[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[  100.808078][   T30] audit: type=1800 audit(1562503778.854:25): pid=13114 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[  100.833777][   T30] audit: type=1800 audit(1562503778.884:26): pid=13114 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[  100.868099][   T30] audit: type=1800 audit(1562503778.904:27): pid=13114 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.47' (ECDSA) to the list of known hosts.
syzkaller login: [  114.120151][T13266] IPVS: ftp: loaded support on port[0] = 21
[  114.208677][T13266] chnl_net:caif_netlink_parms(): no params data found
[  114.248280][T13266] bridge0: port 1(bridge_slave_0) entered blocking state
[  114.255595][T13266] bridge0: port 1(bridge_slave_0) entered disabled state
[  114.264695][T13266] device bridge_slave_0 entered promiscuous mode
[  114.274310][T13266] bridge0: port 2(bridge_slave_1) entered blocking state
[  114.281521][T13266] bridge0: port 2(bridge_slave_1) entered disabled state
[  114.290263][T13266] device bridge_slave_1 entered promiscuous mode
[  114.313568][T13266] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  114.324697][T13266] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  114.347667][T13266] team0: Port device team_slave_0 added
[  114.355663][T13266] team0: Port device team_slave_1 added
[  114.415438][T13266] device hsr_slave_0 entered promiscuous mode
[  114.462601][T13266] device hsr_slave_1 entered promiscuous mode
[  114.514951][T13266] bridge0: port 2(bridge_slave_1) entered blocking state
[  114.522262][T13266] bridge0: port 2(bridge_slave_1) entered forwarding state
[  114.530139][T13266] bridge0: port 1(bridge_slave_0) entered blocking state
[  114.537635][T13266] bridge0: port 1(bridge_slave_0) entered forwarding state
[  114.589550][T13266] 8021q: adding VLAN 0 to HW filter on device bond0
[  114.604913][ T3858] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  114.615557][ T3858] bridge0: port 1(bridge_slave_0) entered disabled state
[  114.624423][ T3858] bridge0: port 2(bridge_slave_1) entered disabled state
[  114.633976][ T3858] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[  114.649093][T13266] 8021q: adding VLAN 0 to HW filter on device team0
[  114.662330][ T3358] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  114.671222][ T3358] bridge0: port 1(bridge_slave_0) entered blocking state
[  114.678514][ T3358] bridge0: port 1(bridge_slave_0) entered forwarding state
[  114.692724][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  114.701497][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  114.708856][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  114.733769][ T3358] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  114.743403][ T3358] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  114.763496][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  114.772876][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  114.789240][T13266] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  114.801188][T13266] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  114.810811][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
executing program
[  114.838811][T13266] 8021q: adding VLAN 0 to HW filter on device batadv0
[  115.152276][   T12] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  115.512234][   T12] usb 1-1: config 254 has an invalid interface number: 46 but max is 0
[  115.520575][   T12] usb 1-1: config 254 has no interface number 0
[  115.527054][   T12] usb 1-1: config 254 interface 46 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 0
[  115.538235][   T12] usb 1-1: New USB device found, idVendor=1618, idProduct=9116, bcdDevice=73.23
[  115.547426][   T12] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  115.812445][   T12] usb 1-1: string descriptor 0 read error: -71
[  115.821873][   T12] rsi_91x: rsi_probe: Failed to init usb interface
[  115.830085][   T12] rsi_91x: rsi_probe: Failed in probe...Exiting
[  115.836541][   T12] RSI-USB WLAN: probe of 1-1:254.46 failed with error -22
[  115.850093][   T12] usb 1-1: USB disconnect, device number 2
[  115.926436][    T5] ==================================================================
[  115.934560][    T5] BUG: KMSAN: uninit-value in kfree+0x4f3/0x2870
[  115.940982][    T5] CPU: 0 PID: 5 Comm: kworker/0:0 Not tainted 5.2.0-rc4+ #10
[  115.948349][    T5] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  115.958432][    T5] Workqueue: ipv6_addrconf addrconf_dad_work
[  115.964419][    T5] Call Trace:
[  115.967731][    T5]  dump_stack+0x191/0x1f0
[  115.972087][    T5]  kmsan_report+0x162/0x2d0
[  115.976633][    T5]  __msan_warning+0x75/0xe0
[  115.981192][    T5]  kfree+0x4f3/0x2870
[  115.985287][    T5]  ? _raw_read_unlock_bh+0x5d/0x80
[  115.990420][    T5]  ? ipv6_get_lladdr+0x368/0x390
[  115.995385][    T5]  ? skb_release_data+0xaa8/0xb50
[  116.000429][    T5]  ? kmsan_get_shadow_origin_ptr+0x71/0x470
[  116.006355][    T5]  skb_release_data+0xaa8/0xb50
[  116.011235][    T5]  __kfree_skb+0x8a/0x210
[  116.015585][    T5]  consume_skb+0x2b0/0x2e0
[  116.020018][    T5]  __neigh_event_send+0x119e/0x1a80
[  116.025355][    T5]  neigh_resolve_output+0x25e/0xb50
[  116.030594][    T5]  ? neigh_event_ns+0x8a0/0x8a0
[  116.035462][    T5]  ip6_finish_output2+0x2129/0x2670
[  116.040727][    T5]  ? kmsan_get_shadow_origin_ptr+0x71/0x470
[  116.046642][    T5]  ip6_finish_output+0xae4/0xbc0
[  116.051614][    T5]  ip6_output+0x5d3/0x720
[  116.055969][    T5]  ? ip6_output+0x720/0x720
[  116.060481][    T5]  ? ac6_seq_show+0x200/0x200
[  116.065167][    T5]  ndisc_send_skb+0x1083/0x15e0
[  116.070063][    T5]  ? ndisc_error_report+0x1a0/0x1a0
[  116.075283][    T5]  ndisc_send_ns+0xda8/0xe10
[  116.079926][    T5]  addrconf_dad_work+0x1a3e/0x26e0
[  116.085070][    T5]  ? ipv6_get_saddr_eval+0x13b0/0x13b0
[  116.091232][    T5]  ? ipv6_get_saddr_eval+0x13b0/0x13b0
[  116.096718][    T5]  process_one_work+0x1572/0x1f00
[  116.101788][    T5]  worker_thread+0x111b/0x2460
[  116.106606][    T5]  kthread+0x4b5/0x4f0
[  116.110684][    T5]  ? process_one_work+0x1f00/0x1f00
[  116.115924][    T5]  ? kthread_blkcg+0xf0/0xf0
[  116.120530][    T5]  ret_from_fork+0x35/0x40
[  116.124990][    T5] 
[  116.127320][    T5] Uninit was stored to memory at:
[  116.132352][    T5]  kmsan_internal_chain_origin+0xcc/0x150
[  116.138082][    T5]  __msan_chain_origin+0x6b/0xe0
[  116.143037][    T5]  ___slab_alloc+0x1dbc/0x1fb0
[  116.147804][    T5]  __kmalloc+0x375/0x3a0
[  116.152051][    T5]  kzalloc+0x7c/0xe0
[  116.155950][    T5]  ___neigh_create+0x8e5/0x2990
[  116.160814][    T5]  __neigh_create+0xbd/0xd0
[  116.165326][    T5]  ip6_finish_output2+0x149a/0x2670
[  116.170523][    T5]  ip6_finish_output+0xae4/0xbc0
[  116.175463][    T5]  ip6_output+0x5d3/0x720
[  116.179800][    T5]  ndisc_send_skb+0x1083/0x15e0
[  116.184656][    T5]  ndisc_send_ns+0xda8/0xe10
[  116.189257][    T5]  addrconf_dad_work+0x1a3e/0x26e0
[  116.194371][    T5]  process_one_work+0x1572/0x1f00
[  116.199401][    T5]  worker_thread+0x111b/0x2460
[  116.204198][    T5]  kthread+0x4b5/0x4f0
[  116.208265][    T5]  ret_from_fork+0x35/0x40
[  116.212674][    T5] 
[  116.215016][    T5] Uninit was created at:
[  116.219269][    T5]  kmsan_internal_poison_shadow+0x53/0xa0
[  116.224996][    T5]  kmsan_kmalloc+0xa4/0x130
[  116.229507][    T5]  kmsan_slab_alloc+0xe/0x10
[  116.234112][    T5]  __kmalloc_node_track_caller+0xcba/0xf30
[  116.239938][    T5]  __alloc_skb+0x306/0xa10
[  116.244362][    T5]  ndisc_alloc_skb+0x1ba/0x5b0
[  116.249134][    T5]  ndisc_send_ns+0x5e9/0xe10
[  116.253730][    T5]  addrconf_dad_work+0x1a3e/0x26e0
[  116.258850][    T5]  process_one_work+0x1572/0x1f00
[  116.263876][    T5]  worker_thread+0x111b/0x2460
[  116.268642][    T5]  kthread+0x4b5/0x4f0
[  116.272732][    T5]  ret_from_fork+0x35/0x40
[  116.277143][    T5] ==================================================================
[  116.285197][    T5] Disabling lock debugging due to kernel taint
[  116.291353][    T5] Kernel panic - not syncing: panic_on_warn set ...
[  116.297964][    T5] CPU: 0 PID: 5 Comm: kworker/0:0 Tainted: G    B             5.2.0-rc4+ #10
[  116.306726][    T5] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  116.316810][    T5] Workqueue: ipv6_addrconf addrconf_dad_work
[  116.322814][    T5] Call Trace:
[  116.326135][    T5]  dump_stack+0x191/0x1f0
[  116.330583][    T5]  panic+0x3c9/0xc1e
[  116.334559][    T5]  kmsan_report+0x2ca/0x2d0
[  116.339100][    T5]  __msan_warning+0x75/0xe0
[  116.343649][    T5]  kfree+0x4f3/0x2870
[  116.347660][    T5]  ? _raw_read_unlock_bh+0x5d/0x80
[  116.352810][    T5]  ? ipv6_get_lladdr+0x368/0x390
[  116.357777][    T5]  ? skb_release_data+0xaa8/0xb50
[  116.362839][    T5]  ? kmsan_get_shadow_origin_ptr+0x71/0x470
[  116.368758][    T5]  skb_release_data+0xaa8/0xb50
[  116.373669][    T5]  __kfree_skb+0x8a/0x210
[  116.378035][    T5]  consume_skb+0x2b0/0x2e0
[  116.382481][    T5]  __neigh_event_send+0x119e/0x1a80
[  116.387816][    T5]  neigh_resolve_output+0x25e/0xb50
[  116.393071][    T5]  ? neigh_event_ns+0x8a0/0x8a0
[  116.397953][    T5]  ip6_finish_output2+0x2129/0x2670
[  116.403219][    T5]  ? kmsan_get_shadow_origin_ptr+0x71/0x470
[  116.409157][    T5]  ip6_finish_output+0xae4/0xbc0
[  116.414141][    T5]  ip6_output+0x5d3/0x720
[  116.418501][    T5]  ? ip6_output+0x720/0x720
[  116.423286][    T5]  ? ac6_seq_show+0x200/0x200
[  116.428096][    T5]  ndisc_send_skb+0x1083/0x15e0
[  116.433006][    T5]  ? ndisc_error_report+0x1a0/0x1a0
[  116.438235][    T5]  ndisc_send_ns+0xda8/0xe10
[  116.442886][    T5]  addrconf_dad_work+0x1a3e/0x26e0
[  116.448219][    T5]  ? ipv6_get_saddr_eval+0x13b0/0x13b0
[  116.453731][    T5]  ? ipv6_get_saddr_eval+0x13b0/0x13b0
[  116.459570][    T5]  process_one_work+0x1572/0x1f00
[  116.464664][    T5]  worker_thread+0x111b/0x2460
[  116.469517][    T5]  kthread+0x4b5/0x4f0
[  116.473612][    T5]  ? process_one_work+0x1f00/0x1f00
[  116.478854][    T5]  ? kthread_blkcg+0xf0/0xf0
[  116.483474][    T5]  ret_from_fork+0x35/0x40
[  116.488924][    T5] Kernel Offset: disabled
[  116.493264][    T5] Rebooting in 86400 seconds..