146.872476] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 146.880710] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 146.888868] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 146.909321] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 146.922757] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 146.931949] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 146.947745] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 146.962652] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 146.971593] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 146.992257] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 147.024787] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 147.051381] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 147.082498] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 147.090264] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 147.098973] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 147.125193] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 147.136275] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 147.155619] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 147.165423] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 147.186160] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 147.225614] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 147.246228] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 147.262714] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 147.280926] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 147.319260] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 147.326714] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 147.335520] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 147.366314] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 147.380251] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 147.407807] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 149.646500] bridge0: port 2(bridge_slave_1) entered blocking state [ 149.652998] bridge0: port 2(bridge_slave_1) entered forwarding state [ 149.659886] bridge0: port 1(bridge_slave_0) entered blocking state [ 149.666330] bridge0: port 1(bridge_slave_0) entered forwarding state [ 149.705807] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 149.714572] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 149.982791] bridge0: port 2(bridge_slave_1) entered blocking state [ 149.989299] bridge0: port 2(bridge_slave_1) entered forwarding state [ 149.996215] bridge0: port 1(bridge_slave_0) entered blocking state [ 150.002697] bridge0: port 1(bridge_slave_0) entered forwarding state [ 150.019173] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 150.049160] bridge0: port 2(bridge_slave_1) entered blocking state [ 150.055685] bridge0: port 2(bridge_slave_1) entered forwarding state [ 150.062598] bridge0: port 1(bridge_slave_0) entered blocking state [ 150.069093] bridge0: port 1(bridge_slave_0) entered forwarding state [ 150.122682] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 150.146424] bridge0: port 2(bridge_slave_1) entered blocking state [ 150.152903] bridge0: port 2(bridge_slave_1) entered forwarding state [ 150.159728] bridge0: port 1(bridge_slave_0) entered blocking state [ 150.166345] bridge0: port 1(bridge_slave_0) entered forwarding state [ 150.208603] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 150.218421] bridge0: port 2(bridge_slave_1) entered blocking state [ 150.225163] bridge0: port 2(bridge_slave_1) entered forwarding state [ 150.232004] bridge0: port 1(bridge_slave_0) entered blocking state [ 150.238532] bridge0: port 1(bridge_slave_0) entered forwarding state [ 150.275342] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 150.299920] bridge0: port 2(bridge_slave_1) entered blocking state [ 150.306499] bridge0: port 2(bridge_slave_1) entered forwarding state [ 150.313346] bridge0: port 1(bridge_slave_0) entered blocking state [ 150.319878] bridge0: port 1(bridge_slave_0) entered forwarding state [ 150.361472] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 150.383499] bridge0: port 2(bridge_slave_1) entered blocking state [ 150.389975] bridge0: port 2(bridge_slave_1) entered forwarding state [ 150.396877] bridge0: port 1(bridge_slave_0) entered blocking state [ 150.403351] bridge0: port 1(bridge_slave_0) entered forwarding state [ 150.448618] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 150.461558] bridge0: port 2(bridge_slave_1) entered blocking state [ 150.468125] bridge0: port 2(bridge_slave_1) entered forwarding state [ 150.474955] bridge0: port 1(bridge_slave_0) entered blocking state [ 150.481455] bridge0: port 1(bridge_slave_0) entered forwarding state [ 150.532252] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 150.752322] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 150.770099] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 150.796541] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 150.812935] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 150.821863] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 150.831134] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 150.839152] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 152.447844] ip (5450) used greatest stack depth: 53216 bytes left [ 160.907663] 8021q: adding VLAN 0 to HW filter on device bond0 [ 161.017006] 8021q: adding VLAN 0 to HW filter on device bond0 [ 161.088744] 8021q: adding VLAN 0 to HW filter on device bond0 [ 161.117802] 8021q: adding VLAN 0 to HW filter on device bond0 [ 161.320138] 8021q: adding VLAN 0 to HW filter on device bond0 [ 161.348781] 8021q: adding VLAN 0 to HW filter on device bond0 [ 161.487569] 8021q: adding VLAN 0 to HW filter on device bond0 [ 161.518738] 8021q: adding VLAN 0 to HW filter on device bond0 [ 161.919298] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 162.035338] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 162.128154] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 162.184324] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 162.385481] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 162.425263] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 162.494221] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 162.532476] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 162.991639] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 163.001213] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 163.007471] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 163.028939] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 163.058082] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 163.079366] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 163.131672] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 163.142720] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 163.166155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 163.237461] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 163.247123] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 163.261327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 163.393771] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 163.400552] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 163.415567] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 163.545561] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 163.551901] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 163.568900] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 163.617767] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 163.624341] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 163.654261] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 163.768242] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 163.774632] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 163.787157] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 163.958882] 8021q: adding VLAN 0 to HW filter on device team0 [ 164.053474] 8021q: adding VLAN 0 to HW filter on device team0 [ 164.245631] 8021q: adding VLAN 0 to HW filter on device team0 [ 164.339529] 8021q: adding VLAN 0 to HW filter on device team0 [ 164.363745] 8021q: adding VLAN 0 to HW filter on device team0 [ 164.594476] 8021q: adding VLAN 0 to HW filter on device team0 [ 164.662063] 8021q: adding VLAN 0 to HW filter on device team0 [ 164.803137] 8021q: adding VLAN 0 to HW filter on device team0 17:52:42 executing program 0: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.cpu\x00', 0x200002, 0x0) perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f00000005c0)='tasks\x00', 0x2, 0x0) fchown(0xffffffffffffffff, 0x0, 0x0) write$cgroup_pid(r1, &(0x7f0000000040), 0x12) 17:52:42 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) setsockopt$inet6_int(r0, 0x29, 0x42, &(0x7f00000000c0)=0x2, 0x4) connect$inet6(r0, &(0x7f000000cfe4)={0xa}, 0x1c) 17:52:42 executing program 3: r0 = socket$inet6(0xa, 0x1000000000001, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0x11}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getitimer(0x0, &(0x7f0000000040)) epoll_ctl$EPOLL_CTL_DEL(0xffffffffffffffff, 0x2, r0) 17:52:42 executing program 0: pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) vmsplice(r0, &(0x7f0000000580)=[{&(0x7f0000000500)='3', 0x1}], 0x1, 0x0) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) vmsplice(r1, &(0x7f0000f6dfe0)=[{&(0x7f000061ff2f)="a8", 0x1}], 0x1, 0x0) 17:52:42 executing program 2: r0 = socket$pppoe(0x18, 0x1, 0x0) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") connect$pppoe(r0, &(0x7f0000000040)={0x18, 0x0, {0x4, @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xa}, 'lo\x00'}}, 0x1e) ioctl$PPPIOCGCHAN(r0, 0x80047437, &(0x7f0000000000)) sendmmsg(r0, &(0x7f0000005b40)=[{{&(0x7f0000001b40)=@in={0x2, 0x0, @multicast1=0xe0000001}, 0x80, &(0x7f0000001cc0)=[{&(0x7f0000001c80)="40b6", 0x2}], 0x1, &(0x7f0000002340)}}], 0x1, 0x0) 17:52:42 executing program 7: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0) fsetxattr(r0, &(0x7f0000000100)=@known='security.capability\x00', &(0x7f00000000c0)="000000037970652700000004000000070000204500000000", 0x18, 0x0) 17:52:43 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) setsockopt$inet6_int(r0, 0x29, 0x42, &(0x7f00000000c0)=0x2, 0x4) connect$inet6(r0, &(0x7f000000cfe4)={0xa}, 0x1c) [ 171.026706] ================================================================== [ 171.034151] BUG: KMSAN: uninit-value in __nf_conntrack_find_get+0xc15/0x2190 [ 171.041383] CPU: 0 PID: 6644 Comm: syz-executor5 Not tainted 4.18.0-rc4+ #27 [ 171.048666] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 171.058046] Call Trace: [ 171.060655] dump_stack+0x185/0x1e0 [ 171.064310] kmsan_report+0x195/0x2c0 [ 171.068139] __msan_warning+0x7d/0xe0 [ 171.071965] __nf_conntrack_find_get+0xc15/0x2190 [ 171.076835] ? kmsan_set_origin_inline+0x6b/0x120 [ 171.081720] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 171.087111] ? hash_conntrack_raw+0x5f7/0x8c0 [ 171.091641] nf_conntrack_in+0x1674/0x2070 [ 171.095931] ipv6_conntrack_local+0xc3/0xf0 [ 171.100317] ? ipv6_conntrack_in+0xf0/0xf0 [ 171.104580] nf_hook_slow+0x15d/0x3e0 [ 171.108428] __ip6_local_out+0x64c/0x770 [ 171.112525] ? __ip6_local_out+0x770/0x770 [ 171.116782] ip6_local_out+0xa4/0x1d0 [ 171.120694] ip6_push_pending_frames+0x218/0x4d0 [ 171.125480] rawv6_sendmsg+0x45f0/0x5410 [ 171.129611] ? compat_rawv6_ioctl+0x100/0x100 [ 171.134134] inet_sendmsg+0x3fc/0x760 [ 171.137953] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 171.143338] ? inet_getname+0x4a0/0x4a0 [ 171.147333] sock_write_iter+0x408/0x4d0 [ 171.151430] ? sock_read_iter+0x4f0/0x4f0 [ 171.155605] __vfs_write+0x87e/0xb90 [ 171.159353] vfs_write+0x467/0x8c0 [ 171.162929] __x64_sys_write+0x1cf/0x400 [ 171.167021] ? ksys_write+0x380/0x380 [ 171.170840] do_syscall_64+0x15b/0x230 [ 171.174756] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 171.179963] RIP: 0033:0x455ab9 [ 171.183156] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 171.202513] RSP: 002b:00007ffafb209c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 171.210246] RAX: ffffffffffffffda RBX: 00007ffafb20a6d4 RCX: 0000000000455ab9 [ 171.217529] RDX: 0000000000000339 RSI: 0000000020000b40 RDI: 0000000000000016 17:52:43 executing program 4: socket$inet6(0xa, 0x0, 0x0) 17:52:43 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000000100)="120000001600e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) readv(r1, &(0x7f00000000c0)=[{&(0x7f0000002200)=""/63, 0x3f}], 0x1) [ 171.224815] RBP: 000000000072bf48 R08: 0000000000000000 R09: 0000000000000000 [ 171.232101] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 171.239395] R13: 00000000004c2c2b R14: 00000000004d4c20 R15: 0000000000000001 [ 171.246690] [ 171.248321] Uninit was stored to memory at: [ 171.252664] kmsan_internal_chain_origin+0x13c/0x240 [ 171.257807] __msan_chain_origin+0x76/0xd0 [ 171.262091] __nf_conntrack_confirm+0x2700/0x3f70 [ 171.266952] ipv6_confirm+0x573/0x740 [ 171.270770] nf_hook_slow+0x15d/0x3e0 [ 171.274625] ip6_output+0x37d/0x710 [ 171.278264] ip6_local_out+0x164/0x1d0 [ 171.282164] ip6_push_pending_frames+0x218/0x4d0 [ 171.287120] rawv6_sendmsg+0x45f0/0x5410 [ 171.291208] inet_sendmsg+0x3fc/0x760 [ 171.295042] sock_write_iter+0x408/0x4d0 [ 171.299135] __vfs_write+0x87e/0xb90 [ 171.302867] vfs_write+0x467/0x8c0 [ 171.306429] __x64_sys_write+0x1cf/0x400 [ 171.310503] do_syscall_64+0x15b/0x230 [ 171.314406] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 171.319593] [ 171.321219] Uninit was created at: 17:52:43 executing program 1: semget(0x2, 0x0, 0x0) [ 171.324774] kmsan_internal_poison_shadow+0xc8/0x1d0 [ 171.330149] kmsan_kmalloc+0xa1/0x120 [ 171.333959] kmem_cache_alloc+0xad2/0xbb0 [ 171.338116] __nf_conntrack_alloc+0x166/0x670 [ 171.342627] init_conntrack+0x635/0x2840 [ 171.346704] nf_conntrack_in+0x1812/0x2070 [ 171.350954] ipv6_conntrack_local+0xc3/0xf0 [ 171.355290] nf_hook_slow+0x15d/0x3e0 [ 171.359106] __ip6_local_out+0x64c/0x770 [ 171.363178] ip6_local_out+0xa4/0x1d0 [ 171.366985] ip6_push_pending_frames+0x218/0x4d0 [ 171.371752] rawv6_sendmsg+0x45f0/0x5410 17:52:43 executing program 7: perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0xc000, 0x0) [ 171.375823] inet_sendmsg+0x3fc/0x760 [ 171.379639] sock_write_iter+0x408/0x4d0 [ 171.383718] __vfs_write+0x87e/0xb90 [ 171.387449] vfs_write+0x467/0x8c0 [ 171.390998] __x64_sys_write+0x1cf/0x400 [ 171.395064] do_syscall_64+0x15b/0x230 [ 171.398964] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 171.404152] ================================================================== [ 171.411515] Disabling lock debugging due to kernel taint [ 171.416973] Kernel panic - not syncing: panic_on_warn set ... [ 171.416973] [ 171.424356] CPU: 0 PID: 6644 Comm: syz-executor5 Tainted: G B 4.18.0-rc4+ #27 [ 171.432936] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 171.442300] Call Trace: [ 171.444906] dump_stack+0x185/0x1e0 [ 171.448550] panic+0x3d0/0x9b0 [ 171.451779] kmsan_report+0x2bf/0x2c0 [ 171.455607] __msan_warning+0x7d/0xe0 [ 171.459428] __nf_conntrack_find_get+0xc15/0x2190 [ 171.464294] ? kmsan_set_origin_inline+0x6b/0x120 [ 171.469166] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 171.474646] ? hash_conntrack_raw+0x5f7/0x8c0 [ 171.479175] nf_conntrack_in+0x1674/0x2070 [ 171.483468] ipv6_conntrack_local+0xc3/0xf0 [ 171.487810] ? ipv6_conntrack_in+0xf0/0xf0 [ 171.492065] nf_hook_slow+0x15d/0x3e0 [ 171.495894] __ip6_local_out+0x64c/0x770 [ 171.499980] ? __ip6_local_out+0x770/0x770 [ 171.504234] ip6_local_out+0xa4/0x1d0 [ 171.508061] ip6_push_pending_frames+0x218/0x4d0 [ 171.512856] rawv6_sendmsg+0x45f0/0x5410 [ 171.516986] ? compat_rawv6_ioctl+0x100/0x100 [ 171.521507] inet_sendmsg+0x3fc/0x760 [ 171.525327] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 171.530713] ? inet_getname+0x4a0/0x4a0 [ 171.534710] sock_write_iter+0x408/0x4d0 [ 171.538802] ? sock_read_iter+0x4f0/0x4f0 [ 171.542973] __vfs_write+0x87e/0xb90 [ 171.546731] vfs_write+0x467/0x8c0 [ 171.550304] __x64_sys_write+0x1cf/0x400 [ 171.554399] ? ksys_write+0x380/0x380 [ 171.558217] do_syscall_64+0x15b/0x230 [ 171.562125] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 171.567329] RIP: 0033:0x455ab9 [ 171.570518] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 171.589870] RSP: 002b:00007ffafb209c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 171.597599] RAX: ffffffffffffffda RBX: 00007ffafb20a6d4 RCX: 0000000000455ab9 [ 171.604882] RDX: 0000000000000339 RSI: 0000000020000b40 RDI: 0000000000000016 [ 171.612197] RBP: 000000000072bf48 R08: 0000000000000000 R09: 0000000000000000 [ 171.619483] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 171.626764] R13: 00000000004c2c2b R14: 00000000004d4c20 R15: 0000000000000001 [ 171.634582] Dumping ftrace buffer: [ 171.638118] (ftrace buffer empty) [ 171.641810] Kernel Offset: disabled [ 171.645430] Rebooting in 86400 seconds..