Warning: Permanently added '10.128.15.233' (ECDSA) to the list of known hosts. 2018/12/30 10:57:49 fuzzer started 2018/12/30 10:57:54 dialing manager at 10.128.0.26:41469 2018/12/30 10:57:54 syscalls: 1 2018/12/30 10:57:54 code coverage: enabled 2018/12/30 10:57:54 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled 2018/12/30 10:57:54 setuid sandbox: enabled 2018/12/30 10:57:54 namespace sandbox: enabled 2018/12/30 10:57:54 Android sandbox: /sys/fs/selinux/policy does not exist 2018/12/30 10:57:54 fault injection: enabled 2018/12/30 10:57:54 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2018/12/30 10:57:54 net packet injection: enabled 2018/12/30 10:57:54 net device setup: enabled 10:57:57 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'pcbc(cast6)\x00'}, 0x58) accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) [ 115.312071] IPVS: ftp: loaded support on port[0] = 21 [ 115.462626] chnl_net:caif_netlink_parms(): no params data found [ 115.532754] bridge0: port 1(bridge_slave_0) entered blocking state [ 115.539301] bridge0: port 1(bridge_slave_0) entered disabled state [ 115.547582] device bridge_slave_0 entered promiscuous mode [ 115.556873] bridge0: port 2(bridge_slave_1) entered blocking state [ 115.563497] bridge0: port 2(bridge_slave_1) entered disabled state [ 115.571906] device bridge_slave_1 entered promiscuous mode [ 115.605476] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 115.617325] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 115.648480] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 115.657191] team0: Port device team_slave_0 added [ 115.664786] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 115.673445] team0: Port device team_slave_1 added [ 115.679635] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 115.688591] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 115.867201] device hsr_slave_0 entered promiscuous mode [ 116.032308] device hsr_slave_1 entered promiscuous mode [ 116.193019] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 116.200619] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 116.230443] bridge0: port 2(bridge_slave_1) entered blocking state [ 116.237067] bridge0: port 2(bridge_slave_1) entered forwarding state [ 116.244269] bridge0: port 1(bridge_slave_0) entered blocking state [ 116.250808] bridge0: port 1(bridge_slave_0) entered forwarding state [ 116.340973] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 116.347194] 8021q: adding VLAN 0 to HW filter on device bond0 [ 116.360591] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 116.374408] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 116.386480] bridge0: port 1(bridge_slave_0) entered disabled state [ 116.395866] bridge0: port 2(bridge_slave_1) entered disabled state [ 116.406999] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 116.424517] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 116.430631] 8021q: adding VLAN 0 to HW filter on device team0 [ 116.445693] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 116.452970] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 116.461516] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 116.471453] bridge0: port 1(bridge_slave_0) entered blocking state [ 116.478075] bridge0: port 1(bridge_slave_0) entered forwarding state [ 116.492735] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 116.505263] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 116.513635] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 116.522409] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 116.530613] bridge0: port 2(bridge_slave_1) entered blocking state [ 116.537184] bridge0: port 2(bridge_slave_1) entered forwarding state [ 116.545829] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 116.561400] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 116.573637] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 116.586522] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 116.599333] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 116.607341] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 116.616612] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 116.625633] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 116.634435] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 116.643553] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 116.652429] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 116.661171] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 116.674948] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 116.681812] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 116.690077] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 116.698689] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 116.712743] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 116.718804] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 116.746091] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 116.765726] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 116.831856] ================================================================== [ 116.839254] BUG: KMSAN: uninit-value in send_hsr_supervision_frame+0x1056/0x1510 [ 116.846782] CPU: 1 PID: 10732 Comm: syz-fuzzer Not tainted 4.20.0-rc7+ #16 [ 116.853778] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 116.863125] Call Trace: [ 116.865712] [ 116.867864] dump_stack+0x173/0x1d0 [ 116.871497] kmsan_report+0x12e/0x2a0 [ 116.875298] __msan_warning+0x82/0xf0 [ 116.879098] send_hsr_supervision_frame+0x1056/0x1510 [ 116.884330] hsr_announce+0x14c/0x3a0 [ 116.888137] call_timer_fn+0x285/0x600 [ 116.892018] ? hsr_dev_finalize+0xb90/0xb90 [ 116.896340] __run_timers+0xdb4/0x11d0 [ 116.900217] ? hsr_dev_finalize+0xb90/0xb90 [ 116.904553] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 116.910010] ? irqtime_account_irq+0xcf/0x2e0 [ 116.914498] ? timers_dead_cpu+0xa50/0xa50 [ 116.918758] run_timer_softirq+0x2e/0x50 [ 116.922814] __do_softirq+0x53f/0x93a [ 116.926653] irq_exit+0x214/0x250 [ 116.930101] exiting_irq+0xe/0x10 [ 116.933565] smp_apic_timer_interrupt+0x48/0x70 [ 116.938223] apic_timer_interrupt+0x2e/0x40 [ 116.942529] [ 116.944768] RIP: 0010:sha256_generic_block_fn+0x3456/0xab60 [ 116.950470] Code: e1 1e 89 c2 c1 ea 16 09 ca 89 d9 c1 c1 0a 31 f9 48 8b 7c 24 38 0b 7c 24 0c 01 cf 41 89 c6 41 c1 e6 0a 44 0b b4 24 a0 00 00 00 <41> 09 d6 41 09 f6 44 0b 74 24 18 03 bc 24 f0 00 00 00 89 c2 21 fa [ 116.969357] RSP: 0018:ffff888075b6ed40 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13 [ 116.977052] RAX: 0000000000000000 RBX: 0000000093ab41de RCX: 0000000007193763 [ 116.984310] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000a2dbfb52 [ 116.991578] RBP: ffff888075b6f078 R08: 000000008636be04 R09: 00000000e8c000a6 [ 116.998837] R10: 00000000afc0876f R11: 0000000000000000 R12: 0000000000000000 [ 117.006092] R13: 000000006c54be21 R14: 0000000000000000 R15: 0000000000000000 [ 117.013460] crypto_sha256_update+0x35f/0x3b0 [ 117.017957] ? sha1_base_init+0x180/0x180 [ 117.022097] crypto_shash_update+0x484/0x4f0 [ 117.026514] ? integrity_kernel_read+0x221/0x280 [ 117.031279] ima_calc_file_hash+0x25ca/0x2ca0 [ 117.035779] ? ext4_xattr_ibody_get+0x1a0/0x1290 [ 117.040555] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 117.045924] ? ext4_xattr_get+0xcd0/0xff0 [ 117.050087] ? __msan_poison_alloca+0x1f0/0x2a0 [ 117.054759] ima_collect_measurement+0x48d/0x980 [ 117.059638] process_measurement+0x1b37/0x2740 [ 117.064249] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 117.069632] ? refcount_dec_and_test_checked+0x1e8/0x2c0 [ 117.075084] ? apparmor_task_getsecid+0x172/0x190 [ 117.079921] ? apparmor_task_alloc+0x300/0x300 [ 117.084494] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 117.089849] ? security_task_getsecid+0x17f/0x190 [ 117.094688] ima_file_check+0x131/0x170 [ 117.098669] path_openat+0x4af5/0x6b90 [ 117.102592] ? expand_files+0x5d/0xcf0 [ 117.106484] ? do_sys_open+0x640/0x960 [ 117.110368] do_filp_open+0x2b8/0x710 [ 117.114193] do_sys_open+0x640/0x960 [ 117.117914] __se_sys_openat+0xcb/0xe0 [ 117.121803] __x64_sys_openat+0x56/0x70 [ 117.125773] do_syscall_64+0xbc/0xf0 [ 117.129484] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 117.134681] RIP: 0033:0x47fcba [ 117.137874] Code: e8 2b 41 fb ff 48 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 4c 8b 54 24 28 4c 8b 44 24 30 4c 8b 4c 24 38 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 40 ff ff ff ff 48 c7 44 24 48 [ 117.156778] RSP: 002b:000000c4202877e8 EFLAGS: 00000212 ORIG_RAX: 0000000000000101 [ 117.164491] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000047fcba [ 117.171749] RDX: 0000000000080002 RSI: 000000c420084ac0 RDI: ffffffffffffff9c [ 117.179004] RBP: 000000c420287868 R08: 0000000000000000 R09: 0000000000000000 [ 117.186261] R10: 00000000000001a4 R11: 0000000000000212 R12: 0000000000000000 [ 117.193557] R13: 00000000000000f1 R14: 0000000000000011 R15: 0000000000000001 [ 117.200829] [ 117.202441] Uninit was created at: [ 117.205982] kmsan_save_stack_with_flags+0x7a/0x130 [ 117.210993] kmsan_internal_alloc_meta_for_pages+0x113/0x580 [ 117.216794] kmsan_alloc_page+0x7e/0x100 [ 117.220844] __alloc_pages_nodemask+0x1587/0x5f20 [ 117.225671] page_frag_alloc+0x3c1/0x980 [ 117.229720] __netdev_alloc_skb+0x1f1/0xa50 [ 117.234028] send_hsr_supervision_frame+0x168/0x1510 [ 117.239115] hsr_announce+0x14c/0x3a0 [ 117.242924] call_timer_fn+0x285/0x600 [ 117.246800] __run_timers+0xdb4/0x11d0 [ 117.250678] run_timer_softirq+0x2e/0x50 [ 117.254728] __do_softirq+0x53f/0x93a [ 117.258507] ================================================================== [ 117.265851] Disabling lock debugging due to kernel taint [ 117.271281] Kernel panic - not syncing: panic_on_warn set ... [ 117.277157] CPU: 1 PID: 10732 Comm: syz-fuzzer Tainted: G B 4.20.0-rc7+ #16 [ 117.285576] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 117.294915] Call Trace: [ 117.297488] [ 117.299634] dump_stack+0x173/0x1d0 [ 117.303266] panic+0x3ce/0x961 [ 117.306484] kmsan_report+0x293/0x2a0 [ 117.310280] __msan_warning+0x82/0xf0 [ 117.314084] send_hsr_supervision_frame+0x1056/0x1510 [ 117.319311] hsr_announce+0x14c/0x3a0 [ 117.323135] call_timer_fn+0x285/0x600 [ 117.327013] ? hsr_dev_finalize+0xb90/0xb90 [ 117.331354] __run_timers+0xdb4/0x11d0 [ 117.335245] ? hsr_dev_finalize+0xb90/0xb90 [ 117.339574] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 117.345017] ? irqtime_account_irq+0xcf/0x2e0 [ 117.349506] ? timers_dead_cpu+0xa50/0xa50 [ 117.353755] run_timer_softirq+0x2e/0x50 [ 117.357809] __do_softirq+0x53f/0x93a [ 117.361625] irq_exit+0x214/0x250 [ 117.365075] exiting_irq+0xe/0x10 [ 117.368522] smp_apic_timer_interrupt+0x48/0x70 [ 117.373190] apic_timer_interrupt+0x2e/0x40 [ 117.377496] [ 117.379729] RIP: 0010:sha256_generic_block_fn+0x3456/0xab60 [ 117.385445] Code: e1 1e 89 c2 c1 ea 16 09 ca 89 d9 c1 c1 0a 31 f9 48 8b 7c 24 38 0b 7c 24 0c 01 cf 41 89 c6 41 c1 e6 0a 44 0b b4 24 a0 00 00 00 <41> 09 d6 41 09 f6 44 0b 74 24 18 03 bc 24 f0 00 00 00 89 c2 21 fa [ 117.404335] RSP: 0018:ffff888075b6ed40 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13 [ 117.412030] RAX: 0000000000000000 RBX: 0000000093ab41de RCX: 0000000007193763 [ 117.419285] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000a2dbfb52 [ 117.426551] RBP: ffff888075b6f078 R08: 000000008636be04 R09: 00000000e8c000a6 [ 117.433810] R10: 00000000afc0876f R11: 0000000000000000 R12: 0000000000000000 [ 117.441064] R13: 000000006c54be21 R14: 0000000000000000 R15: 0000000000000000 [ 117.448437] crypto_sha256_update+0x35f/0x3b0 [ 117.452935] ? sha1_base_init+0x180/0x180 [ 117.457075] crypto_shash_update+0x484/0x4f0 [ 117.461491] ? integrity_kernel_read+0x221/0x280 [ 117.466254] ima_calc_file_hash+0x25ca/0x2ca0 [ 117.470765] ? ext4_xattr_ibody_get+0x1a0/0x1290 [ 117.475798] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 117.481172] ? ext4_xattr_get+0xcd0/0xff0 [ 117.485348] ? __msan_poison_alloca+0x1f0/0x2a0 [ 117.490041] ima_collect_measurement+0x48d/0x980 [ 117.494824] process_measurement+0x1b37/0x2740 [ 117.499434] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 117.504792] ? refcount_dec_and_test_checked+0x1e8/0x2c0 [ 117.510244] ? apparmor_task_getsecid+0x172/0x190 [ 117.515080] ? apparmor_task_alloc+0x300/0x300 [ 117.519657] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 117.525017] ? security_task_getsecid+0x17f/0x190 [ 117.529856] ima_file_check+0x131/0x170 [ 117.533834] path_openat+0x4af5/0x6b90 [ 117.537749] ? expand_files+0x5d/0xcf0 [ 117.541645] ? do_sys_open+0x640/0x960 [ 117.545528] do_filp_open+0x2b8/0x710 [ 117.549359] do_sys_open+0x640/0x960 [ 117.553081] __se_sys_openat+0xcb/0xe0 [ 117.556967] __x64_sys_openat+0x56/0x70 [ 117.560934] do_syscall_64+0xbc/0xf0 [ 117.564646] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 117.569822] RIP: 0033:0x47fcba [ 117.573005] Code: e8 2b 41 fb ff 48 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 4c 8b 54 24 28 4c 8b 44 24 30 4c 8b 4c 24 38 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 40 ff ff ff ff 48 c7 44 24 48 [ 117.591895] RSP: 002b:000000c4202877e8 EFLAGS: 00000212 ORIG_RAX: 0000000000000101 [ 117.599614] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000047fcba [ 117.606871] RDX: 0000000000080002 RSI: 000000c420084ac0 RDI: ffffffffffffff9c [ 117.614127] RBP: 000000c420287868 R08: 0000000000000000 R09: 0000000000000000 [ 117.621381] R10: 00000000000001a4 R11: 0000000000000212 R12: 0000000000000000 [ 117.628635] R13: 00000000000000f1 R14: 0000000000000011 R15: 0000000000000001 [ 117.636840] Kernel Offset: disabled [ 117.640469] Rebooting in 86400 seconds..