[[0;32m  OK  [0m] Listening on Load/Save RF Kill Switch Status /dev/rfkill Watch.
[[0;32m  OK  [0m] Started Getty on tty6.
[[0;32m  OK  [0m] Started Getty on tty5.
Warning: Permanently added '10.128.0.146' (ECDSA) to the list of known hosts.
[[0;32m  OK  [0m] Started Getty on tty4.
[[0;32m  OK  [0m] Started Getty on tty3.
[[0;32m  OK  [0m] Started Getty on tty2.
[[0;32m  OK  [0m] Started Serial Getty on ttyS0.
[[0;32m  OK  [0m] Started Getty on tty1.
[[0;32m  OK  [0m] Reached target Login Prompts.
[[0;32m  OK  [0m] Reached target Multi-User System.
[[0;32m  OK  [0m] Reached target Graphical Interface.
         Starting Update UTMP about System Runlevel Changes...
         Starting Load/Save RF Kill Switch Status...
[[0;32m  OK  [0m] Started Update UTMP about System Runlevel Changes.
[[0;32m  OK  [0m] Started Load/Save RF Kill Switch Status.

Debian GNU/Linux 9 syzkaller ttyS0

2020/09/25 02:44:57 fuzzer started
2020/09/25 02:44:58 dialing manager at 10.128.0.26:46007
2020/09/25 02:44:59 syscalls: 3322
2020/09/25 02:44:59 code coverage: enabled
2020/09/25 02:44:59 comparison tracing: enabled
2020/09/25 02:44:59 extra coverage: enabled
2020/09/25 02:44:59 setuid sandbox: enabled
2020/09/25 02:44:59 namespace sandbox: enabled
2020/09/25 02:44:59 Android sandbox: enabled
2020/09/25 02:44:59 fault injection: enabled
2020/09/25 02:44:59 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2020/09/25 02:44:59 net packet injection: enabled
2020/09/25 02:44:59 net device setup: enabled
2020/09/25 02:44:59 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2020/09/25 02:44:59 devlink PCI setup: PCI device 0000:00:10.0 is not available
2020/09/25 02:44:59 USB emulation: enabled
2020/09/25 02:44:59 hci packet injection: enabled
2020/09/25 02:44:59 wifi device emulation: enabled
02:48:09 executing program 0:
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000000c0), 0x4b)
socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
recvmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(0xffffffffffffffff, 0x89e0, &(0x7f0000003e40))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_subtree(r0, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000001900)='cgroup.controllers\x00', 0x26e1, 0x0)
r2 = socket$kcm(0x2, 0x1000000000000002, 0x0)
setsockopt$sock_attach_bpf(r2, 0x1, 0x3e, &(0x7f00000002c0)=r1, 0x161)
sendmsg$inet(r2, &(0x7f0000007940)={&(0x7f0000000100)={0x2, 0x63, @rand_addr=0x20}, 0x10, &(0x7f0000000140)=[{&(0x7f0000000380), 0xff00}], 0x1, &(0x7f0000007880)=ANY=[@ANYBLOB="110000000000000004f407000100000074000000000000001c00000000000000000000fd04000000", @ANYRES32=0x0, @ANYBLOB="ac1414bbe0000001000000001c00000000000000090000000888f800", @ANYRES32=0x0, @ANYBLOB="000000000000000000000000240000000000000000000000070000009404000044100900000000000000000000007e000000000011000000000000000000001f00"/76], 0x98}, 0x0)

syzkaller login: [  356.702485][   T26] audit: type=1400 audit(1601002089.719:8): avc:  denied  { execmem } for  pid=8511 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
[  358.248003][ T8512] IPVS: ftp: loaded support on port[0] = 21
[  358.701443][ T8512] chnl_net:caif_netlink_parms(): no params data found
[  359.008545][ T8512] bridge0: port 1(bridge_slave_0) entered blocking state
[  359.016007][ T8512] bridge0: port 1(bridge_slave_0) entered disabled state
[  359.025684][ T8512] device bridge_slave_0 entered promiscuous mode
[  359.064532][ T8512] bridge0: port 2(bridge_slave_1) entered blocking state
[  359.071635][ T8512] bridge0: port 2(bridge_slave_1) entered disabled state
[  359.081059][ T8512] device bridge_slave_1 entered promiscuous mode
[  359.144699][ T8512] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  359.161560][ T8512] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  359.218643][ T8512] team0: Port device team_slave_0 added
[  359.233057][ T8512] team0: Port device team_slave_1 added
[  359.286311][ T8512] batman_adv: batadv0: Adding interface: batadv_slave_0
[  359.294236][ T8512] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  359.320335][ T8512] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  359.344581][ T8512] batman_adv: batadv0: Adding interface: batadv_slave_1
[  359.351618][ T8512] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  359.377789][ T8512] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  359.449645][ T8512] device hsr_slave_0 entered promiscuous mode
[  359.459420][ T8512] device hsr_slave_1 entered promiscuous mode
[  359.800226][ T8512] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  359.834467][ T8512] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  359.860835][ T8512] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  359.904038][ T8512] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  360.173133][ T3237] Bluetooth: hci0: command 0x0409 tx timeout
[  360.208185][ T8512] 8021q: adding VLAN 0 to HW filter on device bond0
[  360.247257][ T8688] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  360.256909][ T8688] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  360.284915][ T8512] 8021q: adding VLAN 0 to HW filter on device team0
[  360.311673][ T8688] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  360.321701][ T8688] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  360.334192][ T8688] bridge0: port 1(bridge_slave_0) entered blocking state
[  360.341425][ T8688] bridge0: port 1(bridge_slave_0) entered forwarding state
[  360.360345][ T8688] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  360.386841][ T3237] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  360.396531][ T3237] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  360.406070][ T3237] bridge0: port 2(bridge_slave_1) entered blocking state
[  360.413480][ T3237] bridge0: port 2(bridge_slave_1) entered forwarding state
[  360.462982][ T3237] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  360.474217][ T3237] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  360.484945][ T3237] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  360.495212][ T3237] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  360.553253][ T3237] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  360.563246][ T3237] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  360.573352][ T3237] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  360.583529][ T3237] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  360.593114][ T3237] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  360.602497][ T3237] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  360.612173][ T3237] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  360.626563][ T8512] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  360.694073][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  360.701704][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  360.744661][ T8512] 8021q: adding VLAN 0 to HW filter on device batadv0
[  360.816004][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  360.826154][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  360.896233][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  360.905902][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  360.935622][ T8512] device veth0_vlan entered promiscuous mode
[  360.947711][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  360.956537][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  360.999455][ T8512] device veth1_vlan entered promiscuous mode
[  361.075450][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  361.084839][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  361.094448][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  361.104176][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  361.134141][ T8512] device veth0_macvtap entered promiscuous mode
[  361.157949][ T8512] device veth1_macvtap entered promiscuous mode
[  361.221780][ T8512] batman_adv: batadv0: Interface activated: batadv_slave_0
[  361.230030][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  361.239466][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  361.248773][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  361.258562][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  361.280524][ T8512] batman_adv: batadv0: Interface activated: batadv_slave_1
[  361.290506][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  361.301268][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  361.336376][ T8512] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  361.345494][ T8512] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  361.354467][ T8512] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  361.363460][ T8512] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  361.734411][    T7] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  361.742928][    T7] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  361.750930][ T8716] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  361.894320][ T8581] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  361.902353][ T8581] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  361.910094][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  362.119707][    C0] hrtimer: interrupt took 78746 ns
02:48:15 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000031000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000002000109500000000000000e3a333a0daf2f73451c0e17a606fe530cb7d7f933e997015c0d814886d2a403918da02ba18ad181867514fe6007790123d3ee7cf43548ee858e085fbdfd43307c529a4ce6be614c2e31789e70233bfd8115efd90c809000000fc83cedf82b3ec7e1e79df7e42065dda00000000cf8db95f5b068a9e000000000000000000d1301200000000000000e707fa8bd50540ad7f83cecb1100000000000000000000000000000018287b87d8807c2877cc420efca65f5deb269dff9198560276c69e4403266b08506e1a39cd4bacb4b8eece9e0a49b72dfcf359d16b1e153e7a5c9df18367809c71dc79c2b2832d167bb643ad70ee492468e584e464fb521a0b5a61b8770824212b72fe39f28cea1c96cb879a61f8f10051495538776b974754f218000000000000872b7a73d91c95f501460642f3f482f334366c1f23367fb30d8fbcfde1114429bcf86f1e8b838fea8342dcf3dccc5383ae84e562c00608196cdff76a43bd5db9de77760955586134ecdeaf"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x3d}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000740)={r0, 0x4000a0, 0xe, 0x0, &(0x7f0000000040)="4d50b441e692763513ef8745df02", 0x0, 0x0, 0x0, 0x0, 0xb8, 0x0, &(0x7f00000008c0)="bd"}, 0x40)

[  362.253911][ T8716] Bluetooth: hci0: command 0x041b tx timeout
[  362.500448][ T8762] =====================================================
[  362.507553][ T8762] BUG: KMSAN: uninit-value in hsr_addr_subst_dest+0x62c/0x870
[  362.515023][ T8762] CPU: 1 PID: 8762 Comm: syz-executor.0 Not tainted 5.9.0-rc4-syzkaller #0
[  362.523604][ T8762] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  362.533659][ T8762] Call Trace:
[  362.537035][ T8762]  dump_stack+0x21c/0x280
[  362.541427][ T8762]  kmsan_report+0xf7/0x1e0
[  362.545854][ T8762]  __msan_warning+0x58/0xa0
[  362.550365][ T8762]  hsr_addr_subst_dest+0x62c/0x870
[  362.555486][ T8762]  ? kmsan_get_metadata+0x116/0x180
[  362.560697][ T8762]  hsr_forward_skb+0x1c8b/0x2610
[  362.565663][ T8762]  hsr_dev_xmit+0x133/0x230
[  362.570172][ T8762]  ? is_hsr_master+0xb0/0xb0
[  362.574827][ T8762]  xmit_one+0x3cf/0x750
[  362.578996][ T8762]  ? kmsan_get_metadata+0x116/0x180
[  362.584206][ T8762]  __dev_queue_xmit+0x3aad/0x4470
[  362.589254][ T8762]  dev_queue_xmit+0x4b/0x60
[  362.593817][ T8762]  __bpf_redirect+0x1479/0x16b0
[  362.598701][ T8762]  ? skb_ensure_writable+0x4d1/0x590
[  362.604002][ T8762]  bpf_clone_redirect+0x498/0x650
[  362.609042][ T8762]  ? build_skb+0x82/0x7f0
[  362.613429][ T8762]  ___bpf_prog_run+0x4498/0x98e0
[  362.618380][ T8762]  ? bpf_csum_level+0x780/0x780
[  362.623249][ T8762]  __bpf_prog_run512+0x12e/0x190
[  362.628197][ T8762]  ? build_skb+0x82/0x7f0
[  362.632594][ T8762]  ? __se_sys_bpf+0x8e/0xa0
[  362.637104][ T8762]  ? __ia32_sys_bpf+0x4a/0x70
[  362.641853][ T8762]  ? do_fast_syscall_32+0x6a/0xc0
[  362.646891][ T8762]  ? alloc_pgt_page+0x4a0/0x4a0
[  362.651779][ T8762]  ? entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  362.658293][ T8762]  ? kmsan_get_metadata+0x116/0x180
[  362.663499][ T8762]  ? __msan_metadata_ptr_for_store_1+0x13/0x20
[  362.669661][ T8762]  ? kmsan_get_metadata+0x116/0x180
[  362.674866][ T8762]  ? kmsan_internal_set_origin+0x75/0xb0
[  362.680515][ T8762]  ? __msan_poison_alloca+0xf0/0x120
[  362.685807][ T8762]  ? kmsan_get_metadata+0x116/0x180
[  362.691115][ T8762]  ? kmsan_get_shadow_origin_ptr+0x81/0xb0
[  362.696933][ T8762]  ? __msan_metadata_ptr_for_load_4+0x10/0x20
[  362.703052][ T8762]  ? ktime_get+0x384/0x470
[  362.707479][ T8762]  ? kmsan_get_metadata+0x4f/0x180
[  362.712599][ T8762]  ? kmsan_get_shadow_origin_ptr+0x81/0xb0
[  362.718412][ T8762]  ? __bpf_prog_run480+0x190/0x190
[  362.723579][ T8762]  bpf_test_run+0x52d/0xed0
[  362.728112][ T8762]  ? kmsan_get_shadow_origin_ptr+0x81/0xb0
[  362.733927][ T8762]  bpf_prog_test_run_skb+0x17d0/0x3500
[  362.739419][ T8762]  ? bpf_prog_test_run_tracing+0xa00/0xa00
[  362.745231][ T8762]  __do_sys_bpf+0xb7d4/0x1aa20
[  362.750010][ T8762]  ? kmsan_get_metadata+0x116/0x180
[  362.755216][ T8762]  ? kmsan_set_origin_checked+0x95/0xf0
[  362.760771][ T8762]  ? kmsan_get_metadata+0x116/0x180
[  362.765973][ T8762]  ? kmsan_get_metadata+0x116/0x180
[  362.771176][ T8762]  ? kmsan_internal_check_memory+0xb1/0x3d0
[  362.777070][ T8762]  ? __msan_poison_alloca+0xf0/0x120
[  362.782349][ T8762]  ? ktime_get_ts64+0x79f/0x8d0
[  362.787234][ T8762]  ? kmsan_get_metadata+0x116/0x180
[  362.792436][ T8762]  ? kmsan_get_shadow_origin_ptr+0x81/0xb0
[  362.798242][ T8762]  ? kmsan_get_metadata+0x116/0x180
[  362.803447][ T8762]  __se_sys_bpf+0x8e/0xa0
[  362.807778][ T8762]  __ia32_sys_bpf+0x4a/0x70
[  362.812277][ T8762]  __do_fast_syscall_32+0x129/0x180
[  362.817481][ T8762]  do_fast_syscall_32+0x6a/0xc0
[  362.822333][ T8762]  do_SYSENTER_32+0x73/0x90
[  362.826836][ T8762]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  362.833153][ T8762] RIP: 0023:0xf7f76549
[  362.837217][ T8762] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  362.856929][ T8762] RSP: 002b:00000000f55700cc EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  362.865412][ T8762] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000020000740
[  362.873396][ T8762] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000000
[  362.881477][ T8762] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  362.889449][ T8762] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  362.897418][ T8762] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  362.905480][ T8762] 
[  362.907798][ T8762] Uninit was stored to memory at:
[  362.912826][ T8762]  kmsan_internal_chain_origin+0xad/0x130
[  362.918554][ T8762]  kmsan_memcpy_memmove_metadata+0x272/0x2e0
[  362.924534][ T8762]  kmsan_memmove_metadata+0xe/0x10
[  362.929640][ T8762]  __msan_memmove+0x43/0x50
[  362.934147][ T8762]  hsr_create_tagged_frame+0x718/0x1130
[  362.939689][ T8762]  hsr_forward_skb+0x159a/0x2610
[  362.944629][ T8762]  hsr_dev_xmit+0x133/0x230
[  362.949130][ T8762]  xmit_one+0x3cf/0x750
[  362.953296][ T8762]  __dev_queue_xmit+0x3aad/0x4470
[  362.958318][ T8762]  dev_queue_xmit+0x4b/0x60
[  362.962818][ T8762]  __bpf_redirect+0x1479/0x16b0
[  362.967664][ T8762]  bpf_clone_redirect+0x498/0x650
[  362.972702][ T8762]  ___bpf_prog_run+0x4498/0x98e0
[  362.977638][ T8762]  __bpf_prog_run512+0x12e/0x190
[  362.982576][ T8762]  bpf_test_run+0x52d/0xed0
[  362.987076][ T8762]  bpf_prog_test_run_skb+0x17d0/0x3500
[  362.992534][ T8762]  __do_sys_bpf+0xb7d4/0x1aa20
[  362.997296][ T8762]  __se_sys_bpf+0x8e/0xa0
[  363.001621][ T8762]  __ia32_sys_bpf+0x4a/0x70
[  363.006120][ T8762]  __do_fast_syscall_32+0x129/0x180
[  363.011322][ T8762]  do_fast_syscall_32+0x6a/0xc0
[  363.016172][ T8762]  do_SYSENTER_32+0x73/0x90
[  363.020679][ T8762]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  363.026992][ T8762] 
[  363.029317][ T8762] Uninit was created at:
[  363.033565][ T8762]  kmsan_internal_poison_shadow+0x66/0xd0
[  363.039283][ T8762]  kmsan_slab_alloc+0x8a/0xe0
[  363.043959][ T8762]  __kmalloc_node_track_caller+0x9aa/0x12f0
[  363.049851][ T8762]  __alloc_skb+0x35f/0xb30
[  363.054269][ T8762]  __pskb_copy_fclone+0x173/0x1940
[  363.059378][ T8762]  hsr_create_tagged_frame+0x322/0x1130
[  363.064922][ T8762]  hsr_forward_skb+0x159a/0x2610
[  363.069855][ T8762]  hsr_dev_xmit+0x133/0x230
[  363.074360][ T8762]  xmit_one+0x3cf/0x750
[  363.078514][ T8762]  __dev_queue_xmit+0x3aad/0x4470
[  363.083535][ T8762]  dev_queue_xmit+0x4b/0x60
[  363.088033][ T8762]  __bpf_redirect+0x1479/0x16b0
[  363.092877][ T8762]  bpf_clone_redirect+0x498/0x650
[  363.097897][ T8762]  ___bpf_prog_run+0x4498/0x98e0
[  363.102829][ T8762]  __bpf_prog_run512+0x12e/0x190
[  363.107761][ T8762]  bpf_test_run+0x52d/0xed0
[  363.112260][ T8762]  bpf_prog_test_run_skb+0x17d0/0x3500
[  363.117718][ T8762]  __do_sys_bpf+0xb7d4/0x1aa20
[  363.122597][ T8762]  __se_sys_bpf+0x8e/0xa0
[  363.126935][ T8762]  __ia32_sys_bpf+0x4a/0x70
[  363.131436][ T8762]  __do_fast_syscall_32+0x129/0x180
[  363.136641][ T8762]  do_fast_syscall_32+0x6a/0xc0
[  363.141492][ T8762]  do_SYSENTER_32+0x73/0x90
[  363.145997][ T8762]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  363.152313][ T8762] =====================================================
[  363.159237][ T8762] Disabling lock debugging due to kernel taint
[  363.165388][ T8762] Kernel panic - not syncing: panic_on_warn set ...
[  363.171981][ T8762] CPU: 1 PID: 8762 Comm: syz-executor.0 Tainted: G    B             5.9.0-rc4-syzkaller #0
[  363.181946][ T8762] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  363.191996][ T8762] Call Trace:
[  363.195307][ T8762]  dump_stack+0x21c/0x280
[  363.199719][ T8762]  panic+0x4d7/0xef7
[  363.203639][ T8762]  ? add_taint+0x17c/0x210
[  363.208070][ T8762]  kmsan_report+0x1df/0x1e0
[  363.212584][ T8762]  __msan_warning+0x58/0xa0
[  363.217125][ T8762]  hsr_addr_subst_dest+0x62c/0x870
[  363.222247][ T8762]  ? kmsan_get_metadata+0x116/0x180
[  363.227453][ T8762]  hsr_forward_skb+0x1c8b/0x2610
[  363.232410][ T8762]  hsr_dev_xmit+0x133/0x230
[  363.236920][ T8762]  ? is_hsr_master+0xb0/0xb0
[  363.241508][ T8762]  xmit_one+0x3cf/0x750
[  363.245682][ T8762]  ? kmsan_get_metadata+0x116/0x180
[  363.250887][ T8762]  __dev_queue_xmit+0x3aad/0x4470
[  363.255922][ T8762]  dev_queue_xmit+0x4b/0x60
[  363.260413][ T8762]  __bpf_redirect+0x1479/0x16b0
[  363.265262][ T8762]  ? skb_ensure_writable+0x4d1/0x590
[  363.270543][ T8762]  bpf_clone_redirect+0x498/0x650
[  363.275565][ T8762]  ? build_skb+0x82/0x7f0
[  363.279883][ T8762]  ___bpf_prog_run+0x4498/0x98e0
[  363.284909][ T8762]  ? bpf_csum_level+0x780/0x780
[  363.289758][ T8762]  __bpf_prog_run512+0x12e/0x190
[  363.294685][ T8762]  ? build_skb+0x82/0x7f0
[  363.299001][ T8762]  ? __se_sys_bpf+0x8e/0xa0
[  363.303486][ T8762]  ? __ia32_sys_bpf+0x4a/0x70
[  363.308145][ T8762]  ? do_fast_syscall_32+0x6a/0xc0
[  363.313174][ T8762]  ? alloc_pgt_page+0x4a0/0x4a0
[  363.318014][ T8762]  ? entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  363.324502][ T8762]  ? kmsan_get_metadata+0x116/0x180
[  363.329692][ T8762]  ? __msan_metadata_ptr_for_store_1+0x13/0x20
[  363.335837][ T8762]  ? kmsan_get_metadata+0x116/0x180
[  363.341024][ T8762]  ? kmsan_internal_set_origin+0x75/0xb0
[  363.346645][ T8762]  ? __msan_poison_alloca+0xf0/0x120
[  363.351919][ T8762]  ? kmsan_get_metadata+0x116/0x180
[  363.357105][ T8762]  ? kmsan_get_shadow_origin_ptr+0x81/0xb0
[  363.362900][ T8762]  ? __msan_metadata_ptr_for_load_4+0x10/0x20
[  363.368950][ T8762]  ? ktime_get+0x384/0x470
[  363.373376][ T8762]  ? kmsan_get_metadata+0x4f/0x180
[  363.378471][ T8762]  ? kmsan_get_shadow_origin_ptr+0x81/0xb0
[  363.384264][ T8762]  ? __bpf_prog_run480+0x190/0x190
[  363.389364][ T8762]  bpf_test_run+0x52d/0xed0
[  363.393872][ T8762]  ? kmsan_get_shadow_origin_ptr+0x81/0xb0
[  363.399685][ T8762]  bpf_prog_test_run_skb+0x17d0/0x3500
[  363.405162][ T8762]  ? bpf_prog_test_run_tracing+0xa00/0xa00
[  363.410960][ T8762]  __do_sys_bpf+0xb7d4/0x1aa20
[  363.415721][ T8762]  ? kmsan_get_metadata+0x116/0x180
[  363.420935][ T8762]  ? kmsan_set_origin_checked+0x95/0xf0
[  363.426471][ T8762]  ? kmsan_get_metadata+0x116/0x180
[  363.431659][ T8762]  ? kmsan_get_metadata+0x116/0x180
[  363.436849][ T8762]  ? kmsan_internal_check_memory+0xb1/0x3d0
[  363.442734][ T8762]  ? __msan_poison_alloca+0xf0/0x120
[  363.448021][ T8762]  ? ktime_get_ts64+0x79f/0x8d0
[  363.452908][ T8762]  ? kmsan_get_metadata+0x116/0x180
[  363.458100][ T8762]  ? kmsan_get_shadow_origin_ptr+0x81/0xb0
[  363.463898][ T8762]  ? kmsan_get_metadata+0x116/0x180
[  363.469090][ T8762]  __se_sys_bpf+0x8e/0xa0
[  363.473412][ T8762]  __ia32_sys_bpf+0x4a/0x70
[  363.477903][ T8762]  __do_fast_syscall_32+0x129/0x180
[  363.483092][ T8762]  do_fast_syscall_32+0x6a/0xc0
[  363.487933][ T8762]  do_SYSENTER_32+0x73/0x90
[  363.492425][ T8762]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  363.498735][ T8762] RIP: 0023:0xf7f76549
[  363.502793][ T8762] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
[  363.522404][ T8762] RSP: 002b:00000000f55700cc EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  363.530812][ T8762] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000020000740
[  363.539040][ T8762] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000000
[  363.546997][ T8762] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  363.554975][ T8762] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  363.562932][ T8762] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  363.572059][ T8762] Kernel Offset: disabled
[  363.576377][ T8762] Rebooting in 86400 seconds..