[ 88.209911][ T3063] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: OK syzkaller syzkaller login: [ 100.264710][ T122] cfg80211: failed to load regulatory.db [ 141.856582][ T3466] can: request_module (can-proto-0) failed. [ 141.933688][ T3466] can: request_module (can-proto-0) failed. [ 142.010880][ T3466] can: request_module (can-proto-0) failed. Warning: Permanently added '10.128.0.161' (ECDSA) to the list of known hosts. 2022/12/19 01:57:09 parsed 1 programs 2022/12/19 01:57:16 executed programs: 0 [ 178.247340][ T3550] chnl_net:caif_netlink_parms(): no params data found [ 178.552350][ T3550] bridge0: port 1(bridge_slave_0) entered blocking state [ 178.560085][ T3550] bridge0: port 1(bridge_slave_0) entered disabled state [ 178.569437][ T3550] device bridge_slave_0 entered promiscuous mode [ 178.582462][ T3550] bridge0: port 2(bridge_slave_1) entered blocking state [ 178.590139][ T3550] bridge0: port 2(bridge_slave_1) entered disabled state [ 178.599781][ T3550] device bridge_slave_1 entered promiscuous mode [ 178.655273][ T3550] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 178.671873][ T3550] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 178.726421][ T3550] team0: Port device team_slave_0 added [ 178.739382][ T3550] team0: Port device team_slave_1 added [ 178.788327][ T3550] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 178.795927][ T3550] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 178.822108][ T3550] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 178.837414][ T3550] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 178.844659][ T3550] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 178.870831][ T3550] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 178.937015][ T3550] device hsr_slave_0 entered promiscuous mode [ 178.945978][ T3550] device hsr_slave_1 entered promiscuous mode [ 179.194072][ T3550] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 179.209760][ T3550] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 179.236274][ T3550] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 179.253018][ T3550] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 179.489408][ T3550] 8021q: adding VLAN 0 to HW filter on device bond0 [ 179.513777][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 179.523396][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 179.540600][ T3550] 8021q: adding VLAN 0 to HW filter on device team0 [ 179.556271][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 179.566656][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 179.577417][ T7] bridge0: port 1(bridge_slave_0) entered blocking state [ 179.585073][ T7] bridge0: port 1(bridge_slave_0) entered forwarding state [ 179.598608][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 179.614216][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 179.625930][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 179.636106][ T28] bridge0: port 2(bridge_slave_1) entered blocking state [ 179.643642][ T28] bridge0: port 2(bridge_slave_1) entered forwarding state [ 179.663687][ T122] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 179.684105][ T122] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 179.703425][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 179.715421][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 179.727340][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 179.745550][ T122] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 179.757047][ T122] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 179.776444][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 179.786913][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 179.806389][ T122] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 179.817275][ T122] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 179.834805][ T3550] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 179.879210][ T122] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 179.887408][ T122] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 179.910999][ T3550] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 180.401948][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 180.412908][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 180.458322][ T122] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 180.468760][ T122] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 180.485120][ T122] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 180.494943][ T122] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 180.512058][ T3550] device veth0_vlan entered promiscuous mode [ 180.534497][ T3550] device veth1_vlan entered promiscuous mode [ 180.585814][ T122] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 180.596679][ T122] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 180.606524][ T122] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 180.616568][ T122] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 180.636403][ T3550] device veth0_macvtap entered promiscuous mode [ 180.652265][ T3550] device veth1_macvtap entered promiscuous mode [ 180.695256][ T3550] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 180.703539][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 180.713656][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 180.723372][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 180.734378][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 180.757661][ T3550] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 180.765577][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 180.776434][ T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 180.795804][ T3550] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 180.804850][ T3550] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 180.814127][ T3550] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 180.823482][ T3550] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 182.339355][ T3584] ===================================================== [ 182.346718][ T3584] BUG: KMSAN: uninit-value in sctp_sf_ootb+0x7f1/0xcd0 [ 182.353880][ T3584] sctp_sf_ootb+0x7f1/0xcd0 [ 182.358609][ T3584] sctp_do_sm+0x199/0x9b90 [ 182.363245][ T3584] sctp_endpoint_bh_rcv+0xc2d/0xf80 [ 182.368601][ T3584] sctp_inq_push+0x238/0x2b0 [ 182.373420][ T3584] sctp_rcv+0x39fe/0x3bd0 [ 182.377872][ T3584] sctp4_rcv+0x3e/0x50 [ 182.382166][ T3584] ip_protocol_deliver_rcu+0x201/0xaf0 [ 182.387975][ T3584] ip_local_deliver_finish+0x2a5/0x3a0 [ 182.393676][ T3584] ip_local_deliver+0x278/0x4a0 [ 182.398717][ T3584] ip_rcv+0x527/0x7c0 [ 182.402902][ T3584] __netif_receive_skb+0x1b3/0x5d0 [ 182.408138][ T3584] netif_receive_skb_internal+0x53/0x340 [ 182.413986][ T3584] netif_receive_skb+0x35/0x350 [ 182.419010][ T3584] tun_rx_batched+0x837/0x930 [ 182.423970][ T3584] tun_get_user+0x3bc6/0x4300 [ 182.428896][ T3584] tun_chr_write_iter+0x3ab/0x5d0 [ 182.434221][ T3584] vfs_write+0x830/0x1570 [ 182.438889][ T3584] ksys_write+0x21b/0x4e0 [ 182.443494][ T3584] __x64_sys_write+0x8f/0xd0 [ 182.449227][ T3584] do_syscall_64+0x3d/0xb0 [ 182.453846][ T3584] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 182.460012][ T3584] [ 182.462768][ T3584] Uninit was created at: [ 182.467165][ T3584] __kmem_cache_alloc_node+0x6ee/0xc90 [ 182.472864][ T3584] __kmalloc_node_track_caller+0x114/0x3c0 [ 182.478816][ T3584] __alloc_skb+0x34a/0xca0 [ 182.483500][ T3584] alloc_skb_with_frags+0xb9/0xba0 [ 182.488755][ T3584] sock_alloc_send_pskb+0xaa8/0xc30 [ 182.494217][ T3584] tun_get_user+0x174b/0x4300 [ 182.499034][ T3584] tun_chr_write_iter+0x3ab/0x5d0 [ 182.504417][ T3584] vfs_write+0x830/0x1570 [ 182.508899][ T3584] ksys_write+0x21b/0x4e0 [ 182.513462][ T3584] __x64_sys_write+0x8f/0xd0 [ 182.518224][ T3584] do_syscall_64+0x3d/0xb0 [ 182.522916][ T3584] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 182.529323][ T3584] [ 182.531816][ T3584] CPU: 1 PID: 3584 Comm: syz-executor.0 Not tainted 6.1.0-syzkaller-00014-g5c6259d6d19f #0 [ 182.542111][ T3584] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 182.552349][ T3584] ===================================================== [ 182.559445][ T3584] Disabling lock debugging due to kernel taint [ 182.565752][ T3584] Kernel panic - not syncing: kmsan.panic set ... [ 182.572223][ T3584] CPU: 1 PID: 3584 Comm: syz-executor.0 Tainted: G B 6.1.0-syzkaller-00014-g5c6259d6d19f #0 [ 182.583856][ T3584] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 182.594249][ T3584] Call Trace: [ 182.597846][ T3584] [ 182.600826][ T3584] dump_stack_lvl+0x1c8/0x256 [ 182.605628][ T3584] dump_stack+0x1a/0x21 [ 182.609931][ T3584] panic+0x4d3/0xc64 [ 182.614089][ T3584] ? add_taint+0x104/0x1a0 [ 182.618634][ T3584] kmsan_report+0x2ca/0x2d0 [ 182.623291][ T3584] ? is_module_text_address+0x3e5/0x670 [ 182.629025][ T3584] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 182.634955][ T3584] ? __msan_warning+0x92/0x110 [ 182.639860][ T3584] ? sctp_sf_ootb+0x7f1/0xcd0 [ 182.644706][ T3584] ? sctp_do_sm+0x199/0x9b90 [ 182.649412][ T3584] ? sctp_endpoint_bh_rcv+0xc2d/0xf80 [ 182.654909][ T3584] ? sctp_inq_push+0x238/0x2b0 [ 182.659839][ T3584] ? sctp_rcv+0x39fe/0x3bd0 [ 182.664511][ T3584] ? sctp4_rcv+0x3e/0x50 [ 182.668983][ T3584] ? ip_protocol_deliver_rcu+0x201/0xaf0 [ 182.674770][ T3584] ? ip_local_deliver_finish+0x2a5/0x3a0 [ 182.680514][ T3584] ? ip_local_deliver+0x278/0x4a0 [ 182.685768][ T3584] ? ip_rcv+0x527/0x7c0 [ 182.690107][ T3584] ? __netif_receive_skb+0x1b3/0x5d0 [ 182.695496][ T3584] ? netif_receive_skb_internal+0x53/0x340 [ 182.701459][ T3584] ? netif_receive_skb+0x35/0x350 [ 182.706611][ T3584] ? tun_rx_batched+0x837/0x930 [ 182.711659][ T3584] ? tun_get_user+0x3bc6/0x4300 [ 182.716625][ T3584] ? tun_chr_write_iter+0x3ab/0x5d0 [ 182.722000][ T3584] ? vfs_write+0x830/0x1570 [ 182.726618][ T3584] ? ksys_write+0x21b/0x4e0 [ 182.731243][ T3584] ? __x64_sys_write+0x8f/0xd0 [ 182.736165][ T3584] ? do_syscall_64+0x3d/0xb0 [ 182.740893][ T3584] ? entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 182.747158][ T3584] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 182.753138][ T3584] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 182.759171][ T3584] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 182.765177][ T3584] __msan_warning+0x92/0x110 [ 182.769865][ T3584] sctp_sf_ootb+0x7f1/0xcd0 [ 182.774630][ T3584] sctp_do_sm+0x199/0x9b90 [ 182.779234][ T3584] ? __stack_depot_save+0x38d/0x4b0 [ 182.784689][ T3584] ? kmsan_internal_chain_origin+0xf6/0x110 [ 182.790705][ T3584] ? kmsan_internal_memmove_metadata+0x200/0x350 [ 182.797156][ T3584] ? sctp_sf_do_5_2_3_initack+0x560/0x560 [ 182.803723][ T3584] ? sctp_init_addrs+0x47/0x50 [ 182.808775][ T3584] ? sctp_rcv+0x334e/0x3bd0 [ 182.813386][ T3584] ? sctp4_rcv+0x3e/0x50 [ 182.817900][ T3584] ? ip_local_deliver_finish+0x2a5/0x3a0 [ 182.823778][ T3584] ? __netif_receive_skb+0x1b3/0x5d0 [ 182.829212][ T3584] ? netif_receive_skb_internal+0x53/0x340 [ 182.835182][ T3584] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 182.841154][ T3584] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 182.847182][ T3584] sctp_endpoint_bh_rcv+0xc2d/0xf80 [ 182.852503][ T3584] ? sctp_endpoint_is_peeled_off+0x170/0x170 [ 182.858584][ T3584] sctp_inq_push+0x238/0x2b0 [ 182.863310][ T3584] sctp_rcv+0x39fe/0x3bd0 [ 182.867781][ T3584] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 182.873738][ T3584] sctp4_rcv+0x3e/0x50 [ 182.877910][ T3584] ? sctp_v4_protosw_exit+0x40/0x40 [ 182.883362][ T3584] ip_protocol_deliver_rcu+0x201/0xaf0 [ 182.889057][ T3584] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 182.895097][ T3584] ip_local_deliver_finish+0x2a5/0x3a0 [ 182.900861][ T3584] ip_local_deliver+0x278/0x4a0 [ 182.905908][ T3584] ? ip_local_deliver+0x4a0/0x4a0 [ 182.911028][ T3584] ? ip_protocol_deliver_rcu+0xaf0/0xaf0 [ 182.916779][ T3584] ip_rcv+0x527/0x7c0 [ 182.920921][ T3584] ? ip_rcv_core+0x1550/0x1550 [ 182.925807][ T3584] __netif_receive_skb+0x1b3/0x5d0 [ 182.931031][ T3584] ? ip_local_deliver_finish+0x3a0/0x3a0 [ 182.936986][ T3584] netif_receive_skb_internal+0x53/0x340 [ 182.942825][ T3584] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 182.948887][ T3584] netif_receive_skb+0x35/0x350 [ 182.953845][ T3584] tun_rx_batched+0x837/0x930 [ 182.959066][ T3584] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 182.965194][ T3584] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 182.971379][ T3584] tun_get_user+0x3bc6/0x4300 [ 182.976229][ T3584] tun_chr_write_iter+0x3ab/0x5d0 [ 182.981393][ T3584] ? tun_chr_read_iter+0x670/0x670 [ 182.986607][ T3584] vfs_write+0x830/0x1570 [ 182.991076][ T3584] ksys_write+0x21b/0x4e0 [ 182.995545][ T3584] __x64_sys_write+0x8f/0xd0 [ 183.000500][ T3584] do_syscall_64+0x3d/0xb0 [ 183.005066][ T3584] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 183.011232][ T3584] RIP: 0033:0x464149 [ 183.015188][ T3584] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 183.034988][ T3584] RSP: 002b:00007f2063125198 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 183.044123][ T3584] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000464149 [ 183.052203][ T3584] RDX: 000000000000fdef RSI: 0000000020000240 RDI: 0000000000000003 [ 183.060336][ T3584] RBP: 0000000000525de0 R08: 0000000000000000 R09: 0000000000000000 [ 183.068385][ T3584] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000055bf00 [ 183.076565][ T3584] R13: 00007f20631256bc R14: 00000000ffffffff R15: 0000000000000003 [ 183.085420][ T3584] [ 183.089141][ T3584] Kernel Offset: disabled [ 183.093614][ T3584] Rebooting in 86400 seconds..