[ OK ] Started OpenBSD Secure Shell server. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 syzkaller login: [ 106.247538][ T8444] sshd (8444) used greatest stack depth: 3816 bytes left Warning: Permanently added '10.128.0.140' (ECDSA) to the list of known hosts. 2020/07/18 03:58:03 fuzzer started 2020/07/18 03:58:03 dialing manager at 10.128.0.26:41463 2020/07/18 03:58:03 syscalls: 2944 2020/07/18 03:58:03 code coverage: enabled 2020/07/18 03:58:03 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled 2020/07/18 03:58:03 extra coverage: enabled 2020/07/18 03:58:03 setuid sandbox: enabled 2020/07/18 03:58:03 namespace sandbox: enabled 2020/07/18 03:58:03 Android sandbox: /sys/fs/selinux/policy does not exist 2020/07/18 03:58:03 fault injection: enabled 2020/07/18 03:58:03 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2020/07/18 03:58:03 net packet injection: enabled 2020/07/18 03:58:03 net device setup: enabled 2020/07/18 03:58:03 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2020/07/18 03:58:03 devlink PCI setup: PCI device 0000:00:10.0 is not available 2020/07/18 03:58:03 USB emulation: /dev/raw-gadget does not exist 04:01:12 executing program 0: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/seq\x00', 0x2) poll(&(0x7f00000001c0)=[{}, {}, {}, {}, {}, {}, {0xffffffffffffffff, 0x9485}], 0x7, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000100)={0x0, 0x0, 0x0, 'queue1\x00'}) setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000300)={@in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, "a67ea49483d965b65e6cb4e76452c3a841e8fc333c22d38cef1f98008e39d423fcc2663986a8bc94b1fddbbfec821f8dcc0869694a45835475e1f5e827deaea30b7b633f34b51da62d15546b374b85a2"}, 0xd8) write$sndseq(r0, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw8={"a357b6b140cbb6215dd33459"}}], 0xfffffee4) [ 306.271706][ T8488] IPVS: ftp: loaded support on port[0] = 21 [ 306.524088][ T8488] chnl_net:caif_netlink_parms(): no params data found [ 306.826400][ T8488] bridge0: port 1(bridge_slave_0) entered blocking state [ 306.833739][ T8488] bridge0: port 1(bridge_slave_0) entered disabled state [ 306.843565][ T8488] device bridge_slave_0 entered promiscuous mode [ 306.876824][ T8488] bridge0: port 2(bridge_slave_1) entered blocking state [ 306.884349][ T8488] bridge0: port 2(bridge_slave_1) entered disabled state [ 306.893659][ T8488] device bridge_slave_1 entered promiscuous mode [ 306.937016][ T8488] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 306.952145][ T8488] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 306.997888][ T8488] team0: Port device team_slave_0 added [ 307.009337][ T8488] team0: Port device team_slave_1 added [ 307.046978][ T8488] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 307.054870][ T8488] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 307.080983][ T8488] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 307.094915][ T8488] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 307.102101][ T8488] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 307.128224][ T8488] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 307.336520][ T8488] device hsr_slave_0 entered promiscuous mode [ 307.500275][ T8488] device hsr_slave_1 entered promiscuous mode [ 307.922732][ T8488] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 307.977482][ T8488] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 308.185567][ T8488] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 308.357284][ T8488] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 308.751136][ T8488] 8021q: adding VLAN 0 to HW filter on device bond0 [ 308.787236][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 308.797084][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 308.824762][ T8488] 8021q: adding VLAN 0 to HW filter on device team0 [ 308.845307][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 308.854620][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 308.864023][ T3060] bridge0: port 1(bridge_slave_0) entered blocking state [ 308.871288][ T3060] bridge0: port 1(bridge_slave_0) entered forwarding state [ 308.920170][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 308.928730][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 308.938641][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 308.947898][ T3060] bridge0: port 2(bridge_slave_1) entered blocking state [ 308.955241][ T3060] bridge0: port 2(bridge_slave_1) entered forwarding state [ 308.966006][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 308.976823][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 308.986766][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 308.997068][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 309.007264][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 309.017699][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 309.034497][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 309.044530][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 309.054080][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 309.084640][ T8488] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 309.097636][ T8488] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 309.114309][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 309.124189][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 309.193349][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 309.201482][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 309.229035][ T8488] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 309.262963][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 309.272835][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 309.319982][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 309.330519][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 309.342517][ T8488] device veth0_vlan entered promiscuous mode [ 309.351561][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 309.360837][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 309.383354][ T8488] device veth1_vlan entered promiscuous mode [ 309.434480][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 309.443889][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 309.453232][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 309.463081][ T31] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 309.482269][ T8488] device veth0_macvtap entered promiscuous mode [ 309.510901][ T8488] device veth1_macvtap entered promiscuous mode [ 309.555897][ T8488] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 309.563834][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 309.573399][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 309.582748][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 309.592788][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 309.612445][ T8488] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 309.646736][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 309.657052][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready 04:01:16 executing program 0: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000240)='/dev/nullb0\x00', 0x4000000004002, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x200000e, 0x13, r0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="18200000", @ANYRES32, @ANYBLOB="0008000000000000000000000000000026259c9ffcfc36f4664b9992c88dd4ca6fb8aa9b8cb2d093de5340c85b59cd0b90f8e8ae6fc6446456d77a88d8f7478550c2d75ad482dc271c65d64ee2209d28588dc5b32c10df43eda0f4f96e6bd8ba97f2a03b1aaaba0bee6b948b3d3299c5fe11fd819c0b6c7986f67a5710461a29"], &(0x7f00000000c0)='GPL\x00', 0x2, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x63) 04:01:16 executing program 0: exit(0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x0, 0x6}, 0x4) setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x16}]}, 0x10) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000080)={0x0, 0x6}, 0x4) setsockopt$packet_fanout_data(r1, 0x107, 0x16, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x16}]}, 0x10) [ 310.149755][ T31] ===================================================== [ 310.156742][ T31] BUG: KMSAN: uninit-value in packet_rcv_fanout+0x2442/0x25c0 [ 310.164198][ T31] CPU: 1 PID: 31 Comm: kworker/1:1 Not tainted 5.8.0-rc5-syzkaller #0 [ 310.172345][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 310.182426][ T31] Workqueue: ipv6_addrconf addrconf_dad_work [ 310.188398][ T31] Call Trace: [ 310.191690][ T31] dump_stack+0x1df/0x240 [ 310.196011][ T31] kmsan_report+0xf7/0x1e0 [ 310.200415][ T31] __msan_warning+0x58/0xa0 [ 310.204919][ T31] packet_rcv_fanout+0x2442/0x25c0 [ 310.210019][ T31] ? __skb_clone+0x636/0x970 [ 310.214602][ T31] ? skb_clone+0x404/0x5d0 [ 310.219003][ T31] ? kmsan_get_metadata+0x11d/0x180 [ 310.224187][ T31] ? packet_direct_xmit+0x470/0x470 [ 310.229370][ T31] dev_queue_xmit_nit+0x11a0/0x1280 [ 310.234569][ T31] dev_hard_start_xmit+0x20c/0xa70 [ 310.239675][ T31] __dev_queue_xmit+0x2f8d/0x3b20 [ 310.244684][ T31] ? kmsan_get_metadata+0x11d/0x180 [ 310.249874][ T31] ? kmsan_memcpy_metadata+0xb/0x10 [ 310.255065][ T31] dev_queue_xmit+0x4b/0x60 [ 310.259557][ T31] neigh_resolve_output+0xab0/0xb40 [ 310.264754][ T31] ? neigh_event_ns+0x350/0x350 [ 310.269606][ T31] ip6_finish_output2+0x20fb/0x2620 [ 310.274805][ T31] ? kmsan_get_metadata+0x11d/0x180 [ 310.279992][ T31] __ip6_finish_output+0x824/0x8e0 [ 310.285101][ T31] ip6_finish_output+0x166/0x410 [ 310.290031][ T31] ip6_output+0x60a/0x770 [ 310.294354][ T31] ? ip6_output+0x770/0x770 [ 310.298841][ T31] ? ac6_seq_show+0x200/0x200 [ 310.303501][ T31] ndisc_send_skb+0x1047/0x15a0 [ 310.308351][ T31] ? ndisc_error_report+0x1a0/0x1a0 [ 310.313536][ T31] ndisc_send_ns+0xe38/0xe80 [ 310.318112][ T31] ? __queue_delayed_work+0x27c/0x450 [ 310.323470][ T31] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 310.329287][ T31] addrconf_dad_work+0xc2e/0x2ac0 [ 310.334297][ T31] ? kmsan_get_metadata+0x11d/0x180 [ 310.339480][ T31] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 310.345278][ T31] ? ipv6_get_saddr_eval+0x1350/0x1350 [ 310.350720][ T31] process_one_work+0x1540/0x1f30 [ 310.355743][ T31] worker_thread+0xed2/0x23f0 [ 310.360437][ T31] kthread+0x515/0x550 [ 310.364498][ T31] ? process_one_work+0x1f30/0x1f30 [ 310.369683][ T31] ? kthread_blkcg+0xf0/0xf0 [ 310.374263][ T31] ret_from_fork+0x22/0x30 [ 310.378663][ T31] [ 310.380968][ T31] Uninit was stored to memory at: [ 310.385978][ T31] kmsan_internal_chain_origin+0xad/0x130 [ 310.391679][ T31] __msan_chain_origin+0x50/0x90 [ 310.396600][ T31] ___bpf_prog_run+0x6c64/0x97a0 [ 310.401520][ T31] __bpf_prog_run32+0x101/0x170 [ 310.406351][ T31] packet_rcv_fanout+0x51e/0x25c0 [ 310.411355][ T31] dev_queue_xmit_nit+0x11a0/0x1280 [ 310.416536][ T31] dev_hard_start_xmit+0x20c/0xa70 [ 310.421630][ T31] __dev_queue_xmit+0x2f8d/0x3b20 [ 310.426634][ T31] dev_queue_xmit+0x4b/0x60 [ 310.431123][ T31] neigh_resolve_output+0xab0/0xb40 [ 310.436303][ T31] ip6_finish_output2+0x20fb/0x2620 [ 310.442005][ T31] __ip6_finish_output+0x824/0x8e0 [ 310.447105][ T31] ip6_finish_output+0x166/0x410 [ 310.452025][ T31] ip6_output+0x60a/0x770 [ 310.456348][ T31] ndisc_send_skb+0x1047/0x15a0 [ 310.461182][ T31] ndisc_send_ns+0xe38/0xe80 [ 310.465753][ T31] addrconf_dad_work+0xc2e/0x2ac0 [ 310.470757][ T31] process_one_work+0x1540/0x1f30 [ 310.475786][ T31] worker_thread+0xed2/0x23f0 [ 310.480455][ T31] kthread+0x515/0x550 [ 310.484516][ T31] ret_from_fork+0x22/0x30 [ 310.488918][ T31] [ 310.491230][ T31] Local variable ----regs@__bpf_prog_run32 created at: [ 310.498073][ T31] __bpf_prog_run32+0x87/0x170 [ 310.502834][ T31] __bpf_prog_run32+0x87/0x170 [ 310.507578][ T31] ===================================================== [ 310.514489][ T31] Disabling lock debugging due to kernel taint [ 310.520619][ T31] Kernel panic - not syncing: panic_on_warn set ... [ 310.520623][ C0] ===================================================== [ 310.520646][ C0] BUG: KMSAN: uninit-value in packet_rcv_fanout+0x2442/0x25c0 [ 310.527203][ T31] CPU: 1 PID: 31 Comm: kworker/1:1 Tainted: G B 5.8.0-rc5-syzkaller #0 [ 310.551059][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 310.561109][ T31] Workqueue: ipv6_addrconf addrconf_dad_work [ 310.567067][ T31] Call Trace: [ 310.570526][ T31] dump_stack+0x1df/0x240 [ 310.574846][ T31] panic+0x3d5/0xc3e [ 310.578749][ T31] kmsan_report+0x1df/0x1e0 [ 310.583241][ T31] __msan_warning+0x58/0xa0 [ 310.587731][ T31] packet_rcv_fanout+0x2442/0x25c0 [ 310.592836][ T31] ? __skb_clone+0x636/0x970 [ 310.597433][ T31] ? skb_clone+0x404/0x5d0 [ 310.601835][ T31] ? kmsan_get_metadata+0x11d/0x180 [ 310.607022][ T31] ? packet_direct_xmit+0x470/0x470 [ 310.612210][ T31] dev_queue_xmit_nit+0x11a0/0x1280 [ 310.617412][ T31] dev_hard_start_xmit+0x20c/0xa70 [ 310.622523][ T31] __dev_queue_xmit+0x2f8d/0x3b20 [ 310.627533][ T31] ? kmsan_get_metadata+0x11d/0x180 [ 310.632728][ T31] ? kmsan_memcpy_metadata+0xb/0x10 [ 310.637932][ T31] dev_queue_xmit+0x4b/0x60 [ 310.643379][ T31] neigh_resolve_output+0xab0/0xb40 [ 310.648575][ T31] ? neigh_event_ns+0x350/0x350 [ 310.653409][ T31] ip6_finish_output2+0x20fb/0x2620 [ 310.658607][ T31] ? kmsan_get_metadata+0x11d/0x180 [ 310.663813][ T31] __ip6_finish_output+0x824/0x8e0 [ 310.668925][ T31] ip6_finish_output+0x166/0x410 [ 310.673864][ T31] ip6_output+0x60a/0x770 [ 310.678190][ T31] ? ip6_output+0x770/0x770 [ 310.682679][ T31] ? ac6_seq_show+0x200/0x200 [ 310.687343][ T31] ndisc_send_skb+0x1047/0x15a0 [ 310.692194][ T31] ? ndisc_error_report+0x1a0/0x1a0 [ 310.697380][ T31] ndisc_send_ns+0xe38/0xe80 [ 310.701957][ T31] ? __queue_delayed_work+0x27c/0x450 [ 310.707316][ T31] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 310.713122][ T31] addrconf_dad_work+0xc2e/0x2ac0 [ 310.718133][ T31] ? kmsan_get_metadata+0x11d/0x180 [ 310.723316][ T31] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 310.729118][ T31] ? ipv6_get_saddr_eval+0x1350/0x1350 [ 310.734564][ T31] process_one_work+0x1540/0x1f30 [ 310.739595][ T31] worker_thread+0xed2/0x23f0 [ 310.744277][ T31] kthread+0x515/0x550 [ 310.748332][ T31] ? process_one_work+0x1f30/0x1f30 [ 310.753517][ T31] ? kthread_blkcg+0xf0/0xf0 [ 310.758096][ T31] ret_from_fork+0x22/0x30 [ 310.762518][ C0] CPU: 0 PID: 8484 Comm: syz-fuzzer Tainted: G B 5.8.0-rc5-syzkaller #0 [ 310.772137][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 310.782175][ C0] Call Trace: [ 310.785444][ C0] [ 310.788287][ C0] dump_stack+0x1df/0x240 [ 310.792611][ C0] kmsan_report+0xf7/0x1e0 [ 310.797019][ C0] __msan_warning+0x58/0xa0 [ 310.801514][ C0] packet_rcv_fanout+0x2442/0x25c0 [ 310.806622][ C0] ? __skb_clone+0x636/0x970 [ 310.811203][ C0] ? skb_clone+0x404/0x5d0 [ 310.815608][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 310.820793][ C0] ? packet_direct_xmit+0x470/0x470 [ 310.825979][ C0] dev_queue_xmit_nit+0x11a0/0x1280 [ 310.831209][ C0] dev_hard_start_xmit+0x20c/0xa70 [ 310.836319][ C0] __dev_queue_xmit+0x2f8d/0x3b20 [ 310.841329][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 310.846519][ C0] ? kmsan_memcpy_metadata+0xb/0x10 [ 310.851713][ C0] dev_queue_xmit+0x4b/0x60 [ 310.856205][ C0] neigh_connected_output+0x662/0x6e0 [ 310.861576][ C0] ? neigh_resolve_output+0xb40/0xb40 [ 310.866937][ C0] ip6_finish_output2+0x20fb/0x2620 [ 310.872139][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 310.877327][ C0] __ip6_finish_output+0x824/0x8e0 [ 310.882436][ C0] ip6_finish_output+0x166/0x410 [ 310.887364][ C0] ip6_output+0x60a/0x770 [ 310.891689][ C0] ? ip6_output+0x770/0x770 [ 310.896187][ C0] ? ac6_seq_show+0x200/0x200 [ 310.900850][ C0] mld_sendpack+0xeba/0x13d0 [ 310.905438][ C0] ? mld_send_report+0x480/0x480 [ 310.910368][ C0] mld_ifc_timer_expire+0x1158/0x1750 [ 310.915725][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 310.920907][ C0] ? __msan_instrument_asm_store+0xab/0x120 [ 310.926790][ C0] ? native_apic_mem_write+0x45/0x90 [ 310.932070][ C0] call_timer_fn+0x218/0x510 [ 310.936673][ C0] ? mld_gq_timer_expire+0x120/0x120 [ 310.941945][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 310.947742][ C0] __run_timers+0xd20/0x11c0 [ 310.952320][ C0] ? mld_gq_timer_expire+0x120/0x120 [ 310.957594][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 310.963390][ C0] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 310.969528][ C0] ? irqtime_account_irq+0xcb/0x2d0 [ 310.974737][ C0] run_timer_softirq+0x2d/0x50 [ 310.979486][ C0] ? timers_dead_cpu+0x8b0/0x8b0 [ 310.984407][ C0] __do_softirq+0x311/0x83d [ 310.988902][ C0] asm_call_on_stack+0x12/0x20 [ 310.993652][ C0] [ 310.996577][ C0] do_softirq_own_stack+0x7c/0xa0 [ 311.001587][ C0] __irq_exit_rcu+0x226/0x270 [ 311.006252][ C0] irq_exit_rcu+0xe/0x10 [ 311.010484][ C0] sysvec_apic_timer_interrupt+0x107/0x130 [ 311.016281][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 311.022247][ C0] RIP: 0010:kmsan_get_metadata+0x4f/0x180 [ 311.027953][ C0] Code: f7 e1 ff ff 84 c0 75 0c 48 89 df e8 1b e2 ff ff 84 c0 74 6e f6 c3 03 74 09 45 84 f6 0f 85 28 01 00 00 48 89 df e8 d1 e1 ff ff <84> c0 74 1d 41 0f b6 ce 48 c1 e1 2b 48 01 d9 48 b8 00 00 00 00 00 [ 311.047543][ C0] RSP: 0018:ffffbcd140e66cb0 EFLAGS: 00000202 [ 311.053591][ C0] RAX: ffffbcd140000001 RBX: ffffbcd140e66fe4 RCX: 0000000000000001 [ 311.061550][ C0] RDX: ffffc4d13fffffff RSI: 0000000000000004 RDI: ffffbcd140e66fe4 [ 311.069508][ C0] RBP: ffffbcd140e66cc8 R08: fffff9b08000000f R09: ffff9f3d2fffb000 [ 311.077461][ C0] R10: 0000000000000004 R11: 0000000000000000 R12: 0000000000000000 [ 311.085418][ C0] R13: 0000000000000060 R14: 0000000000000000 R15: 0000000000000000 [ 311.093420][ C0] kmsan_get_shadow_origin_ptr+0x6c/0xb0 [ 311.099041][ C0] __msan_metadata_ptr_for_load_4+0x10/0x20 [ 311.104919][ C0] sha256_update+0x7a4/0x9090 [ 311.109653][ C0] crypto_sha256_update+0x8b/0xb0 [ 311.114665][ C0] ? sha1_base_init+0x180/0x180 [ 311.119502][ C0] crypto_shash_update+0x4e9/0x550 [ 311.124617][ C0] ? integrity_kernel_read+0xfc/0x140 [ 311.129981][ C0] ima_calc_file_hash+0x187a/0x3880 [ 311.136037][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 311.141831][ C0] ? ext4_xattr_ibody_get+0x19f/0x12b0 [ 311.147285][ C0] ? up_read+0x40/0x2b0 [ 311.151425][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 311.156635][ C0] ? __msan_poison_alloca+0xf0/0x120 [ 311.161918][ C0] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 311.167975][ C0] ? kmsan_get_metadata+0x4f/0x180 [ 311.173072][ C0] ? kmsan_get_metadata+0x4f/0x180 [ 311.178168][ C0] ? kmsan_set_origin_checked+0x95/0xf0 [ 311.183701][ C0] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 311.189761][ C0] ima_collect_measurement+0x45b/0xa20 [ 311.195225][ C0] process_measurement+0x1a7d/0x2ce0 [ 311.200520][ C0] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 311.206578][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 311.211764][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 311.217556][ C0] ? apparmor_task_alloc+0x3d0/0x3d0 [ 311.222827][ C0] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 311.228879][ C0] ? kmsan_get_metadata+0x4f/0x180 [ 311.234004][ C0] ima_file_check+0x131/0x170 [ 311.238676][ C0] path_openat+0x4b9e/0x5d50 [ 311.243260][ C0] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 311.249314][ C0] ? should_fail+0x72/0x9e0 [ 311.253824][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 311.259621][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 311.264814][ C0] ? kmsan_get_metadata+0x4f/0x180 [ 311.269925][ C0] do_filp_open+0x2b8/0x710 [ 311.274445][ C0] do_sys_openat2+0x96f/0xe30 [ 311.279122][ C0] __se_sys_openat+0x24a/0x2b0 [ 311.283880][ C0] __x64_sys_openat+0x56/0x70 [ 311.288547][ C0] do_syscall_64+0xb0/0x150 [ 311.293041][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 311.298916][ C0] RIP: 0033:0x4b3dfa [ 311.302795][ C0] Code: Bad RIP value. [ 311.306846][ C0] RSP: 002b:000000c000493830 EFLAGS: 00000206 ORIG_RAX: 0000000000000101 [ 311.315243][ C0] RAX: ffffffffffffffda RBX: 000000c00002c000 RCX: 00000000004b3dfa [ 311.323214][ C0] RDX: 0000000000080002 RSI: 000000c013200400 RDI: ffffffffffffff9c [ 311.331171][ C0] RBP: 000000c0004938a8 R08: 0000000000000000 R09: 0000000000000000 [ 311.339128][ C0] R10: 00000000000001a4 R11: 0000000000000206 R12: ffffffffffffffff [ 311.347084][ C0] R13: 0000000000000021 R14: 0000000000000020 R15: 0000000000000100 [ 311.355067][ C0] [ 311.357376][ C0] Uninit was stored to memory at: [ 311.362389][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 311.368091][ C0] __msan_chain_origin+0x50/0x90 [ 311.373030][ C0] ___bpf_prog_run+0x6c64/0x97a0 [ 311.377947][ C0] __bpf_prog_run32+0x101/0x170 [ 311.382794][ C0] packet_rcv_fanout+0x51e/0x25c0 [ 311.387807][ C0] dev_queue_xmit_nit+0x11a0/0x1280 [ 311.393004][ C0] dev_hard_start_xmit+0x20c/0xa70 [ 311.398101][ C0] __dev_queue_xmit+0x2f8d/0x3b20 [ 311.403129][ C0] dev_queue_xmit+0x4b/0x60 [ 311.407618][ C0] neigh_connected_output+0x662/0x6e0 [ 311.412972][ C0] ip6_finish_output2+0x20fb/0x2620 [ 311.418154][ C0] __ip6_finish_output+0x824/0x8e0 [ 311.423252][ C0] ip6_finish_output+0x166/0x410 [ 311.428272][ C0] ip6_output+0x60a/0x770 [ 311.432600][ C0] mld_sendpack+0xeba/0x13d0 [ 311.437176][ C0] mld_ifc_timer_expire+0x1158/0x1750 [ 311.442532][ C0] call_timer_fn+0x218/0x510 [ 311.447106][ C0] __run_timers+0xd20/0x11c0 [ 311.451695][ C0] run_timer_softirq+0x2d/0x50 [ 311.456440][ C0] __do_softirq+0x311/0x83d [ 311.460917][ C0] [ 311.463227][ C0] Local variable ----regs@__bpf_prog_run32 created at: [ 311.470056][ C0] __bpf_prog_run32+0x87/0x170 [ 311.474821][ C0] __bpf_prog_run32+0x87/0x170 [ 311.479572][ C0] ===================================================== [ 312.000824][ T31] Shutting down cpus with NMI [ 312.019164][ T31] Kernel Offset: 0x14c00000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff) [ 312.030789][ T31] Rebooting in 86400 seconds..