[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 54.634291] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 57.690956] random: sshd: uninitialized urandom read (32 bytes read) [ 58.215281] random: sshd: uninitialized urandom read (32 bytes read) [ 59.891175] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.10.5' (ECDSA) to the list of known hosts. [ 65.764336] random: sshd: uninitialized urandom read (32 bytes read) 2018/09/21 10:47:52 fuzzer started [ 67.453297] random: cc1: uninitialized urandom read (8 bytes read) 2018/09/21 10:47:55 dialing manager at 10.128.0.26:38359 2018/09/21 10:47:55 syscalls: 1 2018/09/21 10:47:55 code coverage: enabled 2018/09/21 10:47:55 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled 2018/09/21 10:47:55 setuid sandbox: enabled 2018/09/21 10:47:55 namespace sandbox: enabled 2018/09/21 10:47:55 Android sandbox: /sys/fs/selinux/policy does not exist 2018/09/21 10:47:55 fault injection: enabled 2018/09/21 10:47:55 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2018/09/21 10:47:55 net packed injection: enabled 2018/09/21 10:47:55 net device setup: enabled [ 72.943165] random: crng init done 10:48:55 executing program 0: r0 = socket$kcm(0x11, 0x2, 0x300) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f0000000040)=@l2={0x1f, 0xffffdd86, {0x8}}, 0x80, &(0x7f0000000180)}, 0x0) 10:48:55 executing program 1: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f00000000c0)="696f2e6266712e7765696768740041cb79a87c6002c8bc62be22fedd1f7c648ad27bbe6aa013f869a3ebfca6531e1dd1f49b99e44a79392b2544b430be265d7a717006fa78e6534a8427c3d2fd63ba45d2e25d", 0x2, 0x0) write$cgroup_int(r1, &(0x7f0000000000)=0x3, 0x12) 10:48:55 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-serpent-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080), 0x0) r1 = accept$alg(r0, 0x0, 0x0) recvmmsg(r1, &(0x7f0000007e00)=[{{&(0x7f0000001240)=@alg, 0x80, &(0x7f0000004700)=[{&(0x7f0000003580)=""/4096, 0x1000}], 0x1, &(0x7f0000004780)=""/245, 0xf5}}], 0x1, 0x0, &(0x7f0000008000)={0x0, 0x989680}) 10:48:55 executing program 2: clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) mkdir(&(0x7f0000000200)='./file0\x00', 0x0) mount(&(0x7f0000000480)=ANY=[], &(0x7f00000000c0)='./file0\x00', &(0x7f0000000280)="7379736673002a864f4bc00bce1bdb20637213b1e894d120715f9dc1125b042c7226eb0136d9624ea1d23374a660fe5ac173722fd367ad22e8553025a2e8be0bc5514379af7213d32b8d5d06dc8fbf2c849ed9cdefc74b03dfa9cb5a90b28b4b24d7862c3d66fca53167d5424235435a3dbb76bc7d3c42fc2e9c696114a6f888f0da85277683cfc1c4d2bf71c255a3134d64cc3fed8e97798deb8631cbf7682c9fa2ed031465aa191df922f764297cba22a8499d177f49fba940f55bbc8b723fd374f1fed78c8aeec6811d9b5879487387d56594a14c2588274de84fa27610302b3fb54172a8c910a07e7c76ea465aa68402", 0x3, &(0x7f0000000080)) openat$null(0xffffffffffffff9c, &(0x7f0000000080)='/dev/null\x00', 0x0, 0x0) lstat(&(0x7f0000000100)='./file0/file0\x00', &(0x7f0000000140)) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000200)) lsetxattr(&(0x7f0000000300)='./file0\x00', &(0x7f0000000440)=@known='system.posix_acl_default\x00', &(0x7f00000003c0)="02000000000020feff0000000200f30000000000", 0x8a, 0x0) lchown(&(0x7f0000000500)='./file0\x00', 0x0, 0x0) 10:48:55 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xee6b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={0x0, {0x2, 0x0, @rand_addr}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}}) 10:48:55 executing program 4: r0 = socket(0x8, 0x2, 0x4) flistxattr(r0, &(0x7f0000000080)=""/143, 0x8f) r1 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSARP(r1, 0x8955, &(0x7f0000000600)={{0x2, 0x0, @local}, {0x0, @dev}, 0x8, {0x2, 0x0, @rand_addr}, "0000000500000000723000"}) [ 130.583260] IPVS: ftp: loaded support on port[0] = 21 [ 130.633247] IPVS: ftp: loaded support on port[0] = 21 [ 130.670546] IPVS: ftp: loaded support on port[0] = 21 [ 130.689905] IPVS: ftp: loaded support on port[0] = 21 [ 130.706289] IPVS: ftp: loaded support on port[0] = 21 [ 130.710010] IPVS: ftp: loaded support on port[0] = 21 [ 134.868196] ip (4869) used greatest stack depth: 53752 bytes left [ 136.140027] ip (4904) used greatest stack depth: 53720 bytes left [ 136.988194] ip (4928) used greatest stack depth: 53448 bytes left [ 138.184396] bridge0: port 1(bridge_slave_0) entered blocking state [ 138.191030] bridge0: port 1(bridge_slave_0) entered disabled state [ 138.233242] device bridge_slave_0 entered promiscuous mode [ 138.311446] bridge0: port 1(bridge_slave_0) entered blocking state [ 138.318028] bridge0: port 1(bridge_slave_0) entered disabled state [ 138.373493] device bridge_slave_0 entered promiscuous mode [ 138.410210] bridge0: port 1(bridge_slave_0) entered blocking state [ 138.416765] bridge0: port 1(bridge_slave_0) entered disabled state [ 138.434199] device bridge_slave_0 entered promiscuous mode [ 138.462595] bridge0: port 1(bridge_slave_0) entered blocking state [ 138.469292] bridge0: port 1(bridge_slave_0) entered disabled state [ 138.499194] device bridge_slave_0 entered promiscuous mode [ 138.529679] bridge0: port 1(bridge_slave_0) entered blocking state [ 138.536251] bridge0: port 1(bridge_slave_0) entered disabled state [ 138.591814] device bridge_slave_0 entered promiscuous mode [ 138.622147] bridge0: port 2(bridge_slave_1) entered blocking state [ 138.628768] bridge0: port 2(bridge_slave_1) entered disabled state [ 138.686932] device bridge_slave_1 entered promiscuous mode [ 138.751267] bridge0: port 1(bridge_slave_0) entered blocking state [ 138.757911] bridge0: port 1(bridge_slave_0) entered disabled state [ 138.792426] device bridge_slave_0 entered promiscuous mode [ 138.847401] bridge0: port 2(bridge_slave_1) entered blocking state [ 138.853995] bridge0: port 2(bridge_slave_1) entered disabled state [ 138.864407] device bridge_slave_1 entered promiscuous mode [ 138.874787] bridge0: port 2(bridge_slave_1) entered blocking state [ 138.881351] bridge0: port 2(bridge_slave_1) entered disabled state [ 138.906216] device bridge_slave_1 entered promiscuous mode [ 138.952236] bridge0: port 2(bridge_slave_1) entered blocking state [ 138.958786] bridge0: port 2(bridge_slave_1) entered disabled state [ 138.994992] device bridge_slave_1 entered promiscuous mode [ 139.023256] bridge0: port 2(bridge_slave_1) entered blocking state [ 139.029891] bridge0: port 2(bridge_slave_1) entered disabled state [ 139.073824] device bridge_slave_1 entered promiscuous mode [ 139.141716] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 139.267443] bridge0: port 2(bridge_slave_1) entered blocking state [ 139.273965] bridge0: port 2(bridge_slave_1) entered disabled state [ 139.318519] device bridge_slave_1 entered promiscuous mode [ 139.335999] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 139.366345] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 139.424516] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 139.513208] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 139.605154] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 139.725962] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 139.757944] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 139.819913] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 139.846231] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 139.973983] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 140.113049] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 140.417978] ip (5018) used greatest stack depth: 53208 bytes left [ 141.013836] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 141.112713] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 141.158701] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 141.300105] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 141.372473] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 141.402277] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 141.445536] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 141.587274] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 141.634784] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 141.738489] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 141.809315] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 141.816917] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 141.900099] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 142.000185] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 142.050706] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 142.058067] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 142.115248] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 142.122469] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 142.202582] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 142.209795] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 142.269443] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 142.276586] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 142.332028] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 142.339126] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 142.403244] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 142.410387] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 142.527316] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 142.534489] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 142.582462] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 142.589920] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 142.721374] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 142.728541] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 142.746224] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 142.753309] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 142.790954] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 142.798159] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 143.762120] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 143.801372] team0: Port device team_slave_0 added [ 143.916848] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 143.939578] team0: Port device team_slave_0 added [ 143.987936] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 143.997847] team0: Port device team_slave_0 added [ 144.114493] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 144.142433] team0: Port device team_slave_0 added [ 144.203810] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 144.213839] team0: Port device team_slave_0 added [ 144.265020] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 144.281992] team0: Port device team_slave_1 added [ 144.292276] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 144.313557] team0: Port device team_slave_0 added [ 144.364543] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 144.405500] team0: Port device team_slave_1 added [ 144.490314] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 144.514714] team0: Port device team_slave_1 added [ 144.547092] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 144.575497] team0: Port device team_slave_1 added [ 144.605978] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 144.647224] team0: Port device team_slave_1 added [ 144.739071] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 144.746892] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 144.767840] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 144.827363] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 144.851188] team0: Port device team_slave_1 added [ 144.889190] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 144.896319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 144.917558] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 144.989353] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 144.996548] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 145.014749] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 145.072695] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 145.079855] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 145.094170] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 145.127593] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 145.134806] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 145.159891] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 145.249817] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 145.257003] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 145.274268] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 145.342985] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 145.350101] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 145.370476] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 145.424587] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 145.431847] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 145.442820] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 145.467302] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 145.476287] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 145.501271] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 145.555195] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 145.562310] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 145.578195] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 145.620921] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 145.628080] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 145.648659] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 145.790035] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 145.797803] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 145.819993] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 145.897275] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 145.904531] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 145.919008] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 145.961879] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 145.971942] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 145.991992] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 146.042455] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 146.050226] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 146.063480] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 146.084457] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 146.095711] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 146.103542] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 146.148707] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 146.186825] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 146.215558] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 146.271808] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 146.279975] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 146.296759] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 146.410143] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 146.418224] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 146.436433] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 146.484353] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 146.492137] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 146.506701] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 146.568956] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 146.579326] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 146.597875] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 146.633447] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 146.642028] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 146.692270] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 146.746297] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 146.755692] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 146.770116] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 146.872454] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 146.880904] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 146.895540] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 151.497498] bridge0: port 2(bridge_slave_1) entered blocking state [ 151.504046] bridge0: port 2(bridge_slave_1) entered forwarding state [ 151.511071] bridge0: port 1(bridge_slave_0) entered blocking state [ 151.517581] bridge0: port 1(bridge_slave_0) entered forwarding state [ 151.575848] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 151.582513] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 151.621981] bridge0: port 2(bridge_slave_1) entered blocking state [ 151.628520] bridge0: port 2(bridge_slave_1) entered forwarding state [ 151.635532] bridge0: port 1(bridge_slave_0) entered blocking state [ 151.642063] bridge0: port 1(bridge_slave_0) entered forwarding state [ 151.703230] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 151.713306] bridge0: port 2(bridge_slave_1) entered blocking state [ 151.719822] bridge0: port 2(bridge_slave_1) entered forwarding state [ 151.726835] bridge0: port 1(bridge_slave_0) entered blocking state [ 151.733359] bridge0: port 1(bridge_slave_0) entered forwarding state [ 151.768712] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 151.803286] bridge0: port 2(bridge_slave_1) entered blocking state [ 151.809808] bridge0: port 2(bridge_slave_1) entered forwarding state [ 151.817319] bridge0: port 1(bridge_slave_0) entered blocking state [ 151.823855] bridge0: port 1(bridge_slave_0) entered forwarding state [ 151.843565] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 152.185073] bridge0: port 2(bridge_slave_1) entered blocking state [ 152.191714] bridge0: port 2(bridge_slave_1) entered forwarding state [ 152.198771] bridge0: port 1(bridge_slave_0) entered blocking state [ 152.205277] bridge0: port 1(bridge_slave_0) entered forwarding state [ 152.232223] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 152.259552] bridge0: port 2(bridge_slave_1) entered blocking state [ 152.266096] bridge0: port 2(bridge_slave_1) entered forwarding state [ 152.273117] bridge0: port 1(bridge_slave_0) entered blocking state [ 152.279743] bridge0: port 1(bridge_slave_0) entered forwarding state [ 152.377131] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 152.596873] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 152.611190] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 152.639409] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 152.677997] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 152.702946] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 170.222175] 8021q: adding VLAN 0 to HW filter on device bond0 [ 170.902494] 8021q: adding VLAN 0 to HW filter on device bond0 [ 171.004449] 8021q: adding VLAN 0 to HW filter on device bond0 [ 171.031822] 8021q: adding VLAN 0 to HW filter on device bond0 [ 171.066059] 8021q: adding VLAN 0 to HW filter on device bond0 [ 171.549806] 8021q: adding VLAN 0 to HW filter on device bond0 [ 171.908809] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 172.607079] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 172.663868] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 172.769223] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 172.879291] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 173.372460] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 173.653200] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 173.659832] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 173.677136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 174.342920] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 174.349398] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 174.366279] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 174.411816] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 174.418239] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 174.433027] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 174.582026] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 174.588528] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 174.600240] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 174.666586] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 174.673103] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 174.685492] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 175.231886] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 175.238411] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 175.250892] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 175.397877] 8021q: adding VLAN 0 to HW filter on device team0 [ 176.185713] 8021q: adding VLAN 0 to HW filter on device team0 [ 176.249427] 8021q: adding VLAN 0 to HW filter on device team0 [ 176.374705] 8021q: adding VLAN 0 to HW filter on device team0 [ 176.442692] 8021q: adding VLAN 0 to HW filter on device team0 [ 177.119943] 8021q: adding VLAN 0 to HW filter on device team0 10:49:52 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0) read(r0, &(0x7f0000000300)=""/11, 0xb) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000001c0)) clone(0x3102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000100), 0xffffffffffffffff) r1 = socket$inet6(0xa, 0x1, 0x0) connect$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @remote, 0x3}, 0x1c) write$binfmt_script(r1, &(0x7f0000000340)={'#! ', './file0'}, 0xb) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f00000001c0), 0xffffffffffffffff) recvmmsg(r1, &(0x7f0000000780)=[{{&(0x7f0000000480)=@pppoe={0x18, 0x0, {0x0, @local}}, 0x80, &(0x7f0000000680)=[{&(0x7f0000000500)=""/53, 0x35}], 0x1, &(0x7f00000006c0)=""/140, 0x8c}}], 0x1, 0x0, &(0x7f0000001a00)={0x77359400}) r2 = dup2(r0, r0) ioctl$FICLONERANGE(r2, 0x4020940d, &(0x7f0000000280)) r3 = fcntl$dupfd(r1, 0x0, r1) sendmsg$nl_route(r3, &(0x7f0000000180)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f00000000c0)=@ipmr_delroute={0x1c}, 0x1c}}, 0x0) shutdown(r3, 0x0) 10:49:53 executing program 2: r0 = socket$inet6(0xa, 0x80003, 0x2) ioctl(r0, 0x8912, &(0x7f0000000080)="153f6234488dd25d766070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00008feff0)={&(0x7f00000001c0)={0x2, 0xd, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, [@sadb_x_policy={0x8, 0x12, 0x0, 0x2, 0x0, 0x0, 0x0, {0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @in6=@loopback, @in=@remote}}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @multicast1}}]}, 0x68}}, 0x0) [ 187.140793] ================================================================== [ 187.148243] BUG: KMSAN: uninit-value in sit_tunnel_xmit+0x198b/0x3a50 [ 187.154851] CPU: 0 PID: 6308 Comm: syz-executor0 Not tainted 4.19.0-rc4+ #56 [ 187.162056] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 187.171425] Call Trace: [ 187.174038] dump_stack+0x2f6/0x430 [ 187.177891] kmsan_report+0x183/0x2b0 [ 187.181743] __msan_warning+0x70/0xc0 [ 187.185595] sit_tunnel_xmit+0x198b/0x3a50 [ 187.189876] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 187.195278] ? dev_queue_xmit_nit+0x10b2/0x12a0 [ 187.200025] ? ipip6_tunnel_uninit+0x7e0/0x7e0 [ 187.204655] dev_hard_start_xmit+0x68b/0xd50 [ 187.209132] __dev_queue_xmit+0x2d81/0x3c60 [ 187.213546] dev_queue_xmit+0x4b/0x60 [ 187.217400] ? __netdev_pick_tx+0x1440/0x1440 [ 187.221935] packet_sendmsg+0x8247/0x8db0 [ 187.226152] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 187.231552] ? aa_sk_perm+0xdaf/0x1050 [ 187.235524] ? apparmor_socket_create+0x540/0x6f0 [ 187.240436] ___sys_sendmsg+0xe70/0x1290 [ 187.244554] ? compat_packet_setsockopt+0x360/0x360 [ 187.249617] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 187.255016] ? __fget+0x892/0x8f0 [ 187.258535] ? __fdget+0x30b/0x410 [ 187.262127] __se_sys_sendmsg+0x2a3/0x3d0 [ 187.266368] __x64_sys_sendmsg+0x4a/0x70 [ 187.270467] do_syscall_64+0xb8/0x100 [ 187.274304] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 187.279535] RIP: 0033:0x457679 [ 187.282758] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 187.301685] RSP: 002b:00007f59326ccc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 187.309431] RAX: ffffffffffffffda RBX: 00007f59326cd6d4 RCX: 0000000000457679 [ 187.316729] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000003 [ 187.324027] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 187.331315] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 187.338631] R13: 00000000004d5478 R14: 00000000004c3865 R15: 0000000000000000 [ 187.345945] [ 187.347592] Uninit was created at: [ 187.351163] kmsan_internal_poison_shadow+0xb8/0x1b0 [ 187.356294] kmsan_kmalloc+0x98/0x100 [ 187.360124] kmsan_slab_alloc+0x10/0x20 [ 187.364119] __kmalloc_node_track_caller+0xb55/0x1380 [ 187.369332] __alloc_skb+0x40d/0xe50 [ 187.373092] alloc_skb_with_frags+0x1d0/0xac0 [ 187.377614] sock_alloc_send_pskb+0xe28/0x1420 [ 187.382231] packet_sendmsg+0x66b0/0x8db0 [ 187.386404] ___sys_sendmsg+0xe70/0x1290 10:49:53 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0) read(r0, &(0x7f0000000300)=""/11, 0xb) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000001c0)) clone(0x3102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000100), 0xffffffffffffffff) r1 = socket$inet6(0xa, 0x1, 0x0) connect$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @remote, 0x3}, 0x1c) write$binfmt_script(r1, &(0x7f0000000340)={'#! ', './file0'}, 0xb) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f00000001c0), 0xffffffffffffffff) recvmmsg(r1, &(0x7f0000000780)=[{{&(0x7f0000000480)=@pppoe={0x18, 0x0, {0x0, @local}}, 0x80, &(0x7f0000000680)=[{&(0x7f0000000500)=""/53, 0x35}], 0x1, &(0x7f00000006c0)=""/140, 0x8c}}], 0x1, 0x0, &(0x7f0000001a00)={0x77359400}) r2 = dup2(r0, r0) ioctl$FICLONERANGE(r2, 0x4020940d, &(0x7f0000000280)) r3 = fcntl$dupfd(r1, 0x0, r1) sendmsg$nl_route(r3, &(0x7f0000000180)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f00000000c0)=@ipmr_delroute={0x1c}, 0x1c}}, 0x0) shutdown(r3, 0x0) [ 187.390493] __se_sys_sendmsg+0x2a3/0x3d0 [ 187.394670] __x64_sys_sendmsg+0x4a/0x70 [ 187.398758] do_syscall_64+0xb8/0x100 [ 187.402588] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 187.407794] ================================================================== [ 187.415171] Disabling lock debugging due to kernel taint [ 187.420643] Kernel panic - not syncing: panic_on_warn set ... [ 187.420643] [ 187.428055] CPU: 0 PID: 6308 Comm: syz-executor0 Tainted: G B 4.19.0-rc4+ #56 [ 187.436652] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 187.446023] Call Trace: [ 187.448644] dump_stack+0x2f6/0x430 [ 187.452327] panic+0x54c/0xaf7 [ 187.455631] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 187.461132] kmsan_report+0x2a8/0x2b0 [ 187.464985] __msan_warning+0x70/0xc0 [ 187.468837] sit_tunnel_xmit+0x198b/0x3a50 [ 187.473119] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 187.478516] ? dev_queue_xmit_nit+0x10b2/0x12a0 [ 187.483257] ? ipip6_tunnel_uninit+0x7e0/0x7e0 [ 187.487891] dev_hard_start_xmit+0x68b/0xd50 [ 187.492383] __dev_queue_xmit+0x2d81/0x3c60 [ 187.496781] dev_queue_xmit+0x4b/0x60 [ 187.500614] ? __netdev_pick_tx+0x1440/0x1440 [ 187.505152] packet_sendmsg+0x8247/0x8db0 [ 187.509377] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 187.514776] ? aa_sk_perm+0xdaf/0x1050 [ 187.518745] ? apparmor_socket_create+0x540/0x6f0 [ 187.523646] ___sys_sendmsg+0xe70/0x1290 [ 187.527755] ? compat_packet_setsockopt+0x360/0x360 [ 187.532810] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 187.538204] ? __fget+0x892/0x8f0 [ 187.541719] ? __fdget+0x30b/0x410 [ 187.545306] __se_sys_sendmsg+0x2a3/0x3d0 [ 187.549536] __x64_sys_sendmsg+0x4a/0x70 [ 187.553632] do_syscall_64+0xb8/0x100 [ 187.557475] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 187.562689] RIP: 0033:0x457679 [ 187.565909] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 187.584836] RSP: 002b:00007f59326ccc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 187.592573] RAX: ffffffffffffffda RBX: 00007f59326cd6d4 RCX: 0000000000457679 [ 187.599868] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000003 [ 187.607164] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 187.614451] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 187.621739] R13: 00000000004d5478 R14: 00000000004c3865 R15: 0000000000000000 [ 187.629369] Kernel Offset: disabled [ 187.633011] Rebooting in 86400 seconds..