[[0;32m  OK  [0m] Listening on Load/Save RF Kill Switch Status /dev/rfkill Watch.
[[0;32m  OK  [0m] Started Getty on tty6.
[[0;32m  OK  [0m] Started Getty on tty5.
[[0;32m  OK  [0m] Started Getty on tty4.
[[0;32m  OK  [0m] Started Getty on tty3.
[[0;32m  OK  [0m] Started Getty on tty2.
[[0;32m  OK  [0m] Started Getty on tty1.
[[0;32m  OK  [0m] Started Serial Getty on ttyS0.
[[0;32m  OK  [0m] Reached target Login Prompts.
[[0;32m  OK  [0m] Reached target Multi-User System.
[[0;32m  OK  [0m] Reached target Graphical Interface.
         Starting Update UTMP about System Runlevel Changes...
         Starting Load/Save RF Kill Switch Status...
[[0;32m  OK  [0m] Started Update UTMP about System Runlevel Changes.
[[0;32m  OK  [0m] Started Load/Save RF Kill Switch Status.

Debian GNU/Linux 9 syzkaller ttyS0

Warning: Permanently added '10.128.1.0' (ECDSA) to the list of known hosts.
syzkaller login: [  155.621547][ T8492] IPVS: ftp: loaded support on port[0] = 21
[  155.816554][ T8492] chnl_net:caif_netlink_parms(): no params data found
[  155.925348][ T8492] bridge0: port 1(bridge_slave_0) entered blocking state
[  155.933293][ T8492] bridge0: port 1(bridge_slave_0) entered disabled state
[  155.942863][ T8492] device bridge_slave_0 entered promiscuous mode
[  155.956597][ T8492] bridge0: port 2(bridge_slave_1) entered blocking state
[  155.964186][ T8492] bridge0: port 2(bridge_slave_1) entered disabled state
[  155.973128][ T8492] device bridge_slave_1 entered promiscuous mode
[  156.012876][ T8492] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  156.026759][ T8492] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  156.068331][ T8492] team0: Port device team_slave_0 added
[  156.079144][ T8492] team0: Port device team_slave_1 added
[  156.115792][ T8492] batman_adv: batadv0: Adding interface: batadv_slave_0
[  156.122980][ T8492] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  156.149253][ T8492] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  156.163021][ T8492] batman_adv: batadv0: Adding interface: batadv_slave_1
[  156.170236][ T8492] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  156.196704][ T8492] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  156.249572][ T8492] device hsr_slave_0 entered promiscuous mode
[  156.257489][ T8492] device hsr_slave_1 entered promiscuous mode
[  156.476096][ T8492] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  156.490886][ T8492] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  156.515036][ T8492] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  156.535627][ T8492] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  156.635502][ T8492] bridge0: port 2(bridge_slave_1) entered blocking state
[  156.642823][ T8492] bridge0: port 2(bridge_slave_1) entered forwarding state
[  156.650968][ T8492] bridge0: port 1(bridge_slave_0) entered blocking state
[  156.658348][ T8492] bridge0: port 1(bridge_slave_0) entered forwarding state
[  156.780450][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  156.802076][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  156.884835][ T8492] 8021q: adding VLAN 0 to HW filter on device bond0
[  156.912549][ T4025] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  156.921199][ T4025] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  156.940997][ T8492] 8021q: adding VLAN 0 to HW filter on device team0
[  156.960026][ T4025] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  156.969671][ T4025] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  156.978586][ T4025] bridge0: port 1(bridge_slave_0) entered blocking state
[  156.985942][ T4025] bridge0: port 1(bridge_slave_0) entered forwarding state
[  157.015431][ T4025] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  157.025560][ T4025] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  157.035772][ T4025] bridge0: port 2(bridge_slave_1) entered blocking state
[  157.043221][ T4025] bridge0: port 2(bridge_slave_1) entered forwarding state
[  157.051915][ T4025] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  157.072270][   T27] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  157.092016][   T27] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  157.102253][   T27] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  157.139808][   T27] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  157.148553][   T27] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  157.158708][   T27] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  157.169836][   T27] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  157.179150][   T27] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  157.188823][   T27] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  157.198212][   T27] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  157.217694][ T8492] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  157.263346][ T4025] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  157.271130][ T4025] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  157.296530][ T8492] 8021q: adding VLAN 0 to HW filter on device batadv0
[  157.338833][ T4025] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  157.350718][ T4025] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  157.392878][   T27] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  157.402945][   T27] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  157.421888][ T8492] device veth0_vlan entered promiscuous mode
[  157.431227][   T27] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  157.441761][   T27] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  157.465120][ T8492] device veth1_vlan entered promiscuous mode
[  157.523712][   T27] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  157.533156][   T27] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  157.542896][   T27] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  157.552552][   T27] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  157.571999][ T8492] device veth0_macvtap entered promiscuous mode
[  157.592751][ T8492] device veth1_macvtap entered promiscuous mode
[  157.630549][ T8492] batman_adv: batadv0: Interface activated: batadv_slave_0
[  157.638257][ T4025] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  157.648532][ T4025] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  157.657638][ T4025] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  157.667966][ T4025] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  157.688573][ T8492] batman_adv: batadv0: Interface activated: batadv_slave_1
[  157.706286][ T8492] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  157.715126][ T8492] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  157.724080][ T8492] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  157.733126][ T8492] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  157.748339][ T4025] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  157.758677][ T4025] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
executing program
[  157.917529][ T8700] hsr0: VLAN not yet supported
[  157.917542][ T8700] =====================================================
[  157.929285][ T8700] BUG: KMSAN: uninit-value in hsr_fill_frame_info+0x3d3/0x570
[  157.936811][ T8700] CPU: 1 PID: 8700 Comm: syz-executor512 Not tainted 5.9.0-rc4-syzkaller #0
[  157.945505][ T8700] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  157.955651][ T8700] Call Trace:
[  157.958956][ T8700]  dump_stack+0x21c/0x280
[  157.963335][ T8700]  kmsan_report+0xf7/0x1e0
[  157.967781][ T8700]  __msan_warning+0x58/0xa0
[  157.972277][ T8700]  hsr_fill_frame_info+0x3d3/0x570
[  157.977380][ T8700]  ? prp_drop_frame+0x200/0x200
[  157.982229][ T8700]  hsr_forward_skb+0xc63/0x2610
[  157.987102][ T8700]  hsr_dev_xmit+0x133/0x230
[  157.991611][ T8700]  ? is_hsr_master+0xb0/0xb0
[  157.996332][ T8700]  xmit_one+0x3cf/0x750
[  158.000494][ T8700]  ? kmsan_get_metadata+0x116/0x180
[  158.005979][ T8700]  __dev_queue_xmit+0x3aad/0x4470
[  158.011028][ T8700]  dev_queue_xmit+0x4b/0x60
[  158.015616][ T8700]  ? netdev_core_pick_tx+0x5a0/0x5a0
[  158.020890][ T8700]  packet_sendmsg+0x8542/0x9a80
[  158.025732][ T8700]  ? kmsan_get_shadow_origin_ptr+0x81/0xb0
[  158.031531][ T8700]  ? kmsan_get_metadata+0x116/0x180
[  158.036737][ T8700]  ? kmsan_internal_set_origin+0x75/0xb0
[  158.042359][ T8700]  ? kmsan_get_metadata+0x116/0x180
[  158.047550][ T8700]  ? kmsan_get_shadow_origin_ptr+0x81/0xb0
[  158.053352][ T8700]  ? __free_slab+0x7b0/0x8b0
[  158.057927][ T8700]  ? aa_sk_perm+0x7da/0xe70
[  158.062483][ T8700]  ? packet_getsockopt+0x1110/0x1110
[  158.067769][ T8700]  __sys_sendto+0x9dc/0xc80
[  158.072287][ T8700]  ? __fpregs_load_activate+0x3f4/0x420
[  158.077822][ T8700]  __se_sys_sendto+0x107/0x130
[  158.082584][ T8700]  __x64_sys_sendto+0x6e/0x90
[  158.087252][ T8700]  do_syscall_64+0x9f/0x140
[  158.091745][ T8700]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  158.097617][ T8700] RIP: 0033:0x443d79
[  158.101508][ T8700] Code: e8 8c 07 03 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 bb 09 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[  158.121112][ T8700] RSP: 002b:00007ffdeb5a7c88 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  158.129506][ T8700] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000443d79
[  158.137461][ T8700] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[  158.145425][ T8700] RBP: 00007ffdeb5a7ca0 R08: 0000000020000000 R09: 0000000000000014
[  158.153410][ T8700] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffdeb5a7cb0
[  158.161368][ T8700] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  158.169335][ T8700] 
[  158.171642][ T8700] Uninit was created at:
[  158.175868][ T8700]  kmsan_internal_poison_shadow+0x66/0xd0
[  158.181567][ T8700]  kmsan_slab_alloc+0x8a/0xe0
[  158.186232][ T8700]  __kmalloc_node_track_caller+0x9aa/0x12f0
[  158.192123][ T8700]  __alloc_skb+0x35f/0xb30
[  158.196521][ T8700]  alloc_skb_with_frags+0x1f2/0xc10
[  158.201703][ T8700]  sock_alloc_send_pskb+0xc83/0xe50
[  158.206897][ T8700]  packet_sendmsg+0x6abb/0x9a80
[  158.211742][ T8700]  __sys_sendto+0x9dc/0xc80
[  158.216245][ T8700]  __se_sys_sendto+0x107/0x130
[  158.221007][ T8700]  __x64_sys_sendto+0x6e/0x90
[  158.225694][ T8700]  do_syscall_64+0x9f/0x140
[  158.230222][ T8700]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  158.236611][ T8700] =====================================================
[  158.243531][ T8700] Disabling lock debugging due to kernel taint
[  158.249824][ T8700] Kernel panic - not syncing: panic_on_warn set ...
[  158.256399][ T8700] CPU: 1 PID: 8700 Comm: syz-executor512 Tainted: G    B             5.9.0-rc4-syzkaller #0
[  158.266457][ T8700] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  158.276513][ T8700] Call Trace:
[  158.279813][ T8700]  dump_stack+0x21c/0x280
[  158.284155][ T8700]  panic+0x4d7/0xef7
[  158.288064][ T8700]  ? add_taint+0x17c/0x210
[  158.292650][ T8700]  kmsan_report+0x1df/0x1e0
[  158.297152][ T8700]  __msan_warning+0x58/0xa0
[  158.301793][ T8700]  hsr_fill_frame_info+0x3d3/0x570
[  158.306951][ T8700]  ? prp_drop_frame+0x200/0x200
[  158.312064][ T8700]  hsr_forward_skb+0xc63/0x2610
[  158.317109][ T8700]  hsr_dev_xmit+0x133/0x230
[  158.321713][ T8700]  ? is_hsr_master+0xb0/0xb0
[  158.326323][ T8700]  xmit_one+0x3cf/0x750
[  158.330474][ T8700]  ? kmsan_get_metadata+0x116/0x180
[  158.335666][ T8700]  __dev_queue_xmit+0x3aad/0x4470
[  158.340736][ T8700]  dev_queue_xmit+0x4b/0x60
[  158.345226][ T8700]  ? netdev_core_pick_tx+0x5a0/0x5a0
[  158.350498][ T8700]  packet_sendmsg+0x8542/0x9a80
[  158.355337][ T8700]  ? kmsan_get_shadow_origin_ptr+0x81/0xb0
[  158.361583][ T8700]  ? kmsan_get_metadata+0x116/0x180
[  158.367076][ T8700]  ? kmsan_internal_set_origin+0x75/0xb0
[  158.373105][ T8700]  ? kmsan_get_metadata+0x116/0x180
[  158.378615][ T8700]  ? kmsan_get_shadow_origin_ptr+0x81/0xb0
[  158.384430][ T8700]  ? __free_slab+0x7b0/0x8b0
[  158.389067][ T8700]  ? aa_sk_perm+0x7da/0xe70
[  158.393615][ T8700]  ? packet_getsockopt+0x1110/0x1110
[  158.398901][ T8700]  __sys_sendto+0x9dc/0xc80
[  158.403437][ T8700]  ? __fpregs_load_activate+0x3f4/0x420
[  158.409004][ T8700]  __se_sys_sendto+0x107/0x130
[  158.413780][ T8700]  __x64_sys_sendto+0x6e/0x90
[  158.418444][ T8700]  do_syscall_64+0x9f/0x140
[  158.422947][ T8700]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  158.428826][ T8700] RIP: 0033:0x443d79
[  158.432707][ T8700] Code: e8 8c 07 03 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 bb 09 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[  158.452442][ T8700] RSP: 002b:00007ffdeb5a7c88 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  158.460855][ T8700] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000443d79
[  158.468826][ T8700] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[  158.476784][ T8700] RBP: 00007ffdeb5a7ca0 R08: 0000000020000000 R09: 0000000000000014
[  158.484739][ T8700] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffdeb5a7cb0
[  158.492726][ T8700] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  158.501856][ T8700] Kernel Offset: disabled
[  158.506182][ T8700] Rebooting in 86400 seconds..