Warning: Permanently added '10.128.1.45' (ECDSA) to the list of known hosts. 2020/05/26 23:04:56 fuzzer started 2020/05/26 23:04:57 dialing manager at 10.128.0.26:42547 2020/05/26 23:04:58 syscalls: 2953 2020/05/26 23:04:58 code coverage: enabled 2020/05/26 23:04:58 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled 2020/05/26 23:04:58 extra coverage: enabled 2020/05/26 23:04:58 setuid sandbox: enabled 2020/05/26 23:04:58 namespace sandbox: enabled 2020/05/26 23:04:58 Android sandbox: enabled 2020/05/26 23:04:58 fault injection: enabled 2020/05/26 23:04:58 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2020/05/26 23:04:58 net packet injection: enabled 2020/05/26 23:04:58 net device setup: enabled 2020/05/26 23:04:58 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2020/05/26 23:04:58 devlink PCI setup: PCI device 0000:00:10.0 is not available 2020/05/26 23:04:58 USB emulation: /dev/raw-gadget does not exist 23:07:13 executing program 0: r0 = socket$can_bcm(0x1d, 0x2, 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000000c0)={'vcan0\x00', 0x0}) connect$can_bcm(r0, &(0x7f0000001ff0)={0x1d, r1}, 0x10) sendmsg$can_raw(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000ff0)={&(0x7f000000a000)=@canfd={{0x1}, 0x2, 0x0, 0x0, 0x0, "3b38998c2b08995fee496e6866856b76b5ee00000000000000194e2f9663a918fa1efd9b0b0000008000000001000000dd00"}, 0x48}}, 0x0) [ 262.373712][ T32] audit: type=1400 audit(1590534433.771:8): avc: denied { execmem } for pid=8816 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 [ 262.664853][ T8817] IPVS: ftp: loaded support on port[0] = 21 [ 262.890891][ T8817] chnl_net:caif_netlink_parms(): no params data found [ 263.126352][ T8817] bridge0: port 1(bridge_slave_0) entered blocking state [ 263.134106][ T8817] bridge0: port 1(bridge_slave_0) entered disabled state [ 263.143385][ T8817] device bridge_slave_0 entered promiscuous mode [ 263.178736][ T8817] bridge0: port 2(bridge_slave_1) entered blocking state [ 263.186176][ T8817] bridge0: port 2(bridge_slave_1) entered disabled state [ 263.195727][ T8817] device bridge_slave_1 entered promiscuous mode [ 263.280648][ T8817] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 263.296155][ T8817] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 263.358388][ T8817] team0: Port device team_slave_0 added [ 263.382486][ T8817] team0: Port device team_slave_1 added [ 263.434527][ T8817] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 263.441915][ T8817] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 263.468283][ T8817] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 263.483221][ T8817] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 263.490407][ T8817] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 263.517347][ T8817] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 263.696846][ T8817] device hsr_slave_0 entered promiscuous mode [ 263.770921][ T8817] device hsr_slave_1 entered promiscuous mode [ 264.172320][ T8817] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 264.228558][ T8817] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 264.277587][ T8817] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 264.317345][ T8817] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 264.516317][ T8817] 8021q: adding VLAN 0 to HW filter on device bond0 [ 264.556432][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 264.565717][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 264.596356][ T8817] 8021q: adding VLAN 0 to HW filter on device team0 [ 264.620621][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 264.631528][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 264.640809][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 264.647999][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 264.684410][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 264.693692][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 264.703785][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 264.713482][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 264.720741][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 264.735076][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 264.752241][ T3801] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 264.779854][ T3801] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 264.790201][ T3801] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 264.840822][ T3801] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 264.850983][ T3801] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 264.861147][ T3801] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 264.871362][ T3801] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 264.880767][ T3801] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 264.890104][ T3801] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 264.899571][ T3801] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 264.913476][ T8817] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 264.974151][ T3801] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 264.982227][ T3801] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 265.005549][ T8817] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 265.051853][ T3801] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 265.061809][ T3801] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 265.106716][ T3801] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 265.117320][ T3801] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 265.131246][ T3801] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 265.140465][ T3801] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 265.156146][ T8817] device veth0_vlan entered promiscuous mode [ 265.193739][ T8817] device veth1_vlan entered promiscuous mode [ 265.253875][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 265.263943][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 265.273269][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 265.283015][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 265.301771][ T8817] device veth0_macvtap entered promiscuous mode [ 265.316746][ T8817] device veth1_macvtap entered promiscuous mode [ 265.356992][ T8817] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 265.365095][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 265.374574][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 265.383835][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 265.393768][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 265.413236][ T8817] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 265.421138][ T3801] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 265.431188][ T3801] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready 23:07:17 executing program 0: r0 = socket(0x40000000015, 0x5, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8931, &(0x7f00000001c0)={'team0\x00'}) 23:07:17 executing program 0: syz_emit_ethernet(0x2a, &(0x7f0000000000)={@link_local, @remote, @void, {@ipv4={0x806, @igmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @empty, @broadcast}, {0x0, 0x0, 0x0, @multicast2}}}}}, 0x0) 23:07:17 executing program 0: r0 = creat(&(0x7f0000000240)='./bus\x00', 0x0) readahead(r0, 0x0, 0x0) 23:07:17 executing program 0: unshare(0x2a000400) timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f0000000840)={{0x0, 0x989680}, {0x77359400}}, 0x0) 23:07:18 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c0000001a000100000000000000000002000000000000000000000008001d00", @ANYRES32, @ANYBLOB="08001c00c2"], 0x2c}}, 0x0) [ 266.762188][ T9056] netlink: 'syz-executor.0': attribute type 29 has an invalid length. [ 266.770563][ T9056] netlink: 'syz-executor.0': attribute type 28 has an invalid length. 23:07:18 executing program 0: syz_emit_ethernet(0x4a, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaaaa79683c42d6f308004500003c0000000000069078ac1414bbac1414aa00000000", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="ac000002d906639f3242f504612dd21d7d1b"], 0x0) r0 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff) r1 = socket$netlink(0x10, 0x3, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) keyctl$chown(0x1d, r0, 0xee01, r2) r3 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, r0) keyctl$restrict_keyring(0x1d, r3, &(0x7f0000000100)='rxrpc_s\x00', 0x0) socket$can_raw(0x1d, 0x3, 0x1) sendmsg$RDMA_NLDEV_CMD_RES_MR_GET(r1, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000001c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="200000000d1410002cbd7000fbdbdf25080001000000000008003e0000000000e85b84db50d8ffddc4237f90746fc661ecac7d939b4647be5cae7ba688e4605c65a2718bf82ffe28e1fb093682bd08b4f075527dec2b3f28cbefcdaa20bd15d8829da5342a4c0f516354132bc79c0003392eed3980660bc4a5a2d2e907309e20db22b0d499ae1294135c0c0a160b90af15e6e107327cb689b5ed15c94aa79c84840a708d61d8d572be0224f3b0c5ba36682bd795589adc49576501fc1720079bc00244b5ad595e5caee56428df18"], 0x20}}, 0x44040) r4 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc) ioctl$sock_inet_SIOCSIFPFLAGS(r4, 0x8934, &(0x7f0000000280)={'veth1_to_bridge\x00', 0x80000001}) ioctl$sock_inet6_tcp_SIOCOUTQNSD(r4, 0x894b, &(0x7f0000000240)) [ 266.976399][ T9058] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5133 sclass=netlink_route_socket pid=9058 comm=syz-executor.0 [ 267.027312][ T9061] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5133 sclass=netlink_route_socket pid=9061 comm=syz-executor.0 23:07:18 executing program 0: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000000)=@req3={0x7f, 0xb00000, 0x7ff, 0x5, 0x5, 0x3, 0x5}, 0x1c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000080)=[{0x28, 0x0, 0x0, 0xfffff00c}, {0x80000006}]}, 0x10) r1 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r1, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0) sendmsg$kcm(r1, &(0x7f00000000c0)={&(0x7f0000000140)=@l2tp={0x2, 0x0, @empty, 0x1}, 0x80, &(0x7f0000000040)=[{&(0x7f00000001c0)="30f7a1d1287d5742fd0fb6c155a6efc6de7182c0dfa0725fd91b4b29486f4b71e2d6ab249a60d4e128c6f4505425c45e54ba0ce99544614084035b33c7f175dc97db9aeb7644d0ecd57e25", 0x4b}], 0x1, &(0x7f0000000240)=[{0xd4, 0x88, 0x8001, "77e1aeeab418d9ea7da32909ce9c10abf7de9456fe3778d03255625b4c9ab26409d0a6193534f9d5d7f9a4a8d5504e43c4976f09e477665fb9539d55bd57fe1cfcc38c468dab0580c8f06fa5b6c214b4e9744c80fafe7b04f7851538749c3d46dd681ed6a77ca2bd5f7433ed65882dec7a0067a9ecd9f6c3ae6bb1779f1324dc4476d4604b338253c3ffeaf10b181f78e5b7563273304eb5d610c20735f9fae9b66e470bbf0758214153946d054e87a71a696b8fe40ef0faa3d9bb2b8027581a0adc255fb22b4725"}, {0x14, 0x110, 0x0, "3253193c3b"}, {0xf8, 0x116, 0x0, "800b20f54303b052853dfaca7929df8836839ff052a0bb5b2b5fe50b31d982fcb94dc27ca1d00cc46518a134469d043903d9dee9dcfad5f4b425e612838d86fd74cbc0952703689ddc752071241d4f0a3dfbf22987984ee903c140a9d8897d30fe18d615a91d0932a35acdf4dd3320cdd05c3a5922bf618cd2077b3565d79938f3e4d9e1d2d3eec3f9a908e9395774ae083fb32e4258eb15c4762f05868fc9ad7d451c5745118c69437e10d34ef98804248fb56254b346adfdf1a4fec3f5db3e25815bb647d10222e4f6a30f6775b1736b5c5dd40aaef5bfdf80139ac79c05fcfde2a92ec84b8d20efe799"}, {0xf8, 0xa51d663b139931ac, 0x0, "73d74ce050d46f95118814c24e7c08d0c688c07bf68681710b5f82bf16d5d9110a4d3462bd8c1602bd5318cbee93e0eb204a428d83a8b62808408f43515f3d885b1353cca4068a010d62e82d8273244fcbb3a5fa8e14f9c73a4a81d7519a901feae210523320d760f5287982d12e71cfc16332395f48912c7e57af2fac34fb4a73f3dc99ef77440556a5ab027cba1053320d3c05b6dcd5184610ce78cd49e3115aa205442655f5a39b9e6145542275e8281730e5b96c4c8054c954611d862a94bea5cbe006993b68d16af54b906a1d6168d47b361da3a7661377df508ba67b59324cc887381d6b404cae"}], 0x2d8}, 0x800) 23:07:18 executing program 0: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000000)=@req3={0x7f, 0xb00000, 0x7ff, 0x5, 0x5, 0x3, 0x5}, 0x1c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000080)=[{0x28, 0x0, 0x0, 0xfffff00c}, {0x80000006}]}, 0x10) r1 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r1, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0) sendmsg$kcm(r1, &(0x7f00000000c0)={&(0x7f0000000140)=@l2tp={0x2, 0x0, @empty, 0x1}, 0x80, &(0x7f0000000040)=[{&(0x7f00000001c0)="30f7a1d1287d5742fd0fb6c155a6efc6de7182c0dfa0725fd91b4b29486f4b71e2d6ab249a60d4e128c6f4505425c45e54ba0ce99544614084035b33c7f175dc97db9aeb7644d0ecd57e25", 0x4b}], 0x1, &(0x7f0000000240)=[{0xd4, 0x88, 0x8001, "77e1aeeab418d9ea7da32909ce9c10abf7de9456fe3778d03255625b4c9ab26409d0a6193534f9d5d7f9a4a8d5504e43c4976f09e477665fb9539d55bd57fe1cfcc38c468dab0580c8f06fa5b6c214b4e9744c80fafe7b04f7851538749c3d46dd681ed6a77ca2bd5f7433ed65882dec7a0067a9ecd9f6c3ae6bb1779f1324dc4476d4604b338253c3ffeaf10b181f78e5b7563273304eb5d610c20735f9fae9b66e470bbf0758214153946d054e87a71a696b8fe40ef0faa3d9bb2b8027581a0adc255fb22b4725"}, {0x14, 0x110, 0x0, "3253193c3b"}, {0xf8, 0x116, 0x0, "800b20f54303b052853dfaca7929df8836839ff052a0bb5b2b5fe50b31d982fcb94dc27ca1d00cc46518a134469d043903d9dee9dcfad5f4b425e612838d86fd74cbc0952703689ddc752071241d4f0a3dfbf22987984ee903c140a9d8897d30fe18d615a91d0932a35acdf4dd3320cdd05c3a5922bf618cd2077b3565d79938f3e4d9e1d2d3eec3f9a908e9395774ae083fb32e4258eb15c4762f05868fc9ad7d451c5745118c69437e10d34ef98804248fb56254b346adfdf1a4fec3f5db3e25815bb647d10222e4f6a30f6775b1736b5c5dd40aaef5bfdf80139ac79c05fcfde2a92ec84b8d20efe799"}, {0xf8, 0xa51d663b139931ac, 0x0, "73d74ce050d46f95118814c24e7c08d0c688c07bf68681710b5f82bf16d5d9110a4d3462bd8c1602bd5318cbee93e0eb204a428d83a8b62808408f43515f3d885b1353cca4068a010d62e82d8273244fcbb3a5fa8e14f9c73a4a81d7519a901feae210523320d760f5287982d12e71cfc16332395f48912c7e57af2fac34fb4a73f3dc99ef77440556a5ab027cba1053320d3c05b6dcd5184610ce78cd49e3115aa205442655f5a39b9e6145542275e8281730e5b96c4c8054c954611d862a94bea5cbe006993b68d16af54b906a1d6168d47b361da3a7661377df508ba67b59324cc887381d6b404cae"}], 0x2d8}, 0x800) 23:07:19 executing program 0: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000000)=@req3={0x7f, 0xb00000, 0x7ff, 0x5, 0x5, 0x3, 0x5}, 0x1c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000080)=[{0x28, 0x0, 0x0, 0xfffff00c}, {0x80000006}]}, 0x10) r1 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r1, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0) sendmsg$kcm(r1, &(0x7f00000000c0)={&(0x7f0000000140)=@l2tp={0x2, 0x0, @empty, 0x1}, 0x80, &(0x7f0000000040)=[{&(0x7f00000001c0)="30f7a1d1287d5742fd0fb6c155a6efc6de7182c0dfa0725fd91b4b29486f4b71e2d6ab249a60d4e128c6f4505425c45e54ba0ce99544614084035b33c7f175dc97db9aeb7644d0ecd57e25", 0x4b}], 0x1, &(0x7f0000000240)=[{0xd4, 0x88, 0x8001, "77e1aeeab418d9ea7da32909ce9c10abf7de9456fe3778d03255625b4c9ab26409d0a6193534f9d5d7f9a4a8d5504e43c4976f09e477665fb9539d55bd57fe1cfcc38c468dab0580c8f06fa5b6c214b4e9744c80fafe7b04f7851538749c3d46dd681ed6a77ca2bd5f7433ed65882dec7a0067a9ecd9f6c3ae6bb1779f1324dc4476d4604b338253c3ffeaf10b181f78e5b7563273304eb5d610c20735f9fae9b66e470bbf0758214153946d054e87a71a696b8fe40ef0faa3d9bb2b8027581a0adc255fb22b4725"}, {0x14, 0x110, 0x0, "3253193c3b"}, {0xf8, 0x116, 0x0, "800b20f54303b052853dfaca7929df8836839ff052a0bb5b2b5fe50b31d982fcb94dc27ca1d00cc46518a134469d043903d9dee9dcfad5f4b425e612838d86fd74cbc0952703689ddc752071241d4f0a3dfbf22987984ee903c140a9d8897d30fe18d615a91d0932a35acdf4dd3320cdd05c3a5922bf618cd2077b3565d79938f3e4d9e1d2d3eec3f9a908e9395774ae083fb32e4258eb15c4762f05868fc9ad7d451c5745118c69437e10d34ef98804248fb56254b346adfdf1a4fec3f5db3e25815bb647d10222e4f6a30f6775b1736b5c5dd40aaef5bfdf80139ac79c05fcfde2a92ec84b8d20efe799"}, {0xf8, 0xa51d663b139931ac, 0x0, "73d74ce050d46f95118814c24e7c08d0c688c07bf68681710b5f82bf16d5d9110a4d3462bd8c1602bd5318cbee93e0eb204a428d83a8b62808408f43515f3d885b1353cca4068a010d62e82d8273244fcbb3a5fa8e14f9c73a4a81d7519a901feae210523320d760f5287982d12e71cfc16332395f48912c7e57af2fac34fb4a73f3dc99ef77440556a5ab027cba1053320d3c05b6dcd5184610ce78cd49e3115aa205442655f5a39b9e6145542275e8281730e5b96c4c8054c954611d862a94bea5cbe006993b68d16af54b906a1d6168d47b361da3a7661377df508ba67b59324cc887381d6b404cae"}], 0x2d8}, 0x800) 23:07:19 executing program 0: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000000)=@req3={0x7f, 0xb00000, 0x7ff, 0x5, 0x5, 0x3, 0x5}, 0x1c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000080)=[{0x28, 0x0, 0x0, 0xfffff00c}, {0x80000006}]}, 0x10) r1 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r1, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0) sendmsg$kcm(r1, &(0x7f00000000c0)={&(0x7f0000000140)=@l2tp={0x2, 0x0, @empty, 0x1}, 0x80, &(0x7f0000000040)=[{&(0x7f00000001c0)="30f7a1d1287d5742fd0fb6c155a6efc6de7182c0dfa0725fd91b4b29486f4b71e2d6ab249a60d4e128c6f4505425c45e54ba0ce99544614084035b33c7f175dc97db9aeb7644d0ecd57e25", 0x4b}], 0x1, &(0x7f0000000240)=[{0xd4, 0x88, 0x8001, "77e1aeeab418d9ea7da32909ce9c10abf7de9456fe3778d03255625b4c9ab26409d0a6193534f9d5d7f9a4a8d5504e43c4976f09e477665fb9539d55bd57fe1cfcc38c468dab0580c8f06fa5b6c214b4e9744c80fafe7b04f7851538749c3d46dd681ed6a77ca2bd5f7433ed65882dec7a0067a9ecd9f6c3ae6bb1779f1324dc4476d4604b338253c3ffeaf10b181f78e5b7563273304eb5d610c20735f9fae9b66e470bbf0758214153946d054e87a71a696b8fe40ef0faa3d9bb2b8027581a0adc255fb22b4725"}, {0x14, 0x110, 0x0, "3253193c3b"}, {0xf8, 0x116, 0x0, "800b20f54303b052853dfaca7929df8836839ff052a0bb5b2b5fe50b31d982fcb94dc27ca1d00cc46518a134469d043903d9dee9dcfad5f4b425e612838d86fd74cbc0952703689ddc752071241d4f0a3dfbf22987984ee903c140a9d8897d30fe18d615a91d0932a35acdf4dd3320cdd05c3a5922bf618cd2077b3565d79938f3e4d9e1d2d3eec3f9a908e9395774ae083fb32e4258eb15c4762f05868fc9ad7d451c5745118c69437e10d34ef98804248fb56254b346adfdf1a4fec3f5db3e25815bb647d10222e4f6a30f6775b1736b5c5dd40aaef5bfdf80139ac79c05fcfde2a92ec84b8d20efe799"}, {0xf8, 0xa51d663b139931ac, 0x0, "73d74ce050d46f95118814c24e7c08d0c688c07bf68681710b5f82bf16d5d9110a4d3462bd8c1602bd5318cbee93e0eb204a428d83a8b62808408f43515f3d885b1353cca4068a010d62e82d8273244fcbb3a5fa8e14f9c73a4a81d7519a901feae210523320d760f5287982d12e71cfc16332395f48912c7e57af2fac34fb4a73f3dc99ef77440556a5ab027cba1053320d3c05b6dcd5184610ce78cd49e3115aa205442655f5a39b9e6145542275e8281730e5b96c4c8054c954611d862a94bea5cbe006993b68d16af54b906a1d6168d47b361da3a7661377df508ba67b59324cc887381d6b404cae"}], 0x2d8}, 0x800) 23:07:19 executing program 0: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000000)=@req3={0x7f, 0xb00000, 0x7ff, 0x5, 0x5, 0x3, 0x5}, 0x1c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000080)=[{0x28, 0x0, 0x0, 0xfffff00c}, {0x80000006}]}, 0x10) r1 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r1, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0) 23:07:19 executing program 0: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000000)=@req3={0x7f, 0xb00000, 0x7ff, 0x5, 0x5, 0x3, 0x5}, 0x1c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000080)=[{0x28, 0x0, 0x0, 0xfffff00c}, {0x80000006}]}, 0x10) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0) 23:07:19 executing program 0: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000000)=@req3={0x7f, 0xb00000, 0x7ff, 0x5, 0x5, 0x3, 0x5}, 0x1c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000080)=[{0x28, 0x0, 0x0, 0xfffff00c}, {0x80000006}]}, 0x10) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0) 23:07:19 executing program 0: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000000)=@req3={0x7f, 0xb00000, 0x7ff, 0x5, 0x5, 0x3, 0x5}, 0x1c) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000080)=[{0x28, 0x0, 0x0, 0xfffff00c}, {0x80000006}]}, 0x10) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0) [ 268.629232][ C0] ===================================================== [ 268.636212][ C0] BUG: KMSAN: uninit-value in bpf_skb_get_nlattr+0x145/0x290 [ 268.643582][ C0] CPU: 0 PID: 5240 Comm: systemd-udevd Not tainted 5.7.0-rc4-syzkaller #0 [ 268.652067][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 268.662116][ C0] Call Trace: [ 268.665395][ C0] [ 268.668251][ C0] dump_stack+0x1c9/0x220 [ 268.672584][ C0] kmsan_report+0xf7/0x1e0 [ 268.677006][ C0] __msan_warning+0x58/0xa0 [ 268.681510][ C0] bpf_skb_get_nlattr+0x145/0x290 [ 268.686637][ C0] ___bpf_prog_run+0x214d/0x97a0 [ 268.691572][ C0] ? call_timer_fn+0x218/0x510 [ 268.696330][ C0] ? __run_timers+0xcff/0x1210 [ 268.701110][ C0] ? bpf_skb_get_pay_offset+0x60/0x60 [ 268.706484][ C0] ? kmsan_set_origin_checked+0x95/0xf0 [ 268.712040][ C0] __bpf_prog_run32+0x101/0x170 [ 268.716897][ C0] ? kmsan_set_origin_checked+0x95/0xf0 [ 268.722439][ C0] ? kmsan_get_metadata+0x4f/0x180 [ 268.727546][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 268.733444][ C0] ? ___bpf_prog_run+0x97a0/0x97a0 [ 268.738547][ C0] packet_rcv+0x70f/0x2160 [ 268.742975][ C0] ? packet_sock_destruct+0x1e0/0x1e0 [ 268.748340][ C0] dev_queue_xmit_nit+0x1199/0x1270 [ 268.753543][ C0] dev_hard_start_xmit+0x20f/0xab0 [ 268.758660][ C0] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 268.764716][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 268.769901][ C0] __dev_queue_xmit+0x2f8d/0x3b20 [ 268.774915][ C0] ? __local_bh_enable_ip+0x97/0x1d0 [ 268.780182][ C0] ? kmsan_get_metadata+0x4f/0x180 [ 268.785280][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 268.790548][ C0] dev_queue_xmit+0x4b/0x60 [ 268.795035][ C0] neigh_direct_output+0x42/0x50 [ 268.799956][ C0] ? neigh_connected_output+0x6e0/0x6e0 [ 268.805494][ C0] ip6_finish_output2+0x20fd/0x2640 [ 268.810700][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 268.815893][ C0] __ip6_finish_output+0x824/0x8e0 [ 268.820995][ C0] ip6_finish_output+0x166/0x410 [ 268.825923][ C0] ip6_output+0x60a/0x770 [ 268.830245][ C0] ? ip6_output+0x770/0x770 [ 268.834732][ C0] ? ac6_seq_show+0x200/0x200 [ 268.839558][ C0] ndisc_send_skb+0x1047/0x15a0 [ 268.844411][ C0] ? ndisc_error_report+0x1a0/0x1a0 [ 268.849599][ C0] ndisc_send_rs+0xbd8/0xc30 [ 268.854190][ C0] addrconf_rs_timer+0x62f/0xcf0 [ 268.859122][ C0] call_timer_fn+0x218/0x510 [ 268.863697][ C0] ? addrconf_disable_policy_idev+0x680/0x680 [ 268.869849][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 268.875639][ C0] __run_timers+0xcff/0x1210 [ 268.880213][ C0] ? addrconf_disable_policy_idev+0x680/0x680 [ 268.886264][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 268.891451][ C0] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 268.897604][ C0] ? irqtime_account_irq+0xcb/0x2d0 [ 268.902793][ C0] run_timer_softirq+0x2d/0x50 [ 268.907547][ C0] ? timers_dead_cpu+0x9b0/0x9b0 [ 268.912475][ C0] __do_softirq+0x311/0x83d [ 268.916987][ C0] irq_exit+0x230/0x280 [ 268.921135][ C0] exiting_irq+0xe/0x10 [ 268.925271][ C0] smp_apic_timer_interrupt+0x48/0x70 [ 268.930631][ C0] apic_timer_interrupt+0x2e/0x40 [ 268.935631][ C0] [ 268.938555][ C0] RIP: 0010:___bpf_prog_run+0x3a4a/0x97a0 [ 268.944257][ C0] Code: 56 00 e9 c6 c6 ff ff 8b 3a e8 82 72 56 00 49 83 fd 3d 0f 8e d4 c6 ff ff 0f 1f 84 00 00 00 00 00 49 83 fd 5b 0f 8f e6 00 00 00 <49> 83 fd 4c 0f 8f dc 01 00 00 49 83 fd 44 4c 8b 65 c0 0f 8e fe 03 [ 268.963843][ C0] RSP: 0018:ffffb90500dbba00 EFLAGS: 00000287 ORIG_RAX: ffffffffffffff13 [ 268.972235][ C0] RAX: ffffa4370d27a808 RBX: ffffffffae287808 RCX: 00000000009f1c21 [ 268.980189][ C0] RDX: ffffa436fd26d808 RSI: 0000000000000500 RDI: ffffffffae287808 [ 268.988144][ C0] RBP: ffffb90500dbbb00 R08: fffffc644000000f R09: ffffa4362fffb000 [ 268.996100][ C0] R10: 0000000000000003 R11: ffffffffad80083d R12: 0000000000000000 [ 269.004082][ C0] R13: 000000000000003f R14: 0000000000000000 R15: 000000000000005d [ 269.013703][ C0] ? __do_softirq+0x83d/0x83d [ 269.018380][ C0] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 269.024521][ C0] ? kmsan_internal_set_origin+0x75/0xb0 [ 269.030144][ C0] __bpf_prog_run32+0x101/0x170 [ 269.034983][ C0] ? kmsan_get_metadata+0x4f/0x180 [ 269.040087][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 269.045884][ C0] ? ___bpf_prog_run+0x97a0/0x97a0 [ 269.050979][ C0] __seccomp_filter+0x59e/0x26f0 [ 269.055914][ C0] ? kmsan_get_metadata+0x4f/0x180 [ 269.061020][ C0] ? kmsan_copy_to_user+0x81/0x90 [ 269.066025][ C0] ? kmsan_get_metadata+0x4f/0x180 [ 269.071116][ C0] ? kmsan_get_metadata+0x4f/0x180 [ 269.076214][ C0] __secure_computing+0x1fa/0x380 [ 269.081228][ C0] syscall_trace_enter+0x6eb/0xf60 [ 269.086347][ C0] do_syscall_64+0x57/0x160 [ 269.090838][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 269.096709][ C0] RIP: 0033:0x7f1c1e43e335 [ 269.101111][ C0] Code: 69 db 2b 00 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 83 ff 01 48 89 f0 77 30 48 89 c7 48 89 d6 b8 06 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 03 f3 c3 90 48 8b 15 31 db 2b 00 f7 d8 64 89 [ 269.120697][ C0] RSP: 002b:00007ffe2d37f688 EFLAGS: 00000246 ORIG_RAX: 0000000000000006 [ 269.129103][ C0] RAX: ffffffffffffffda RBX: 000055f27f494800 RCX: 00007f1c1e43e335 [ 269.137069][ C0] RDX: 00007ffe2d37f6c0 RSI: 00007ffe2d37f6c0 RDI: 000055f27f493800 [ 269.145252][ C0] RBP: 00007ffe2d37f780 R08: 00007f1c1e6fd1a8 R09: 0000000000001010 [ 269.153224][ C0] R10: 0000000000000020 R11: 0000000000000246 R12: 000055f27f493800 [ 269.161182][ C0] R13: 000055f27f49380c R14: 000055f27f484705 R15: 000055f27f48470c [ 269.169147][ C0] [ 269.171452][ C0] Uninit was stored to memory at: [ 269.176462][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 269.182164][ C0] __msan_chain_origin+0x50/0x90 [ 269.187082][ C0] ___bpf_prog_run+0x6cbe/0x97a0 [ 269.191999][ C0] __bpf_prog_run32+0x101/0x170 [ 269.196831][ C0] packet_rcv+0x70f/0x2160 [ 269.201234][ C0] dev_queue_xmit_nit+0x1199/0x1270 [ 269.206414][ C0] dev_hard_start_xmit+0x20f/0xab0 [ 269.211526][ C0] __dev_queue_xmit+0x2f8d/0x3b20 [ 269.216530][ C0] dev_queue_xmit+0x4b/0x60 [ 269.221014][ C0] neigh_direct_output+0x42/0x50 [ 269.225939][ C0] ip6_finish_output2+0x20fd/0x2640 [ 269.231118][ C0] __ip6_finish_output+0x824/0x8e0 [ 269.236219][ C0] ip6_finish_output+0x166/0x410 [ 269.241140][ C0] ip6_output+0x60a/0x770 [ 269.245457][ C0] ndisc_send_skb+0x1047/0x15a0 [ 269.250285][ C0] ndisc_send_rs+0xbd8/0xc30 [ 269.254869][ C0] addrconf_rs_timer+0x62f/0xcf0 [ 269.259784][ C0] call_timer_fn+0x218/0x510 [ 269.264353][ C0] __run_timers+0xcff/0x1210 [ 269.268924][ C0] run_timer_softirq+0x2d/0x50 [ 269.273678][ C0] __do_softirq+0x311/0x83d [ 269.278154][ C0] [ 269.280460][ C0] Uninit was stored to memory at: [ 269.285468][ C0] kmsan_internal_chain_origin+0xad/0x130 [ 269.291170][ C0] __msan_chain_origin+0x50/0x90 [ 269.296088][ C0] ___bpf_prog_run+0x6c64/0x97a0 [ 269.301003][ C0] __bpf_prog_run32+0x101/0x170 [ 269.305835][ C0] packet_rcv+0x70f/0x2160 [ 269.310234][ C0] dev_queue_xmit_nit+0x1199/0x1270 [ 269.315414][ C0] dev_hard_start_xmit+0x20f/0xab0 [ 269.320522][ C0] __dev_queue_xmit+0x2f8d/0x3b20 [ 269.325535][ C0] dev_queue_xmit+0x4b/0x60 [ 269.330020][ C0] neigh_direct_output+0x42/0x50 [ 269.334937][ C0] ip6_finish_output2+0x20fd/0x2640 [ 269.340117][ C0] __ip6_finish_output+0x824/0x8e0 [ 269.345210][ C0] ip6_finish_output+0x166/0x410 [ 269.350128][ C0] ip6_output+0x60a/0x770 [ 269.354440][ C0] ndisc_send_skb+0x1047/0x15a0 [ 269.359268][ C0] ndisc_send_rs+0xbd8/0xc30 [ 269.363836][ C0] addrconf_rs_timer+0x62f/0xcf0 [ 269.368752][ C0] call_timer_fn+0x218/0x510 [ 269.373330][ C0] __run_timers+0xcff/0x1210 [ 269.377902][ C0] run_timer_softirq+0x2d/0x50 [ 269.382817][ C0] __do_softirq+0x311/0x83d [ 269.387308][ C0] [ 269.389617][ C0] Local variable ----regs@__bpf_prog_run32 created at: [ 269.396443][ C0] __bpf_prog_run32+0x87/0x170 [ 269.401185][ C0] __bpf_prog_run32+0x87/0x170 [ 269.405927][ C0] ===================================================== [ 269.412847][ C0] Disabling lock debugging due to kernel taint [ 269.418974][ C0] Kernel panic - not syncing: panic_on_warn set ... [ 269.418977][ T1140] ===================================================== [ 269.418997][ T1140] BUG: KMSAN: uninit-value in bpf_skb_get_nlattr+0x145/0x290 [ 269.425560][ C0] CPU: 0 PID: 5240 Comm: systemd-udevd Tainted: G B 5.7.0-rc4-syzkaller #0 [ 269.449671][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 269.459705][ C0] Call Trace: [ 269.462977][ C0] [ 269.465816][ C0] dump_stack+0x1c9/0x220 [ 269.470142][ C0] panic+0x3d5/0xc3e [ 269.474042][ C0] kmsan_report+0x1df/0x1e0 [ 269.478533][ C0] __msan_warning+0x58/0xa0 [ 269.483368][ C0] bpf_skb_get_nlattr+0x145/0x290 [ 269.488389][ C0] ___bpf_prog_run+0x214d/0x97a0 [ 269.493317][ C0] ? call_timer_fn+0x218/0x510 [ 269.498072][ C0] ? __run_timers+0xcff/0x1210 [ 269.502820][ C0] ? bpf_skb_get_pay_offset+0x60/0x60 [ 269.508174][ C0] ? kmsan_set_origin_checked+0x95/0xf0 [ 269.513713][ C0] __bpf_prog_run32+0x101/0x170 [ 269.518558][ C0] ? kmsan_set_origin_checked+0x95/0xf0 [ 269.524084][ C0] ? kmsan_get_metadata+0x4f/0x180 [ 269.529176][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 269.534965][ C0] ? ___bpf_prog_run+0x97a0/0x97a0 [ 269.540059][ C0] packet_rcv+0x70f/0x2160 [ 269.544472][ C0] ? packet_sock_destruct+0x1e0/0x1e0 [ 269.549828][ C0] dev_queue_xmit_nit+0x1199/0x1270 [ 269.555029][ C0] dev_hard_start_xmit+0x20f/0xab0 [ 269.560132][ C0] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 269.566183][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 269.571554][ C0] __dev_queue_xmit+0x2f8d/0x3b20 [ 269.576575][ C0] ? __local_bh_enable_ip+0x97/0x1d0 [ 269.581845][ C0] ? kmsan_get_metadata+0x4f/0x180 [ 269.586942][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 269.592135][ C0] dev_queue_xmit+0x4b/0x60 [ 269.596626][ C0] neigh_direct_output+0x42/0x50 [ 269.601548][ C0] ? neigh_connected_output+0x6e0/0x6e0 [ 269.607091][ C0] ip6_finish_output2+0x20fd/0x2640 [ 269.612289][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 269.617473][ C0] __ip6_finish_output+0x824/0x8e0 [ 269.622585][ C0] ip6_finish_output+0x166/0x410 [ 269.627512][ C0] ip6_output+0x60a/0x770 [ 269.631839][ C0] ? ip6_output+0x770/0x770 [ 269.638933][ C0] ? ac6_seq_show+0x200/0x200 [ 269.643603][ C0] ndisc_send_skb+0x1047/0x15a0 [ 269.648451][ C0] ? ndisc_error_report+0x1a0/0x1a0 [ 269.653635][ C0] ndisc_send_rs+0xbd8/0xc30 [ 269.658221][ C0] addrconf_rs_timer+0x62f/0xcf0 [ 269.663153][ C0] call_timer_fn+0x218/0x510 [ 269.667730][ C0] ? addrconf_disable_policy_idev+0x680/0x680 [ 269.673779][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 269.679569][ C0] __run_timers+0xcff/0x1210 [ 269.684143][ C0] ? addrconf_disable_policy_idev+0x680/0x680 [ 269.690194][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 269.695399][ C0] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 269.701547][ C0] ? irqtime_account_irq+0xcb/0x2d0 [ 269.706743][ C0] run_timer_softirq+0x2d/0x50 [ 269.711512][ C0] ? timers_dead_cpu+0x9b0/0x9b0 [ 269.716522][ C0] __do_softirq+0x311/0x83d [ 269.721024][ C0] irq_exit+0x230/0x280 [ 269.725164][ C0] exiting_irq+0xe/0x10 [ 269.729312][ C0] smp_apic_timer_interrupt+0x48/0x70 [ 269.734669][ C0] apic_timer_interrupt+0x2e/0x40 [ 269.739696][ C0] [ 269.742626][ C0] RIP: 0010:___bpf_prog_run+0x3a4a/0x97a0 [ 269.748337][ C0] Code: 56 00 e9 c6 c6 ff ff 8b 3a e8 82 72 56 00 49 83 fd 3d 0f 8e d4 c6 ff ff 0f 1f 84 00 00 00 00 00 49 83 fd 5b 0f 8f e6 00 00 00 <49> 83 fd 4c 0f 8f dc 01 00 00 49 83 fd 44 4c 8b 65 c0 0f 8e fe 03 [ 269.767934][ C0] RSP: 0018:ffffb90500dbba00 EFLAGS: 00000287 ORIG_RAX: ffffffffffffff13 [ 269.776338][ C0] RAX: ffffa4370d27a808 RBX: ffffffffae287808 RCX: 00000000009f1c21 [ 269.784294][ C0] RDX: ffffa436fd26d808 RSI: 0000000000000500 RDI: ffffffffae287808 [ 269.792250][ C0] RBP: ffffb90500dbbb00 R08: fffffc644000000f R09: ffffa4362fffb000 [ 269.800212][ C0] R10: 0000000000000003 R11: ffffffffad80083d R12: 0000000000000000 [ 269.808164][ C0] R13: 000000000000003f R14: 0000000000000000 R15: 000000000000005d [ 269.816125][ C0] ? __do_softirq+0x83d/0x83d [ 269.820797][ C0] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 269.826934][ C0] ? kmsan_internal_set_origin+0x75/0xb0 [ 269.832556][ C0] __bpf_prog_run32+0x101/0x170 [ 269.837396][ C0] ? kmsan_get_metadata+0x4f/0x180 [ 269.842512][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 269.848314][ C0] ? ___bpf_prog_run+0x97a0/0x97a0 [ 269.853414][ C0] __seccomp_filter+0x59e/0x26f0 [ 269.858338][ C0] ? kmsan_get_metadata+0x4f/0x180 [ 269.863446][ C0] ? kmsan_copy_to_user+0x81/0x90 [ 269.868453][ C0] ? kmsan_get_metadata+0x4f/0x180 [ 269.873555][ C0] ? kmsan_get_metadata+0x4f/0x180 [ 269.878652][ C0] __secure_computing+0x1fa/0x380 [ 269.883665][ C0] syscall_trace_enter+0x6eb/0xf60 [ 269.888774][ C0] do_syscall_64+0x57/0x160 [ 269.893263][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 269.902790][ C0] RIP: 0033:0x7f1c1e43e335 [ 269.907204][ C0] Code: 69 db 2b 00 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 83 ff 01 48 89 f0 77 30 48 89 c7 48 89 d6 b8 06 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 03 f3 c3 90 48 8b 15 31 db 2b 00 f7 d8 64 89 [ 269.926800][ C0] RSP: 002b:00007ffe2d37f688 EFLAGS: 00000246 ORIG_RAX: 0000000000000006 [ 269.935197][ C0] RAX: ffffffffffffffda RBX: 000055f27f494800 RCX: 00007f1c1e43e335 [ 269.943150][ C0] RDX: 00007ffe2d37f6c0 RSI: 00007ffe2d37f6c0 RDI: 000055f27f493800 [ 269.951102][ C0] RBP: 00007ffe2d37f780 R08: 00007f1c1e6fd1a8 R09: 0000000000001010 [ 269.959054][ C0] R10: 0000000000000020 R11: 0000000000000246 R12: 000055f27f493800 [ 269.967011][ C0] R13: 000055f27f49380c R14: 000055f27f484705 R15: 000055f27f48470c [ 269.974986][ T1140] CPU: 1 PID: 1140 Comm: kworker/u4:12 Tainted: G B 5.7.0-rc4-syzkaller #0 [ 269.984860][ T1140] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 269.994923][ T1140] Workqueue: bat_events batadv_iv_send_outstanding_bat_ogm_packet [ 270.002789][ T1140] Call Trace: [ 270.006077][ T1140] dump_stack+0x1c9/0x220 [ 270.010396][ T1140] kmsan_report+0xf7/0x1e0 [ 270.014800][ T1140] __msan_warning+0x58/0xa0 [ 270.019286][ T1140] bpf_skb_get_nlattr+0x145/0x290 [ 270.024316][ T1140] ___bpf_prog_run+0x214d/0x97a0 [ 270.029238][ T1140] ? bpf_skb_get_pay_offset+0x60/0x60 [ 270.034605][ T1140] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 270.040404][ T1140] __bpf_prog_run32+0x101/0x170 [ 270.045251][ T1140] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 270.051043][ T1140] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 270.057176][ T1140] ? skb_pull+0x14a/0x240 [ 270.061494][ T1140] ? kmsan_get_metadata+0x4f/0x180 [ 270.066588][ T1140] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 270.072374][ T1140] ? ___bpf_prog_run+0x97a0/0x97a0 [ 270.077485][ T1140] packet_rcv+0x70f/0x2160 [ 270.081901][ T1140] ? packet_sock_destruct+0x1e0/0x1e0 [ 270.087258][ T1140] dev_queue_xmit_nit+0x1199/0x1270 [ 270.092467][ T1140] dev_hard_start_xmit+0x20f/0xab0 [ 270.097572][ T1140] ? kmsan_get_metadata+0x11d/0x180 [ 270.102758][ T1140] __dev_queue_xmit+0x2f8d/0x3b20 [ 270.107763][ T1140] ? kmsan_get_metadata+0x11d/0x180 [ 270.112960][ T1140] dev_queue_xmit+0x4b/0x60 [ 270.117450][ T1140] batadv_send_skb_packet+0x59b/0x8c0 [ 270.122819][ T1140] batadv_send_broadcast_skb+0x76/0x90 [ 270.128277][ T1140] batadv_iv_send_outstanding_bat_ogm_packet+0x97e/0xd50 [ 270.135305][ T1140] ? batadv_iv_ogm_queue_add+0x1900/0x1900 [ 270.141093][ T1140] process_one_work+0x1555/0x1f40 [ 270.146123][ T1140] worker_thread+0xef6/0x2450 [ 270.150783][ T1140] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 270.156582][ T1140] ? kmsan_get_metadata+0x11d/0x180 [ 270.161775][ T1140] kthread+0x4b5/0x4f0 [ 270.165825][ T1140] ? process_one_work+0x1f40/0x1f40 [ 270.171017][ T1140] ? kthread_blkcg+0xf0/0xf0 [ 270.175595][ T1140] ret_from_fork+0x35/0x40 [ 270.180054][ T1140] [ 270.182364][ T1140] Uninit was stored to memory at: [ 270.187374][ T1140] kmsan_internal_chain_origin+0xad/0x130 [ 270.193082][ T1140] __msan_chain_origin+0x50/0x90 [ 270.198008][ T1140] ___bpf_prog_run+0x6cbe/0x97a0 [ 270.202937][ T1140] __bpf_prog_run32+0x101/0x170 [ 270.207769][ T1140] packet_rcv+0x70f/0x2160 [ 270.212165][ T1140] dev_queue_xmit_nit+0x1199/0x1270 [ 270.217431][ T1140] dev_hard_start_xmit+0x20f/0xab0 [ 270.222522][ T1140] __dev_queue_xmit+0x2f8d/0x3b20 [ 270.227527][ T1140] dev_queue_xmit+0x4b/0x60 [ 270.232012][ T1140] batadv_send_skb_packet+0x59b/0x8c0 [ 270.237377][ T1140] batadv_send_broadcast_skb+0x76/0x90 [ 270.242819][ T1140] batadv_iv_send_outstanding_bat_ogm_packet+0x97e/0xd50 [ 270.249830][ T1140] process_one_work+0x1555/0x1f40 [ 270.254838][ T1140] worker_thread+0xef6/0x2450 [ 270.259494][ T1140] kthread+0x4b5/0x4f0 [ 270.263543][ T1140] ret_from_fork+0x35/0x40 [ 270.267931][ T1140] [ 270.270248][ T1140] Uninit was stored to memory at: [ 270.275257][ T1140] kmsan_internal_chain_origin+0xad/0x130 [ 270.280959][ T1140] __msan_chain_origin+0x50/0x90 [ 270.285876][ T1140] ___bpf_prog_run+0x6c64/0x97a0 [ 270.290792][ T1140] __bpf_prog_run32+0x101/0x170 [ 270.295623][ T1140] packet_rcv+0x70f/0x2160 [ 270.300109][ T1140] dev_queue_xmit_nit+0x1199/0x1270 [ 270.305295][ T1140] dev_hard_start_xmit+0x20f/0xab0 [ 270.310390][ T1140] __dev_queue_xmit+0x2f8d/0x3b20 [ 270.315407][ T1140] dev_queue_xmit+0x4b/0x60 [ 270.319904][ T1140] batadv_send_skb_packet+0x59b/0x8c0 [ 270.325256][ T1140] batadv_send_broadcast_skb+0x76/0x90 [ 270.330697][ T1140] batadv_iv_send_outstanding_bat_ogm_packet+0x97e/0xd50 [ 270.337783][ T1140] process_one_work+0x1555/0x1f40 [ 270.342788][ T1140] worker_thread+0xef6/0x2450 [ 270.347446][ T1140] kthread+0x4b5/0x4f0 [ 270.351504][ T1140] ret_from_fork+0x35/0x40 [ 270.355891][ T1140] [ 270.358205][ T1140] Local variable ----regs@__bpf_prog_run32 created at: [ 270.365033][ T1140] __bpf_prog_run32+0x87/0x170 [ 270.369774][ T1140] __bpf_prog_run32+0x87/0x170 [ 270.374510][ T1140] ===================================================== [ 271.186991][ C0] Shutting down cpus with NMI [ 271.204365][ C0] ------------[ cut here ]------------ [ 271.209806][ C0] kernel BUG at mm/kmsan/kmsan.h:87! [ 271.215085][ C0] invalid opcode: 0000 [#1] SMP [ 271.219916][ C0] CPU: 0 PID: 5240 Comm: systemd-udevd Tainted: G B 5.7.0-rc4-syzkaller #0 [ 271.229779][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 271.239851][ C0] RIP: 0010:kmsan_internal_check_memory+0x3c0/0x3d0 [ 271.246423][ C0] Code: 5b 41 5c 41 5d 41 5e 41 5f 5d c3 0f 0b 48 c7 c7 31 3a 29 ae 31 c0 e8 61 81 47 ff 0f 0b 0f 0b 0f 0b 0f 0b e8 82 9f 47 ff 0f 0b <0f> 0b 0f 1f 40 00 66 2e 0f 1f 84 00 00 00 00 00 55 48 89 e5 83 ff [ 271.266007][ C0] RSP: 0018:ffffb90500002b38 EFLAGS: 00010046 [ 271.272344][ C0] RAX: 0000000000000002 RBX: 00000000076500cd RCX: 00000000076500cd [ 271.281784][ C0] RDX: 0000000000000000 RSI: 0000000000000001 RDI: ffffb90500002c14 [ 271.289750][ C0] RBP: ffffb90500002be0 R08: 0000000000000001 R09: ffffa4362fc28ed0 [ 271.297727][ C0] R10: 0000000000000000 R11: ffffffffa4f59a10 R12: 0000000000000000 [ 271.306044][ C0] R13: 0000000000000001 R14: 0000000000000002 R15: 0000000000000001 [ 271.314040][ C0] FS: 00007f1c1f5cb8c0(0000) GS:ffffa4362fc00000(0000) knlGS:0000000000000000 [ 271.324081][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 271.330649][ C0] CR2: 000055f27f4edf00 CR3: 0000000113577000 CR4: 00000000001406f0 [ 271.339397][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 271.347472][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 271.355451][ C0] Call Trace: [ 271.358738][ C0] [ 271.361582][ C0] ? vprintk_func+0x1ec/0x220 [ 271.366360][ C0] kmsan_check_memory+0xd/0x10 [ 271.371189][ C0] iowrite8+0x99/0x2e0 [ 271.375354][ C0] pvpanic_panic_notify+0x99/0xc0 [ 271.380392][ C0] ? pvpanic_mmio_remove+0x60/0x60 [ 271.385843][ C0] atomic_notifier_call_chain+0x12a/0x240 [ 271.391603][ C0] panic+0x468/0xc3e [ 271.395510][ C0] kmsan_report+0x1df/0x1e0 [ 271.400005][ C0] __msan_warning+0x58/0xa0 [ 271.404505][ C0] bpf_skb_get_nlattr+0x145/0x290 [ 271.410832][ C0] ___bpf_prog_run+0x214d/0x97a0 [ 271.415764][ C0] ? call_timer_fn+0x218/0x510 [ 271.420510][ C0] ? __run_timers+0xcff/0x1210 [ 271.425263][ C0] ? bpf_skb_get_pay_offset+0x60/0x60 [ 271.430626][ C0] ? kmsan_set_origin_checked+0x95/0xf0 [ 271.436175][ C0] __bpf_prog_run32+0x101/0x170 [ 271.441018][ C0] ? kmsan_set_origin_checked+0x95/0xf0 [ 271.446563][ C0] ? kmsan_get_metadata+0x4f/0x180 [ 271.451661][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 271.457462][ C0] ? ___bpf_prog_run+0x97a0/0x97a0 [ 271.462562][ C0] packet_rcv+0x70f/0x2160 [ 271.466991][ C0] ? packet_sock_destruct+0x1e0/0x1e0 [ 271.472348][ C0] dev_queue_xmit_nit+0x1199/0x1270 [ 271.477549][ C0] dev_hard_start_xmit+0x20f/0xab0 [ 271.482654][ C0] ? kmsan_internal_unpoison_shadow+0x2f/0x40 [ 271.488713][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 271.493908][ C0] __dev_queue_xmit+0x2f8d/0x3b20 [ 271.498924][ C0] ? __local_bh_enable_ip+0x97/0x1d0 [ 271.504455][ C0] ? kmsan_get_metadata+0x4f/0x180 [ 271.509561][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 271.514751][ C0] dev_queue_xmit+0x4b/0x60 [ 271.519244][ C0] neigh_direct_output+0x42/0x50 [ 271.524170][ C0] ? neigh_connected_output+0x6e0/0x6e0 [ 271.529703][ C0] ip6_finish_output2+0x20fd/0x2640 [ 271.534902][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 271.540093][ C0] __ip6_finish_output+0x824/0x8e0 [ 271.545211][ C0] ip6_finish_output+0x166/0x410 [ 271.550267][ C0] ip6_output+0x60a/0x770 [ 271.554608][ C0] ? ip6_output+0x770/0x770 [ 271.559103][ C0] ? ac6_seq_show+0x200/0x200 [ 271.563768][ C0] ndisc_send_skb+0x1047/0x15a0 [ 271.568633][ C0] ? ndisc_error_report+0x1a0/0x1a0 [ 271.573821][ C0] ndisc_send_rs+0xbd8/0xc30 [ 271.578435][ C0] addrconf_rs_timer+0x62f/0xcf0 [ 271.583370][ C0] call_timer_fn+0x218/0x510 [ 271.587965][ C0] ? addrconf_disable_policy_idev+0x680/0x680 [ 271.594019][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 271.599830][ C0] __run_timers+0xcff/0x1210 [ 271.604421][ C0] ? addrconf_disable_policy_idev+0x680/0x680 [ 271.610484][ C0] ? kmsan_get_metadata+0x11d/0x180 [ 271.616039][ C0] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 271.622198][ C0] ? irqtime_account_irq+0xcb/0x2d0 [ 271.627389][ C0] run_timer_softirq+0x2d/0x50 [ 271.633289][ C0] ? timers_dead_cpu+0x9b0/0x9b0 [ 271.638211][ C0] __do_softirq+0x311/0x83d [ 271.642708][ C0] irq_exit+0x230/0x280 [ 271.646873][ C0] exiting_irq+0xe/0x10 [ 271.651066][ C0] smp_apic_timer_interrupt+0x48/0x70 [ 271.656425][ C0] apic_timer_interrupt+0x2e/0x40 [ 271.661432][ C0] [ 271.664367][ C0] RIP: 0010:___bpf_prog_run+0x3a4a/0x97a0 [ 271.670099][ C0] Code: 56 00 e9 c6 c6 ff ff 8b 3a e8 82 72 56 00 49 83 fd 3d 0f 8e d4 c6 ff ff 0f 1f 84 00 00 00 00 00 49 83 fd 5b 0f 8f e6 00 00 00 <49> 83 fd 4c 0f 8f dc 01 00 00 49 83 fd 44 4c 8b 65 c0 0f 8e fe 03 [ 271.689689][ C0] RSP: 0018:ffffb90500dbba00 EFLAGS: 00000287 ORIG_RAX: ffffffffffffff13 [ 271.698101][ C0] RAX: ffffa4370d27a808 RBX: ffffffffae287808 RCX: 00000000009f1c21 [ 271.706069][ C0] RDX: ffffa436fd26d808 RSI: 0000000000000500 RDI: ffffffffae287808 [ 271.714036][ C0] RBP: ffffb90500dbbb00 R08: fffffc644000000f R09: ffffa4362fffb000 [ 271.722030][ C0] R10: 0000000000000003 R11: ffffffffad80083d R12: 0000000000000000 [ 271.729999][ C0] R13: 000000000000003f R14: 0000000000000000 R15: 000000000000005d [ 271.737986][ C0] ? __do_softirq+0x83d/0x83d [ 271.742663][ C0] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 271.748829][ C0] ? kmsan_internal_set_origin+0x75/0xb0 [ 271.754457][ C0] __bpf_prog_run32+0x101/0x170 [ 271.759300][ C0] ? kmsan_get_metadata+0x4f/0x180 [ 271.764416][ C0] ? kmsan_get_shadow_origin_ptr+0x81/0xb0 [ 271.770204][ C0] ? ___bpf_prog_run+0x97a0/0x97a0 [ 271.775307][ C0] __seccomp_filter+0x59e/0x26f0 [ 271.780251][ C0] ? kmsan_get_metadata+0x4f/0x180 [ 271.785373][ C0] ? kmsan_copy_to_user+0x81/0x90 [ 271.790382][ C0] ? kmsan_get_metadata+0x4f/0x180 [ 271.795481][ C0] ? kmsan_get_metadata+0x4f/0x180 [ 271.800595][ C0] __secure_computing+0x1fa/0x380 [ 271.805711][ C0] syscall_trace_enter+0x6eb/0xf60 [ 271.811778][ C0] do_syscall_64+0x57/0x160 [ 271.816287][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 271.822176][ C0] RIP: 0033:0x7f1c1e43e335 [ 271.826582][ C0] Code: 69 db 2b 00 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 83 ff 01 48 89 f0 77 30 48 89 c7 48 89 d6 b8 06 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 03 f3 c3 90 48 8b 15 31 db 2b 00 f7 d8 64 89 [ 271.846186][ C0] RSP: 002b:00007ffe2d37f688 EFLAGS: 00000246 ORIG_RAX: 0000000000000006 [ 271.854584][ C0] RAX: ffffffffffffffda RBX: 000055f27f494800 RCX: 00007f1c1e43e335 [ 271.862543][ C0] RDX: 00007ffe2d37f6c0 RSI: 00007ffe2d37f6c0 RDI: 000055f27f493800 [ 271.870605][ C0] RBP: 00007ffe2d37f780 R08: 00007f1c1e6fd1a8 R09: 0000000000001010 [ 271.878596][ C0] R10: 0000000000000020 R11: 0000000000000246 R12: 000055f27f493800 [ 271.886561][ C0] R13: 000055f27f49380c R14: 000055f27f484705 R15: 000055f27f48470c [ 271.894534][ C0] Modules linked in: [ 271.898601][ C0] ---[ end trace 0af4dd997134b08d ]--- [ 271.904056][ C0] RIP: 0010:kmsan_internal_check_memory+0x3c0/0x3d0 [ 271.910654][ C0] Code: 5b 41 5c 41 5d 41 5e 41 5f 5d c3 0f 0b 48 c7 c7 31 3a 29 ae 31 c0 e8 61 81 47 ff 0f 0b 0f 0b 0f 0b 0f 0b e8 82 9f 47 ff 0f 0b <0f> 0b 0f 1f 40 00 66 2e 0f 1f 84 00 00 00 00 00 55 48 89 e5 83 ff [ 271.930345][ C0] RSP: 0018:ffffb90500002b38 EFLAGS: 00010046 [ 271.936394][ C0] RAX: 0000000000000002 RBX: 00000000076500cd RCX: 00000000076500cd [ 271.944351][ C0] RDX: 0000000000000000 RSI: 0000000000000001 RDI: ffffb90500002c14 [ 271.952307][ C0] RBP: ffffb90500002be0 R08: 0000000000000001 R09: ffffa4362fc28ed0 [ 271.960282][ C0] R10: 0000000000000000 R11: ffffffffa4f59a10 R12: 0000000000000000 [ 271.968253][ C0] R13: 0000000000000001 R14: 0000000000000002 R15: 0000000000000001 [ 271.976518][ C0] FS: 00007f1c1f5cb8c0(0000) GS:ffffa4362fc00000(0000) knlGS:0000000000000000 [ 271.985436][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 271.992090][ C0] CR2: 000055f27f4edf00 CR3: 0000000113577000 CR4: 00000000001406f0 [ 272.000047][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 272.008362][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 272.016320][ C0] Kernel panic - not syncing: Fatal exception in interrupt [ 272.024181][ C0] Kernel Offset: 0x1ec00000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff) [ 272.035889][ C0] Rebooting in 86400 seconds..