[   57.620878] audit: type=1800 audit(1545794660.636:27): pid=8890 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[   57.640373] audit: type=1800 audit(1545794660.646:28): pid=8890 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="ssh" dev="sda1" ino=2417 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   58.805132] audit: type=1800 audit(1545794661.856:29): pid=8890 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0
[   58.824612] audit: type=1800 audit(1545794661.866:30): pid=8890 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.86' (ECDSA) to the list of known hosts.
2018/12/26 03:24:39 parsed 1 programs
2018/12/26 03:24:44 executed programs: 0
syzkaller login: [   81.876750] IPVS: ftp: loaded support on port[0] = 21
[   82.211205] bridge0: port 1(bridge_slave_0) entered blocking state
[   82.217966] bridge0: port 1(bridge_slave_0) entered disabled state
[   82.225519] device bridge_slave_0 entered promiscuous mode
[   82.249485] bridge0: port 2(bridge_slave_1) entered blocking state
[   82.255958] bridge0: port 2(bridge_slave_1) entered disabled state
[   82.263419] device bridge_slave_1 entered promiscuous mode
[   82.286431] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   82.310115] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   82.378020] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   82.404911] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   82.450568] ip (9122) used greatest stack depth: 53728 bytes left
[   82.512895] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   82.520403] team0: Port device team_slave_0 added
[   82.544378] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   82.552046] team0: Port device team_slave_1 added
[   82.575927] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   82.602202] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   82.627948] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   82.655494] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   82.867579] bridge0: port 2(bridge_slave_1) entered blocking state
[   82.874185] bridge0: port 2(bridge_slave_1) entered forwarding state
[   82.880920] bridge0: port 1(bridge_slave_0) entered blocking state
[   82.887470] bridge0: port 1(bridge_slave_0) entered forwarding state
[   83.637630] 8021q: adding VLAN 0 to HW filter on device bond0
[   83.713431] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   83.789968] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   83.796256] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   83.803956] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   83.881145] 8021q: adding VLAN 0 to HW filter on device team0
[   84.392224] ==================================================================
[   84.399612] BUG: KMSAN: uninit-value in check_6rd+0x65c/0x720
[   84.405484] CPU: 0 PID: 9324 Comm: syz-executor0 Not tainted 4.20.0-rc7+ #14
[   84.412662] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   84.421996] Call Trace:
[   84.424569]  dump_stack+0x173/0x1d0
[   84.428193]  kmsan_report+0x12e/0x2a0
[   84.432001]  __msan_warning+0x82/0xf0
[   84.435790]  check_6rd+0x65c/0x720
[   84.439321]  sit_tunnel_xmit+0xb58/0x34d0
[   84.443492]  ? __msan_metadata_ptr_for_load_8+0x10/0x20
[   84.448856]  ? dev_hard_start_xmit+0xb3/0xc40
[   84.453336]  ? ipip6_tunnel_uninit+0x7e0/0x7e0
[   84.457911]  dev_hard_start_xmit+0x607/0xc40
[   84.462313]  __dev_queue_xmit+0x2e42/0x3bc0
[   84.466627]  dev_queue_xmit+0x4b/0x60
[   84.470422]  ? __netdev_pick_tx+0x1270/0x1270
[   84.474902]  packet_sendmsg+0x8306/0x8f30
[   84.479056]  ? kmsan_internal_chain_origin+0x134/0x230
[   84.484327]  ? __msan_memcpy+0x5b/0x70
[   84.488209]  ? __vfs_write+0x888/0xb70
[   84.492093]  ? __x64_sys_write+0x4a/0x70
[   84.496154]  ? do_syscall_64+0xbc/0xf0
[   84.500038]  ? entry_SYSCALL_64_after_hwframe+0x63/0xe7
[   84.505393]  ? vmalloc_to_page+0x56e/0x6a0
[   84.509616]  ? kmsan_get_shadow_origin_ptr+0x108/0x3e0
[   84.514881]  ? __msan_metadata_ptr_for_load_8+0x10/0x20
[   84.520285]  ? compat_packet_setsockopt+0x360/0x360
[   84.525612]  sock_write_iter+0x3f4/0x4d0
[   84.529679]  ? sock_read_iter+0x4e0/0x4e0
[   84.533858]  __vfs_write+0x888/0xb70
[   84.537576]  vfs_write+0x46a/0x8c0
[   84.541114]  __se_sys_write+0x17a/0x370
[   84.545088]  __x64_sys_write+0x4a/0x70
[   84.548962]  do_syscall_64+0xbc/0xf0
[   84.552659]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[   84.557828] RIP: 0033:0x457759
[   84.561017] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[   84.579921] RSP: 002b:00007fff1b6510f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   84.587623] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457759
[   84.594875] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[   84.602129] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[   84.609380] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000200c914
[   84.616631] R13: 00000000004c66be R14: 00000000004db988 R15: 00000000ffffffff
[   84.623889] 
[   84.625507] Uninit was created at:
[   84.629039]  kmsan_internal_poison_shadow+0x92/0x150
[   84.634124]  kmsan_kmalloc+0xa6/0x130
[   84.637908]  kmsan_slab_alloc+0xe/0x10
[   84.641880]  __kmalloc_node_track_caller+0xe38/0x1060
[   84.647067]  __alloc_skb+0x309/0xa20
[   84.650773]  alloc_skb_with_frags+0x1c7/0xaf0
[   84.655262]  sock_alloc_send_pskb+0xafd/0x10e0
[   84.659835]  packet_sendmsg+0x661a/0x8f30
[   84.663985]  sock_write_iter+0x3f4/0x4d0
[   84.668028]  __vfs_write+0x888/0xb70
[   84.671751]  vfs_write+0x46a/0x8c0
[   84.675289]  __se_sys_write+0x17a/0x370
[   84.679243]  __x64_sys_write+0x4a/0x70
[   84.683125]  do_syscall_64+0xbc/0xf0
[   84.686823]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[   84.692019] ==================================================================
[   84.699355] Disabling lock debugging due to kernel taint
[   84.704786] Kernel panic - not syncing: panic_on_warn set ...
[   84.710655] CPU: 0 PID: 9324 Comm: syz-executor0 Tainted: G    B             4.20.0-rc7+ #14
[   84.719214] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   84.728552] Call Trace:
[   84.731123]  dump_stack+0x173/0x1d0
[   84.734735]  panic+0x3ce/0x961
[   84.737930]  kmsan_report+0x293/0x2a0
[   84.741718]  __msan_warning+0x82/0xf0
[   84.745505]  check_6rd+0x65c/0x720
[   84.749035]  sit_tunnel_xmit+0xb58/0x34d0
[   84.753173]  ? __msan_metadata_ptr_for_load_8+0x10/0x20
[   84.758523]  ? dev_hard_start_xmit+0xb3/0xc40
[   84.763001]  ? ipip6_tunnel_uninit+0x7e0/0x7e0
[   84.767569]  dev_hard_start_xmit+0x607/0xc40
[   84.771973]  __dev_queue_xmit+0x2e42/0x3bc0
[   84.776294]  dev_queue_xmit+0x4b/0x60
[   84.780080]  ? __netdev_pick_tx+0x1270/0x1270
[   84.784562]  packet_sendmsg+0x8306/0x8f30
[   84.788728]  ? kmsan_internal_chain_origin+0x134/0x230
[   84.793987]  ? __msan_memcpy+0x5b/0x70
[   84.797861]  ? __vfs_write+0x888/0xb70
[   84.801731]  ? __x64_sys_write+0x4a/0x70
[   84.805781]  ? do_syscall_64+0xbc/0xf0
[   84.809674]  ? entry_SYSCALL_64_after_hwframe+0x63/0xe7
[   84.815020]  ? vmalloc_to_page+0x56e/0x6a0
[   84.819243]  ? kmsan_get_shadow_origin_ptr+0x108/0x3e0
[   84.824521]  ? __msan_metadata_ptr_for_load_8+0x10/0x20
[   84.829893]  ? compat_packet_setsockopt+0x360/0x360
[   84.834910]  sock_write_iter+0x3f4/0x4d0
[   84.838963]  ? sock_read_iter+0x4e0/0x4e0
[   84.843101]  __vfs_write+0x888/0xb70
[   84.846826]  vfs_write+0x46a/0x8c0
[   84.850372]  __se_sys_write+0x17a/0x370
[   84.854349]  __x64_sys_write+0x4a/0x70
[   84.858224]  do_syscall_64+0xbc/0xf0
[   84.861922]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[   84.867097] RIP: 0033:0x457759
[   84.870273] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[   84.889175] RSP: 002b:00007fff1b6510f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   84.896879] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457759
[   84.904145] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[   84.911408] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[   84.918659] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000200c914
[   84.925911] R13: 00000000004c66be R14: 00000000004db988 R15: 00000000ffffffff
[   84.934273] Kernel Offset: disabled
[   84.937895] Rebooting in 86400 seconds..