[�[0;32m OK �[0m] Started OpenBSD Secure Shell server.
[�[0;32m OK �[0m] Reached target Multi-User System.
[�[0;32m OK �[0m] Reached target Graphical Interface.
Starting Update UTMP about System Runlevel Changes...
[�[0;32m OK �[0m] Started Update UTMP about System Runlevel Changes.
Debian GNU/Linux 9 syzkaller ttyS0
syzkaller login: [ 80.441596][ T8371] sshd (8371) used greatest stack depth: 3816 bytes left
Warning: Permanently added '10.128.0.194' (ECDSA) to the list of known hosts.
[ 93.148050][ T32] audit: type=1400 audit(1595514379.177:8): avc: denied { execmem } for pid=8445 comm="syz-executor265" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
[ 93.175763][ T8446] IPVS: ftp: loaded support on port[0] = 21
[ 93.320590][ T8446] chnl_net:caif_netlink_parms(): no params data found
[ 93.490869][ T8446] bridge0: port 1(bridge_slave_0) entered blocking state
[ 93.501140][ T8446] bridge0: port 1(bridge_slave_0) entered disabled state
[ 93.511571][ T8446] device bridge_slave_0 entered promiscuous mode
[ 93.522063][ T8446] bridge0: port 2(bridge_slave_1) entered blocking state
[ 93.531543][ T8446] bridge0: port 2(bridge_slave_1) entered disabled state
[ 93.541930][ T8446] device bridge_slave_1 entered promiscuous mode
[ 93.572212][ T8446] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 93.584939][ T8446] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 93.618054][ T8446] team0: Port device team_slave_0 added
[ 93.628684][ T8446] team0: Port device team_slave_1 added
[ 93.656957][ T8446] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 93.665003][ T8446] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 93.697339][ T8446] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 93.713796][ T8446] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 93.720979][ T8446] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 93.748787][ T8446] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 93.837158][ T8446] device hsr_slave_0 entered promiscuous mode
[ 93.892381][ T8446] device hsr_slave_1 entered promiscuous mode
[ 94.106064][ T8446] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 94.166935][ T8446] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 94.226377][ T8446] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 94.286315][ T8446] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 94.426520][ T8446] 8021q: adding VLAN 0 to HW filter on device bond0
[ 94.443209][ T4891] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 94.451320][ T4891] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 94.465742][ T8446] 8021q: adding VLAN 0 to HW filter on device team0
[ 94.477107][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 94.486824][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 94.495916][ T31] bridge0: port 1(bridge_slave_0) entered blocking state
[ 94.503197][ T31] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 94.518395][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 94.527846][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 94.537670][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 94.547048][ T31] bridge0: port 2(bridge_slave_1) entered blocking state
[ 94.554335][ T31] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 94.569503][ T4891] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 94.592870][ T4891] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 94.603803][ T4891] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 94.613854][ T4891] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 94.637972][ T8446] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 94.648608][ T8446] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 94.662937][ T4891] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 94.671492][ T4891] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 94.682254][ T4891] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 94.691316][ T4891] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 94.700684][ T4891] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 94.710044][ T4891] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 94.719552][ T4891] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 94.730873][ T4891] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 94.754864][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 94.763172][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 94.783133][ T8446] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 94.809916][ T4891] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 94.820608][ T4891] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 94.850380][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 94.859603][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 94.875125][ T8446] device veth0_vlan entered promiscuous mode
[ 94.883701][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 94.893186][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 94.910740][ T8446] device veth1_vlan entered promiscuous mode
[ 94.940760][ T4891] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 94.950315][ T4891] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 94.959472][ T4891] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 94.968982][ T4891] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 94.983808][ T8446] device veth0_macvtap entered promiscuous mode
[ 94.996991][ T8446] device veth1_macvtap entered promiscuous mode
[ 95.021183][ T8446] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 95.028863][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 95.038480][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 95.047330][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 95.057081][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 95.074076][ T8446] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 95.096875][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 95.105928][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
executing program
[ 95.289119][ C0] =====================================================
[ 95.296087][ C0] BUG: KMSAN: uninit-value in ip_rcv_core+0xace/0x12c0
[ 95.302922][ C0] CPU: 0 PID: 8446 Comm: syz-executor265 Not tainted 5.8.0-rc5-syzkaller #0
[ 95.311709][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 95.321768][ C0] Call Trace:
[ 95.325050][ C0]
[ 95.327891][ C0] dump_stack+0x1df/0x240
[ 95.332217][ C0] kmsan_report+0xf7/0x1e0
[ 95.336620][ C0] __msan_warning+0x58/0xa0
[ 95.341107][ C0] ip_rcv_core+0xace/0x12c0
[ 95.345605][ C0] ip_rcv+0xca/0x750
[ 95.349501][ C0] ? kmsan_get_metadata+0x11d/0x180
[ 95.354684][ C0] ? ip_local_deliver_finish+0x350/0x350
[ 95.360430][ C0] process_backlog+0xfb5/0x14e0
[ 95.365302][ C0] ? rps_trigger_softirq+0x2e0/0x2e0
[ 95.370776][ C0] net_rx_action+0x746/0x1aa0
[ 95.375479][ C0] ? net_tx_action+0xc40/0xc40
[ 95.380254][ C0] __do_softirq+0x311/0x83d
[ 95.384780][ C0] asm_call_on_stack+0x12/0x20
[ 95.389550][ C0]
[ 95.392480][ C0] do_softirq_own_stack+0x7c/0xa0
[ 95.397583][ C0] __local_bh_enable_ip+0x184/0x1d0
[ 95.402770][ C0] local_bh_enable+0x36/0x40
[ 95.407360][ C0] __dev_queue_xmit+0x338e/0x3b20
[ 95.412514][ C0] ? kmsan_set_origin_checked+0x95/0xf0
[ 95.418060][ C0] ? packet_parse_headers+0x549/0x5d0
[ 95.423437][ C0] dev_queue_xmit+0x4b/0x60
[ 95.427944][ C0] ? netdev_core_pick_tx+0x4d0/0x4d0
[ 95.433278][ C0] packet_sendmsg+0x763f/0x87a0
[ 95.438200][ C0] ? kmsan_internal_chain_origin+0xfa/0x130
[ 95.444106][ C0] ? kmsan_internal_chain_origin+0xad/0x130
[ 95.449994][ C0] ? kmsan_memcpy_memmove_metadata+0x272/0x2e0
[ 95.456131][ C0] ? kmsan_memcpy_metadata+0xb/0x10
[ 95.461310][ C0] ? __msan_memcpy+0x43/0x50
[ 95.465886][ C0] ? sock_write_iter+0x108/0x720
[ 95.470805][ C0] ? vfs_write+0xd98/0x1480
[ 95.475311][ C0] ? ksys_write+0x267/0x450
[ 95.479807][ C0] ? __se_sys_write+0x92/0xb0
[ 95.485249][ C0] ? __ia32_sys_write+0x4a/0x70
[ 95.490082][ C0] ? __do_fast_syscall_32+0x2aa/0x400
[ 95.495437][ C0] ? kmsan_get_metadata+0x4f/0x180
[ 95.500537][ C0] ? kmsan_internal_set_origin+0x75/0xb0
[ 95.506157][ C0] ? __msan_poison_alloca+0xf0/0x120
[ 95.511426][ C0] ? kmsan_get_metadata+0x4f/0x180
[ 95.516522][ C0] ? failslab_store+0xe0/0x1f0
[ 95.521272][ C0] ? tomoyo_socket_sendmsg_permission+0x41c/0x4a0
[ 95.527682][ C0] ? __msan_metadata_ptr_for_load_8+0x10/0x20
[ 95.533738][ C0] ? compat_packet_setsockopt+0x360/0x360
[ 95.539446][ C0] sock_write_iter+0x707/0x720
[ 95.544206][ C0] ? sock_read_iter+0x760/0x760
[ 95.549161][ C0] vfs_write+0xd98/0x1480
[ 95.553488][ C0] ksys_write+0x267/0x450
[ 95.557800][ C0] ? kmsan_get_metadata+0x4f/0x180
[ 95.562895][ C0] __se_sys_write+0x92/0xb0
[ 95.567383][ C0] ? __se_sys_write+0xb0/0xb0
[ 95.572041][ C0] __ia32_sys_write+0x4a/0x70
[ 95.576700][ C0] __do_fast_syscall_32+0x2aa/0x400
[ 95.581903][ C0] do_fast_syscall_32+0x6b/0xd0
[ 95.586873][ C0] do_SYSENTER_32+0x73/0x90
[ 95.591360][ C0] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[ 95.597776][ C0] RIP: 0023:0xf7fad549
[ 95.601830][ C0] Code: Bad RIP value.
[ 95.605891][ C0] RSP: 002b:00000000ffa275ac EFLAGS: 00000217 ORIG_RAX: 0000000000000004
[ 95.614283][ C0] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000300
[ 95.622247][ C0] RDX: 000000000000000e RSI: 0000000000000169 RDI: 0000000000000003
[ 95.630212][ C0] RBP: 0000000020000080 R08: 0000000000000000 R09: 0000000000000000
[ 95.638169][ C0] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 95.646127][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 95.654218][ C0]
[ 95.656525][ C0] Uninit was stored to memory at:
[ 95.661536][ C0] kmsan_internal_chain_origin+0xad/0x130
[ 95.667240][ C0] __msan_chain_origin+0x50/0x90
[ 95.672164][ C0] iptunnel_xmit+0xaea/0xe00
[ 95.676737][ C0] udp_tunnel_xmit_skb+0x52a/0x650
[ 95.681952][ C0] geneve_xmit+0x28e4/0x2bf0
[ 95.686616][ C0] dev_hard_start_xmit+0x50e/0xa70
[ 95.691722][ C0] __dev_queue_xmit+0x2f8d/0x3b20
[ 95.696822][ C0] dev_queue_xmit+0x4b/0x60
[ 95.701307][ C0] packet_sendmsg+0x763f/0x87a0
[ 95.706146][ C0] sock_write_iter+0x707/0x720
[ 95.710892][ C0] vfs_write+0xd98/0x1480
[ 95.715206][ C0] ksys_write+0x267/0x450
[ 95.719517][ C0] __se_sys_write+0x92/0xb0
[ 95.724007][ C0] __ia32_sys_write+0x4a/0x70
[ 95.728665][ C0] __do_fast_syscall_32+0x2aa/0x400
[ 95.733846][ C0] do_fast_syscall_32+0x6b/0xd0
[ 95.738678][ C0] do_SYSENTER_32+0x73/0x90
[ 95.743165][ C0] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[ 95.749467][ C0]
[ 95.751782][ C0] Uninit was created at:
[ 95.756019][ C0] kmsan_internal_poison_shadow+0x66/0xd0
[ 95.761728][ C0] kmsan_slab_alloc+0x8a/0xe0
[ 95.766412][ C0] __kmalloc_node_track_caller+0xb40/0x1200
[ 95.772298][ C0] __alloc_skb+0x2fd/0xac0
[ 95.776699][ C0] alloc_skb_with_frags+0x18c/0xa70
[ 95.781886][ C0] sock_alloc_send_pskb+0xada/0xc60
[ 95.787075][ C0] packet_sendmsg+0x5f04/0x87a0
[ 95.791908][ C0] sock_write_iter+0x707/0x720
[ 95.796649][ C0] vfs_write+0xd98/0x1480
[ 95.800959][ C0] ksys_write+0x267/0x450
[ 95.805297][ C0] __se_sys_write+0x92/0xb0
[ 95.809780][ C0] __ia32_sys_write+0x4a/0x70
[ 95.814436][ C0] __do_fast_syscall_32+0x2aa/0x400
[ 95.819620][ C0] do_fast_syscall_32+0x6b/0xd0
[ 95.824460][ C0] do_SYSENTER_32+0x73/0x90
[ 95.828942][ C0] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[ 95.835248][ C0] =====================================================
[ 95.842163][ C0] Disabling lock debugging due to kernel taint
[ 95.848307][ C0] Kernel panic - not syncing: panic_on_warn set ...
[ 95.854911][ C0] CPU: 0 PID: 8446 Comm: syz-executor265 Tainted: G B 5.8.0-rc5-syzkaller #0
[ 95.864949][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 95.874986][ C0] Call Trace:
[ 95.878252][ C0]
[ 95.881089][ C0] dump_stack+0x1df/0x240
[ 95.885408][ C0] panic+0x3d5/0xc3e
[ 95.889300][ C0] kmsan_report+0x1df/0x1e0
[ 95.893790][ C0] __msan_warning+0x58/0xa0
[ 95.898276][ C0] ip_rcv_core+0xace/0x12c0
[ 95.902769][ C0] ip_rcv+0xca/0x750
[ 95.906648][ C0] ? kmsan_get_metadata+0x11d/0x180
[ 95.911850][ C0] ? ip_local_deliver_finish+0x350/0x350
[ 95.917468][ C0] process_backlog+0xfb5/0x14e0
[ 95.922334][ C0] ? rps_trigger_softirq+0x2e0/0x2e0
[ 95.927703][ C0] net_rx_action+0x746/0x1aa0
[ 95.932373][ C0] ? net_tx_action+0xc40/0xc40
[ 95.937119][ C0] __do_softirq+0x311/0x83d
[ 95.941615][ C0] asm_call_on_stack+0x12/0x20
[ 95.946409][ C0]
[ 95.949334][ C0] do_softirq_own_stack+0x7c/0xa0
[ 95.954342][ C0] __local_bh_enable_ip+0x184/0x1d0
[ 95.959525][ C0] local_bh_enable+0x36/0x40
[ 95.964098][ C0] __dev_queue_xmit+0x338e/0x3b20
[ 95.969110][ C0] ? kmsan_set_origin_checked+0x95/0xf0
[ 95.974645][ C0] ? packet_parse_headers+0x549/0x5d0
[ 95.980000][ C0] dev_queue_xmit+0x4b/0x60
[ 95.984491][ C0] ? netdev_core_pick_tx+0x4d0/0x4d0
[ 95.989814][ C0] packet_sendmsg+0x763f/0x87a0
[ 95.994649][ C0] ? kmsan_internal_chain_origin+0xfa/0x130
[ 96.000610][ C0] ? kmsan_internal_chain_origin+0xad/0x130
[ 96.006487][ C0] ? kmsan_memcpy_memmove_metadata+0x272/0x2e0
[ 96.012634][ C0] ? kmsan_memcpy_metadata+0xb/0x10
[ 96.017813][ C0] ? __msan_memcpy+0x43/0x50
[ 96.022397][ C0] ? sock_write_iter+0x108/0x720
[ 96.027329][ C0] ? vfs_write+0xd98/0x1480
[ 96.031822][ C0] ? ksys_write+0x267/0x450
[ 96.036307][ C0] ? __se_sys_write+0x92/0xb0
[ 96.040964][ C0] ? __ia32_sys_write+0x4a/0x70
[ 96.045799][ C0] ? __do_fast_syscall_32+0x2aa/0x400
[ 96.051153][ C0] ? kmsan_get_metadata+0x4f/0x180
[ 96.056248][ C0] ? kmsan_internal_set_origin+0x75/0xb0
[ 96.061875][ C0] ? __msan_poison_alloca+0xf0/0x120
[ 96.067156][ C0] ? kmsan_get_metadata+0x4f/0x180
[ 96.072252][ C0] ? failslab_store+0xe0/0x1f0
[ 96.077045][ C0] ? tomoyo_socket_sendmsg_permission+0x41c/0x4a0
[ 96.083481][ C0] ? __msan_metadata_ptr_for_load_8+0x10/0x20
[ 96.089639][ C0] ? compat_packet_setsockopt+0x360/0x360
[ 96.095346][ C0] sock_write_iter+0x707/0x720
[ 96.100099][ C0] ? sock_read_iter+0x760/0x760
[ 96.104938][ C0] vfs_write+0xd98/0x1480
[ 96.109261][ C0] ksys_write+0x267/0x450
[ 96.113578][ C0] ? kmsan_get_metadata+0x4f/0x180
[ 96.118715][ C0] __se_sys_write+0x92/0xb0
[ 96.123205][ C0] ? __se_sys_write+0xb0/0xb0
[ 96.127865][ C0] __ia32_sys_write+0x4a/0x70
[ 96.132530][ C0] __do_fast_syscall_32+0x2aa/0x400
[ 96.137717][ C0] do_fast_syscall_32+0x6b/0xd0
[ 96.142597][ C0] do_SYSENTER_32+0x73/0x90
[ 96.147085][ C0] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[ 96.153395][ C0] RIP: 0023:0xf7fad549
[ 96.157441][ C0] Code: Bad RIP value.
[ 96.161492][ C0] RSP: 002b:00000000ffa275ac EFLAGS: 00000217 ORIG_RAX: 0000000000000004
[ 96.169889][ C0] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000300
[ 96.177843][ C0] RDX: 000000000000000e RSI: 0000000000000169 RDI: 0000000000000003
[ 96.185887][ C0] RBP: 0000000020000080 R08: 0000000000000000 R09: 0000000000000000
[ 96.193843][ C0] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 96.201804][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 96.211096][ C0] Kernel Offset: 0x400000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff)
[ 96.222536][ C0] Rebooting in 86400 seconds..