[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 79.976154][ T31] audit: type=1800 audit(1574548825.029:25): pid=11605 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 79.999522][ T31] audit: type=1800 audit(1574548825.049:26): pid=11605 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 80.035121][ T31] audit: type=1800 audit(1574548825.079:27): pid=11605 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.15.227' (ECDSA) to the list of known hosts. syzkaller login: [ 114.851127][T11759] IPVS: ftp: loaded support on port[0] = 21 [ 114.859793][T11764] IPVS: ftp: loaded support on port[0] = 21 [ 114.877255][T11765] IPVS: ftp: loaded support on port[0] = 21 [ 114.882650][T11768] IPVS: ftp: loaded support on port[0] = 21 [ 114.897767][T11767] IPVS: ftp: loaded support on port[0] = 21 [ 114.902944][T11766] IPVS: ftp: loaded support on port[0] = 21 [ 115.264248][T11764] chnl_net:caif_netlink_parms(): no params data found [ 115.321328][T11766] chnl_net:caif_netlink_parms(): no params data found [ 115.414064][T11765] chnl_net:caif_netlink_parms(): no params data found [ 115.502396][T11768] chnl_net:caif_netlink_parms(): no params data found [ 115.513445][T11764] bridge0: port 1(bridge_slave_0) entered blocking state [ 115.520670][T11764] bridge0: port 1(bridge_slave_0) entered disabled state [ 115.529329][T11764] device bridge_slave_0 entered promiscuous mode [ 115.537504][T11759] chnl_net:caif_netlink_parms(): no params data found [ 115.548300][T11764] bridge0: port 2(bridge_slave_1) entered blocking state [ 115.555560][T11764] bridge0: port 2(bridge_slave_1) entered disabled state [ 115.564154][T11764] device bridge_slave_1 entered promiscuous mode [ 115.582437][T11767] chnl_net:caif_netlink_parms(): no params data found [ 115.690434][T11766] bridge0: port 1(bridge_slave_0) entered blocking state [ 115.697865][T11766] bridge0: port 1(bridge_slave_0) entered disabled state [ 115.706319][T11766] device bridge_slave_0 entered promiscuous mode [ 115.723327][T11766] bridge0: port 2(bridge_slave_1) entered blocking state [ 115.730471][T11766] bridge0: port 2(bridge_slave_1) entered disabled state [ 115.738921][T11766] device bridge_slave_1 entered promiscuous mode [ 115.772560][T11768] bridge0: port 1(bridge_slave_0) entered blocking state [ 115.779802][T11768] bridge0: port 1(bridge_slave_0) entered disabled state [ 115.788466][T11768] device bridge_slave_0 entered promiscuous mode [ 115.805062][T11768] bridge0: port 2(bridge_slave_1) entered blocking state [ 115.812268][T11768] bridge0: port 2(bridge_slave_1) entered disabled state [ 115.820661][T11768] device bridge_slave_1 entered promiscuous mode [ 115.839845][T11764] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 115.902617][T11768] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 115.915008][T11768] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 115.927371][T11766] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 115.947892][T11764] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 115.977659][T11768] team0: Port device team_slave_0 added [ 115.992460][T11767] bridge0: port 1(bridge_slave_0) entered blocking state [ 115.999616][T11767] bridge0: port 1(bridge_slave_0) entered disabled state [ 116.008150][T11767] device bridge_slave_0 entered promiscuous mode [ 116.016497][T11765] bridge0: port 1(bridge_slave_0) entered blocking state [ 116.023790][T11765] bridge0: port 1(bridge_slave_0) entered disabled state [ 116.032184][T11765] device bridge_slave_0 entered promiscuous mode [ 116.040308][T11767] bridge0: port 2(bridge_slave_1) entered blocking state [ 116.047505][T11767] bridge0: port 2(bridge_slave_1) entered disabled state [ 116.056031][T11767] device bridge_slave_1 entered promiscuous mode [ 116.064142][T11759] bridge0: port 1(bridge_slave_0) entered blocking state [ 116.071282][T11759] bridge0: port 1(bridge_slave_0) entered disabled state [ 116.080085][T11759] device bridge_slave_0 entered promiscuous mode [ 116.090500][T11766] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 116.099820][T11759] bridge0: port 2(bridge_slave_1) entered blocking state [ 116.107041][T11759] bridge0: port 2(bridge_slave_1) entered disabled state [ 116.115437][T11759] device bridge_slave_1 entered promiscuous mode [ 116.140471][T11768] team0: Port device team_slave_1 added [ 116.167219][T11759] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 116.176510][T11765] bridge0: port 2(bridge_slave_1) entered blocking state [ 116.183695][T11765] bridge0: port 2(bridge_slave_1) entered disabled state [ 116.192167][T11765] device bridge_slave_1 entered promiscuous mode [ 116.212500][T11764] team0: Port device team_slave_0 added [ 116.229055][T11759] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 116.240798][T11766] team0: Port device team_slave_0 added [ 116.265898][T11766] team0: Port device team_slave_1 added [ 116.282852][T11767] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 116.301961][T11764] team0: Port device team_slave_1 added [ 116.341560][T11767] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 116.384397][T11764] device hsr_slave_0 entered promiscuous mode [ 116.422407][T11764] device hsr_slave_1 entered promiscuous mode [ 116.475065][T11759] team0: Port device team_slave_0 added [ 116.492719][T11759] team0: Port device team_slave_1 added [ 116.501426][T11765] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 116.586918][T11766] device hsr_slave_0 entered promiscuous mode [ 116.634484][T11766] device hsr_slave_1 entered promiscuous mode [ 116.653899][T11766] debugfs: Directory 'hsr0' with parent '/' already present! [ 116.729833][T11759] device hsr_slave_0 entered promiscuous mode [ 116.753061][T11759] device hsr_slave_1 entered promiscuous mode [ 116.792507][T11759] debugfs: Directory 'hsr0' with parent '/' already present! [ 116.803340][T11765] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 116.920093][T11768] device hsr_slave_0 entered promiscuous mode [ 116.964712][T11768] device hsr_slave_1 entered promiscuous mode [ 117.011869][T11768] debugfs: Directory 'hsr0' with parent '/' already present! [ 117.038064][T11767] team0: Port device team_slave_0 added [ 117.132867][T11767] team0: Port device team_slave_1 added [ 117.170224][T11765] team0: Port device team_slave_0 added [ 117.377535][T11765] team0: Port device team_slave_1 added [ 117.606566][T11767] device hsr_slave_0 entered promiscuous mode [ 117.762524][T11767] device hsr_slave_1 entered promiscuous mode [ 117.830760][T11767] debugfs: Directory 'hsr0' with parent '/' already present! [ 117.927030][T11765] device hsr_slave_0 entered promiscuous mode [ 118.003146][T11765] device hsr_slave_1 entered promiscuous mode [ 118.073463][T11765] debugfs: Directory 'hsr0' with parent '/' already present! [ 118.337659][T11766] 8021q: adding VLAN 0 to HW filter on device bond0 [ 118.598650][T11764] 8021q: adding VLAN 0 to HW filter on device bond0 [ 118.610039][T11759] 8021q: adding VLAN 0 to HW filter on device bond0 [ 118.738076][ T3734] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 118.746837][ T3734] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 118.777166][T11766] 8021q: adding VLAN 0 to HW filter on device team0 [ 119.065994][T11759] 8021q: adding VLAN 0 to HW filter on device team0 [ 119.074059][ T3734] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 119.082808][ T3734] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 119.091125][ T3734] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 119.099397][ T3734] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 119.117833][T11764] 8021q: adding VLAN 0 to HW filter on device team0 [ 119.232695][T11768] 8021q: adding VLAN 0 to HW filter on device bond0 [ 119.536265][T11768] 8021q: adding VLAN 0 to HW filter on device team0 [ 119.672663][ T3734] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 119.682412][ T3734] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 119.691293][ T3734] bridge0: port 1(bridge_slave_0) entered blocking state [ 119.698479][ T3734] bridge0: port 1(bridge_slave_0) entered forwarding state [ 119.706716][ T3734] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 119.715993][ T3734] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 119.724804][ T3734] bridge0: port 1(bridge_slave_0) entered blocking state [ 119.732404][ T3734] bridge0: port 1(bridge_slave_0) entered forwarding state [ 119.740739][ T3734] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 119.750038][ T3734] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 119.758936][ T3734] bridge0: port 2(bridge_slave_1) entered blocking state [ 119.766116][ T3734] bridge0: port 2(bridge_slave_1) entered forwarding state [ 119.774401][ T3734] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 119.783872][ T3734] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 119.792974][ T3734] bridge0: port 1(bridge_slave_0) entered blocking state [ 119.800114][ T3734] bridge0: port 1(bridge_slave_0) entered forwarding state [ 119.808486][ T3734] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 119.817807][ T3734] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 119.826766][ T3734] bridge0: port 2(bridge_slave_1) entered blocking state [ 119.833938][ T3734] bridge0: port 2(bridge_slave_1) entered forwarding state [ 119.842417][ T3734] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 119.850904][ T3734] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 119.859476][ T3734] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 119.869114][ T3734] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 119.878229][ T3734] bridge0: port 2(bridge_slave_1) entered blocking state [ 119.885447][ T3734] bridge0: port 2(bridge_slave_1) entered forwarding state [ 119.893978][ T3734] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 119.904175][ T3734] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 119.914357][ T3734] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 119.924493][ T3734] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 119.934477][ T3734] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 119.944474][ T3734] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 119.954270][ T3734] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 119.963736][ T3734] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 119.973668][ T3734] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 119.983480][ T3734] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 119.992982][ T3734] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 120.002713][ T3734] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 120.143079][T11764] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 120.153564][T11764] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 120.210175][T11766] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 120.220757][T11766] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 120.284590][T11759] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 120.295206][T11759] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 120.449730][T11767] 8021q: adding VLAN 0 to HW filter on device bond0 [ 120.547162][T11765] 8021q: adding VLAN 0 to HW filter on device bond0 [ 120.665468][T11768] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 120.675955][T11768] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 120.765941][T11767] 8021q: adding VLAN 0 to HW filter on device team0 [ 120.870099][T11764] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 120.896226][T11765] 8021q: adding VLAN 0 to HW filter on device team0 [ 121.084964][T11766] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 121.153860][T11759] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 121.278429][T11768] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 121.584113][T11767] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 121.595406][T11767] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 121.742405][T11765] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 121.753397][T11765] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network executing program [ 122.256550][T11767] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 122.291413][T11942] ===================================================== [ 122.298414][T11942] BUG: KMSAN: uninit-value in ip_tunnel_xmit+0x3c6/0x3320 executing program [ 122.305530][T11942] CPU: 0 PID: 11942 Comm: syz-executor855 Not tainted 5.4.0-rc8-syzkaller #0 [ 122.314287][T11942] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 122.324346][T11942] Call Trace: [ 122.327650][T11942] dump_stack+0x1c9/0x220 [ 122.331991][T11942] kmsan_report+0x128/0x220 [ 122.336510][T11942] __msan_warning+0x64/0xc0 [ 122.341027][T11942] ip_tunnel_xmit+0x3c6/0x3320 [ 122.345811][T11942] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 122.351882][T11942] ? skb_push+0x15b/0x250 executing program [ 122.356236][T11942] ? gre_build_header+0x3ec/0x9f0 [ 122.361287][T11942] ? kmsan_get_shadow_origin_ptr+0x91/0x4d0 [ 122.367188][T11942] ipgre_xmit+0xff3/0x1120 [ 122.371622][T11942] ? ipgre_close+0x240/0x240 [ 122.376217][T11942] dev_hard_start_xmit+0x51a/0xab0 [ 122.381341][T11942] ? kmsan_get_shadow_origin_ptr+0x91/0x4d0 [ 122.387241][T11942] __dev_queue_xmit+0x35b6/0x4200 [ 122.392297][T11942] dev_queue_xmit+0x4b/0x60 [ 122.396806][T11942] ? netdev_core_pick_tx+0x4d0/0x4d0 [ 122.402099][T11942] packet_sendmsg+0x8234/0x9100 [ 122.406962][T11942] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 122.413037][T11942] ? aa_label_sk_perm+0x6d6/0x940 [ 122.418080][T11942] ? kmsan_get_metadata+0x51/0x350 [ 122.423202][T11942] ? kmsan_internal_set_origin+0x6a/0xb0 [ 122.428862][T11942] ? metadata_is_contiguous+0x270/0x270 [ 122.434422][T11942] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 122.440492][T11942] ? aa_sk_perm+0x730/0xaf0 [ 122.445032][T11942] ? compat_packet_setsockopt+0x360/0x360 [ 122.450746][T11942] ___sys_sendmsg+0x14ff/0x1590 [ 122.455604][T11942] ? kmsan_get_shadow_origin_ptr+0x91/0x4d0 [ 122.461485][T11942] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 122.467622][T11942] ? __fget_light+0x1b8/0x710 [ 122.472301][T11942] __se_sys_sendmsg+0x305/0x460 [ 122.477152][T11942] __x64_sys_sendmsg+0x4a/0x70 [ 122.481905][T11942] do_syscall_64+0xb6/0x160 [ 122.486397][T11942] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 122.492273][T11942] RIP: 0033:0x442909 [ 122.496157][T11942] Code: e8 0c e8 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 6b 09 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 122.515746][T11942] RSP: 002b:00007ffc65ab9ae8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 122.524140][T11942] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000442909 [ 122.532096][T11942] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003 [ 122.540053][T11942] RBP: 0000000000000004 R08: 0000000000000025 R09: 0000000000000025 [ 122.548117][T11942] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000000 [ 122.556072][T11942] R13: 0000000000403790 R14: 0000000000000000 R15: 0000000000000000 [ 122.564038][T11942] [ 122.566349][T11942] Uninit was created at: [ 122.570668][T11942] kmsan_internal_poison_shadow+0x60/0x120 [ 122.576456][T11942] kmsan_slab_alloc+0x97/0x100 [ 122.581207][T11942] __kmalloc_node_track_caller+0xe27/0x11a0 [ 122.587085][T11942] __alloc_skb+0x306/0xa10 [ 122.591484][T11942] alloc_skb_with_frags+0x18c/0xa80 [ 122.596666][T11942] sock_alloc_send_pskb+0xafd/0x10a0 [ 122.601932][T11942] packet_sendmsg+0x63a6/0x9100 [ 122.606762][T11942] ___sys_sendmsg+0x14ff/0x1590 [ 122.611601][T11942] __se_sys_sendmsg+0x305/0x460 [ 122.616434][T11942] __x64_sys_sendmsg+0x4a/0x70 [ 122.621179][T11942] do_syscall_64+0xb6/0x160 [ 122.625665][T11942] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 122.631530][T11942] ===================================================== [ 122.638442][T11942] Disabling lock debugging due to kernel taint [ 122.644575][T11942] Kernel panic - not syncing: panic_on_warn set ... [ 122.644578][T11944] ===================================================== [ 122.644600][T11944] BUG: KMSAN: uninit-value in ip_tunnel_xmit+0x3c6/0x3320 [ 122.651160][T11942] CPU: 0 PID: 11942 Comm: syz-executor855 Tainted: G B 5.4.0-rc8-syzkaller #0 [ 122.675285][T11942] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 122.685325][T11942] Call Trace: [ 122.688617][T11942] dump_stack+0x1c9/0x220 [ 122.692936][T11942] panic+0x3c9/0xc1e [ 122.696855][T11942] kmsan_report+0x215/0x220 [ 122.701350][T11942] __msan_warning+0x64/0xc0 [ 122.705845][T11942] ip_tunnel_xmit+0x3c6/0x3320 [ 122.710598][T11942] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 122.716646][T11942] ? skb_push+0x15b/0x250 [ 122.720970][T11942] ? gre_build_header+0x3ec/0x9f0 [ 122.725984][T11942] ? kmsan_get_shadow_origin_ptr+0x91/0x4d0 [ 122.731871][T11942] ipgre_xmit+0xff3/0x1120 [ 122.736282][T11942] ? ipgre_close+0x240/0x240 [ 122.740859][T11942] dev_hard_start_xmit+0x51a/0xab0 [ 122.745963][T11942] ? kmsan_get_shadow_origin_ptr+0x91/0x4d0 [ 122.751844][T11942] __dev_queue_xmit+0x35b6/0x4200 [ 122.756907][T11942] dev_queue_xmit+0x4b/0x60 [ 122.761409][T11942] ? netdev_core_pick_tx+0x4d0/0x4d0 [ 122.766676][T11942] packet_sendmsg+0x8234/0x9100 [ 122.771523][T11942] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 122.777580][T11942] ? aa_label_sk_perm+0x6d6/0x940 [ 122.782602][T11942] ? kmsan_get_metadata+0x51/0x350 [ 122.787705][T11942] ? kmsan_internal_set_origin+0x6a/0xb0 [ 122.793329][T11942] ? metadata_is_contiguous+0x270/0x270 [ 122.798862][T11942] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 122.804911][T11942] ? aa_sk_perm+0x730/0xaf0 [ 122.809437][T11942] ? compat_packet_setsockopt+0x360/0x360 [ 122.815142][T11942] ___sys_sendmsg+0x14ff/0x1590 [ 122.819997][T11942] ? kmsan_get_shadow_origin_ptr+0x91/0x4d0 [ 122.825992][T11942] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 122.832041][T11942] ? __fget_light+0x1b8/0x710 [ 122.836721][T11942] __se_sys_sendmsg+0x305/0x460 [ 122.841570][T11942] __x64_sys_sendmsg+0x4a/0x70 [ 122.846415][T11942] do_syscall_64+0xb6/0x160 [ 122.850910][T11942] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 122.856788][T11942] RIP: 0033:0x442909 [ 122.860670][T11942] Code: e8 0c e8 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 6b 09 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 122.880260][T11942] RSP: 002b:00007ffc65ab9ae8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 122.888658][T11942] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000442909 [ 122.896615][T11942] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003 [ 122.904685][T11942] RBP: 0000000000000004 R08: 0000000000000025 R09: 0000000000000025 [ 122.912648][T11942] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000000 [ 122.920615][T11942] R13: 0000000000403790 R14: 0000000000000000 R15: 0000000000000000 [ 122.928619][T11944] CPU: 1 PID: 11944 Comm: syz-executor855 Tainted: G B 5.4.0-rc8-syzkaller #0 [ 122.938769][T11944] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 122.948805][T11944] Call Trace: [ 122.952098][T11944] dump_stack+0x1c9/0x220 [ 122.956428][T11944] kmsan_report+0x128/0x220 [ 122.960929][T11944] __msan_warning+0x64/0xc0 [ 122.965444][T11944] ip_tunnel_xmit+0x3c6/0x3320 [ 122.970196][T11944] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 122.976266][T11944] ? skb_push+0x15b/0x250 [ 122.980615][T11944] ? gre_build_header+0x3ec/0x9f0 [ 122.985646][T11944] ? kmsan_get_shadow_origin_ptr+0x91/0x4d0 [ 122.991545][T11944] ipgre_xmit+0xff3/0x1120 [ 122.995989][T11944] ? ipgre_close+0x240/0x240 [ 123.000572][T11944] dev_hard_start_xmit+0x51a/0xab0 [ 123.005690][T11944] ? kmsan_get_shadow_origin_ptr+0x91/0x4d0 [ 123.011582][T11944] __dev_queue_xmit+0x35b6/0x4200 [ 123.016630][T11944] dev_queue_xmit+0x4b/0x60 [ 123.021120][T11944] ? netdev_core_pick_tx+0x4d0/0x4d0 [ 123.026398][T11944] packet_sendmsg+0x8234/0x9100 [ 123.031249][T11944] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 123.037317][T11944] ? aa_label_sk_perm+0x6d6/0x940 [ 123.042355][T11944] ? kmsan_get_metadata+0x51/0x350 [ 123.047468][T11944] ? kmsan_internal_set_origin+0x6a/0xb0 [ 123.053108][T11944] ? metadata_is_contiguous+0x270/0x270 [ 123.058651][T11944] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 123.064722][T11944] ? aa_sk_perm+0x730/0xaf0 [ 123.069253][T11944] ? compat_packet_setsockopt+0x360/0x360 [ 123.074960][T11944] ___sys_sendmsg+0x14ff/0x1590 [ 123.079824][T11944] ? kmsan_get_metadata+0x37/0x350 [ 123.084937][T11944] ? kmsan_get_shadow_origin_ptr+0x91/0x4d0 [ 123.090830][T11944] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 123.096896][T11944] ? __fget_light+0x1b8/0x710 [ 123.101592][T11944] __se_sys_sendmsg+0x305/0x460 [ 123.106450][T11944] __x64_sys_sendmsg+0x4a/0x70 [ 123.111217][T11944] do_syscall_64+0xb6/0x160 [ 123.115721][T11944] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 123.121610][T11944] RIP: 0033:0x442909 [ 123.125621][T11944] Code: e8 0c e8 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 6b 09 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 123.145228][T11944] RSP: 002b:00007ffc65ab9ae8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 123.153635][T11944] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000442909 [ 123.161599][T11944] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003 [ 123.169567][T11944] RBP: 0000000000000004 R08: 0000000300000025 R09: 0000000300000025 [ 123.177536][T11944] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000000 [ 123.185501][T11944] R13: 0000000000403790 R14: 0000000000000000 R15: 0000000000000000 [ 123.193477][T11944] [ 123.195790][T11944] Uninit was created at: [ 123.200028][T11944] kmsan_internal_poison_shadow+0x60/0x120 [ 123.205833][T11944] kmsan_slab_alloc+0x97/0x100 [ 123.210593][T11944] __kmalloc_node_track_caller+0xe27/0x11a0 [ 123.216475][T11944] __alloc_skb+0x306/0xa10 [ 123.220886][T11944] alloc_skb_with_frags+0x18c/0xa80 [ 123.226079][T11944] sock_alloc_send_pskb+0xafd/0x10a0 [ 123.231360][T11944] packet_sendmsg+0x63a6/0x9100 [ 123.236198][T11944] ___sys_sendmsg+0x14ff/0x1590 [ 123.241042][T11944] __se_sys_sendmsg+0x305/0x460 [ 123.245913][T11944] __x64_sys_sendmsg+0x4a/0x70 [ 123.250673][T11944] do_syscall_64+0xb6/0x160 [ 123.255163][T11944] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 123.261150][T11944] ===================================================== [ 124.143634][T11942] Shutting down cpus with NMI [ 124.161677][T11942] Kernel Offset: 0x12200000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff) [ 124.173327][T11942] Rebooting in 86400 seconds..