[ 88.759406][ T3063] 8021q: adding VLAN 0 to HW filter on device bond0 [ 88.783316][ T3063] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: OK syzkaller syzkaller login: [ 100.253788][ T28] cfg80211: failed to load regulatory.db [ 141.532905][ T3488] can: request_module (can-proto-0) failed. [ 141.609174][ T3488] can: request_module (can-proto-0) failed. Warning: Permanently added '10.128.0.177' (ECDSA) to the list of known hosts. 2023/01/08 02:04:10 parsed 1 programs 2023/01/08 02:04:16 executed programs: 0 [ 177.205568][ T3552] chnl_net:caif_netlink_parms(): no params data found [ 177.295372][ T3552] bridge0: port 1(bridge_slave_0) entered blocking state [ 177.302991][ T3552] bridge0: port 1(bridge_slave_0) entered disabled state [ 177.312153][ T3552] device bridge_slave_0 entered promiscuous mode [ 177.324613][ T3552] bridge0: port 2(bridge_slave_1) entered blocking state [ 177.331947][ T3552] bridge0: port 2(bridge_slave_1) entered disabled state [ 177.341620][ T3552] device bridge_slave_1 entered promiscuous mode [ 177.396306][ T3552] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 177.411662][ T3552] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 177.464618][ T3552] team0: Port device team_slave_0 added [ 177.476411][ T3552] team0: Port device team_slave_1 added [ 177.534903][ T3552] device hsr_slave_0 entered promiscuous mode [ 177.543660][ T3552] device hsr_slave_1 entered promiscuous mode [ 177.583245][ T3552] bridge0: port 2(bridge_slave_1) entered blocking state [ 177.591013][ T3552] bridge0: port 2(bridge_slave_1) entered forwarding state [ 177.599296][ T3552] bridge0: port 1(bridge_slave_0) entered blocking state [ 177.606898][ T3552] bridge0: port 1(bridge_slave_0) entered forwarding state [ 177.743440][ T3552] 8021q: adding VLAN 0 to HW filter on device bond0 [ 177.768020][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 177.779332][ T28] bridge0: port 1(bridge_slave_0) entered disabled state [ 177.790819][ T28] bridge0: port 2(bridge_slave_1) entered disabled state [ 177.802448][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 177.824442][ T3552] 8021q: adding VLAN 0 to HW filter on device team0 [ 177.843764][ T3554] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 177.854020][ T3554] bridge0: port 1(bridge_slave_0) entered blocking state [ 177.861488][ T3554] bridge0: port 1(bridge_slave_0) entered forwarding state [ 177.880820][ T3554] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 177.890821][ T3554] bridge0: port 2(bridge_slave_1) entered blocking state [ 177.898354][ T3554] bridge0: port 2(bridge_slave_1) entered forwarding state [ 177.943325][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 177.957411][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 177.977119][ T3554] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 177.999364][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 178.020368][ T3554] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 178.037874][ T3552] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 178.086285][ T3552] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 178.470666][ T3561] ===================================================== [ 178.477948][ T3561] BUG: KMSAN: uninit-value in hsr_get_node+0xa02/0xa20 [ 178.485285][ T3561] hsr_get_node+0xa02/0xa20 [ 178.490044][ T3561] hsr_forward_skb+0x44d/0x3090 [ 178.495209][ T3561] hsr_dev_xmit+0x187/0x330 [ 178.499874][ T3561] xmit_one+0x15a/0x5f0 [ 178.504328][ T3561] dev_hard_start_xmit+0xe5/0x370 [ 178.509499][ T3561] __dev_queue_xmit+0x1dec/0x31f0 [ 178.514774][ T3561] dev_queue_xmit+0x2b/0x30 [ 178.519535][ T3561] packet_sendmsg+0x62a7/0x78e0 [ 178.524637][ T3561] __sys_sendto+0x7f2/0xa60 [ 178.529355][ T3561] __x64_sys_sendto+0x121/0x1c0 [ 178.534407][ T3561] do_syscall_64+0x3d/0xb0 [ 178.538974][ T3561] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 178.545057][ T3561] [ 178.547463][ T3561] Uninit was created at: [ 178.551941][ T3561] __kmem_cache_alloc_node+0x6ee/0xc90 [ 178.557627][ T3561] __kmalloc_node_track_caller+0x114/0x3c0 [ 178.563621][ T3561] __alloc_skb+0x34a/0xca0 [ 178.568246][ T3561] alloc_skb_with_frags+0xb9/0xba0 [ 178.573591][ T3561] sock_alloc_send_pskb+0xaa8/0xc30 [ 178.578934][ T3561] packet_sendmsg+0x4cc5/0x78e0 [ 178.583993][ T3561] __sys_sendto+0x7f2/0xa60 [ 178.588604][ T3561] __x64_sys_sendto+0x121/0x1c0 [ 178.593682][ T3561] do_syscall_64+0x3d/0xb0 [ 178.598241][ T3561] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 178.604426][ T3561] [ 178.606824][ T3561] CPU: 1 PID: 3561 Comm: syz-executor.0 Not tainted 6.1.0-syzkaller-00014-g5c6259d6d19f #0 [ 178.617223][ T3561] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 178.627442][ T3561] ===================================================== [ 178.635001][ T3561] Disabling lock debugging due to kernel taint [ 178.641240][ T3561] Kernel panic - not syncing: kmsan.panic set ... [ 178.647736][ T3561] CPU: 1 PID: 3561 Comm: syz-executor.0 Tainted: G B 6.1.0-syzkaller-00014-g5c6259d6d19f #0 [ 178.659385][ T3561] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 178.669524][ T3561] Call Trace: [ 178.672871][ T3561] [ 178.675894][ T3561] dump_stack_lvl+0x1c8/0x256 [ 178.680718][ T3561] dump_stack+0x1a/0x21 [ 178.684979][ T3561] panic+0x4d3/0xc64 [ 178.689038][ T3561] ? add_taint+0x104/0x1a0 [ 178.693675][ T3561] kmsan_report+0x2ca/0x2d0 [ 178.698428][ T3561] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 178.704390][ T3561] ? __msan_warning+0x92/0x110 [ 178.709246][ T3561] ? hsr_get_node+0xa02/0xa20 [ 178.714116][ T3561] ? hsr_forward_skb+0x44d/0x3090 [ 178.719249][ T3561] ? hsr_dev_xmit+0x187/0x330 [ 178.724027][ T3561] ? xmit_one+0x15a/0x5f0 [ 178.728439][ T3561] ? dev_hard_start_xmit+0xe5/0x370 [ 178.733945][ T3561] ? __dev_queue_xmit+0x1dec/0x31f0 [ 178.739297][ T3561] ? dev_queue_xmit+0x2b/0x30 [ 178.744199][ T3561] ? packet_sendmsg+0x62a7/0x78e0 [ 178.749400][ T3561] ? __sys_sendto+0x7f2/0xa60 [ 178.754277][ T3561] ? __x64_sys_sendto+0x121/0x1c0 [ 178.759408][ T3561] ? do_syscall_64+0x3d/0xb0 [ 178.764176][ T3561] ? entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 178.770336][ T3561] ? _raw_spin_unlock_irqrestore+0x34/0x50 [ 178.776386][ T3561] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 178.782745][ T3561] ? kmsan_internal_poison_memory+0x78/0x90 [ 178.788872][ T3561] ? kmsan_internal_poison_memory+0x45/0x90 [ 178.794899][ T3561] ? kmsan_slab_alloc+0xd9/0x150 [ 178.800060][ T3561] ? __kmem_cache_alloc_node+0x6ee/0xc90 [ 178.805840][ T3561] ? __kmalloc_node_track_caller+0x114/0x3c0 [ 178.812363][ T3561] ? __alloc_skb+0x34a/0xca0 [ 178.817408][ T3561] ? alloc_skb_with_frags+0xb9/0xba0 [ 178.822785][ T3561] ? sock_alloc_send_pskb+0xaa8/0xc30 [ 178.828270][ T3561] ? packet_sendmsg+0x4cc5/0x78e0 [ 178.833491][ T3561] ? __sys_sendto+0x7f2/0xa60 [ 178.838276][ T3561] ? __x64_sys_sendto+0x121/0x1c0 [ 178.843402][ T3561] ? do_syscall_64+0x3d/0xb0 [ 178.848074][ T3561] ? entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 178.854238][ T3561] ? kmsan_internal_poison_memory+0x78/0x90 [ 178.860237][ T3561] ? hsr_forward_skb+0x49/0x3090 [ 178.865461][ T3561] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 178.871405][ T3561] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 178.877343][ T3561] __msan_warning+0x92/0x110 [ 178.882105][ T3561] hsr_get_node+0xa02/0xa20 [ 178.886782][ T3561] hsr_forward_skb+0x44d/0x3090 [ 178.891948][ T3561] hsr_dev_xmit+0x187/0x330 [ 178.896589][ T3561] ? is_hsr_master+0x90/0x90 [ 178.901513][ T3561] xmit_one+0x15a/0x5f0 [ 178.905806][ T3561] dev_hard_start_xmit+0xe5/0x370 [ 178.910961][ T3561] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 178.916879][ T3561] __dev_queue_xmit+0x1dec/0x31f0 [ 178.922506][ T3561] dev_queue_xmit+0x2b/0x30 [ 178.927154][ T3561] ? packet_create+0xd20/0xd20 [ 178.932106][ T3561] packet_sendmsg+0x62a7/0x78e0 [ 178.938948][ T3561] ? packet_getsockopt+0xf80/0xf80 [ 178.944157][ T3561] __sys_sendto+0x7f2/0xa60 [ 178.949271][ T3561] ? kmsan_internal_set_shadow_origin+0x62/0xe0 [ 178.955674][ T3561] ? kmsan_internal_unpoison_memory+0x10/0x20 [ 178.962324][ T3561] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 178.968293][ T3561] __x64_sys_sendto+0x121/0x1c0 [ 178.973265][ T3561] do_syscall_64+0x3d/0xb0 [ 178.977834][ T3561] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 178.984131][ T3561] RIP: 0033:0x460f19 [ 178.988208][ T3561] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 179.008021][ T3561] RSP: 002b:00007f91c7bc71a8 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 179.016547][ T3561] RAX: ffffffffffffffda RBX: 000000000052bf00 RCX: 0000000000460f19 [ 179.024886][ T3561] RDX: 000000000000000e RSI: 0000000020000040 RDI: 0000000000000003 [ 179.032972][ T3561] RBP: 0000000000000006 R08: 0000000000000000 R09: 0000000000000000 [ 179.041208][ T3561] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 179.049254][ T3561] R13: 00000000004f5d40 R14: 00000000004b33c6 R15: 00007f91c7bc76bc [ 179.057428][ T3561] [ 179.060733][ T3561] Kernel Offset: disabled [ 179.065284][ T3561] Rebooting in 86400 seconds..