Warning: Permanently added '10.128.15.196' (ECDSA) to the list of known hosts. 2020/07/17 21:19:41 fuzzer started 2020/07/17 21:19:41 dialing manager at 10.128.0.26:41463 2020/07/17 21:19:44 syscalls: 2944 2020/07/17 21:19:44 code coverage: enabled 2020/07/17 21:19:44 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled 2020/07/17 21:19:44 extra coverage: enabled 2020/07/17 21:19:44 setuid sandbox: enabled 2020/07/17 21:19:44 namespace sandbox: enabled 2020/07/17 21:19:44 Android sandbox: /sys/fs/selinux/policy does not exist 2020/07/17 21:19:44 fault injection: enabled 2020/07/17 21:19:44 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2020/07/17 21:19:44 net packet injection: enabled 2020/07/17 21:19:44 net device setup: enabled 2020/07/17 21:19:44 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2020/07/17 21:19:44 devlink PCI setup: PCI device 0000:00:10.0 is not available 2020/07/17 21:19:44 USB emulation: /dev/raw-gadget does not exist 21:21:22 executing program 0: unshare(0x400) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x8) [ 218.869565][ T8475] IPVS: ftp: loaded support on port[0] = 21 [ 219.071108][ T8475] chnl_net:caif_netlink_parms(): no params data found [ 219.268631][ T8475] bridge0: port 1(bridge_slave_0) entered blocking state [ 219.275893][ T8475] bridge0: port 1(bridge_slave_0) entered disabled state [ 219.285664][ T8475] device bridge_slave_0 entered promiscuous mode [ 219.298503][ T8475] bridge0: port 2(bridge_slave_1) entered blocking state [ 219.305716][ T8475] bridge0: port 2(bridge_slave_1) entered disabled state [ 219.315576][ T8475] device bridge_slave_1 entered promiscuous mode [ 219.360486][ T8475] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 219.374594][ T8475] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 219.418096][ T8475] team0: Port device team_slave_0 added [ 219.428833][ T8475] team0: Port device team_slave_1 added [ 219.468552][ T8475] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 219.475612][ T8475] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 219.502367][ T8475] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 219.515744][ T8475] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 219.524273][ T8475] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 219.550370][ T8475] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 219.633976][ T8475] device hsr_slave_0 entered promiscuous mode [ 219.798623][ T8475] device hsr_slave_1 entered promiscuous mode [ 220.199128][ T8475] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 220.261735][ T8475] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 220.303793][ T8475] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 220.503125][ T8475] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 220.749169][ T8475] 8021q: adding VLAN 0 to HW filter on device bond0 [ 220.783684][ T3244] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 220.793362][ T3244] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 220.823468][ T8475] 8021q: adding VLAN 0 to HW filter on device team0 [ 220.845867][ T3244] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 220.856101][ T3244] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 220.865447][ T3244] bridge0: port 1(bridge_slave_0) entered blocking state [ 220.872726][ T3244] bridge0: port 1(bridge_slave_0) entered forwarding state [ 220.913535][ T3244] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 220.922724][ T3244] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 220.932726][ T3244] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 220.942822][ T3244] bridge0: port 2(bridge_slave_1) entered blocking state [ 220.950095][ T3244] bridge0: port 2(bridge_slave_1) entered forwarding state [ 220.959110][ T3244] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 220.969836][ T3244] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 221.032113][ T8475] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 221.042628][ T8475] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 221.067290][ T3244] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 221.077723][ T3244] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 221.088073][ T3244] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 221.099368][ T3244] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 221.109611][ T3244] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 221.119131][ T3244] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 221.129043][ T3244] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 221.138551][ T3244] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 221.155536][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 221.165631][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 221.205594][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 221.218449][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 221.258164][ T8475] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 221.293719][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 221.304334][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 221.350648][ T8475] device veth0_vlan entered promiscuous mode [ 221.359837][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 221.369750][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 221.392995][ T8475] device veth1_vlan entered promiscuous mode [ 221.405220][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 221.414350][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 221.423419][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 221.469916][ T8475] device veth0_macvtap entered promiscuous mode [ 221.479947][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 221.489436][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 221.499195][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 221.514387][ T8475] device veth1_macvtap entered promiscuous mode [ 221.547115][ T8475] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 221.559158][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 221.568478][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 221.577659][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 221.588217][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 221.606004][ T8475] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 221.650221][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 221.660149][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready 21:21:26 executing program 0: unshare(0x400) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x8) 21:21:26 executing program 0: unshare(0x400) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x8) 21:21:26 executing program 0: unshare(0x400) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x8) 21:21:26 executing program 0: r0 = socket(0x2000000000000021, 0x2, 0x10000000000002) connect$rxrpc(r0, &(0x7f0000000140)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @multicast2}}, 0x24) sendmmsg(r0, &(0x7f0000003e80)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000e00)=[{0x18, 0x110, 0x1, "ec"}], 0x18}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=[{0x10}, {0x18, 0x110, 0x9, "a8"}], 0x28}}], 0x2, 0x0) 21:21:26 executing program 0: r0 = socket(0x2000000000000021, 0x2, 0x10000000000002) connect$rxrpc(r0, &(0x7f0000000140)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @multicast2}}, 0x24) sendmmsg(r0, &(0x7f0000003e80)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000e00)=[{0x18, 0x110, 0x1, "ec"}], 0x18}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=[{0x10}, {0x18, 0x110, 0x9, "a8"}], 0x28}}], 0x2, 0x0) 21:21:26 executing program 0: r0 = socket(0x2000000000000021, 0x2, 0x10000000000002) connect$rxrpc(r0, &(0x7f0000000140)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @multicast2}}, 0x24) sendmmsg(r0, &(0x7f0000003e80)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000e00)=[{0x18, 0x110, 0x1, "ec"}], 0x18}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=[{0x10}, {0x18, 0x110, 0x9, "a8"}], 0x28}}], 0x2, 0x0) 21:21:26 executing program 0: r0 = socket(0x2000000000000021, 0x2, 0x10000000000002) connect$rxrpc(r0, &(0x7f0000000140)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @multicast2}}, 0x24) sendmmsg(r0, &(0x7f0000003e80)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000e00)=[{0x18, 0x110, 0x1, "ec"}], 0x18}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=[{0x10}, {0x18, 0x110, 0x9, "a8"}], 0x28}}], 0x2, 0x0) 21:21:26 executing program 0: r0 = open(&(0x7f00000009c0)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x11, r0, 0x0) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000002000/0x4000)=nil, 0x4000, 0x0, 0x2812, r1, 0x0) mmap(&(0x7f0000004000/0x4000)=nil, 0x4000, 0x0, 0x32, 0xffffffffffffffff, 0x0) 21:21:27 executing program 0: r0 = open(&(0x7f00000009c0)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x11, r0, 0x0) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000002000/0x4000)=nil, 0x4000, 0x0, 0x2812, r1, 0x0) mmap(&(0x7f0000004000/0x4000)=nil, 0x4000, 0x0, 0x32, 0xffffffffffffffff, 0x0) 21:21:27 executing program 0: r0 = open(&(0x7f00000009c0)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x11, r0, 0x0) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000002000/0x4000)=nil, 0x4000, 0x0, 0x2812, r1, 0x0) mmap(&(0x7f0000004000/0x4000)=nil, 0x4000, 0x0, 0x32, 0xffffffffffffffff, 0x0) 21:21:27 executing program 0: r0 = open(&(0x7f00000009c0)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x11, r0, 0x0) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000002000/0x4000)=nil, 0x4000, 0x0, 0x2812, r1, 0x0) mmap(&(0x7f0000004000/0x4000)=nil, 0x4000, 0x0, 0x32, 0xffffffffffffffff, 0x0) 21:21:27 executing program 0: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$kcm(0xa, 0x5, 0x0) sendmsg(r1, &(0x7f00000006c0)={&(0x7f0000000100)=@in6={0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}, 0x80, &(0x7f0000000400)=[{&(0x7f0000000440)="c4", 0x1}], 0x1}, 0x0) sendmsg$inet(r1, &(0x7f00000014c0)={&(0x7f0000000040)={0x2, 0x0, @dev}, 0x10, &(0x7f0000000000)=[{&(0x7f00000000c0)='p', 0x1}], 0x1}, 0x0) r2 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000380)="480000001400e702095f9f95274b0a000a845865400402000000000000006fab078a6a36d47a56aa68c6f8c36d96bd7c497626ff00034000d90000000000000000634310e68b0c89", 0x48}], 0x1}, 0x0) recvmsg(r2, &(0x7f0000000dc0)={0x0, 0x0, 0x0}, 0x0) 21:21:28 executing program 0: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$kcm(0xa, 0x5, 0x0) sendmsg(r1, &(0x7f00000006c0)={&(0x7f0000000100)=@in6={0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}, 0x80, &(0x7f0000000400)=[{&(0x7f0000000440)="c4", 0x1}], 0x1}, 0x0) sendmsg$inet(r1, &(0x7f00000014c0)={&(0x7f0000000040)={0x2, 0x0, @dev}, 0x10, &(0x7f0000000000)=[{&(0x7f00000000c0)='p', 0x1}], 0x1}, 0x0) r2 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000380)="480000001400e702095f9f95274b0a000a845865400402000000000000006fab078a6a36d47a56aa68c6f8c36d96bd7c497626ff00034000d90000000000000000634310e68b0c89", 0x48}], 0x1}, 0x0) recvmsg(r2, &(0x7f0000000dc0)={0x0, 0x0, 0x0}, 0x0) 21:21:29 executing program 1: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'streebog256\x00'}, 0x58) r3 = accept4(r2, 0x0, 0x0, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000400)='net/sockstat6\x00') sendfile(r3, r4, 0x0, 0xa51) sendmsg$IPVS_CMD_DEL_DAEMON(r3, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0) 21:21:29 executing program 0: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$kcm(0xa, 0x5, 0x0) sendmsg(r1, &(0x7f00000006c0)={&(0x7f0000000100)=@in6={0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}, 0x80, &(0x7f0000000400)=[{&(0x7f0000000440)="c4", 0x1}], 0x1}, 0x0) sendmsg$inet(r1, &(0x7f00000014c0)={&(0x7f0000000040)={0x2, 0x0, @dev}, 0x10, &(0x7f0000000000)=[{&(0x7f00000000c0)='p', 0x1}], 0x1}, 0x0) r2 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000380)="480000001400e702095f9f95274b0a000a845865400402000000000000006fab078a6a36d47a56aa68c6f8c36d96bd7c497626ff00034000d90000000000000000634310e68b0c89", 0x48}], 0x1}, 0x0) recvmsg(r2, &(0x7f0000000dc0)={0x0, 0x0, 0x0}, 0x0) [ 225.520736][ T8734] IPVS: ftp: loaded support on port[0] = 21 [ 225.794904][ T8734] chnl_net:caif_netlink_parms(): no params data found [ 225.950374][ T8734] bridge0: port 1(bridge_slave_0) entered blocking state [ 225.958116][ T8734] bridge0: port 1(bridge_slave_0) entered disabled state [ 225.967473][ T8734] device bridge_slave_0 entered promiscuous mode [ 225.980617][ T8734] bridge0: port 2(bridge_slave_1) entered blocking state [ 225.988001][ T8734] bridge0: port 2(bridge_slave_1) entered disabled state [ 225.997968][ T8734] device bridge_slave_1 entered promiscuous mode [ 226.043633][ T8734] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 226.058247][ T8734] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 226.117882][ T8734] team0: Port device team_slave_0 added [ 226.136164][ T8734] team0: Port device team_slave_1 added [ 226.182319][ T8734] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 226.189583][ T8734] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 226.216368][ T8734] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active 21:21:30 executing program 0: r0 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$kcm(0xa, 0x5, 0x0) sendmsg(r1, &(0x7f00000006c0)={&(0x7f0000000100)=@in6={0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}, 0x80, &(0x7f0000000400)=[{&(0x7f0000000440)="c4", 0x1}], 0x1}, 0x0) sendmsg$inet(r1, &(0x7f00000014c0)={&(0x7f0000000040)={0x2, 0x0, @dev}, 0x10, &(0x7f0000000000)=[{&(0x7f00000000c0)='p', 0x1}], 0x1}, 0x0) r2 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000380)="480000001400e702095f9f95274b0a000a845865400402000000000000006fab078a6a36d47a56aa68c6f8c36d96bd7c497626ff00034000d90000000000000000634310e68b0c89", 0x48}], 0x1}, 0x0) recvmsg(r2, &(0x7f0000000dc0)={0x0, 0x0, 0x0}, 0x0) [ 226.284238][ T8734] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 226.291872][ T8734] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 226.318019][ T8734] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 226.554644][ T8734] device hsr_slave_0 entered promiscuous mode [ 226.646886][ T8734] device hsr_slave_1 entered promiscuous mode [ 226.736740][ T8734] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 226.744424][ T8734] Cannot create hsr debugfs directory [ 227.049437][ T8734] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 227.122714][ T8734] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 227.182661][ T8734] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 227.224949][ T8734] netdevsim netdevsim1 netdevsim3: renamed from eth3 21:21:31 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$netlink(0x10, 0x3, 0x0) bind$netlink(r2, &(0x7f0000f12000)={0x400000010}, 0xc) openat$nullb(0xffffffffffffff9c, 0x0, 0x0, 0x0) dup(0xffffffffffffffff) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = socket$inet_udp(0x2, 0x2, 0x0) r4 = dup(r3) setsockopt$ARPT_SO_SET_REPLACE(r4, 0xa02000000000000, 0x60, &(0x7f0000000840)={'filter\x00', 0x1002, 0x4, 0x3d0, 0x0, 0x0, 0xe8, 0x2e8, 0x2e8, 0x2e8, 0x4, 0x0, {[{{@arp={@initdev={0xac, 0x1e, 0x0, 0x0}, @empty, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth1_vlan\x00', 'tunl0\x00'}, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0x1d8}}, {{@arp={@initdev={0xac, 0x1e, 0x0, 0x0}, @multicast2, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'netdevsim0\x00', 'ip6tnl0\x00'}, 0xc0, 0xf0}, @unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@dev, @empty, @local, @loopback}}}], {{[], 0xc0, 0xe8}, {0x28}}}}, 0x420) 21:21:31 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$netlink(0x10, 0x3, 0x0) bind$netlink(r2, &(0x7f0000f12000)={0x400000010}, 0xc) openat$nullb(0xffffffffffffff9c, 0x0, 0x0, 0x0) dup(0xffffffffffffffff) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = socket$inet_udp(0x2, 0x2, 0x0) r4 = dup(r3) setsockopt$ARPT_SO_SET_REPLACE(r4, 0xa02000000000000, 0x60, &(0x7f0000000840)={'filter\x00', 0x1002, 0x4, 0x3d0, 0x0, 0x0, 0xe8, 0x2e8, 0x2e8, 0x2e8, 0x4, 0x0, {[{{@arp={@initdev={0xac, 0x1e, 0x0, 0x0}, @empty, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth1_vlan\x00', 'tunl0\x00'}, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0x1d8}}, {{@arp={@initdev={0xac, 0x1e, 0x0, 0x0}, @multicast2, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'netdevsim0\x00', 'ip6tnl0\x00'}, 0xc0, 0xf0}, @unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@dev, @empty, @local, @loopback}}}], {{[], 0xc0, 0xe8}, {0x28}}}}, 0x420) [ 227.372435][ T8948] cannot load conntrack support for proto=3 [ 227.487482][ T8952] cannot load conntrack support for proto=3 21:21:31 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$netlink(0x10, 0x3, 0x0) bind$netlink(r2, &(0x7f0000f12000)={0x400000010}, 0xc) openat$nullb(0xffffffffffffff9c, 0x0, 0x0, 0x0) dup(0xffffffffffffffff) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = socket$inet_udp(0x2, 0x2, 0x0) r4 = dup(r3) setsockopt$ARPT_SO_SET_REPLACE(r4, 0xa02000000000000, 0x60, &(0x7f0000000840)={'filter\x00', 0x1002, 0x4, 0x3d0, 0x0, 0x0, 0xe8, 0x2e8, 0x2e8, 0x2e8, 0x4, 0x0, {[{{@arp={@initdev={0xac, 0x1e, 0x0, 0x0}, @empty, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth1_vlan\x00', 'tunl0\x00'}, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0x1d8}}, {{@arp={@initdev={0xac, 0x1e, 0x0, 0x0}, @multicast2, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'netdevsim0\x00', 'ip6tnl0\x00'}, 0xc0, 0xf0}, @unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@dev, @empty, @local, @loopback}}}], {{[], 0xc0, 0xe8}, {0x28}}}}, 0x420) [ 227.563503][ T8734] 8021q: adding VLAN 0 to HW filter on device bond0 [ 227.613797][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 227.622683][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 227.639135][ T8734] 8021q: adding VLAN 0 to HW filter on device team0 [ 227.673351][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 227.683105][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 227.693306][ T31] bridge0: port 1(bridge_slave_0) entered blocking state [ 227.700705][ T31] bridge0: port 1(bridge_slave_0) entered forwarding state 21:21:31 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$netlink(0x10, 0x3, 0x0) bind$netlink(r2, &(0x7f0000f12000)={0x400000010}, 0xc) openat$nullb(0xffffffffffffff9c, 0x0, 0x0, 0x0) dup(0xffffffffffffffff) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = socket$inet_udp(0x2, 0x2, 0x0) r4 = dup(r3) setsockopt$ARPT_SO_SET_REPLACE(r4, 0xa02000000000000, 0x60, &(0x7f0000000840)={'filter\x00', 0x1002, 0x4, 0x3d0, 0x0, 0x0, 0xe8, 0x2e8, 0x2e8, 0x2e8, 0x4, 0x0, {[{{@arp={@initdev={0xac, 0x1e, 0x0, 0x0}, @empty, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth1_vlan\x00', 'tunl0\x00'}, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0x1d8}}, {{@arp={@initdev={0xac, 0x1e, 0x0, 0x0}, @multicast2, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'netdevsim0\x00', 'ip6tnl0\x00'}, 0xc0, 0xf0}, @unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@dev, @empty, @local, @loopback}}}], {{[], 0xc0, 0xe8}, {0x28}}}}, 0x420) [ 227.762576][ T8956] cannot load conntrack support for proto=3 [ 227.795119][ T8734] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 227.806120][ T8734] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 227.837859][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 227.846890][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 227.856679][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 227.866716][ T31] bridge0: port 2(bridge_slave_1) entered blocking state [ 227.873921][ T31] bridge0: port 2(bridge_slave_1) entered forwarding state [ 227.883052][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 227.893876][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 227.904514][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 227.914741][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 227.924932][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 227.935381][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 227.945627][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 227.955021][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 227.965097][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 227.974607][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 227.999282][ T8960] cannot load conntrack support for proto=3 21:21:32 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$netlink(0x10, 0x3, 0x0) bind$netlink(r2, &(0x7f0000f12000)={0x400000010}, 0xc) openat$nullb(0xffffffffffffff9c, 0x0, 0x0, 0x0) dup(0xffffffffffffffff) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = socket$inet_udp(0x2, 0x2, 0x0) r4 = dup(r3) setsockopt$ARPT_SO_SET_REPLACE(r4, 0xa02000000000000, 0x60, &(0x7f0000000840)={'filter\x00', 0x1002, 0x4, 0x3d0, 0x0, 0x0, 0xe8, 0x2e8, 0x2e8, 0x2e8, 0x4, 0x0, {[{{@arp={@initdev={0xac, 0x1e, 0x0, 0x0}, @empty, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth1_vlan\x00', 'tunl0\x00'}, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0x1d8}}, {{@arp={@initdev={0xac, 0x1e, 0x0, 0x0}, @multicast2, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'netdevsim0\x00', 'ip6tnl0\x00'}, 0xc0, 0xf0}, @unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@dev, @empty, @local, @loopback}}}], {{[], 0xc0, 0xe8}, {0x28}}}}, 0x420) [ 228.041847][ T8734] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 228.129920][ T8734] device veth0_vlan entered promiscuous mode [ 228.169324][ T8734] device veth1_vlan entered promiscuous mode [ 228.180013][ T8963] cannot load conntrack support for proto=3 [ 228.239521][ T8734] device veth0_macvtap entered promiscuous mode [ 228.271417][ T8734] device veth1_macvtap entered promiscuous mode 21:21:32 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$netlink(0x10, 0x3, 0x0) bind$netlink(r2, &(0x7f0000f12000)={0x400000010}, 0xc) openat$nullb(0xffffffffffffff9c, 0x0, 0x0, 0x0) dup(0xffffffffffffffff) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = socket$inet_udp(0x2, 0x2, 0x0) r4 = dup(r3) setsockopt$ARPT_SO_SET_REPLACE(r4, 0xa02000000000000, 0x60, &(0x7f0000000840)={'filter\x00', 0x1002, 0x4, 0x3d0, 0x0, 0x0, 0xe8, 0x2e8, 0x2e8, 0x2e8, 0x4, 0x0, {[{{@arp={@initdev={0xac, 0x1e, 0x0, 0x0}, @empty, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth1_vlan\x00', 'tunl0\x00'}, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0x1d8}}, {{@arp={@initdev={0xac, 0x1e, 0x0, 0x0}, @multicast2, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'netdevsim0\x00', 'ip6tnl0\x00'}, 0xc0, 0xf0}, @unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@dev, @empty, @local, @loopback}}}], {{[], 0xc0, 0xe8}, {0x28}}}}, 0x420) [ 228.305826][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 228.315771][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 228.324520][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 228.332336][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 228.340873][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 228.350698][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 228.360519][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 228.370018][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 228.380162][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 228.389365][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 228.398535][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 228.408248][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 228.417875][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 228.471108][ T8734] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 228.481814][ T8734] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 228.495499][ T8734] batman_adv: batadv0: Interface activated: batadv_slave_0 21:21:32 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$netlink(0x10, 0x3, 0x0) bind$netlink(r2, &(0x7f0000f12000)={0x400000010}, 0xc) openat$nullb(0xffffffffffffff9c, 0x0, 0x0, 0x0) dup(0xffffffffffffffff) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = socket$inet_udp(0x2, 0x2, 0x0) r4 = dup(r3) setsockopt$ARPT_SO_SET_REPLACE(r4, 0xa02000000000000, 0x60, &(0x7f0000000840)={'filter\x00', 0x1002, 0x4, 0x3d0, 0x0, 0x0, 0xe8, 0x2e8, 0x2e8, 0x2e8, 0x4, 0x0, {[{{@arp={@initdev={0xac, 0x1e, 0x0, 0x0}, @empty, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth1_vlan\x00', 'tunl0\x00'}, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0x1d8}}, {{@arp={@initdev={0xac, 0x1e, 0x0, 0x0}, @multicast2, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'netdevsim0\x00', 'ip6tnl0\x00'}, 0xc0, 0xf0}, @unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@dev, @empty, @local, @loopback}}}], {{[], 0xc0, 0xe8}, {0x28}}}}, 0x420) [ 228.558991][ T8734] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 228.569869][ T8734] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 228.582964][ T8734] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 228.598918][ T8968] cannot load conntrack support for proto=3 [ 228.692463][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 228.701710][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 228.710949][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 228.720313][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 228.730180][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 228.740121][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 228.749925][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 228.780308][ T8972] cannot load conntrack support for proto=3 21:21:33 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$rds(0xffffffffffffffff, &(0x7f0000002940)={0x0, 0x0, &(0x7f0000002800)=[{0x0}], 0x1}, 0x0) r2 = getpid() prctl$PR_GET_NAME(0x10, &(0x7f0000000040)=""/229) sched_setscheduler(r2, 0x5, &(0x7f0000000000)) r3 = syz_open_procfs(r2, &(0x7f0000000000)='autogroup\x00') preadv(r3, &(0x7f00000017c0), 0x1ab, 0x500) [ 229.000367][ T8978] ===================================================== [ 229.007356][ T8978] BUG: KMSAN: uninit-value in streebog_xlps+0x645/0x7c0 [ 229.014307][ T8978] CPU: 1 PID: 8978 Comm: syz-executor.1 Not tainted 5.8.0-rc5-syzkaller #0 [ 229.022891][ T8978] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 229.032950][ T8978] Call Trace: [ 229.036257][ T8978] dump_stack+0x1df/0x240 [ 229.040607][ T8978] kmsan_report+0xf7/0x1e0 [ 229.045039][ T8978] __msan_warning+0x58/0xa0 [ 229.049556][ T8978] streebog_xlps+0x645/0x7c0 [ 229.054175][ T8978] streebog_g+0x143/0xfd0 [ 229.058517][ T8978] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 229.064580][ T8978] ? update_stack_state+0xa18/0xb40 [ 229.069781][ T8978] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 229.076047][ T8978] streebog_update+0x127d/0x28e0 [ 229.080991][ T8978] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 229.087136][ T8978] ? streebog_init+0x2f0/0x2f0 [ 229.091886][ T8978] crypto_shash_update+0x4e9/0x550 [ 229.096986][ T8978] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 229.104091][ T8978] ? crypto_hash_walk_first+0x1fd/0x360 [ 229.109642][ T8978] ? kmsan_get_metadata+0x4f/0x180 [ 229.114745][ T8978] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 229.120544][ T8978] shash_async_update+0x113/0x1d0 [ 229.125564][ T8978] ? shash_async_init+0x1e0/0x1e0 [ 229.130575][ T8978] hash_sendpage+0x8ef/0xdf0 [ 229.135156][ T8978] ? hash_recvmsg+0xd30/0xd30 [ 229.139823][ T8978] sock_sendpage+0x1e1/0x2c0 [ 229.144407][ T8978] pipe_to_sendpage+0x38c/0x4c0 [ 229.149248][ T8978] ? sock_fasync+0x250/0x250 [ 229.153833][ T8978] __splice_from_pipe+0x565/0xf00 [ 229.158846][ T8978] ? generic_splice_sendpage+0x2d0/0x2d0 [ 229.164502][ T8978] generic_splice_sendpage+0x1d5/0x2d0 [ 229.169958][ T8978] ? iter_file_splice_write+0x1800/0x1800 [ 229.176622][ T8978] direct_splice_actor+0x1fd/0x580 [ 229.181725][ T8978] ? kmsan_get_metadata+0x4f/0x180 [ 229.186829][ T8978] splice_direct_to_actor+0x6b2/0xf50 [ 229.192186][ T8978] ? do_splice_direct+0x580/0x580 [ 229.197231][ T8978] do_splice_direct+0x342/0x580 [ 229.202082][ T8978] do_sendfile+0x101b/0x1d40 [ 229.206677][ T8978] __se_sys_sendfile64+0x2bb/0x360 [ 229.211777][ T8978] ? kmsan_get_metadata+0x4f/0x180 [ 229.216877][ T8978] __x64_sys_sendfile64+0x56/0x70 [ 229.221893][ T8978] do_syscall_64+0xb0/0x150 [ 229.226388][ T8978] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 229.232266][ T8978] RIP: 0033:0x45c1d9 [ 229.236139][ T8978] Code: Bad RIP value. [ 229.240190][ T8978] RSP: 002b:00007f5d956afc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 229.248585][ T8978] RAX: ffffffffffffffda RBX: 0000000000025a00 RCX: 000000000045c1d9 [ 229.256543][ T8978] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000007 [ 229.264501][ T8978] RBP: 000000000078bf48 R08: 0000000000000000 R09: 0000000000000000 [ 229.272458][ T8978] R10: 0000000000000a51 R11: 0000000000000246 R12: 000000000078bf0c [ 229.280510][ T8978] R13: 0000000000c9fb6f R14: 00007f5d956b09c0 R15: 000000000078bf0c [ 229.288473][ T8978] [ 229.290784][ T8978] Uninit was stored to memory at: [ 229.295886][ T8978] kmsan_internal_chain_origin+0xad/0x130 [ 229.301587][ T8978] kmsan_memcpy_memmove_metadata+0x272/0x2e0 [ 229.307550][ T8978] kmsan_memcpy_metadata+0xb/0x10 [ 229.312555][ T8978] __msan_memcpy+0x43/0x50 [ 229.316959][ T8978] streebog_update+0x1240/0x28e0 [ 229.321881][ T8978] crypto_shash_update+0x4e9/0x550 [ 229.326974][ T8978] shash_async_update+0x113/0x1d0 [ 229.331981][ T8978] hash_sendpage+0x8ef/0xdf0 [ 229.336556][ T8978] sock_sendpage+0x1e1/0x2c0 [ 229.341129][ T8978] pipe_to_sendpage+0x38c/0x4c0 [ 229.345964][ T8978] __splice_from_pipe+0x565/0xf00 [ 229.350971][ T8978] generic_splice_sendpage+0x1d5/0x2d0 [ 229.356414][ T8978] direct_splice_actor+0x1fd/0x580 [ 229.361510][ T8978] splice_direct_to_actor+0x6b2/0xf50 [ 229.366866][ T8978] do_splice_direct+0x342/0x580 [ 229.371698][ T8978] do_sendfile+0x101b/0x1d40 [ 229.376270][ T8978] __se_sys_sendfile64+0x2bb/0x360 [ 229.381362][ T8978] __x64_sys_sendfile64+0x56/0x70 [ 229.386372][ T8978] do_syscall_64+0xb0/0x150 [ 229.390862][ T8978] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 229.396732][ T8978] [ 229.399048][ T8978] Uninit was created at: [ 229.403277][ T8978] kmsan_save_stack_with_flags+0x3c/0x90 [ 229.408894][ T8978] kmsan_alloc_page+0xb9/0x180 [ 229.413643][ T8978] __alloc_pages_nodemask+0x56a2/0x5dc0 [ 229.419172][ T8978] alloc_pages_current+0x672/0x990 [ 229.424263][ T8978] push_pipe+0x605/0xb70 [ 229.428491][ T8978] iov_iter_get_pages_alloc+0x18a9/0x21c0 [ 229.434194][ T8978] do_splice_to+0x4fc/0x14f0 [ 229.438768][ T8978] splice_direct_to_actor+0x45c/0xf50 [ 229.444120][ T8978] do_splice_direct+0x342/0x580 [ 229.448951][ T8978] do_sendfile+0x101b/0x1d40 [ 229.453525][ T8978] __se_sys_sendfile64+0x2bb/0x360 [ 229.458621][ T8978] __x64_sys_sendfile64+0x56/0x70 [ 229.463631][ T8978] do_syscall_64+0xb0/0x150 [ 229.468121][ T8978] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 229.473989][ T8978] ===================================================== [ 229.480900][ T8978] Disabling lock debugging due to kernel taint [ 229.487039][ T8978] Kernel panic - not syncing: panic_on_warn set ... [ 229.493613][ T8978] CPU: 1 PID: 8978 Comm: syz-executor.1 Tainted: G B 5.8.0-rc5-syzkaller #0 [ 229.503565][ T8978] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 229.513602][ T8978] Call Trace: [ 229.516881][ T8978] dump_stack+0x1df/0x240 [ 229.521201][ T8978] panic+0x3d5/0xc3e [ 229.525100][ T8978] kmsan_report+0x1df/0x1e0 [ 229.529591][ T8978] __msan_warning+0x58/0xa0 [ 229.534081][ T8978] streebog_xlps+0x645/0x7c0 [ 229.538670][ T8978] streebog_g+0x143/0xfd0 [ 229.542988][ T8978] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 229.549039][ T8978] ? update_stack_state+0xa18/0xb40 [ 229.554229][ T8978] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 229.560408][ T8978] streebog_update+0x127d/0x28e0 [ 229.565346][ T8978] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 229.571922][ T8978] ? streebog_init+0x2f0/0x2f0 [ 229.576671][ T8978] crypto_shash_update+0x4e9/0x550 [ 229.581768][ T8978] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 229.587920][ T8978] ? crypto_hash_walk_first+0x1fd/0x360 [ 229.593449][ T8978] ? kmsan_get_metadata+0x4f/0x180 [ 229.598550][ T8978] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 229.604342][ T8978] shash_async_update+0x113/0x1d0 [ 229.609356][ T8978] ? shash_async_init+0x1e0/0x1e0 [ 229.614366][ T8978] hash_sendpage+0x8ef/0xdf0 [ 229.618949][ T8978] ? hash_recvmsg+0xd30/0xd30 [ 229.623618][ T8978] sock_sendpage+0x1e1/0x2c0 [ 229.628202][ T8978] pipe_to_sendpage+0x38c/0x4c0 [ 229.633039][ T8978] ? sock_fasync+0x250/0x250 [ 229.637713][ T8978] __splice_from_pipe+0x565/0xf00 [ 229.642726][ T8978] ? generic_splice_sendpage+0x2d0/0x2d0 [ 229.648362][ T8978] generic_splice_sendpage+0x1d5/0x2d0 [ 229.653815][ T8978] ? iter_file_splice_write+0x1800/0x1800 [ 229.659520][ T8978] direct_splice_actor+0x1fd/0x580 [ 229.664619][ T8978] ? kmsan_get_metadata+0x4f/0x180 [ 229.669719][ T8978] splice_direct_to_actor+0x6b2/0xf50 [ 229.675082][ T8978] ? do_splice_direct+0x580/0x580 [ 229.680107][ T8978] do_splice_direct+0x342/0x580 [ 229.684954][ T8978] do_sendfile+0x101b/0x1d40 [ 229.689547][ T8978] __se_sys_sendfile64+0x2bb/0x360 [ 229.694646][ T8978] ? kmsan_get_metadata+0x4f/0x180 [ 229.699762][ T8978] __x64_sys_sendfile64+0x56/0x70 [ 229.704790][ T8978] do_syscall_64+0xb0/0x150 [ 229.709295][ T8978] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 229.715181][ T8978] RIP: 0033:0x45c1d9 [ 229.719057][ T8978] Code: Bad RIP value. [ 229.723109][ T8978] RSP: 002b:00007f5d956afc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 229.731507][ T8978] RAX: ffffffffffffffda RBX: 0000000000025a00 RCX: 000000000045c1d9 [ 229.739462][ T8978] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000007 [ 229.747427][ T8978] RBP: 000000000078bf48 R08: 0000000000000000 R09: 0000000000000000 [ 229.755381][ T8978] R10: 0000000000000a51 R11: 0000000000000246 R12: 000000000078bf0c [ 229.763338][ T8978] R13: 0000000000c9fb6f R14: 00007f5d956b09c0 R15: 000000000078bf0c [ 229.772665][ T8978] Kernel Offset: 0x1ae00000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff) [ 229.784335][ T8978] Rebooting in 86400 seconds..