[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[  104.052972][   T30] audit: type=1800 audit(1564996754.100:25): pid=12450 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[  104.076680][   T30] audit: type=1800 audit(1564996754.130:26): pid=12450 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[  104.124659][   T30] audit: type=1800 audit(1564996754.150:27): pid=12450 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.132' (ECDSA) to the list of known hosts.
syzkaller login: [  114.227530][T12602] IPVS: ftp: loaded support on port[0] = 21
[  114.319315][T12602] chnl_net:caif_netlink_parms(): no params data found
[  114.360076][T12602] bridge0: port 1(bridge_slave_0) entered blocking state
[  114.367265][T12602] bridge0: port 1(bridge_slave_0) entered disabled state
[  114.375710][T12602] device bridge_slave_0 entered promiscuous mode
[  114.384395][T12602] bridge0: port 2(bridge_slave_1) entered blocking state
[  114.391498][T12602] bridge0: port 2(bridge_slave_1) entered disabled state
[  114.399992][T12602] device bridge_slave_1 entered promiscuous mode
[  114.425165][T12602] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  114.436282][T12602] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  114.461200][T12602] team0: Port device team_slave_0 added
[  114.469593][T12602] team0: Port device team_slave_1 added
[  114.535615][T12602] device hsr_slave_0 entered promiscuous mode
[  114.582358][T12602] device hsr_slave_1 entered promiscuous mode
[  114.637414][T12602] bridge0: port 2(bridge_slave_1) entered blocking state
[  114.644600][T12602] bridge0: port 2(bridge_slave_1) entered forwarding state
[  114.652495][T12602] bridge0: port 1(bridge_slave_0) entered blocking state
[  114.659647][T12602] bridge0: port 1(bridge_slave_0) entered forwarding state
[  114.723707][T12602] 8021q: adding VLAN 0 to HW filter on device bond0
[  114.740227][   T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  114.751061][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[  114.759768][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[  114.770352][   T35] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[  114.787024][T12602] 8021q: adding VLAN 0 to HW filter on device team0
[  114.801174][ T2876] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  114.810490][ T2876] bridge0: port 1(bridge_slave_0) entered blocking state
[  114.817639][ T2876] bridge0: port 1(bridge_slave_0) entered forwarding state
[  114.832609][   T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  114.841548][   T17] bridge0: port 2(bridge_slave_1) entered blocking state
[  114.848825][   T17] bridge0: port 2(bridge_slave_1) entered forwarding state
[  114.876940][ T2876] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  114.903805][ T2876] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  114.913286][ T2876] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  114.923287][ T2876] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  114.932397][ T2876] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  114.946672][T12602] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
executing program
[  114.977428][T12602] 8021q: adding VLAN 0 to HW filter on device batadv0
[  115.312408][ T2876] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  115.552050][ T2876] usb 1-1: Using ep0 maxpacket: 16
[  115.672215][ T2876] usb 1-1: config 9 has an invalid interface number: 228 but max is 0
[  115.680477][ T2876] usb 1-1: config 9 contains an unexpected descriptor of type 0x2, skipping
[  115.689478][ T2876] usb 1-1: config 9 has no interface number 0
[  115.695728][ T2876] usb 1-1: config 9 interface 228 altsetting 55 bulk endpoint 0x4 has invalid maxpacket 129
[  115.706320][ T2876] usb 1-1: config 9 interface 228 altsetting 55 bulk endpoint 0xF has invalid maxpacket 148
[  115.716612][ T2876] usb 1-1: config 9 interface 228 altsetting 55 has a duplicate endpoint with address 0xF, skipping
[  115.727674][ T2876] usb 1-1: config 9 interface 228 altsetting 55 bulk endpoint 0xC has invalid maxpacket 0
[  115.737737][ T2876] usb 1-1: config 9 interface 228 has no altsetting 0
[  115.982393][ T2876] usb 1-1: string descriptor 0 read error: -22
[  115.988701][ T2876] usb 1-1: New USB device found, idVendor=1618, idProduct=9113, bcdDevice=6a.87
[  115.997903][ T2876] usb 1-1: New USB device strings: Mfr=0, Product=2, SerialNumber=94
[  116.050825][ T2876] rsi_91x: rsi_probe: Failed to init usb interface
[  116.072828][ T2876] rsi_91x: rsi_probe: Failed in probe...Exiting
[  116.079172][ T2876] RSI-USB WLAN: probe of 1-1:9.228 failed with error -22
[  116.106639][ T2876] ==================================================================
[  116.114796][ T2876] BUG: KMSAN: uninit-value in ip6_finish_output2+0x1195/0x2670
[  116.122329][ T2876] CPU: 0 PID: 2876 Comm: kworker/0:2 Not tainted 5.2.0+ #15
[  116.129589][ T2876] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  116.139646][ T2876] Workqueue: ipv6_addrconf addrconf_dad_work
[  116.145613][ T2876] Call Trace:
[  116.148906][ T2876]  dump_stack+0x191/0x1f0
[  116.153236][ T2876]  kmsan_report+0x162/0x2d0
[  116.157753][ T2876]  __msan_warning+0x75/0xe0
[  116.162252][ T2876]  ip6_finish_output2+0x1195/0x2670
[  116.167488][ T2876]  ? kmsan_get_shadow_origin_ptr+0x71/0x470
[  116.173380][ T2876]  ip6_finish_output+0xae4/0xbc0
[  116.178321][ T2876]  ip6_output+0x5d3/0x720
[  116.182649][ T2876]  ? ip6_output+0x720/0x720
[  116.187157][ T2876]  ? ac6_seq_show+0x200/0x200
[  116.191823][ T2876]  ndisc_send_skb+0x1083/0x15e0
[  116.196686][ T2876]  ? ndisc_error_report+0x1a0/0x1a0
[  116.201881][ T2876]  ndisc_send_ns+0xda8/0xe10
[  116.206503][ T2876]  ndisc_solicit+0x498/0x5d0
[  116.211094][ T2876]  ? ndisc_cleanup+0x70/0x70
[  116.215672][ T2876]  __neigh_event_send+0x111d/0x1a80
[  116.220878][ T2876]  neigh_resolve_output+0x25e/0xb50
[  116.226788][ T2876]  ? neigh_event_ns+0x8a0/0x8a0
[  116.231627][ T2876]  ip6_finish_output2+0x2129/0x2670
[  116.236842][ T2876]  ? kmsan_get_shadow_origin_ptr+0x71/0x470
[  116.242732][ T2876]  ip6_finish_output+0xae4/0xbc0
[  116.247675][ T2876]  ip6_output+0x5d3/0x720
[  116.252010][ T2876]  ? ip6_output+0x720/0x720
[  116.256503][ T2876]  ? ac6_seq_show+0x200/0x200
[  116.261165][ T2876]  ndisc_send_skb+0x1083/0x15e0
[  116.266032][ T2876]  ? ndisc_error_report+0x1a0/0x1a0
[  116.271229][ T2876]  ndisc_send_rs+0xb5d/0xb90
[  116.275831][ T2876]  addrconf_dad_completed+0xc03/0x1490
[  116.281300][ T2876]  addrconf_dad_work+0x17b3/0x26e0
[  116.286414][ T2876]  ? kmsan_get_shadow_origin_ptr+0x71/0x470
[  116.292294][ T2876]  ? ipv6_get_saddr_eval+0x13b0/0x13b0
[  116.297754][ T2876]  ? ipv6_get_saddr_eval+0x13b0/0x13b0
[  116.303207][ T2876]  process_one_work+0x1572/0x1f00
[  116.308240][ T2876]  worker_thread+0x111b/0x2460
[  116.313020][ T2876]  kthread+0x4b5/0x4f0
[  116.317090][ T2876]  ? process_one_work+0x1f00/0x1f00
[  116.322294][ T2876]  ? kthread_blkcg+0xf0/0xf0
[  116.326872][ T2876]  ret_from_fork+0x35/0x40
[  116.331289][ T2876] 
[  116.333598][ T2876] Uninit was created at:
[  116.337826][ T2876]  kmsan_internal_poison_shadow+0x53/0xa0
[  116.343537][ T2876]  kmsan_slab_alloc+0xaa/0x120
[  116.348302][ T2876]  __kmalloc_node_track_caller+0xc8f/0xf10
[  116.354180][ T2876]  __alloc_skb+0x306/0xa10
[  116.358582][ T2876]  ndisc_alloc_skb+0x1ba/0x5b0
[  116.363327][ T2876]  ndisc_send_ns+0x5e9/0xe10
[  116.367900][ T2876]  ndisc_solicit+0x498/0x5d0
[  116.372472][ T2876]  __neigh_event_send+0x111d/0x1a80
[  116.377665][ T2876]  neigh_resolve_output+0x25e/0xb50
[  116.382848][ T2876]  ip6_finish_output2+0x2129/0x2670
[  116.388031][ T2876]  ip6_finish_output+0xae4/0xbc0
[  116.393129][ T2876]  ip6_output+0x5d3/0x720
[  116.397443][ T2876]  ndisc_send_skb+0x1083/0x15e0
[  116.402276][ T2876]  ndisc_send_rs+0xb5d/0xb90
[  116.406846][ T2876]  addrconf_dad_completed+0xc03/0x1490
[  116.412300][ T2876]  addrconf_dad_work+0x17b3/0x26e0
[  116.417395][ T2876]  process_one_work+0x1572/0x1f00
[  116.422401][ T2876]  worker_thread+0x111b/0x2460
[  116.427149][ T2876]  kthread+0x4b5/0x4f0
[  116.431213][ T2876]  ret_from_fork+0x35/0x40
[  116.435603][ T2876] ==================================================================
[  116.443643][ T2876] Disabling lock debugging due to kernel taint
[  116.449773][ T2876] Kernel panic - not syncing: panic_on_warn set ...
[  116.456362][ T2876] CPU: 0 PID: 2876 Comm: kworker/0:2 Tainted: G    B             5.2.0+ #15
[  116.465101][ T2876] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  116.475149][ T2876] Workqueue: ipv6_addrconf addrconf_dad_work
[  116.481120][ T2876] Call Trace:
[  116.484405][ T2876]  dump_stack+0x191/0x1f0
[  116.488757][ T2876]  panic+0x3c9/0xc1e
[  116.492674][ T2876]  kmsan_report+0x2ca/0x2d0
[  116.497195][ T2876]  __msan_warning+0x75/0xe0
[  116.501699][ T2876]  ip6_finish_output2+0x1195/0x2670
[  116.507694][ T2876]  ? kmsan_get_shadow_origin_ptr+0x71/0x470
[  116.514033][ T2876]  ip6_finish_output+0xae4/0xbc0
[  116.519076][ T2876]  ip6_output+0x5d3/0x720
[  116.523413][ T2876]  ? ip6_output+0x720/0x720
[  116.527904][ T2876]  ? ac6_seq_show+0x200/0x200
[  116.532580][ T2876]  ndisc_send_skb+0x1083/0x15e0
[  116.537449][ T2876]  ? ndisc_error_report+0x1a0/0x1a0
[  116.542667][ T2876]  ndisc_send_ns+0xda8/0xe10
[  116.547275][ T2876]  ndisc_solicit+0x498/0x5d0
[  116.551867][ T2876]  ? ndisc_cleanup+0x70/0x70
[  116.556462][ T2876]  __neigh_event_send+0x111d/0x1a80
[  116.561676][ T2876]  neigh_resolve_output+0x25e/0xb50
[  116.566886][ T2876]  ? neigh_event_ns+0x8a0/0x8a0
[  116.571735][ T2876]  ip6_finish_output2+0x2129/0x2670
[  116.576968][ T2876]  ? kmsan_get_shadow_origin_ptr+0x71/0x470
[  116.582857][ T2876]  ip6_finish_output+0xae4/0xbc0
[  116.587815][ T2876]  ip6_output+0x5d3/0x720
[  116.592162][ T2876]  ? ip6_output+0x720/0x720
[  116.596657][ T2876]  ? ac6_seq_show+0x200/0x200
[  116.601318][ T2876]  ndisc_send_skb+0x1083/0x15e0
[  116.606615][ T2876]  ? ndisc_error_report+0x1a0/0x1a0
[  116.611845][ T2876]  ndisc_send_rs+0xb5d/0xb90
[  116.616473][ T2876]  addrconf_dad_completed+0xc03/0x1490
[  116.621963][ T2876]  addrconf_dad_work+0x17b3/0x26e0
[  116.627079][ T2876]  ? kmsan_get_shadow_origin_ptr+0x71/0x470
[  116.632968][ T2876]  ? ipv6_get_saddr_eval+0x13b0/0x13b0
[  116.638413][ T2876]  ? ipv6_get_saddr_eval+0x13b0/0x13b0
[  116.643865][ T2876]  process_one_work+0x1572/0x1f00
[  116.648901][ T2876]  worker_thread+0x111b/0x2460
[  116.653705][ T2876]  kthread+0x4b5/0x4f0
[  116.657837][ T2876]  ? process_one_work+0x1f00/0x1f00
[  116.663038][ T2876]  ? kthread_blkcg+0xf0/0xf0
[  116.667625][ T2876]  ret_from_fork+0x35/0x40
[  116.672999][ T2876] Kernel Offset: disabled
[  116.687609][ T2876] Rebooting in 86400 seconds..