[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[  106.398233][   T31] audit: type=1800 audit(1563506766.442:25): pid=12578 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[  106.425536][   T31] audit: type=1800 audit(1563506766.472:26): pid=12578 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[  106.471970][   T31] audit: type=1800 audit(1563506766.492:27): pid=12578 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.10.47' (ECDSA) to the list of known hosts.
syzkaller login: [ 1151.345144][T12731] IPVS: ftp: loaded support on port[0] = 21
[ 1151.446687][T12731] chnl_net:caif_netlink_parms(): no params data found
[ 1151.487601][T12731] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1151.494846][T12731] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1151.503793][T12731] device bridge_slave_0 entered promiscuous mode
[ 1151.512765][T12731] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1151.519980][T12731] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1151.528412][T12731] device bridge_slave_1 entered promiscuous mode
[ 1151.553182][T12731] bond0: Enslaving bond_slave_0 as an active interface with an up link
[ 1151.564654][T12731] bond0: Enslaving bond_slave_1 as an active interface with an up link
[ 1151.590088][T12731] team0: Port device team_slave_0 added
[ 1151.598900][T12731] team0: Port device team_slave_1 added
[ 1151.675510][T12731] device hsr_slave_0 entered promiscuous mode
[ 1151.732559][T12731] device hsr_slave_1 entered promiscuous mode
[ 1151.788613][T12731] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1151.795947][T12731] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1151.803910][T12731] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1151.811240][T12731] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1151.876263][T12731] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1151.895195][   T30] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1151.910966][   T30] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1151.920467][   T30] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1151.930334][   T30] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[ 1151.947400][T12731] 8021q: adding VLAN 0 to HW filter on device team0
[ 1151.962912][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1151.972187][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1151.979331][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1151.995544][T12734] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1152.005312][T12734] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1152.012786][T12734] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1152.038685][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1152.049428][T12738] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 1152.067043][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1152.084962][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1152.101405][T12731] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1152.114409][T12731] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 1152.124226][T12734] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
executing program
[ 1152.155073][T12731] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1152.177077][    C1] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[ 1152.390655][    C1] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[ 1154.598536][T12740] ==================================================================
[ 1154.606695][T12740] BUG: KMSAN: uninit-value in gf128mul_4k_lle+0x1fb/0x2b0
[ 1154.613819][T12740] CPU: 1 PID: 12740 Comm: syz-executor076 Not tainted 5.2.0+ #15
[ 1154.621531][T12740] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1154.631618][T12740] Call Trace:
[ 1154.634960][T12740]  dump_stack+0x191/0x1f0
[ 1154.639332][T12740]  kmsan_report+0x162/0x2d0
[ 1154.643895][T12740]  __msan_warning+0x75/0xe0
[ 1154.648451][T12740]  gf128mul_4k_lle+0x1fb/0x2b0
[ 1154.653283][T12740]  ghash_update+0x9db/0x1130
[ 1154.657919][T12740]  ? __msan_metadata_ptr_for_store_4+0x13/0x20
[ 1154.664160][T12740]  ? ghash_init+0x50/0x50
[ 1154.668545][T12740]  shash_ahash_update+0x53a/0x650
[ 1154.673629][T12740]  ? kmsan_get_shadow_origin_ptr+0x71/0x470
[ 1154.679807][T12740]  shash_async_update+0x50/0x60
[ 1154.685250][T12740]  ? shash_async_init+0x1e0/0x1e0
[ 1154.690451][T12740]  gcm_hash+0x15d8/0x2400
[ 1154.694859][T12740]  crypto_gcm_encrypt+0x781/0xaa0
[ 1154.699968][T12740]  ? crypto_gcm_setauthsize+0xc0/0xc0
[ 1154.705385][T12740]  tls_push_record+0x341a/0x4f70
[ 1154.710389][T12740]  ? __msan_metadata_ptr_for_load_4+0x10/0x20
[ 1154.716548][T12740]  ? kmsan_get_shadow_origin_ptr+0x71/0x470
[ 1154.722506][T12740]  bpf_exec_tx_verdict+0x1454/0x1c90
[ 1154.727869][T12740]  ? kmsan_internal_memset_shadow+0x104/0x3a0
[ 1154.734125][T12740]  tls_sw_sendmsg+0x15bd/0x2740
[ 1154.739087][T12740]  ? tls_tx_records+0xb50/0xb50
[ 1154.744035][T12740]  inet_sendmsg+0x48e/0x750
[ 1154.748579][T12740]  ? kmsan_get_shadow_origin_ptr+0x71/0x470
[ 1154.754510][T12740]  ? inet_getname+0x490/0x490
[ 1154.759242][T12740]  __sys_sendto+0x905/0xb90
[ 1154.763840][T12740]  ? kmsan_get_shadow_origin_ptr+0x71/0x470
[ 1154.769772][T12740]  ? __msan_metadata_ptr_for_load_4+0x10/0x20
[ 1154.775885][T12740]  ? prepare_exit_to_usermode+0x19a/0x4d0
[ 1154.781645][T12740]  ? kmsan_get_shadow_origin_ptr+0x71/0x470
[ 1154.787589][T12740]  __se_sys_sendto+0x107/0x130
[ 1154.792413][T12740]  __x64_sys_sendto+0x6e/0x90
[ 1154.797122][T12740]  do_syscall_64+0xbc/0xf0
[ 1154.801617][T12740]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[ 1154.807554][T12740] RIP: 0033:0x447e09
[ 1154.811473][T12740] Code: e8 9c 1a 03 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 2b 0f fc ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1154.831199][T12740] RSP: 002b:00007f19d3c6acd8 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[ 1154.839647][T12740] RAX: ffffffffffffffda RBX: 00000000006f0038 RCX: 0000000000447e09
[ 1154.847657][T12740] RDX: ffffffffffffffc1 RSI: 00000000200005c0 RDI: 0000000000000004
[ 1154.855648][T12740] RBP: 00000000006f0030 R08: 0000000000000000 R09: 1201000000003618
[ 1154.863786][T12740] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006f003c
[ 1154.871785][T12740] R13: 00000000007ffdcf R14: 00007f19d3c6b9c0 R15: 0000000000000001
[ 1154.879936][T12740] 
[ 1154.882278][T12740] Uninit was stored to memory at:
[ 1154.887443][T12740]  kmsan_internal_chain_origin+0xcc/0x150
[ 1154.893198][T12740]  __msan_chain_origin+0x6b/0xe0
[ 1154.898161][T12740]  ghash_update+0xa83/0x1130
[ 1154.902985][T12740]  shash_ahash_update+0x53a/0x650
[ 1154.908163][T12740]  shash_async_update+0x50/0x60
[ 1154.913251][T12740]  gcm_hash+0x15d8/0x2400
[ 1154.917606][T12740]  crypto_gcm_encrypt+0x781/0xaa0
[ 1154.922650][T12740]  tls_push_record+0x341a/0x4f70
[ 1154.927700][T12740]  bpf_exec_tx_verdict+0x1454/0x1c90
[ 1154.933149][T12740]  tls_sw_sendmsg+0x15bd/0x2740
[ 1154.938124][T12740]  inet_sendmsg+0x48e/0x750
[ 1154.942780][T12740]  __sys_sendto+0x905/0xb90
[ 1154.947299][T12740]  __se_sys_sendto+0x107/0x130
[ 1154.952075][T12740]  __x64_sys_sendto+0x6e/0x90
[ 1154.956793][T12740]  do_syscall_64+0xbc/0xf0
[ 1154.961219][T12740]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[ 1154.967227][T12740] 
[ 1154.969558][T12740] Uninit was stored to memory at:
[ 1154.974721][T12740]  kmsan_internal_chain_origin+0xcc/0x150
[ 1154.980739][T12740]  __msan_chain_origin+0x6b/0xe0
[ 1154.985819][T12740]  __crypto_xor+0x1e8/0x1470
[ 1154.990440][T12740]  crypto_ctr_crypt+0x613/0xaf0
[ 1154.995326][T12740]  crypto_gcm_encrypt+0x512/0xaa0
[ 1155.000713][T12740]  tls_push_record+0x341a/0x4f70
[ 1155.006165][T12740]  bpf_exec_tx_verdict+0x1454/0x1c90
[ 1155.011972][T12740]  tls_sw_sendmsg+0x15bd/0x2740
[ 1155.017074][T12740]  inet_sendmsg+0x48e/0x750
[ 1155.021664][T12740]  __sys_sendto+0x905/0xb90
[ 1155.026445][T12740]  __se_sys_sendto+0x107/0x130
[ 1155.031363][T12740]  __x64_sys_sendto+0x6e/0x90
[ 1155.036355][T12740]  do_syscall_64+0xbc/0xf0
[ 1155.041015][T12740]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[ 1155.047023][T12740] 
[ 1155.049357][T12740] Uninit was created at:
[ 1155.053824][T12740]  kmsan_save_stack_with_flags+0x37/0x70
[ 1155.059477][T12740]  kmsan_internal_alloc_meta_for_pages+0x123/0x510
[ 1155.066097][T12740]  kmsan_alloc_page+0x7a/0xf0
[ 1155.070786][T12740]  __alloc_pages_nodemask+0x144d/0x6020
[ 1155.076357][T12740]  alloc_pages_current+0x6a0/0x9b0
[ 1155.081488][T12740]  skb_page_frag_refill+0x2b0/0x580
[ 1155.086706][T12740]  sk_page_frag_refill+0xa4/0x330
[ 1155.091744][T12740]  sk_msg_alloc+0x203/0x1050
[ 1155.096353][T12740]  tls_sw_sendmsg+0xb6a/0x2740
[ 1155.101130][T12740]  inet_sendmsg+0x48e/0x750
[ 1155.105651][T12740]  __sys_sendto+0x905/0xb90
[ 1155.110279][T12740]  __se_sys_sendto+0x107/0x130
[ 1155.115182][T12740]  __x64_sys_sendto+0x6e/0x90
[ 1155.119888][T12740]  do_syscall_64+0xbc/0xf0
[ 1155.124325][T12740]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[ 1155.130231][T12740] ==================================================================
[ 1155.138335][T12740] Disabling lock debugging due to kernel taint
[ 1155.144514][T12740] Kernel panic - not syncing: panic_on_warn set ...
[ 1155.151149][T12740] CPU: 1 PID: 12740 Comm: syz-executor076 Tainted: G    B             5.2.0+ #15
[ 1155.160270][T12740] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1155.170338][T12740] Call Trace:
[ 1155.173668][T12740]  dump_stack+0x191/0x1f0
[ 1155.178038][T12740]  panic+0x3c9/0xc1e
[ 1155.182007][T12740]  kmsan_report+0x2ca/0x2d0
[ 1155.186563][T12740]  __msan_warning+0x75/0xe0
[ 1155.191101][T12740]  gf128mul_4k_lle+0x1fb/0x2b0
[ 1155.195919][T12740]  ghash_update+0x9db/0x1130
[ 1155.200565][T12740]  ? __msan_metadata_ptr_for_store_4+0x13/0x20
[ 1155.206770][T12740]  ? ghash_init+0x50/0x50
[ 1155.211137][T12740]  shash_ahash_update+0x53a/0x650
[ 1155.216203][T12740]  ? kmsan_get_shadow_origin_ptr+0x71/0x470
[ 1155.222166][T12740]  shash_async_update+0x50/0x60
[ 1155.227042][T12740]  ? shash_async_init+0x1e0/0x1e0
[ 1155.232086][T12740]  gcm_hash+0x15d8/0x2400
[ 1155.236461][T12740]  crypto_gcm_encrypt+0x781/0xaa0
[ 1155.241545][T12740]  ? crypto_gcm_setauthsize+0xc0/0xc0
[ 1155.246930][T12740]  tls_push_record+0x341a/0x4f70
[ 1155.252258][T12740]  ? __msan_metadata_ptr_for_load_4+0x10/0x20
[ 1155.258397][T12740]  ? kmsan_get_shadow_origin_ptr+0x71/0x470
[ 1155.264315][T12740]  bpf_exec_tx_verdict+0x1454/0x1c90
[ 1155.269631][T12740]  ? kmsan_internal_memset_shadow+0x104/0x3a0
[ 1155.275853][T12740]  tls_sw_sendmsg+0x15bd/0x2740
[ 1155.280793][T12740]  ? tls_tx_records+0xb50/0xb50
[ 1155.285671][T12740]  inet_sendmsg+0x48e/0x750
[ 1155.290218][T12740]  ? kmsan_get_shadow_origin_ptr+0x71/0x470
[ 1155.296232][T12740]  ? inet_getname+0x490/0x490
[ 1155.300933][T12740]  __sys_sendto+0x905/0xb90
[ 1155.305497][T12740]  ? kmsan_get_shadow_origin_ptr+0x71/0x470
[ 1155.311422][T12740]  ? __msan_metadata_ptr_for_load_4+0x10/0x20
[ 1155.317512][T12740]  ? prepare_exit_to_usermode+0x19a/0x4d0
[ 1155.323244][T12740]  ? kmsan_get_shadow_origin_ptr+0x71/0x470
[ 1155.329162][T12740]  __se_sys_sendto+0x107/0x130
[ 1155.333970][T12740]  __x64_sys_sendto+0x6e/0x90
[ 1155.338679][T12740]  do_syscall_64+0xbc/0xf0
[ 1155.343230][T12740]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[ 1155.349159][T12740] RIP: 0033:0x447e09
[ 1155.353069][T12740] Code: e8 9c 1a 03 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 2b 0f fc ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1155.372706][T12740] RSP: 002b:00007f19d3c6acd8 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[ 1155.381143][T12740] RAX: ffffffffffffffda RBX: 00000000006f0038 RCX: 0000000000447e09
[ 1155.389223][T12740] RDX: ffffffffffffffc1 RSI: 00000000200005c0 RDI: 0000000000000004
[ 1155.397212][T12740] RBP: 00000000006f0030 R08: 0000000000000000 R09: 1201000000003618
[ 1155.405201][T12740] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006f003c
[ 1155.413189][T12740] R13: 00000000007ffdcf R14: 00007f19d3c6b9c0 R15: 0000000000000001
[ 1155.422703][T12740] Kernel Offset: disabled
[ 1155.427050][T12740] Rebooting in 86400 seconds..