[ OK ] Started Regular background program processing daemon. [ OK ] Started Daily Cleanup of Temporary Directories. [ OK ] Reached target Timers. Starting System Logging Service... Starting OpenBSD Secure Shell server... [ OK ] Started Permit User Sessions. [ OK ] Found device /dev/ttyS0. [ OK ] Started System Logging Service. [ OK ] Started getty on tty2-tty6 if dbus and logind are not available. [ OK ] Started OpenBSD Secure Shell server. [ OK ] Listening on Load/Save RF Kill Switch Status /dev/rfkill Watch. Warning: Permanently added '10.128.0.239' (ECDSA) to the list of known hosts. [ OK ] Started Getty on tty6. [ OK ] Started Getty on tty5. [ OK ] Started Getty on tty4. [ OK ] Started Getty on tty3. [ OK ] Started Getty on tty2. [ OK ] Started Getty on tty1. [ OK ] Started Serial Getty on ttyS0. [ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... Starting Load/Save RF Kill Switch Status... [ OK ] Started Update UTMP about System Runlevel Changes. [ OK ] Started Load/Save RF Kill Switch Status. [ 166.492610][ T28] audit: type=1400 audit(1597665190.893:8): avc: denied { execmem } for pid=8425 comm="syz-executor996" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 166.645964][ T8446] IPVS: ftp: loaded support on port[0] = 21 [ 167.894920][ T8446] chnl_net:caif_netlink_parms(): no params data found [ 168.367102][ T8446] bridge0: port 1(bridge_slave_0) entered blocking state [ 168.374571][ T8446] bridge0: port 1(bridge_slave_0) entered disabled state [ 168.384301][ T8446] device bridge_slave_0 entered promiscuous mode [ 168.476361][ T8446] bridge0: port 2(bridge_slave_1) entered blocking state [ 168.476563][ T8446] bridge0: port 2(bridge_slave_1) entered disabled state [ 168.479045][ T8446] device bridge_slave_1 entered promiscuous mode [ 168.558940][ T8446] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 168.577385][ T8446] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 168.616410][ T8446] team0: Port device team_slave_0 added [ 168.627226][ T8446] team0: Port device team_slave_1 added [ 168.660697][ T8446] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 168.667735][ T8446] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 168.693897][ T8446] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 168.707775][ T8446] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 168.714978][ T8446] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 168.742145][ T8446] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 168.790784][ T8446] device hsr_slave_0 entered promiscuous mode [ 168.798792][ T8446] device hsr_slave_1 entered promiscuous mode Debian GNU/Linux 9 syzkaller ttyS0 syzkaller login: [ 169.012167][ T8446] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 169.028538][ T8446] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 169.047551][ T8446] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 169.066622][ T8446] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 169.264971][ T8446] 8021q: adding VLAN 0 to HW filter on device bond0 [ 169.290271][ T3226] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 169.308615][ T3226] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 169.317766][ T3226] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 169.335600][ T8446] 8021q: adding VLAN 0 to HW filter on device team0 [ 169.353909][ T3226] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 169.363617][ T3226] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 169.374521][ T3226] bridge0: port 1(bridge_slave_0) entered blocking state [ 169.381708][ T3226] bridge0: port 1(bridge_slave_0) entered forwarding state [ 169.394661][ T3226] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 169.410232][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 169.420157][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 169.429473][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 169.436788][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 169.460053][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 169.479030][ T27] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 169.504492][ T27] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 169.523994][ T27] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 169.537229][ T27] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 169.556578][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 169.579084][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 169.588385][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 169.607702][ T8446] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 169.650958][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 169.658777][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 169.685115][ T8446] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 169.728027][ T27] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 169.737650][ T27] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 169.781333][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 169.790566][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 169.809846][ T8446] device veth0_vlan entered promiscuous mode [ 169.817739][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 169.827398][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 169.855227][ T8446] device veth1_vlan entered promiscuous mode [ 169.910960][ T27] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 169.920295][ T27] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 169.930031][ T27] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 169.940129][ T27] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 169.960949][ T8446] device veth0_macvtap entered promiscuous mode [ 169.979067][ T8446] device veth1_macvtap entered promiscuous mode [ 170.018951][ T8446] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 170.026998][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 170.036703][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 170.046239][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 170.056455][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 170.077466][ T8446] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 170.085951][ T27] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 170.096106][ T27] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 170.403563][ T8698] ===================================================== [ 170.410570][ T8698] BUG: KMSAN: uninit-value in geneve_xmit+0x300c/0x3200 [ 170.417522][ T8698] CPU: 0 PID: 8698 Comm: kworker/0:3 Not tainted 5.8.0-rc5-syzkaller #0 [ 170.425879][ T8698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 170.435977][ T8698] Workqueue: ipv6_addrconf addrconf_dad_work [ 170.441976][ T8698] Call Trace: [ 170.445331][ T8698] dump_stack+0x21c/0x280 [ 170.449683][ T8698] kmsan_report+0xf7/0x1e0 [ 170.454114][ T8698] __msan_warning+0x58/0xa0 [ 170.458650][ T8698] geneve_xmit+0x300c/0x3200 [ 170.463250][ T8698] ? kmsan_report+0x1a0/0x1e0 [ 170.467943][ T8698] ? __msan_metadata_ptr_for_store_n+0x10/0x10 [ 170.474105][ T8698] ? geneve_stop+0x400/0x400 [ 170.478714][ T8698] xmit_one+0x3cf/0x750 [ 170.482879][ T8698] ? kmsan_get_metadata+0x116/0x180 [ 170.488123][ T8698] __dev_queue_xmit+0x3aad/0x4470 [ 170.493165][ T8698] dev_queue_xmit+0x4b/0x60 [ 170.497673][ T8698] neigh_resolve_output+0xbb0/0xc90 [ 170.502876][ T8698] ? neigh_event_ns+0x370/0x370 [ 170.507716][ T8698] ip6_finish_output2+0x249c/0x2a70 [ 170.512923][ T8698] ? kmsan_get_metadata+0x116/0x180 [ 170.518116][ T8698] __ip6_finish_output+0x9c0/0xa90 [ 170.523231][ T8698] ip6_finish_output+0x14b/0x4b0 [ 170.528167][ T8698] ip6_output+0x68d/0x7f0 [ 170.532527][ T8698] ? ip6_output+0x7f0/0x7f0 [ 170.537036][ T8698] ? ac6_seq_show+0x200/0x200 [ 170.541742][ T8698] ndisc_send_skb+0x11b7/0x1690 [ 170.546629][ T8698] ? ndisc_error_report+0x1c0/0x1c0 [ 170.551858][ T8698] ndisc_send_ns+0xf7d/0xfc0 [ 170.556512][ T8698] ? __kthread_should_park+0x90/0x170 [ 170.561911][ T8698] ? __local_bh_enable_ip+0x97/0x1d0 [ 170.567227][ T8698] addrconf_dad_work+0x22d2/0x33f0 [ 170.572355][ T8698] ? kmsan_get_metadata+0x116/0x180 [ 170.577574][ T8698] ? kmsan_get_metadata+0x116/0x180 [ 170.582774][ T8698] ? ipv6_get_saddr_eval+0x1750/0x1750 [ 170.588226][ T8698] process_one_work+0x1688/0x2140 [ 170.593259][ T8698] worker_thread+0x10bc/0x2730 [ 170.598029][ T8698] ? kmsan_get_metadata+0x116/0x180 [ 170.603241][ T8698] ? kmsan_get_metadata+0x116/0x180 [ 170.608464][ T8698] kthread+0x551/0x590 [ 170.612545][ T8698] ? process_one_work+0x2140/0x2140 [ 170.617737][ T8698] ? kthread_blkcg+0x110/0x110 [ 170.622518][ T8698] ret_from_fork+0x1f/0x30 [ 170.626952][ T8698] [ 170.629287][ T8698] Uninit was stored to memory at: [ 170.634321][ T8698] kmsan_internal_chain_origin+0xad/0x130 [ 170.640040][ T8698] __msan_chain_origin+0x50/0x90 [ 170.645004][ T8698] geneve_changelink+0xdb2/0x10f0 [ 170.650047][ T8698] rtnl_newlink+0x3384/0x3ed0 [ 170.654723][ T8698] rtnetlink_rcv_msg+0x142b/0x18c0 [ 170.659821][ T8698] netlink_rcv_skb+0x6d7/0x7e0 [ 170.664587][ T8698] rtnetlink_rcv+0x50/0x60 [ 170.669006][ T8698] netlink_unicast+0x11c8/0x1490 [ 170.673952][ T8698] netlink_sendmsg+0x173a/0x1840 [ 170.678874][ T8698] ____sys_sendmsg+0xc82/0x1240 [ 170.683719][ T8698] __sys_sendmsg+0x6d1/0x840 [ 170.688312][ T8698] __se_compat_sys_sendmsg+0xa7/0xc0 [ 170.693606][ T8698] __ia32_compat_sys_sendmsg+0x4a/0x70 [ 170.699059][ T8698] __do_fast_syscall_32+0x2af/0x480 [ 170.704245][ T8698] do_fast_syscall_32+0x6b/0xd0 [ 170.709096][ T8698] do_SYSENTER_32+0x73/0x90 [ 170.713650][ T8698] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 170.719974][ T8698] [ 170.722294][ T8698] Local variable ----df@geneve_changelink created at: [ 170.729059][ T8698] geneve_changelink+0x101/0x10f0 [ 170.734092][ T8698] geneve_changelink+0x101/0x10f0 [ 170.739095][ T8698] ===================================================== [ 170.746009][ T8698] Disabling lock debugging due to kernel taint [ 170.752259][ T8698] Kernel panic - not syncing: panic_on_warn set ... [ 170.758868][ T8698] CPU: 0 PID: 8698 Comm: kworker/0:3 Tainted: G B 5.8.0-rc5-syzkaller #0 [ 170.768585][ T8698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 170.778637][ T8698] Workqueue: ipv6_addrconf addrconf_dad_work [ 170.785213][ T8698] Call Trace: [ 170.788533][ T8698] dump_stack+0x21c/0x280 [ 170.792895][ T8698] panic+0x4d7/0xef7 [ 170.796819][ T8698] ? add_taint+0x17c/0x210 [ 170.801266][ T8698] kmsan_report+0x1df/0x1e0 [ 170.805784][ T8698] __msan_warning+0x58/0xa0 [ 170.810726][ T8698] geneve_xmit+0x300c/0x3200 [ 170.815339][ T8698] ? kmsan_report+0x1a0/0x1e0 [ 170.820024][ T8698] ? __msan_metadata_ptr_for_store_n+0x10/0x10 [ 170.826281][ T8698] ? geneve_stop+0x400/0x400 [ 170.830885][ T8698] xmit_one+0x3cf/0x750 [ 170.835066][ T8698] ? kmsan_get_metadata+0x116/0x180 [ 170.840272][ T8698] __dev_queue_xmit+0x3aad/0x4470 [ 170.845349][ T8698] dev_queue_xmit+0x4b/0x60 [ 170.849849][ T8698] neigh_resolve_output+0xbb0/0xc90 [ 170.855073][ T8698] ? neigh_event_ns+0x370/0x370 [ 170.859962][ T8698] ip6_finish_output2+0x249c/0x2a70 [ 170.865258][ T8698] ? kmsan_get_metadata+0x116/0x180 [ 170.870470][ T8698] __ip6_finish_output+0x9c0/0xa90 [ 170.875602][ T8698] ip6_finish_output+0x14b/0x4b0 [ 170.880575][ T8698] ip6_output+0x68d/0x7f0 [ 170.884942][ T8698] ? ip6_output+0x7f0/0x7f0 [ 170.889482][ T8698] ? ac6_seq_show+0x200/0x200 [ 170.894185][ T8698] ndisc_send_skb+0x11b7/0x1690 [ 170.899104][ T8698] ? ndisc_error_report+0x1c0/0x1c0 [ 170.904323][ T8698] ndisc_send_ns+0xf7d/0xfc0 [ 170.908927][ T8698] ? __kthread_should_park+0x90/0x170 [ 170.914293][ T8698] ? __local_bh_enable_ip+0x97/0x1d0 [ 170.919576][ T8698] addrconf_dad_work+0x22d2/0x33f0 [ 170.924677][ T8698] ? kmsan_get_metadata+0x116/0x180 [ 170.929897][ T8698] ? kmsan_get_metadata+0x116/0x180 [ 170.935128][ T8698] ? ipv6_get_saddr_eval+0x1750/0x1750 [ 170.940590][ T8698] process_one_work+0x1688/0x2140 [ 170.945639][ T8698] worker_thread+0x10bc/0x2730 [ 170.950393][ T8698] ? kmsan_get_metadata+0x116/0x180 [ 170.955582][ T8698] ? kmsan_get_metadata+0x116/0x180 [ 170.960787][ T8698] kthread+0x551/0x590 [ 170.964864][ T8698] ? process_one_work+0x2140/0x2140 [ 170.970072][ T8698] ? kthread_blkcg+0x110/0x110 [ 170.974826][ T8698] ret_from_fork+0x1f/0x30 [ 170.980312][ T8698] Kernel Offset: disabled [ 170.984653][ T8698] Rebooting in 86400 seconds..