[[0;32m  OK  [0m] Started OpenBSD Secure Shell server.
[[0;32m  OK  [0m] Reached target Multi-User System.
[[0;32m  OK  [0m] Reached target Graphical Interface.
         Starting Update UTMP about System Runlevel Changes...
[[0;32m  OK  [0m] Started Update UTMP about System Runlevel Changes.

Debian GNU/Linux 9 syzkaller ttyS0

Warning: Permanently added '10.128.0.84' (ECDSA) to the list of known hosts.
syzkaller login: [   78.740976][ T8827] IPVS: ftp: loaded support on port[0] = 21
[   78.887430][ T8827] chnl_net:caif_netlink_parms(): no params data found
[   79.129567][ T8827] bridge0: port 1(bridge_slave_0) entered blocking state
[   79.137443][ T8827] bridge0: port 1(bridge_slave_0) entered disabled state
[   79.146692][ T8827] device bridge_slave_0 entered promiscuous mode
[   79.156111][ T8827] bridge0: port 2(bridge_slave_1) entered blocking state
[   79.163207][ T8827] bridge0: port 2(bridge_slave_1) entered disabled state
[   79.172462][ T8827] device bridge_slave_1 entered promiscuous mode
[   79.203074][ T8827] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   79.215945][ T8827] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   79.245952][ T8827] team0: Port device team_slave_0 added
[   79.254905][ T8827] team0: Port device team_slave_1 added
[   79.280746][ T8827] batman_adv: batadv0: Adding interface: batadv_slave_0
[   79.287815][ T8827] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   79.313920][ T8827] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   79.326207][ T8827] batman_adv: batadv0: Adding interface: batadv_slave_1
[   79.333201][ T8827] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   79.359364][ T8827] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   79.417887][ T8827] device hsr_slave_0 entered promiscuous mode
[   79.473894][ T8827] device hsr_slave_1 entered promiscuous mode
[   79.655992][ T8827] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   79.717816][ T8827] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   79.777229][ T8827] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   79.837593][ T8827] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   79.965943][ T8827] 8021q: adding VLAN 0 to HW filter on device bond0
[   79.981826][ T2729] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   79.991358][ T2729] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   80.004518][ T8827] 8021q: adding VLAN 0 to HW filter on device team0
[   80.017595][ T3388] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   80.027159][ T3388] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   80.036521][ T3388] bridge0: port 1(bridge_slave_0) entered blocking state
[   80.043870][ T3388] bridge0: port 1(bridge_slave_0) entered forwarding state
[   80.053289][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   80.068909][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   80.079103][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   80.088544][   T17] bridge0: port 2(bridge_slave_1) entered blocking state
[   80.095917][   T17] bridge0: port 2(bridge_slave_1) entered forwarding state
[   80.110137][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   80.133068][ T2729] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   80.144075][ T2729] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   80.154156][ T2729] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   80.164454][ T2729] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   80.174777][ T2729] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   80.190316][ T2729] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   80.199816][ T2729] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   80.209528][ T2729] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   80.228588][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   80.238092][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   80.254162][ T8827] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   80.277922][ T2729] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   80.287072][ T2729] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   80.304162][ T8827] 8021q: adding VLAN 0 to HW filter on device batadv0
[   80.329049][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   80.338629][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   80.368858][ T8827] device veth0_vlan entered promiscuous mode
[   80.380700][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   80.390553][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   80.401977][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   80.410850][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   80.426268][ T8827] device veth1_vlan entered promiscuous mode
[   80.457138][ T2729] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   80.465910][ T2729] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   80.474807][ T2729] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   80.484596][ T2729] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   80.498206][ T8827] device veth0_macvtap entered promiscuous mode
[   80.510928][ T8827] device veth1_macvtap entered promiscuous mode
[   80.535240][ T8827] batman_adv: batadv0: Interface activated: batadv_slave_0
[   80.543522][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   80.553679][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   80.563161][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   80.572911][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   80.590483][ T8827] batman_adv: batadv0: Interface activated: batadv_slave_1
[   80.598673][ T2729] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   80.609321][ T2729] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
executing program
[   80.810353][ T8827] =====================================================
[   80.817319][ T8827] BUG: KMSAN: uninit-value in sctp_rcv+0x2b2d/0x5410
[   80.823971][ T8827] CPU: 0 PID: 8827 Comm: syz-executor885 Not tainted 5.6.0-rc7-syzkaller #0
[   80.832624][ T8827] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   80.842664][ T8827] Call Trace:
[   80.845970][ T8827]  dump_stack+0x1c9/0x220
[   80.850283][ T8827]  kmsan_report+0xf7/0x1e0
[   80.854706][ T8827]  __msan_warning+0x58/0xa0
[   80.859188][ T8827]  sctp_rcv+0x2b2d/0x5410
[   80.863514][ T8827]  ? ctnetlink_net_exit_batch+0x180/0x180
[   80.869231][ T8827]  ? kmsan_get_metadata+0x11d/0x180
[   80.874509][ T8827]  ? sctp_csum_combine+0xa0/0xa0
[   80.879434][ T8827]  ip_protocol_deliver_rcu+0x700/0xbc0
[   80.884889][ T8827]  ip_local_deliver+0x62a/0x7c0
[   80.889741][ T8827]  ? ip_local_deliver+0x7c0/0x7c0
[   80.894755][ T8827]  ? ip_protocol_deliver_rcu+0xbc0/0xbc0
[   80.900363][ T8827]  ip_rcv+0x6cf/0x750
[   80.904331][ T8827]  ? ip_rcv_core+0x1270/0x1270
[   80.909072][ T8827]  netif_receive_skb+0xbb5/0xf20
[   80.913990][ T8827]  ? __msan_poison_alloca+0xf0/0x120
[   80.919253][ T8827]  ? ip_local_deliver_finish+0x350/0x350
[   80.924873][ T8827]  tun_get_user+0x6aef/0x6f60
[   80.929641][ T8827]  ? kmsan_get_metadata+0x11d/0x180
[   80.934835][ T8827]  tun_chr_write_iter+0x1f2/0x360
[   80.939852][ T8827]  ? tun_chr_read_iter+0x460/0x460
[   80.944945][ T8827]  __vfs_write+0xa5a/0xca0
[   80.949360][ T8827]  vfs_write+0x44a/0x8f0
[   80.953609][ T8827]  ksys_write+0x267/0x450
[   80.957936][ T8827]  __se_sys_write+0x92/0xb0
[   80.962427][ T8827]  __x64_sys_write+0x4a/0x70
[   80.967010][ T8827]  do_syscall_64+0xb8/0x160
[   80.971508][ T8827]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   80.977391][ T8827] RIP: 0033:0x443679
[   80.981270][ T8827] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b 10 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[   81.000866][ T8827] RSP: 002b:00007fffee474918 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   81.009263][ T8827] RAX: ffffffffffffffda RBX: 0000000000003172 RCX: 0000000000443679
[   81.017229][ T8827] RDX: 000000000000fdef RSI: 0000000020000240 RDI: 0000000000000003
[   81.025189][ T8827] RBP: 00007fffee474940 R08: 0000000000000000 R09: 0000000000000000
[   81.033138][ T8827] R10: 000000000000aa14 R11: 0000000000000246 R12: 656c6c616b7a7973
[   81.041090][ T8827] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   81.049151][ T8827] 
[   81.051474][ T8827] Uninit was created at:
[   81.055698][ T8827]  kmsan_internal_poison_shadow+0x66/0xd0
[   81.061394][ T8827]  kmsan_slab_alloc+0x8a/0xe0
[   81.066048][ T8827]  __kmalloc_node_track_caller+0xb40/0x1200
[   81.071916][ T8827]  __alloc_skb+0x2fd/0xac0
[   81.076307][ T8827]  alloc_skb_with_frags+0x18c/0xa70
[   81.081486][ T8827]  sock_alloc_send_pskb+0xada/0xc60
[   81.086660][ T8827]  tun_get_user+0x10ae/0x6f60
[   81.091323][ T8827]  tun_chr_write_iter+0x1f2/0x360
[   81.096382][ T8827]  __vfs_write+0xa5a/0xca0
[   81.100787][ T8827]  vfs_write+0x44a/0x8f0
[   81.105012][ T8827]  ksys_write+0x267/0x450
[   81.109344][ T8827]  __se_sys_write+0x92/0xb0
[   81.113910][ T8827]  __x64_sys_write+0x4a/0x70
[   81.118484][ T8827]  do_syscall_64+0xb8/0x160
[   81.122973][ T8827]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   81.128852][ T8827] =====================================================
[   81.135754][ T8827] Disabling lock debugging due to kernel taint
[   81.141892][ T8827] Kernel panic - not syncing: panic_on_warn set ...
[   81.148472][ T8827] CPU: 0 PID: 8827 Comm: syz-executor885 Tainted: G    B             5.6.0-rc7-syzkaller #0
[   81.158499][ T8827] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   81.168530][ T8827] Call Trace:
[   81.171820][ T8827]  dump_stack+0x1c9/0x220
[   81.176160][ T8827]  panic+0x3d5/0xc3e
[   81.180054][ T8827]  kmsan_report+0x1df/0x1e0
[   81.184555][ T8827]  __msan_warning+0x58/0xa0
[   81.189039][ T8827]  sctp_rcv+0x2b2d/0x5410
[   81.193360][ T8827]  ? ctnetlink_net_exit_batch+0x180/0x180
[   81.199076][ T8827]  ? kmsan_get_metadata+0x11d/0x180
[   81.204251][ T8827]  ? sctp_csum_combine+0xa0/0xa0
[   81.209168][ T8827]  ip_protocol_deliver_rcu+0x700/0xbc0
[   81.214610][ T8827]  ip_local_deliver+0x62a/0x7c0
[   81.219442][ T8827]  ? ip_local_deliver+0x7c0/0x7c0
[   81.224441][ T8827]  ? ip_protocol_deliver_rcu+0xbc0/0xbc0
[   81.230070][ T8827]  ip_rcv+0x6cf/0x750
[   81.234035][ T8827]  ? ip_rcv_core+0x1270/0x1270
[   81.238780][ T8827]  netif_receive_skb+0xbb5/0xf20
[   81.243738][ T8827]  ? __msan_poison_alloca+0xf0/0x120
[   81.249034][ T8827]  ? ip_local_deliver_finish+0x350/0x350
[   81.254667][ T8827]  tun_get_user+0x6aef/0x6f60
[   81.259359][ T8827]  ? kmsan_get_metadata+0x11d/0x180
[   81.264547][ T8827]  tun_chr_write_iter+0x1f2/0x360
[   81.269701][ T8827]  ? tun_chr_read_iter+0x460/0x460
[   81.274794][ T8827]  __vfs_write+0xa5a/0xca0
[   81.279206][ T8827]  vfs_write+0x44a/0x8f0
[   81.283440][ T8827]  ksys_write+0x267/0x450
[   81.287758][ T8827]  __se_sys_write+0x92/0xb0
[   81.292260][ T8827]  __x64_sys_write+0x4a/0x70
[   81.296826][ T8827]  do_syscall_64+0xb8/0x160
[   81.301309][ T8827]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   81.307173][ T8827] RIP: 0033:0x443679
[   81.311063][ T8827] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b 10 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[   81.330643][ T8827] RSP: 002b:00007fffee474918 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   81.339041][ T8827] RAX: ffffffffffffffda RBX: 0000000000003172 RCX: 0000000000443679
[   81.346998][ T8827] RDX: 000000000000fdef RSI: 0000000020000240 RDI: 0000000000000003
[   81.354955][ T8827] RBP: 00007fffee474940 R08: 0000000000000000 R09: 0000000000000000
[   81.362916][ T8827] R10: 000000000000aa14 R11: 0000000000000246 R12: 656c6c616b7a7973
[   81.370862][ T8827] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   81.380212][ T8827] Kernel Offset: 0x1a400000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff)
[   81.391836][ T8827] Rebooting in 86400 seconds..