INIT: Entering runlevel: 2
[[36minfo[39;49m] Using makefile-style concurrent boot in runlevel 2.
[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.0.30' (ECDSA) to the list of known hosts.
syzkaller login: [   61.645244] IPVS: ftp: loaded support on port[0] = 21
net.ipv6.conf.syz_tun.accept_dad = 0
net.ipv6.conf.syz_tun.router_solicitations = 0
[   62.027494] ip (4544) used greatest stack depth: 54200 bytes left
[   62.060557] bridge0: port 1(bridge_slave_0) entered blocking state
[   62.067104] bridge0: port 1(bridge_slave_0) entered disabled state
[   62.074662] device bridge_slave_0 entered promiscuous mode
[   62.097341] bridge0: port 2(bridge_slave_1) entered blocking state
[   62.103795] bridge0: port 2(bridge_slave_1) entered disabled state
[   62.111138] device bridge_slave_1 entered promiscuous mode
[   62.137921] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[   62.163945] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[   62.242827] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   62.272490] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   62.404088] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[   62.412864] team0: Port device team_slave_0 added
[   62.441666] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[   62.449740] team0: Port device team_slave_1 added
[   62.478842] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   62.510374] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   62.541791] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   62.571537] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
RTNETLINK answers: Operation not supported
RTNETLINK answers: No buffer space available
[   62.845143] bridge0: port 2(bridge_slave_1) entered blocking state
[   62.851726] bridge0: port 2(bridge_slave_1) entered forwarding state
[   62.858781] bridge0: port 1(bridge_slave_0) entered blocking state
[   62.865334] bridge0: port 1(bridge_slave_0) entered forwarding state
RTNETLINK answers: Operation not supported
RTNETLINK answers: Operation not supported
RTNETLINK answers: Operation not supported
RTNETLINK answers: Operation not supported
RTNETLINK answers: Invalid argument
RTNETLINK answers: Invalid argument
RTNETLINK answers: Invalid argument
[   63.648183] 8021q: adding VLAN 0 to HW filter on device bond0
[   63.719562] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[   63.792732] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[   63.799109] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   63.806664] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   63.872487] 8021q: adding VLAN 0 to HW filter on device team0
executing program
[   64.313574] ==================================================================
[   64.320990] BUG: KMSAN: uninit-value in bond_start_xmit+0x19d6/0x2cd0
[   64.327558] CPU: 0 PID: 4513 Comm: syzkaller073584 Not tainted 4.16.0+ #87
[   64.334555] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   64.343888] Call Trace:
[   64.346460]  dump_stack+0x185/0x1d0
[   64.350078]  ? bond_start_xmit+0x19d6/0x2cd0
[   64.354467]  kmsan_report+0x142/0x240
[   64.358249]  __msan_warning_32+0x6c/0xb0
[   64.362293]  bond_start_xmit+0x19d6/0x2cd0
[   64.366511]  ? kmsan_set_origin_inline+0x6b/0x120
[   64.371354]  ? __msan_poison_alloca+0x15c/0x1d0
[   64.376009]  ? bond_close+0x1e0/0x1e0
[   64.379802]  dev_hard_start_xmit+0x5f1/0xc70
[   64.384198]  __dev_queue_xmit+0x27ee/0x3520
[   64.388520]  dev_queue_xmit+0x4b/0x60
[   64.392565]  pppoe_sendmsg+0xb5c/0xbc0
[   64.396451]  ? pppoe_getname+0x190/0x190
[   64.400494]  ___sys_sendmsg+0xec0/0x1310
[   64.404551]  ? __fdget+0x4e/0x60
[   64.407908]  __sys_sendmmsg+0x42d/0x800
[   64.411875]  ? __msan_poison_alloca+0x15c/0x1d0
[   64.416523]  ? syscall_return_slowpath+0xe9/0x700
[   64.421359]  ? prepare_exit_to_usermode+0x4a/0x3a0
[   64.426275]  SYSC_sendmmsg+0xc4/0x110
[   64.430061]  SyS_sendmmsg+0x63/0x90
[   64.433667]  do_syscall_64+0x309/0x430
[   64.437549]  ? __sys_sendmmsg+0x800/0x800
[   64.441686]  entry_SYSCALL_64_after_hwframe+0x3d/0xa2
[   64.446854] RIP: 0033:0x441869
[   64.450031] RSP: 002b:00007ffda1ce3328 EFLAGS: 00000217 ORIG_RAX: 0000000000000133
[   64.457721] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000441869
[   64.464971] RDX: 0000000000000001 RSI: 0000000020002f80 RDI: 0000000000000003
[   64.472222] RBP: 00000000006cd018 R08: 0000000000000000 R09: 0000000000000000
[   64.479483] R10: 0000000000000000 R11: 0000000000000217 R12: 0000000000402620
[   64.486735] R13: 00000000004026b0 R14: 0000000000000000 R15: 0000000000000000
[   64.494017] 
[   64.495634] Uninit was created at:
[   64.499172]  kmsan_internal_poison_shadow+0xb8/0x1b0
[   64.504260]  kmsan_kmalloc+0x94/0x100
[   64.508054]  kmsan_slab_alloc+0x11/0x20
[   64.512037]  __kmalloc_node_track_caller+0xaed/0x11c0
[   64.517223]  __alloc_skb+0x2cf/0x9f0
[   64.520920]  sock_wmalloc+0x13e/0x6e0
[   64.524700]  pppoe_sendmsg+0x40d/0xbc0
[   64.528567]  ___sys_sendmsg+0xec0/0x1310
[   64.532616]  __sys_sendmmsg+0x42d/0x800
[   64.536572]  SYSC_sendmmsg+0xc4/0x110
[   64.540355]  SyS_sendmmsg+0x63/0x90
[   64.543967]  do_syscall_64+0x309/0x430
[   64.547850]  entry_SYSCALL_64_after_hwframe+0x3d/0xa2
[   64.553026] ==================================================================
[   64.560369] Disabling lock debugging due to kernel taint
[   64.565799] Kernel panic - not syncing: panic_on_warn set ...
[   64.565799] 
[   64.573146] CPU: 0 PID: 4513 Comm: syzkaller073584 Tainted: G    B            4.16.0+ #87
[   64.581451] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   64.590787] Call Trace:
[   64.593361]  dump_stack+0x185/0x1d0
[   64.596974]  panic+0x39d/0x940
[   64.600178]  ? bond_start_xmit+0x19d6/0x2cd0
[   64.604579]  kmsan_report+0x238/0x240
[   64.608364]  __msan_warning_32+0x6c/0xb0
[   64.612428]  bond_start_xmit+0x19d6/0x2cd0
[   64.616645]  ? kmsan_set_origin_inline+0x6b/0x120
[   64.621495]  ? __msan_poison_alloca+0x15c/0x1d0
[   64.626163]  ? bond_close+0x1e0/0x1e0
[   64.629952]  dev_hard_start_xmit+0x5f1/0xc70
[   64.634371]  __dev_queue_xmit+0x27ee/0x3520
[   64.638685]  dev_queue_xmit+0x4b/0x60
[   64.642473]  pppoe_sendmsg+0xb5c/0xbc0
[   64.646352]  ? pppoe_getname+0x190/0x190
[   64.650410]  ___sys_sendmsg+0xec0/0x1310
[   64.654458]  ? __fdget+0x4e/0x60
[   64.657814]  __sys_sendmmsg+0x42d/0x800
[   64.661779]  ? __msan_poison_alloca+0x15c/0x1d0
[   64.666442]  ? syscall_return_slowpath+0xe9/0x700
[   64.671269]  ? prepare_exit_to_usermode+0x4a/0x3a0
[   64.676186]  SYSC_sendmmsg+0xc4/0x110
[   64.679969]  SyS_sendmmsg+0x63/0x90
[   64.683583]  do_syscall_64+0x309/0x430
[   64.687451]  ? __sys_sendmmsg+0x800/0x800
[   64.691583]  entry_SYSCALL_64_after_hwframe+0x3d/0xa2
[   64.696765] RIP: 0033:0x441869
[   64.699933] RSP: 002b:00007ffda1ce3328 EFLAGS: 00000217 ORIG_RAX: 0000000000000133
[   64.707618] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000441869
[   64.714867] RDX: 0000000000000001 RSI: 0000000020002f80 RDI: 0000000000000003
[   64.722121] RBP: 00000000006cd018 R08: 0000000000000000 R09: 0000000000000000
[   64.729378] R10: 0000000000000000 R11: 0000000000000217 R12: 0000000000402620
[   64.736639] R13: 00000000004026b0 R14: 0000000000000000 R15: 0000000000000000
[   64.744530] Dumping ftrace buffer:
[   64.748071]    (ftrace buffer empty)
[   64.751771] Kernel Offset: disabled
[   64.755377] Rebooting in 86400 seconds..