[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 78.504138][ T30] audit: type=1800 audit(1569804786.557:25): pid=11749 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 78.532863][ T30] audit: type=1800 audit(1569804786.577:26): pid=11749 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 78.553100][ T30] audit: type=1800 audit(1569804786.587:27): pid=11749 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.146' (ECDSA) to the list of known hosts. syzkaller login: [ 91.122669][T11900] IPVS: ftp: loaded support on port[0] = 21 [ 91.198753][T11900] chnl_net:caif_netlink_parms(): no params data found [ 91.231281][T11900] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.238634][T11900] bridge0: port 1(bridge_slave_0) entered disabled state [ 91.247008][T11900] device bridge_slave_0 entered promiscuous mode [ 91.255303][T11900] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.262573][T11900] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.270743][T11900] device bridge_slave_1 entered promiscuous mode [ 91.291237][T11900] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 91.302635][T11900] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 91.324229][T11900] team0: Port device team_slave_0 added [ 91.331754][T11900] team0: Port device team_slave_1 added [ 91.385358][T11900] device hsr_slave_0 entered promiscuous mode [ 91.423085][T11900] device hsr_slave_1 entered promiscuous mode [ 91.503652][T11900] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.510935][T11900] bridge0: port 2(bridge_slave_1) entered forwarding state [ 91.518677][T11900] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.525877][T11900] bridge0: port 1(bridge_slave_0) entered forwarding state [ 91.571153][T11900] 8021q: adding VLAN 0 to HW filter on device bond0 [ 91.585800][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 91.595949][ T34] bridge0: port 1(bridge_slave_0) entered disabled state [ 91.604505][ T34] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.613749][ T34] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 91.629333][T11900] 8021q: adding VLAN 0 to HW filter on device team0 [ 91.641598][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 91.650416][ T5] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.657581][ T5] bridge0: port 1(bridge_slave_0) entered forwarding state [ 91.671552][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 91.680751][ T17] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.687947][ T17] bridge0: port 2(bridge_slave_1) entered forwarding state [ 91.710238][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 91.731072][T11900] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 91.742157][T11900] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 91.755540][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 91.764327][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready executing program [ 91.774260][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 91.783461][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 91.793546][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 91.816862][T11900] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 92.122729][ T17] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 92.362722][ T17] usb 1-1: Using ep0 maxpacket: 8 [ 92.482840][ T17] usb 1-1: config 2 has an invalid interface number: 250 but max is 0 [ 92.491216][ T17] usb 1-1: config 2 has no interface number 0 [ 92.497798][ T17] usb 1-1: config 2 interface 250 altsetting 193 endpoint 0x6 has invalid maxpacket 939, setting to 64 [ 92.509165][ T17] usb 1-1: config 2 interface 250 altsetting 193 has an invalid endpoint descriptor of length 2, skipping [ 92.520828][ T17] usb 1-1: config 2 interface 250 altsetting 193 endpoint 0x9 has invalid maxpacket 131, setting to 64 [ 92.532000][ T17] usb 1-1: config 2 interface 250 altsetting 193 bulk endpoint 0x7 has invalid maxpacket 846 [ 92.542356][ T17] usb 1-1: config 2 interface 250 altsetting 193 has 5 endpoint descriptors, different from the interface descriptor's value: 4 [ 92.555927][ T17] usb 1-1: config 2 interface 250 has no altsetting 0 [ 92.722689][ T17] usb 1-1: New USB device found, idVendor=1618, idProduct=9113, bcdDevice=da.a8 [ 92.732576][ T17] usb 1-1: New USB device strings: Mfr=5, Product=2, SerialNumber=6 [ 92.740618][ T17] usb 1-1: Product: syz [ 92.744918][ T17] usb 1-1: Manufacturer: syz [ 92.749565][ T17] usb 1-1: SerialNumber: syz [ 93.035370][ T17] rsi_91x: rsi_probe: Failed to init usb interface [ 93.043661][ T17] rsi_91x: rsi_probe: Failed in probe...Exiting [ 93.050060][ T17] RSI-USB WLAN: probe of 1-1:2.250 failed with error -22 [ 93.064371][ T17] usb 1-1: USB disconnect, device number 2 [ 93.138669][ T3368] ===================================================== [ 93.145930][ T3368] BUG: KMSAN: uninit-value in ___neigh_create+0x2783/0x2c40 [ 93.153222][ T3368] CPU: 1 PID: 3368 Comm: kworker/1:2 Not tainted 5.3.0-rc7+ #0 [ 93.160762][ T3368] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 93.170815][ T3368] Workqueue: ipv6_addrconf addrconf_dad_work [ 93.176777][ T3368] Call Trace: [ 93.180055][ T3368] dump_stack+0x191/0x1f0 [ 93.184377][ T3368] kmsan_report+0x13a/0x2b0 [ 93.188860][ T3368] __msan_warning+0x73/0xe0 [ 93.193346][ T3368] __list_add_valid+0x292/0x430 [ 93.198180][ T3368] ___neigh_create+0x2783/0x2c40 [ 93.203114][ T3368] __neigh_create+0xbd/0xd0 [ 93.207599][ T3368] ip6_finish_output2+0x149a/0x2670 [ 93.212805][ T3368] ? kmsan_get_shadow_origin_ptr+0x6e/0x4c0 [ 93.219297][ T3368] __ip6_finish_output+0x83d/0x8f0 [ 93.224404][ T3368] ip6_finish_output+0x2db/0x420 [ 93.229324][ T3368] ip6_output+0x5d3/0x720 [ 93.233733][ T3368] ? ip6_output+0x720/0x720 [ 93.238237][ T3368] ? ac6_seq_show+0x200/0x200 [ 93.242911][ T3368] ndisc_send_skb+0x1083/0x15e0 [ 93.247754][ T3368] ? ndisc_error_report+0x1a0/0x1a0 [ 93.252944][ T3368] ndisc_send_ns+0xda8/0xe10 [ 93.257535][ T3368] ndisc_solicit+0x498/0x5d0 [ 93.262108][ T3368] ? ndisc_cleanup+0x70/0x70 [ 93.266696][ T3368] __neigh_event_send+0x10fd/0x1d40 [ 93.271881][ T3368] ? ___neigh_create+0x2a81/0x2c40 [ 93.276982][ T3368] neigh_resolve_output+0x25e/0xb50 [ 93.282180][ T3368] ? neigh_event_ns+0x8a0/0x8a0 [ 93.287010][ T3368] ip6_finish_output2+0x2129/0x2670 [ 93.292203][ T3368] ? kmsan_get_shadow_origin_ptr+0x6e/0x4c0 [ 93.298076][ T3368] __ip6_finish_output+0x83d/0x8f0 [ 93.303171][ T3368] ip6_finish_output+0x2db/0x420 [ 93.308089][ T3368] ip6_output+0x5d3/0x720 [ 93.312403][ T3368] ? ip6_output+0x720/0x720 [ 93.316898][ T3368] ? ac6_seq_show+0x200/0x200 [ 93.321568][ T3368] ndisc_send_skb+0x1083/0x15e0 [ 93.326420][ T3368] ? ndisc_error_report+0x1a0/0x1a0 [ 93.331606][ T3368] ndisc_send_rs+0xb5d/0xb90 [ 93.336196][ T3368] addrconf_dad_completed+0xc03/0x1490 [ 93.341659][ T3368] addrconf_dad_work+0x17b3/0x26e0 [ 93.346759][ T3368] ? kmsan_get_shadow_origin_ptr+0x6e/0x4c0 [ 93.352634][ T3368] ? ipv6_get_saddr_eval+0x13b0/0x13b0 [ 93.358073][ T3368] ? ipv6_get_saddr_eval+0x13b0/0x13b0 [ 93.363523][ T3368] process_one_work+0x1572/0x1ef0 [ 93.368539][ T3368] worker_thread+0x111b/0x2460 [ 93.373306][ T3368] kthread+0x4b5/0x4f0 [ 93.377356][ T3368] ? process_one_work+0x1ef0/0x1ef0 [ 93.382563][ T3368] ? kthread_blkcg+0xf0/0xf0 [ 93.387131][ T3368] ret_from_fork+0x35/0x40 [ 93.391528][ T3368] [ 93.393841][ T3368] Uninit was created at: [ 93.398066][ T3368] kmsan_internal_poison_shadow+0x53/0x100 [ 93.403858][ T3368] kmsan_slab_alloc+0xaa/0x120 [ 93.408609][ T3368] __kmalloc_node_track_caller+0xb55/0x1320 [ 93.414485][ T3368] __alloc_skb+0x306/0xa10 [ 93.418888][ T3368] ndisc_alloc_skb+0x1ba/0x5b0 [ 93.423639][ T3368] ndisc_send_ns+0x5e9/0xe10 [ 93.428213][ T3368] ndisc_solicit+0x498/0x5d0 [ 93.432785][ T3368] __neigh_event_send+0x10fd/0x1d40 [ 93.437959][ T3368] neigh_resolve_output+0x25e/0xb50 [ 93.443133][ T3368] ip6_finish_output2+0x2129/0x2670 [ 93.448403][ T3368] __ip6_finish_output+0x83d/0x8f0 [ 93.453493][ T3368] ip6_finish_output+0x2db/0x420 [ 93.458405][ T3368] ip6_output+0x5d3/0x720 [ 93.462721][ T3368] ndisc_send_skb+0x1083/0x15e0 [ 93.467548][ T3368] ndisc_send_rs+0xb5d/0xb90 [ 93.472123][ T3368] addrconf_dad_completed+0xc03/0x1490 [ 93.477589][ T3368] addrconf_dad_work+0x17b3/0x26e0 [ 93.482690][ T3368] process_one_work+0x1572/0x1ef0 [ 93.487700][ T3368] worker_thread+0x111b/0x2460 [ 93.492455][ T3368] kthread+0x4b5/0x4f0 [ 93.496502][ T3368] ret_from_fork+0x35/0x40 [ 93.500903][ T3368] ===================================================== [ 93.507819][ T3368] Disabling lock debugging due to kernel taint [ 93.513946][ T3368] Kernel panic - not syncing: panic_on_warn set ... [ 93.520515][ T3368] CPU: 1 PID: 3368 Comm: kworker/1:2 Tainted: G B 5.3.0-rc7+ #0 [ 93.529418][ T3368] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 93.539463][ T3368] Workqueue: ipv6_addrconf addrconf_dad_work [ 93.545427][ T3368] Call Trace: [ 93.548711][ T3368] dump_stack+0x191/0x1f0 [ 93.555546][ T3368] panic+0x3c9/0xc1e [ 93.559439][ T3368] kmsan_report+0x2a2/0x2b0 [ 93.563925][ T3368] __msan_warning+0x73/0xe0 [ 93.568411][ T3368] __list_add_valid+0x292/0x430 [ 93.573243][ T3368] ___neigh_create+0x2783/0x2c40 [ 93.578173][ T3368] __neigh_create+0xbd/0xd0 [ 93.582660][ T3368] ip6_finish_output2+0x149a/0x2670 [ 93.587850][ T3368] ? kmsan_get_shadow_origin_ptr+0x6e/0x4c0 [ 93.593732][ T3368] __ip6_finish_output+0x83d/0x8f0 [ 93.598831][ T3368] ip6_finish_output+0x2db/0x420 [ 93.603753][ T3368] ip6_output+0x5d3/0x720 [ 93.608085][ T3368] ? ip6_output+0x720/0x720 [ 93.612578][ T3368] ? ac6_seq_show+0x200/0x200 [ 93.617269][ T3368] ndisc_send_skb+0x1083/0x15e0 [ 93.622113][ T3368] ? ndisc_error_report+0x1a0/0x1a0 [ 93.627294][ T3368] ndisc_send_ns+0xda8/0xe10 [ 93.631876][ T3368] ndisc_solicit+0x498/0x5d0 [ 93.636454][ T3368] ? ndisc_cleanup+0x70/0x70 [ 93.641806][ T3368] __neigh_event_send+0x10fd/0x1d40 [ 93.646985][ T3368] ? ___neigh_create+0x2a81/0x2c40 [ 93.652101][ T3368] neigh_resolve_output+0x25e/0xb50 [ 93.657287][ T3368] ? neigh_event_ns+0x8a0/0x8a0 [ 93.662210][ T3368] ip6_finish_output2+0x2129/0x2670 [ 93.667425][ T3368] ? kmsan_get_shadow_origin_ptr+0x6e/0x4c0 [ 93.673306][ T3368] __ip6_finish_output+0x83d/0x8f0 [ 93.678406][ T3368] ip6_finish_output+0x2db/0x420 [ 93.683324][ T3368] ip6_output+0x5d3/0x720 [ 93.687634][ T3368] ? ip6_output+0x720/0x720 [ 93.692116][ T3368] ? ac6_seq_show+0x200/0x200 [ 93.696772][ T3368] ndisc_send_skb+0x1083/0x15e0 [ 93.701612][ T3368] ? ndisc_error_report+0x1a0/0x1a0 [ 93.706823][ T3368] ndisc_send_rs+0xb5d/0xb90 [ 93.711418][ T3368] addrconf_dad_completed+0xc03/0x1490 [ 93.716872][ T3368] addrconf_dad_work+0x17b3/0x26e0 [ 93.721974][ T3368] ? kmsan_get_shadow_origin_ptr+0x6e/0x4c0 [ 93.727844][ T3368] ? ipv6_get_saddr_eval+0x13b0/0x13b0 [ 93.733281][ T3368] ? ipv6_get_saddr_eval+0x13b0/0x13b0 [ 93.738723][ T3368] process_one_work+0x1572/0x1ef0 [ 93.743737][ T3368] worker_thread+0x111b/0x2460 [ 93.748499][ T3368] kthread+0x4b5/0x4f0 [ 93.752550][ T3368] ? process_one_work+0x1ef0/0x1ef0 [ 93.757731][ T3368] ? kthread_blkcg+0xf0/0xf0 [ 93.762392][ T3368] ret_from_fork+0x35/0x40 [ 93.768476][ T3368] Kernel Offset: disabled [ 93.772817][ T3368] Rebooting in 86400 seconds..