[....] Starting enhanced syslogd: rsyslogd�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
[ 101.371670][ T31] audit: type=1800 audit(1560592459.417:25): pid=13206 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[ 101.411927][ T31] audit: type=1800 audit(1560592459.447:26): pid=13206 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[ 101.432105][ T31] audit: type=1800 audit(1560592459.457:27): pid=13206 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
[....] Starting OpenBSD Secure Shell server: sshd�[?25l�[?1c�7�[1G[�[32m ok �[39;49m�8�[?25h�[?0c.
Debian GNU/Linux 7 syzkaller ttyS0
Warning: Permanently added '10.128.0.86' (ECDSA) to the list of known hosts.
syzkaller login: [ 115.436446][T13357] IPVS: ftp: loaded support on port[0] = 21
[ 115.513761][T13357] chnl_net:caif_netlink_parms(): no params data found
[ 115.551512][T13357] bridge0: port 1(bridge_slave_0) entered blocking state
[ 115.559369][T13357] bridge0: port 1(bridge_slave_0) entered disabled state
[ 115.568639][T13357] device bridge_slave_0 entered promiscuous mode
[ 115.577431][T13357] bridge0: port 2(bridge_slave_1) entered blocking state
[ 115.584999][T13357] bridge0: port 2(bridge_slave_1) entered disabled state
[ 115.593905][T13357] device bridge_slave_1 entered promiscuous mode
[ 115.616585][T13357] bond0: Enslaving bond_slave_0 as an active interface with an up link
[ 115.627826][T13357] bond0: Enslaving bond_slave_1 as an active interface with an up link
[ 115.650807][T13357] team0: Port device team_slave_0 added
[ 115.659248][T13357] team0: Port device team_slave_1 added
[ 115.714878][T13357] device hsr_slave_0 entered promiscuous mode
[ 115.772443][T13357] device hsr_slave_1 entered promiscuous mode
[ 115.824537][T13357] bridge0: port 2(bridge_slave_1) entered blocking state
[ 115.832266][T13357] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 115.840251][T13357] bridge0: port 1(bridge_slave_0) entered blocking state
[ 115.847618][T13357] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 115.899343][T13357] 8021q: adding VLAN 0 to HW filter on device bond0
[ 115.915147][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 115.925994][ T12] bridge0: port 1(bridge_slave_0) entered disabled state
[ 115.935094][ T12] bridge0: port 2(bridge_slave_1) entered disabled state
[ 115.944195][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[ 115.958642][T13357] 8021q: adding VLAN 0 to HW filter on device team0
[ 115.973029][ T3018] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 115.982462][ T3018] bridge0: port 1(bridge_slave_0) entered blocking state
[ 115.989658][ T3018] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 116.004246][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 116.013199][ T5] bridge0: port 2(bridge_slave_1) entered blocking state
[ 116.020608][ T5] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 116.044521][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 116.060251][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 116.069564][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 116.084570][ T3018] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 116.098012][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
executing program
[ 116.114702][T13357] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 116.141892][T13357] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 116.194003][ C1] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters.
[ 116.207352][ C1] ==================================================================
[ 116.215928][ C1] BUG: KMSAN: uninit-value in tcp_create_openreq_child+0x157f/0x1cc0
[ 116.224089][ C1] CPU: 1 PID: 13357 Comm: syz-executor591 Not tainted 5.2.0-rc4+ #3
[ 116.232288][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 116.242351][ C1] Call Trace:
[ 116.245744][ C1]
[ 116.248612][ C1] dump_stack+0x191/0x1f0
[ 116.253035][ C1] kmsan_report+0x162/0x2d0
[ 116.257558][ C1] __msan_warning+0x75/0xe0
[ 116.262079][ C1] tcp_create_openreq_child+0x157f/0x1cc0
[ 116.267987][ C1] tcp_v6_syn_recv_sock+0x761/0x2d80
[ 116.273391][ C1] ? __msan_poison_alloca+0x1c0/0x270
[ 116.278785][ C1] ? kmsan_get_shadow_origin_ptr+0x71/0x470
[ 116.284934][ C1] ? cookie_v6_check+0x27e0/0x29a0
[ 116.290061][ C1] ? tcp_v6_conn_request+0x2d0/0x2d0
[ 116.295731][ C1] tcp_get_cookie_sock+0x16e/0x6b0
[ 116.300865][ C1] cookie_v6_check+0x27e0/0x29a0
[ 116.305951][ C1] tcp_v6_do_rcv+0xf1c/0x1ce0
[ 116.310860][ C1] ? kmsan_memcpy_memmove_metadata+0x8bc/0xe00
[ 116.317128][ C1] tcp_v6_rcv+0x60b7/0x6a30
[ 116.321737][ C1] ? kmsan_get_shadow_origin_ptr+0x71/0x470
[ 116.327799][ C1] ip6_protocol_deliver_rcu+0x1433/0x22f0
[ 116.333717][ C1] ip6_input+0x2af/0x340
[ 116.337974][ C1] ? ip6_input+0x340/0x340
[ 116.342553][ C1] ? ip6_protocol_deliver_rcu+0x22f0/0x22f0
[ 116.348541][ C1] ipv6_rcv+0x683/0x710
[ 116.352719][ C1] ? local_bh_enable+0x40/0x40
[ 116.357722][ C1] process_backlog+0x721/0x1410
[ 116.362750][ C1] ? kmsan_get_shadow_origin_ptr+0x71/0x470
[ 116.368879][ C1] ? kmsan_get_shadow_origin_ptr+0x71/0x470
[ 116.374901][ C1] ? rps_trigger_softirq+0x2e0/0x2e0
[ 116.380194][ C1] net_rx_action+0x738/0x1940
[ 116.385182][ C1] ? net_tx_action+0xb70/0xb70
[ 116.390041][ C1] __do_softirq+0x4ad/0x858
[ 116.394663][ C1] do_softirq_own_stack+0x49/0x80
[ 116.399822][ C1]
[ 116.402766][ C1] __local_bh_enable_ip+0x199/0x1e0
[ 116.408300][ C1] local_bh_enable+0x36/0x40
[ 116.412897][ C1] ip6_finish_output2+0x213f/0x2670
[ 116.418134][ C1] ? kmsan_get_shadow_origin_ptr+0x71/0x470
[ 116.424166][ C1] ip6_finish_output+0xae4/0xbc0
[ 116.429228][ C1] ip6_output+0x5d3/0x720
[ 116.433705][ C1] ? ip6_output+0x720/0x720
[ 116.438356][ C1] ? ac6_seq_show+0x200/0x200
[ 116.443253][ C1] ip6_xmit+0x1f53/0x2650
[ 116.447684][ C1] ? ip6_xmit+0x2650/0x2650
[ 116.452212][ C1] inet6_csk_xmit+0x3df/0x4f0
[ 116.456928][ C1] ? inet6_csk_addr2sockaddr+0x2c0/0x2c0
[ 116.462681][ C1] __tcp_transmit_skb+0x4076/0x5b40
[ 116.468030][ C1] tcp_write_xmit+0x39a9/0xa730
[ 116.472949][ C1] ? kmsan_get_shadow_origin_ptr+0x10/0x470
[ 116.478870][ C1] __tcp_push_pending_frames+0x124/0x4e0
[ 116.484518][ C1] tcp_send_fin+0xd43/0x1540
[ 116.489290][ C1] tcp_close+0x16ba/0x1860
[ 116.493953][ C1] ? ip_mc_drop_socket+0x69b/0x6e0
[ 116.499077][ C1] ? kmsan_internal_memset_shadow+0x104/0x3a0
[ 116.505158][ C1] ? tcp_check_oom+0x530/0x530
[ 116.510115][ C1] inet_release+0x1f7/0x270
[ 116.514884][ C1] inet6_release+0xaf/0x100
[ 116.519397][ C1] sock_close+0x156/0x490
[ 116.523732][ C1] ? __inet6_bind+0x1b70/0x1b70
[ 116.528589][ C1] ? sock_mmap+0x130/0x130
[ 116.533191][ C1] __fput+0x4c9/0xba0
[ 116.537198][ C1] ____fput+0x37/0x40
[ 116.541310][ C1] ? fput_many+0x2a0/0x2a0
[ 116.545820][ C1] task_work_run+0x22e/0x2a0
[ 116.550573][ C1] prepare_exit_to_usermode+0x39d/0x4d0
[ 116.556240][ C1] syscall_return_slowpath+0x90/0x5c0
[ 116.561726][ C1] ? kmsan_get_shadow_origin_ptr+0x71/0x470
[ 116.567854][ C1] do_syscall_64+0xe2/0xf0
[ 116.572284][ C1] entry_SYSCALL_64_after_hwframe+0x63/0xe7
[ 116.578182][ C1] RIP: 0033:0x401d50
[ 116.582374][ C1] Code: 01 f0 ff ff 0f 83 40 0d 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 83 3d dd 8d 2d 00 00 75 14 b8 03 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 14 0d 00 00 c3 48 83 ec 08 e8 7a 02 00 00
[ 116.602071][ C1] RSP: 002b:00007fff1cf58cf8 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[ 116.610591][ C1] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 0000000000401d50
[ 116.618646][ C1] RDX: 000000000000001c RSI: 0000000000000000 RDI: 0000000000000003
[ 116.626684][ C1] RBP: 00000000004a9050 R08: 0000000020000040 R09: 000000000000001c
[ 116.634668][ C1] R10: 0000000020004004 R11: 0000000000000246 R12: 0000000000402ef0
[ 116.642734][ C1] R13: 0000000000402f80 R14: 0000000000000000 R15: 0000000000000000
[ 116.651122][ C1]
[ 116.653453][ C1] Uninit was created at:
[ 116.657811][ C1] kmsan_internal_poison_shadow+0x53/0xa0
[ 116.663532][ C1] kmsan_kmalloc+0xa4/0x130
[ 116.668327][ C1] kmem_cache_alloc+0x534/0xb00
[ 116.673265][ C1] inet_reqsk_alloc+0xa8/0x600
[ 116.678028][ C1] cookie_v6_check+0xadb/0x29a0
[ 116.683024][ C1] tcp_v6_do_rcv+0xf1c/0x1ce0
[ 116.687815][ C1] tcp_v6_rcv+0x60b7/0x6a30
[ 116.692318][ C1] ip6_protocol_deliver_rcu+0x1433/0x22f0
[ 116.698217][ C1] ip6_input+0x2af/0x340
[ 116.702460][ C1] ipv6_rcv+0x683/0x710
[ 116.706663][ C1] process_backlog+0x721/0x1410
[ 116.711822][ C1] net_rx_action+0x738/0x1940
[ 116.716595][ C1] __do_softirq+0x4ad/0x858
[ 116.721181][ C1] do_softirq_own_stack+0x49/0x80
[ 116.726519][ C1] __local_bh_enable_ip+0x199/0x1e0
[ 116.731729][ C1] local_bh_enable+0x36/0x40
[ 116.736369][ C1] ip6_finish_output2+0x213f/0x2670
[ 116.741666][ C1] ip6_finish_output+0xae4/0xbc0
[ 116.746736][ C1] ip6_output+0x5d3/0x720
[ 116.751174][ C1] ip6_xmit+0x1f53/0x2650
[ 116.755514][ C1] inet6_csk_xmit+0x3df/0x4f0
[ 116.760301][ C1] __tcp_transmit_skb+0x4076/0x5b40
[ 116.765621][ C1] tcp_write_xmit+0x39a9/0xa730
[ 116.770523][ C1] __tcp_push_pending_frames+0x124/0x4e0
[ 116.776544][ C1] tcp_send_fin+0xd43/0x1540
[ 116.781387][ C1] tcp_close+0x16ba/0x1860
[ 116.785866][ C1] inet_release+0x1f7/0x270
[ 116.790418][ C1] inet6_release+0xaf/0x100
[ 116.795064][ C1] sock_close+0x156/0x490
[ 116.799446][ C1] __fput+0x4c9/0xba0
[ 116.803588][ C1] ____fput+0x37/0x40
[ 116.807587][ C1] task_work_run+0x22e/0x2a0
[ 116.812238][ C1] prepare_exit_to_usermode+0x39d/0x4d0
[ 116.817810][ C1] syscall_return_slowpath+0x90/0x5c0
[ 116.823183][ C1] do_syscall_64+0xe2/0xf0
[ 116.827612][ C1] entry_SYSCALL_64_after_hwframe+0x63/0xe7
[ 116.833560][ C1] ==================================================================
[ 116.841769][ C1] Disabling lock debugging due to kernel taint
[ 116.847993][ C1] Kernel panic - not syncing: panic_on_warn set ...
[ 116.854746][ C1] CPU: 1 PID: 13357 Comm: syz-executor591 Tainted: G B 5.2.0-rc4+ #3
[ 116.864271][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 116.874488][ C1] Call Trace:
[ 116.877823][ C1]
[ 116.880687][ C1] dump_stack+0x191/0x1f0
[ 116.885164][ C1] panic+0x3c9/0xc1e
[ 116.889308][ C1] kmsan_report+0x2ca/0x2d0
[ 116.893940][ C1] __msan_warning+0x75/0xe0
[ 116.898452][ C1] tcp_create_openreq_child+0x157f/0x1cc0
[ 116.904330][ C1] tcp_v6_syn_recv_sock+0x761/0x2d80
[ 116.909799][ C1] ? __msan_poison_alloca+0x1c0/0x270
[ 116.915253][ C1] ? kmsan_get_shadow_origin_ptr+0x71/0x470
[ 116.921551][ C1] ? cookie_v6_check+0x27e0/0x29a0
[ 116.927028][ C1] ? tcp_v6_conn_request+0x2d0/0x2d0
[ 116.932420][ C1] tcp_get_cookie_sock+0x16e/0x6b0
[ 116.937551][ C1] cookie_v6_check+0x27e0/0x29a0
[ 116.951121][ C1] tcp_v6_do_rcv+0xf1c/0x1ce0
[ 116.956233][ C1] ? kmsan_memcpy_memmove_metadata+0x8bc/0xe00
[ 116.962676][ C1] tcp_v6_rcv+0x60b7/0x6a30
[ 116.967357][ C1] ? kmsan_get_shadow_origin_ptr+0x71/0x470
[ 116.973711][ C1] ip6_protocol_deliver_rcu+0x1433/0x22f0
[ 116.979964][ C1] ip6_input+0x2af/0x340
[ 116.985061][ C1] ? ip6_input+0x340/0x340
[ 116.989628][ C1] ? ip6_protocol_deliver_rcu+0x22f0/0x22f0
[ 116.995530][ C1] ipv6_rcv+0x683/0x710
[ 116.999700][ C1] ? local_bh_enable+0x40/0x40
[ 117.004473][ C1] process_backlog+0x721/0x1410
[ 117.009338][ C1] ? kmsan_get_shadow_origin_ptr+0x71/0x470
[ 117.015504][ C1] ? kmsan_get_shadow_origin_ptr+0x71/0x470
[ 117.021405][ C1] ? rps_trigger_softirq+0x2e0/0x2e0
[ 117.026695][ C1] net_rx_action+0x738/0x1940
[ 117.031430][ C1] ? net_tx_action+0xb70/0xb70
[ 117.036201][ C1] __do_softirq+0x4ad/0x858
[ 117.040984][ C1] do_softirq_own_stack+0x49/0x80
[ 117.046059][ C1]
[ 117.049138][ C1] __local_bh_enable_ip+0x199/0x1e0
[ 117.054415][ C1] local_bh_enable+0x36/0x40
[ 117.059060][ C1] ip6_finish_output2+0x213f/0x2670
[ 117.064494][ C1] ? kmsan_get_shadow_origin_ptr+0x71/0x470
[ 117.070459][ C1] ip6_finish_output+0xae4/0xbc0
[ 117.075689][ C1] ip6_output+0x5d3/0x720
[ 117.080314][ C1] ? ip6_output+0x720/0x720
[ 117.084829][ C1] ? ac6_seq_show+0x200/0x200
[ 117.089503][ C1] ip6_xmit+0x1f53/0x2650
[ 117.094015][ C1] ? ip6_xmit+0x2650/0x2650
[ 117.098528][ C1] inet6_csk_xmit+0x3df/0x4f0
[ 117.103393][ C1] ? inet6_csk_addr2sockaddr+0x2c0/0x2c0
[ 117.109146][ C1] __tcp_transmit_skb+0x4076/0x5b40
[ 117.114386][ C1] tcp_write_xmit+0x39a9/0xa730
[ 117.119521][ C1] ? kmsan_get_shadow_origin_ptr+0x10/0x470
[ 117.125643][ C1] __tcp_push_pending_frames+0x124/0x4e0
[ 117.131407][ C1] tcp_send_fin+0xd43/0x1540
[ 117.136049][ C1] tcp_close+0x16ba/0x1860
[ 117.140646][ C1] ? ip_mc_drop_socket+0x69b/0x6e0
[ 117.145971][ C1] ? kmsan_internal_memset_shadow+0x104/0x3a0
[ 117.153256][ C1] ? tcp_check_oom+0x530/0x530
[ 117.158314][ C1] inet_release+0x1f7/0x270
[ 117.162837][ C1] inet6_release+0xaf/0x100
[ 117.167350][ C1] sock_close+0x156/0x490
[ 117.171809][ C1] ? __inet6_bind+0x1b70/0x1b70
[ 117.176859][ C1] ? sock_mmap+0x130/0x130
[ 117.181277][ C1] __fput+0x4c9/0xba0
[ 117.185454][ C1] ____fput+0x37/0x40
[ 117.189593][ C1] ? fput_many+0x2a0/0x2a0
[ 117.194128][ C1] task_work_run+0x22e/0x2a0
[ 117.198735][ C1] prepare_exit_to_usermode+0x39d/0x4d0
[ 117.204306][ C1] syscall_return_slowpath+0x90/0x5c0
[ 117.209931][ C1] ? kmsan_get_shadow_origin_ptr+0x71/0x470
[ 117.216056][ C1] do_syscall_64+0xe2/0xf0
[ 117.220481][ C1] entry_SYSCALL_64_after_hwframe+0x63/0xe7
[ 117.226540][ C1] RIP: 0033:0x401d50
[ 117.230504][ C1] Code: 01 f0 ff ff 0f 83 40 0d 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 83 3d dd 8d 2d 00 00 75 14 b8 03 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 14 0d 00 00 c3 48 83 ec 08 e8 7a 02 00 00
[ 117.250774][ C1] RSP: 002b:00007fff1cf58cf8 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[ 117.259315][ C1] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 0000000000401d50
[ 117.267639][ C1] RDX: 000000000000001c RSI: 0000000000000000 RDI: 0000000000000003
[ 117.275619][ C1] RBP: 00000000004a9050 R08: 0000000020000040 R09: 000000000000001c
[ 117.283601][ C1] R10: 0000000020004004 R11: 0000000000000246 R12: 0000000000402ef0
[ 117.291668][ C1] R13: 0000000000402f80 R14: 0000000000000000 R15: 0000000000000000
[ 117.300526][ C1] Kernel Offset: disabled
[ 117.305221][ C1] Rebooting in 86400 seconds..