[[0;32m OK [0m] Reached target Graphical Interface.
Starting Update UTMP about System Runlevel Changes...
Starting Load/Save RF Kill Switch Status...
[[0;32m OK [0m] Started Update UTMP about System Runlevel Changes.
[[0;32m OK [0m] Started Load/Save RF Kill Switch Status.
Debian GNU/Linux 9 syzkaller ttyS0
Warning: Permanently added '10.128.0.87' (ECDSA) to the list of known hosts.
syzkaller login: [ 140.388682][ T8212] IPVS: ftp: loaded support on port[0] = 21
[ 140.564747][ T8212] chnl_net:caif_netlink_parms(): no params data found
[ 140.648410][ T8212] bridge0: port 1(bridge_slave_0) entered blocking state
[ 140.655557][ T8212] bridge0: port 1(bridge_slave_0) entered disabled state
[ 140.665642][ T8212] device bridge_slave_0 entered promiscuous mode
[ 140.677647][ T8212] bridge0: port 2(bridge_slave_1) entered blocking state
[ 140.684835][ T8212] bridge0: port 2(bridge_slave_1) entered disabled state
[ 140.694278][ T8212] device bridge_slave_1 entered promiscuous mode
[ 140.726953][ T8212] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 140.739893][ T8212] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 140.772966][ T8212] team0: Port device team_slave_0 added
[ 140.782235][ T8212] team0: Port device team_slave_1 added
[ 140.810725][ T8212] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 140.817814][ T8212] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 140.844094][ T8212] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 140.858047][ T8212] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 140.865026][ T8212] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 140.891283][ T8212] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 140.931622][ T8212] device hsr_slave_0 entered promiscuous mode
[ 140.939132][ T8212] device hsr_slave_1 entered promiscuous mode
[ 141.116603][ T8212] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 141.128917][ T8212] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 141.147141][ T8212] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 141.165610][ T8212] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 141.247923][ T8212] bridge0: port 2(bridge_slave_1) entered blocking state
[ 141.255076][ T8212] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 141.262938][ T8212] bridge0: port 1(bridge_slave_0) entered blocking state
[ 141.270410][ T8212] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 141.346076][ T8212] 8021q: adding VLAN 0 to HW filter on device bond0
[ 141.367253][ T2092] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 141.378150][ T2092] bridge0: port 1(bridge_slave_0) entered disabled state
[ 141.388912][ T2092] bridge0: port 2(bridge_slave_1) entered disabled state
[ 141.400126][ T2092] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[ 141.417737][ T8212] 8021q: adding VLAN 0 to HW filter on device team0
[ 141.435031][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 141.444708][ T7] bridge0: port 1(bridge_slave_0) entered blocking state
[ 141.452212][ T7] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 141.468709][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 141.478364][ T18] bridge0: port 2(bridge_slave_1) entered blocking state
[ 141.485620][ T18] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 141.513980][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 141.532525][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 141.543912][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 141.554958][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 141.571073][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 141.580735][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 141.598588][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 141.608042][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 141.623334][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 141.632614][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 141.648623][ T8212] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 141.681390][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 141.689296][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 141.709316][ T8212] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 141.742206][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 141.751903][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 141.784373][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 141.793653][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 141.808622][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 141.818137][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 141.830646][ T8212] device veth0_vlan entered promiscuous mode
[ 141.851471][ T8212] device veth1_vlan entered promiscuous mode
[ 141.890475][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 141.900308][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 141.909870][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 141.919542][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 141.936788][ T8212] device veth0_macvtap entered promiscuous mode
[ 141.952326][ T8212] device veth1_macvtap entered promiscuous mode
[ 141.983091][ T8212] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 141.991375][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 142.000759][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 142.010230][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 142.020073][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 142.038919][ T8212] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 142.047352][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 142.057466][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 142.073350][ T8212] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 142.082367][ T8212] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 142.091760][ T8212] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 142.100818][ T8212] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
executing program
[ 142.285414][ C1] =====================================================
[ 142.292396][ C1] BUG: KMSAN: uninit-value in ip_rcv_core+0xf4c/0x1480
[ 142.299389][ C1] CPU: 1 PID: 8423 Comm: syz-executor322 Not tainted 5.11.0-rc7-syzkaller #0
[ 142.308151][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 142.318217][ C1] Call Trace:
[ 142.321498][ C1]
[ 142.324375][ C1] dump_stack+0x21c/0x280
[ 142.328717][ C1] kmsan_report+0xfb/0x1e0
[ 142.333135][ C1] __msan_warning+0x5f/0xa0
[ 142.337674][ C1] ip_rcv_core+0xf4c/0x1480
[ 142.342173][ C1] ip_rcv+0xc7/0x820
[ 142.346070][ C1] ? kmsan_get_metadata+0x116/0x180
[ 142.351299][ C1] __netif_receive_skb+0x1ec/0x640
[ 142.356445][ C1] ? kmsan_internal_set_origin+0x85/0xc0
[ 142.362130][ C1] ? ip_local_deliver_finish+0x370/0x370
[ 142.370132][ C1] process_backlog+0x517/0xbd0
[ 142.374903][ C1] ? native_apic_mem_write+0x45/0x90
[ 142.380184][ C1] ? rps_trigger_softirq+0x2e0/0x2e0
[ 142.385611][ C1] napi_poll+0x428/0x15c0
[ 142.389980][ C1] net_rx_action+0x34c/0xd30
[ 142.394579][ C1] ? net_tx_action+0xd30/0xd30
[ 142.399331][ C1] __do_softirq+0x1b9/0x715
[ 142.403833][ C1] asm_call_irq_on_stack+0xf/0x20
[ 142.408943][ C1]
[ 142.411881][ C1] do_softirq_own_stack+0x6e/0x90
[ 142.416916][ C1] __local_bh_enable_ip+0x184/0x1d0
[ 142.422123][ C1] local_bh_enable+0x36/0x40
[ 142.426815][ C1] __dev_queue_xmit+0x3b3e/0x45c0
[ 142.431968][ C1] dev_queue_xmit+0x4b/0x60
[ 142.436988][ C1] ? netdev_core_pick_tx+0x5a0/0x5a0
[ 142.442297][ C1] packet_sendmsg+0x8778/0x9a60
[ 142.448204][ C1] ? __msan_metadata_ptr_for_load_8+0x10/0x20
[ 142.454305][ C1] ? kmsan_get_metadata+0x116/0x180
[ 142.459493][ C1] ? kmsan_get_metadata+0x116/0x180
[ 142.464696][ C1] ? kmsan_internal_set_origin+0x85/0xc0
[ 142.470319][ C1] ? kmsan_get_metadata+0x116/0x180
[ 142.475516][ C1] ? kmsan_get_shadow_origin_ptr+0x84/0xb0
[ 142.481366][ C1] ? __msan_metadata_ptr_for_load_8+0x10/0x20
[ 142.487479][ C1] ____sys_sendmsg+0xcfc/0x12f0
[ 142.492321][ C1] ? packet_getsockopt+0x1120/0x1120
[ 142.497609][ C1] __sys_sendmsg+0x714/0x830
[ 142.502187][ C1] ? kmsan_get_metadata+0x117/0x180
[ 142.507377][ C1] ? kmsan_internal_set_origin+0x85/0xc0
[ 142.513007][ C1] ? kmsan_get_metadata+0x116/0x180
[ 142.518223][ C1] __se_sys_sendmsg+0x97/0xb0
[ 142.522889][ C1] __x64_sys_sendmsg+0x4a/0x70
[ 142.527651][ C1] do_syscall_64+0x9f/0x140
[ 142.532178][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 142.538063][ C1] RIP: 0033:0x443e29
[ 142.541956][ C1] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 41 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 142.561587][ C1] RSP: 002b:00007fffbb933138 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 142.569999][ C1] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000443e29
[ 142.578003][ C1] RDX: 0000000000000000 RSI: 00000000200005c0 RDI: 0000000000000003
[ 142.585958][ C1] RBP: 0000000000000000 R08: 0000000000f0b5ff R09: 0000000000f0b5ff
[ 142.593929][ C1] R10: 00007fffbb932bb0 R11: 0000000000000246 R12: 00007fffbb933170
[ 142.601928][ C1] R13: 00007fffbb933160 R14: 00007fffbb933150 R15: 0000000000000003
[ 142.609903][ C1]
[ 142.612231][ C1] Uninit was stored to memory at:
[ 142.618230][ C1] kmsan_internal_chain_origin+0xad/0x130
[ 142.623952][ C1] __msan_chain_origin+0x57/0xa0
[ 142.628912][ C1] iptunnel_xmit+0xbd6/0xf20
[ 142.633497][ C1] udp_tunnel_xmit_skb+0x526/0x640
[ 142.638601][ C1] geneve_xmit+0x209e/0x3c20
[ 142.643181][ C1] xmit_one+0x2b6/0x760
[ 142.647416][ C1] __dev_queue_xmit+0x3426/0x45c0
[ 142.652466][ C1] dev_queue_xmit+0x4b/0x60
[ 142.657038][ C1] packet_sendmsg+0x8778/0x9a60
[ 142.661881][ C1] ____sys_sendmsg+0xcfc/0x12f0
[ 142.666719][ C1] __sys_sendmsg+0x714/0x830
[ 142.671333][ C1] __se_sys_sendmsg+0x97/0xb0
[ 142.675996][ C1] __x64_sys_sendmsg+0x4a/0x70
[ 142.680760][ C1] do_syscall_64+0x9f/0x140
[ 142.685252][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 142.691132][ C1]
[ 142.693452][ C1] Uninit was created at:
[ 142.697673][ C1] kmsan_internal_poison_shadow+0x5c/0xf0
[ 142.703422][ C1] kmsan_slab_alloc+0x8d/0xe0
[ 142.708121][ C1] __kmalloc_node_track_caller+0xa37/0x1430
[ 142.715164][ C1] __alloc_skb+0x2f8/0xb30
[ 142.719609][ C1] alloc_skb_with_frags+0x1f3/0xc10
[ 142.724844][ C1] sock_alloc_send_pskb+0xdc1/0xf90
[ 142.730057][ C1] packet_sendmsg+0x6aab/0x9a60
[ 142.734898][ C1] ____sys_sendmsg+0xcfc/0x12f0
[ 142.739763][ C1] __sys_sendmsg+0x714/0x830
[ 142.744347][ C1] __se_sys_sendmsg+0x97/0xb0
[ 142.749041][ C1] __x64_sys_sendmsg+0x4a/0x70
[ 142.753828][ C1] do_syscall_64+0x9f/0x140
[ 142.758322][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 142.764233][ C1] =====================================================
[ 142.771152][ C1] Disabling lock debugging due to kernel taint
[ 142.777299][ C1] Kernel panic - not syncing: panic_on_warn set ...
[ 142.783871][ C1] CPU: 1 PID: 8423 Comm: syz-executor322 Tainted: G B 5.11.0-rc7-syzkaller #0
[ 142.794058][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 142.804096][ C1] Call Trace:
[ 142.807365][ C1]
[ 142.810211][ C1] dump_stack+0x21c/0x280
[ 142.814534][ C1] panic+0x4c6/0xea7
[ 142.818511][ C1] ? add_taint+0x17c/0x210
[ 142.822934][ C1] kmsan_report+0x1de/0x1e0
[ 142.827432][ C1] __msan_warning+0x5f/0xa0
[ 142.831932][ C1] ip_rcv_core+0xf4c/0x1480
[ 142.836441][ C1] ip_rcv+0xc7/0x820
[ 142.840354][ C1] ? kmsan_get_metadata+0x116/0x180
[ 142.845544][ C1] __netif_receive_skb+0x1ec/0x640
[ 142.850650][ C1] ? kmsan_internal_set_origin+0x85/0xc0
[ 142.856278][ C1] ? ip_local_deliver_finish+0x370/0x370
[ 142.861931][ C1] process_backlog+0x517/0xbd0
[ 142.866692][ C1] ? native_apic_mem_write+0x45/0x90
[ 142.872001][ C1] ? rps_trigger_softirq+0x2e0/0x2e0
[ 142.877294][ C1] napi_poll+0x428/0x15c0
[ 142.881646][ C1] net_rx_action+0x34c/0xd30
[ 142.886251][ C1] ? net_tx_action+0xd30/0xd30
[ 142.891004][ C1] __do_softirq+0x1b9/0x715
[ 142.895504][ C1] asm_call_irq_on_stack+0xf/0x20
[ 142.900517][ C1]
[ 142.903438][ C1] do_softirq_own_stack+0x6e/0x90
[ 142.908454][ C1] __local_bh_enable_ip+0x184/0x1d0
[ 142.913645][ C1] local_bh_enable+0x36/0x40
[ 142.918244][ C1] __dev_queue_xmit+0x3b3e/0x45c0
[ 142.923265][ C1] dev_queue_xmit+0x4b/0x60
[ 142.927755][ C1] ? netdev_core_pick_tx+0x5a0/0x5a0
[ 142.933026][ C1] packet_sendmsg+0x8778/0x9a60
[ 142.937885][ C1] ? __msan_metadata_ptr_for_load_8+0x10/0x20
[ 142.943976][ C1] ? kmsan_get_metadata+0x116/0x180
[ 142.949176][ C1] ? kmsan_get_metadata+0x116/0x180
[ 142.954372][ C1] ? kmsan_internal_set_origin+0x85/0xc0
[ 142.960023][ C1] ? kmsan_get_metadata+0x116/0x180
[ 142.965225][ C1] ? kmsan_get_shadow_origin_ptr+0x84/0xb0
[ 142.971051][ C1] ? __msan_metadata_ptr_for_load_8+0x10/0x20
[ 142.977144][ C1] ____sys_sendmsg+0xcfc/0x12f0
[ 142.981985][ C1] ? packet_getsockopt+0x1120/0x1120
[ 142.987261][ C1] __sys_sendmsg+0x714/0x830
[ 142.991854][ C1] ? kmsan_get_metadata+0x117/0x180
[ 142.997049][ C1] ? kmsan_internal_set_origin+0x85/0xc0
[ 143.002686][ C1] ? kmsan_get_metadata+0x116/0x180
[ 143.007882][ C1] __se_sys_sendmsg+0x97/0xb0
[ 143.012668][ C1] __x64_sys_sendmsg+0x4a/0x70
[ 143.017449][ C1] do_syscall_64+0x9f/0x140
[ 143.021951][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 143.027876][ C1] RIP: 0033:0x443e29
[ 143.031832][ C1] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 41 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 143.051433][ C1] RSP: 002b:00007fffbb933138 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 143.059961][ C1] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000443e29
[ 143.067934][ C1] RDX: 0000000000000000 RSI: 00000000200005c0 RDI: 0000000000000003
[ 143.075896][ C1] RBP: 0000000000000000 R08: 0000000000f0b5ff R09: 0000000000f0b5ff
[ 143.083915][ C1] R10: 00007fffbb932bb0 R11: 0000000000000246 R12: 00007fffbb933170
[ 143.091889][ C1] R13: 00007fffbb933160 R14: 00007fffbb933150 R15: 0000000000000003
[ 143.100415][ C1] Kernel Offset: disabled
[ 143.104735][ C1] Rebooting in 86400 seconds..