[[0;32m  OK  [0m] Started OpenBSD Secure Shell server.
[[0;32m  OK  [0m] Reached target Multi-User System.
[[0;32m  OK  [0m] Reached target Graphical Interface.
         Starting Update UTMP about System Runlevel Changes...
[[0;32m  OK  [0m] Started Update UTMP about System Runlevel Changes.

Debian GNU/Linux 9 syzkaller ttyS0

Warning: Permanently added '10.128.0.4' (ECDSA) to the list of known hosts.
2020/05/27 02:17:41 parsed 1 programs
2020/05/27 02:17:45 executed programs: 0
syzkaller login: [  125.478738][ T8884] IPVS: ftp: loaded support on port[0] = 21
[  125.654922][ T8884] chnl_net:caif_netlink_parms(): no params data found
[  125.839094][ T8884] bridge0: port 1(bridge_slave_0) entered blocking state
[  125.846384][ T8884] bridge0: port 1(bridge_slave_0) entered disabled state
[  125.855712][ T8884] device bridge_slave_0 entered promiscuous mode
[  125.866187][ T8884] bridge0: port 2(bridge_slave_1) entered blocking state
[  125.873779][ T8884] bridge0: port 2(bridge_slave_1) entered disabled state
[  125.882886][ T8884] device bridge_slave_1 entered promiscuous mode
[  125.917783][ T8884] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  125.929905][ T8884] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  125.966405][ T8884] team0: Port device team_slave_0 added
[  125.977101][ T8884] team0: Port device team_slave_1 added
[  126.004355][ T8884] batman_adv: batadv0: Adding interface: batadv_slave_0
[  126.011442][ T8884] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  126.037750][ T8884] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  126.050903][ T8884] batman_adv: batadv0: Adding interface: batadv_slave_1
[  126.058225][ T8884] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  126.084633][ T8884] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  126.158858][ T8884] device hsr_slave_0 entered promiscuous mode
[  126.214197][ T8884] device hsr_slave_1 entered promiscuous mode
[  126.400974][ T8884] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  126.458795][ T8884] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  126.517701][ T8884] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  126.578184][ T8884] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  126.658344][ T8884] bridge0: port 2(bridge_slave_1) entered blocking state
[  126.665542][ T8884] bridge0: port 2(bridge_slave_1) entered forwarding state
[  126.673059][ T8884] bridge0: port 1(bridge_slave_0) entered blocking state
[  126.680551][ T8884] bridge0: port 1(bridge_slave_0) entered forwarding state
[  126.698262][   T17] bridge0: port 1(bridge_slave_0) entered disabled state
[  126.708220][   T17] bridge0: port 2(bridge_slave_1) entered disabled state
[  126.775639][ T8884] 8021q: adding VLAN 0 to HW filter on device bond0
[  126.795254][ T5241] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  126.804606][ T5241] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  126.819559][ T8884] 8021q: adding VLAN 0 to HW filter on device team0
[  126.838668][ T5241] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  126.848205][ T5241] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  126.858130][ T5241] bridge0: port 1(bridge_slave_0) entered blocking state
[  126.865517][ T5241] bridge0: port 1(bridge_slave_0) entered forwarding state
[  126.874538][ T5241] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  126.884104][ T5241] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  126.893073][ T5241] bridge0: port 2(bridge_slave_1) entered blocking state
[  126.900585][ T5241] bridge0: port 2(bridge_slave_1) entered forwarding state
[  126.917275][   T30] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  126.939329][   T30] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  126.950132][   T30] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  126.960880][   T30] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  126.973541][   T30] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  126.995243][ T5241] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  127.004791][ T5241] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  127.024124][ T5241] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  127.034180][ T5241] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  127.054572][ T8884] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  127.067789][ T8884] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  127.080501][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  127.090128][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  127.122222][   T30] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  127.130144][   T30] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  127.151977][ T8884] 8021q: adding VLAN 0 to HW filter on device batadv0
[  127.180384][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  127.190436][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  127.224066][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  127.232990][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  127.250320][ T8884] device veth0_vlan entered promiscuous mode
[  127.267011][ T8884] device veth1_vlan entered promiscuous mode
[  127.276420][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  127.285536][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  127.294833][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  127.331598][   T30] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  127.340610][   T30] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  127.350164][   T30] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  127.366211][ T8884] device veth0_macvtap entered promiscuous mode
[  127.380571][ T8884] device veth1_macvtap entered promiscuous mode
[  127.408779][ T8884] batman_adv: batadv0: Interface activated: batadv_slave_0
[  127.417619][   T30] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  127.427040][   T30] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  127.436419][   T30] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  127.446389][   T30] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  127.461744][ T8884] batman_adv: batadv0: Interface activated: batadv_slave_1
[  127.470369][ T5241] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  127.480624][ T5241] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
2020/05/27 02:17:50 executed programs: 35
2020/05/27 02:17:55 executed programs: 104
2020/05/27 02:18:00 executed programs: 173
2020/05/27 02:18:05 executed programs: 241
2020/05/27 02:18:10 executed programs: 307
2020/05/27 02:18:15 executed programs: 374
2020/05/27 02:18:20 executed programs: 441
[  161.464084][  T307] =====================================================
[  161.471174][  T307] BUG: KMSAN: uninit-value in bpf_skb_load_helper_8+0xe0/0x290
[  161.478729][  T307] CPU: 1 PID: 307 Comm: kworker/u4:3 Not tainted 5.7.0-rc4-syzkaller #0
[  161.487061][  T307] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  161.497157][  T307] Workqueue: bat_events batadv_iv_send_outstanding_bat_ogm_packet
[  161.504972][  T307] Call Trace:
[  161.508283][  T307]  dump_stack+0x1c9/0x220
[  161.512637][  T307]  kmsan_report+0xf7/0x1e0
[  161.517073][  T307]  __msan_warning+0x58/0xa0
[  161.521599][  T307]  bpf_skb_load_helper_8+0xe0/0x290
[  161.526830][  T307]  ___bpf_prog_run+0x214d/0x97a0
[  161.531802][  T307]  ? bpf_skb_get_nlattr_nest+0x2f0/0x2f0
[  161.537455][  T307]  __bpf_prog_run32+0x101/0x170
[  161.542305][  T307]  ? kmsan_get_metadata+0x11d/0x180
[  161.547692][  T307]  ? kmsan_get_metadata+0x4f/0x180
[  161.552815][  T307]  ? kmsan_get_shadow_origin_ptr+0x81/0xb0
[  161.558631][  T307]  ? ___bpf_prog_run+0x97a0/0x97a0
[  161.563786][  T307]  packet_rcv+0x70f/0x2160
[  161.568238][  T307]  ? packet_sock_destruct+0x1e0/0x1e0
[  161.573928][  T307]  dev_queue_xmit_nit+0x1199/0x1270
[  161.579164][  T307]  dev_hard_start_xmit+0x20f/0xab0
[  161.584285][  T307]  ? kmsan_get_metadata+0x11d/0x180
[  161.589478][  T307]  __dev_queue_xmit+0x2f8d/0x3b20
[  161.594538][  T307]  ? kmsan_get_metadata+0x11d/0x180
[  161.599765][  T307]  dev_queue_xmit+0x4b/0x60
[  161.604273][  T307]  batadv_send_skb_packet+0x59b/0x8c0
[  161.609651][  T307]  batadv_send_broadcast_skb+0x76/0x90
[  161.615105][  T307]  batadv_iv_send_outstanding_bat_ogm_packet+0x97e/0xd50
[  161.622142][  T307]  ? batadv_iv_ogm_queue_add+0x1900/0x1900
[  161.627959][  T307]  process_one_work+0x1555/0x1f40
[  161.633120][  T307]  worker_thread+0xef6/0x2450
[  161.637819][  T307]  kthread+0x4b5/0x4f0
[  161.641904][  T307]  ? process_one_work+0x1f40/0x1f40
[  161.647647][  T307]  ? kthread_blkcg+0xf0/0xf0
[  161.652327][  T307]  ret_from_fork+0x35/0x40
[  161.656732][  T307] 
[  161.659041][  T307] Uninit was stored to memory at:
[  161.664655][  T307]  kmsan_internal_chain_origin+0xad/0x130
[  161.670389][  T307]  __msan_chain_origin+0x50/0x90
[  161.675322][  T307]  ___bpf_prog_run+0x6c80/0x97a0
[  161.680247][  T307]  __bpf_prog_run32+0x101/0x170
[  161.685971][  T307]  packet_rcv+0x70f/0x2160
[  161.690401][  T307]  dev_queue_xmit_nit+0x1199/0x1270
[  161.695759][  T307]  dev_hard_start_xmit+0x20f/0xab0
[  161.700962][  T307]  __dev_queue_xmit+0x2f8d/0x3b20
[  161.705992][  T307]  dev_queue_xmit+0x4b/0x60
[  161.710495][  T307]  batadv_send_skb_packet+0x59b/0x8c0
[  161.715856][  T307]  batadv_send_broadcast_skb+0x76/0x90
[  161.721336][  T307]  batadv_iv_send_outstanding_bat_ogm_packet+0x97e/0xd50
[  161.728431][  T307]  process_one_work+0x1555/0x1f40
[  161.733620][  T307]  worker_thread+0xef6/0x2450
[  161.738282][  T307]  kthread+0x4b5/0x4f0
[  161.742451][  T307]  ret_from_fork+0x35/0x40
[  161.746854][  T307] 
[  161.749249][  T307] Uninit was stored to memory at:
[  161.754292][  T307]  kmsan_internal_chain_origin+0xad/0x130
[  161.759997][  T307]  __msan_chain_origin+0x50/0x90
[  161.764934][  T307]  ___bpf_prog_run+0x6cbe/0x97a0
[  161.770008][  T307]  __bpf_prog_run32+0x101/0x170
[  161.774875][  T307]  packet_rcv+0x70f/0x2160
[  161.779291][  T307]  dev_queue_xmit_nit+0x1199/0x1270
[  161.784494][  T307]  dev_hard_start_xmit+0x20f/0xab0
[  161.789593][  T307]  __dev_queue_xmit+0x2f8d/0x3b20
[  161.794602][  T307]  dev_queue_xmit+0x4b/0x60
[  161.799734][  T307]  batadv_send_skb_packet+0x59b/0x8c0
[  161.805363][  T307]  batadv_send_broadcast_skb+0x76/0x90
[  161.810818][  T307]  batadv_iv_send_outstanding_bat_ogm_packet+0x97e/0xd50
[  161.818370][  T307]  process_one_work+0x1555/0x1f40
[  161.823639][  T307]  worker_thread+0xef6/0x2450
[  161.828589][  T307]  kthread+0x4b5/0x4f0
[  161.832647][  T307]  ret_from_fork+0x35/0x40
[  161.837054][  T307] 
[  161.839363][  T307] Uninit was stored to memory at:
[  161.844736][  T307]  kmsan_internal_chain_origin+0xad/0x130
[  161.850732][  T307]  __msan_chain_origin+0x50/0x90
[  161.855676][  T307]  ___bpf_prog_run+0x6c64/0x97a0
[  161.860636][  T307]  __bpf_prog_run32+0x101/0x170
[  161.866389][  T307]  packet_rcv+0x70f/0x2160
[  161.871417][  T307]  dev_queue_xmit_nit+0x1199/0x1270
[  161.885149][  T307]  dev_hard_start_xmit+0x20f/0xab0
[  161.890964][  T307]  __dev_queue_xmit+0x2f8d/0x3b20
[  161.896293][  T307]  dev_queue_xmit+0x4b/0x60
[  161.901094][  T307]  batadv_send_skb_packet+0x59b/0x8c0
[  161.906820][  T307]  batadv_send_broadcast_skb+0x76/0x90
[  161.912665][  T307]  batadv_iv_send_outstanding_bat_ogm_packet+0x97e/0xd50
[  161.920585][  T307]  process_one_work+0x1555/0x1f40
[  161.925871][  T307]  worker_thread+0xef6/0x2450
[  161.930655][  T307]  kthread+0x4b5/0x4f0
[  161.934728][  T307]  ret_from_fork+0x35/0x40
[  161.939297][  T307] 
[  161.941607][  T307] Local variable ----regs@__bpf_prog_run32 created at:
[  161.948628][  T307]  __bpf_prog_run32+0x87/0x170
[  161.953375][  T307]  __bpf_prog_run32+0x87/0x170
[  161.958128][  T307] =====================================================
[  161.965300][  T307] Disabling lock debugging due to kernel taint
[  161.971551][  T307] Kernel panic - not syncing: panic_on_warn set ...
[  161.978137][  T307] CPU: 1 PID: 307 Comm: kworker/u4:3 Tainted: G    B             5.7.0-rc4-syzkaller #0
[  161.987938][  T307] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  161.998386][  T307] Workqueue: bat_events batadv_iv_send_outstanding_bat_ogm_packet
[  162.006456][  T307] Call Trace:
[  162.009894][  T307]  dump_stack+0x1c9/0x220
[  162.014741][  T307]  panic+0x3d5/0xc3e
[  162.018986][  T307]  kmsan_report+0x1df/0x1e0
[  162.023497][  T307]  __msan_warning+0x58/0xa0
[  162.028011][  T307]  bpf_skb_load_helper_8+0xe0/0x290
[  162.033682][  T307]  ___bpf_prog_run+0x214d/0x97a0
[  162.038610][  T307]  ? bpf_skb_get_nlattr_nest+0x2f0/0x2f0
[  162.044444][  T307]  __bpf_prog_run32+0x101/0x170
[  162.049304][  T307]  ? kmsan_get_metadata+0x11d/0x180
[  162.054607][  T307]  ? kmsan_get_metadata+0x4f/0x180
[  162.060172][  T307]  ? kmsan_get_shadow_origin_ptr+0x81/0xb0
[  162.066524][  T307]  ? ___bpf_prog_run+0x97a0/0x97a0
[  162.071722][  T307]  packet_rcv+0x70f/0x2160
[  162.076156][  T307]  ? packet_sock_destruct+0x1e0/0x1e0
[  162.081546][  T307]  dev_queue_xmit_nit+0x1199/0x1270
[  162.086910][  T307]  dev_hard_start_xmit+0x20f/0xab0
[  162.092036][  T307]  ? kmsan_get_metadata+0x11d/0x180
[  162.097260][  T307]  __dev_queue_xmit+0x2f8d/0x3b20
[  162.102467][  T307]  ? kmsan_get_metadata+0x11d/0x180
[  162.108544][  T307]  dev_queue_xmit+0x4b/0x60
[  162.114275][  T307]  batadv_send_skb_packet+0x59b/0x8c0
[  162.120231][  T307]  batadv_send_broadcast_skb+0x76/0x90
[  162.125801][  T307]  batadv_iv_send_outstanding_bat_ogm_packet+0x97e/0xd50
[  162.133122][  T307]  ? batadv_iv_ogm_queue_add+0x1900/0x1900
[  162.138932][  T307]  process_one_work+0x1555/0x1f40
[  162.144142][  T307]  worker_thread+0xef6/0x2450
[  162.149043][  T307]  kthread+0x4b5/0x4f0
[  162.153141][  T307]  ? process_one_work+0x1f40/0x1f40
[  162.158363][  T307]  ? kthread_blkcg+0xf0/0xf0
[  162.162948][  T307]  ret_from_fork+0x35/0x40
[  162.168245][  T307] ------------[ cut here ]------------
[  162.173814][  T307] kernel BUG at mm/kmsan/kmsan.h:87!
[  162.179182][  T307] invalid opcode: 0000 [#1] SMP
[  162.184034][  T307] CPU: 1 PID: 307 Comm: kworker/u4:3 Tainted: G    B             5.7.0-rc4-syzkaller #0
[  162.193729][  T307] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  162.204083][  T307] Workqueue: bat_events batadv_iv_send_outstanding_bat_ogm_packet
[  162.212393][  T307] RIP: 0010:kmsan_internal_check_memory+0x3c0/0x3d0
[  162.219144][  T307] Code: 5b 41 5c 41 5d 41 5e 41 5f 5d c3 0f 0b 48 c7 c7 31 3a c9 96 31 c0 e8 61 81 47 ff 0f 0b 0f 0b 0f 0b 0f 0b e8 82 9f 47 ff 0f 0b <0f> 0b 0f 1f 40 00 66 2e 0f 1f 84 00 00 00 00 00 55 48 89 e5 83 ff
[  162.240826][  T307] RSP: 0018:ffffa25f0139ef98 EFLAGS: 00010046
[  162.247676][  T307] RAX: 0000000000000002 RBX: 00000000042700b5 RCX: 00000000042700b5
[  162.255741][  T307] RDX: 0000000000000000 RSI: 0000000000000001 RDI: ffffa25f0139f074
[  162.263973][  T307] RBP: ffffa25f0139f040 R08: 0000000000000000 R09: ffff99d86fd28ed0
[  162.271927][  T307] R10: 0000000000000000 R11: ffffffff8d959a10 R12: 0000000000000000
[  162.279970][  T307] R13: 0000000000000001 R14: 0000000000000002 R15: 0000000000000001
[  162.288013][  T307] FS:  0000000000000000(0000) GS:ffff99d86fd00000(0000) knlGS:0000000000000000
[  162.296913][  T307] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  162.303490][  T307] CR2: 00005558cdb91000 CR3: 0000000119f32000 CR4: 00000000001406e0
[  162.311598][  T307] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  162.319844][  T307] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  162.327802][  T307] Call Trace:
[  162.331084][  T307]  kmsan_check_memory+0xd/0x10
[  162.336001][  T307]  iowrite8+0x99/0x2e0
[  162.340056][  T307]  pvpanic_panic_notify+0x99/0xc0
[  162.345235][  T307]  ? pvpanic_mmio_remove+0x60/0x60
[  162.355116][  T307]  atomic_notifier_call_chain+0x12a/0x240
[  162.360922][  T307]  panic+0x468/0xc3e
[  162.364827][  T307]  kmsan_report+0x1df/0x1e0
[  162.370177][  T307]  __msan_warning+0x58/0xa0
[  162.375012][  T307]  bpf_skb_load_helper_8+0xe0/0x290
[  162.380548][  T307]  ___bpf_prog_run+0x214d/0x97a0
[  162.385481][  T307]  ? bpf_skb_get_nlattr_nest+0x2f0/0x2f0
[  162.391727][  T307]  __bpf_prog_run32+0x101/0x170
[  162.396741][  T307]  ? kmsan_get_metadata+0x11d/0x180
[  162.401934][  T307]  ? kmsan_get_metadata+0x4f/0x180
[  162.407127][  T307]  ? kmsan_get_shadow_origin_ptr+0x81/0xb0
[  162.412934][  T307]  ? ___bpf_prog_run+0x97a0/0x97a0
[  162.418050][  T307]  packet_rcv+0x70f/0x2160
[  162.423331][  T307]  ? packet_sock_destruct+0x1e0/0x1e0
[  162.429840][  T307]  dev_queue_xmit_nit+0x1199/0x1270
[  162.436390][  T307]  dev_hard_start_xmit+0x20f/0xab0
[  162.441763][  T307]  ? kmsan_get_metadata+0x11d/0x180
[  162.447398][  T307]  __dev_queue_xmit+0x2f8d/0x3b20
[  162.452427][  T307]  ? kmsan_get_metadata+0x11d/0x180
[  162.457626][  T307]  dev_queue_xmit+0x4b/0x60
[  162.462118][  T307]  batadv_send_skb_packet+0x59b/0x8c0
[  162.469332][  T307]  batadv_send_broadcast_skb+0x76/0x90
[  162.474784][  T307]  batadv_iv_send_outstanding_bat_ogm_packet+0x97e/0xd50
[  162.481952][  T307]  ? batadv_iv_ogm_queue_add+0x1900/0x1900
[  162.489718][  T307]  process_one_work+0x1555/0x1f40
[  162.495105][  T307]  worker_thread+0xef6/0x2450
[  162.500436][  T307]  kthread+0x4b5/0x4f0
[  162.504603][  T307]  ? process_one_work+0x1f40/0x1f40
[  162.511192][  T307]  ? kthread_blkcg+0xf0/0xf0
[  162.515862][  T307]  ret_from_fork+0x35/0x40
[  162.520340][  T307] Modules linked in:
[  162.524682][  T307] ---[ end trace 70dcefcb0efaa427 ]---
[  162.530238][  T307] RIP: 0010:kmsan_internal_check_memory+0x3c0/0x3d0
[  162.536817][  T307] Code: 5b 41 5c 41 5d 41 5e 41 5f 5d c3 0f 0b 48 c7 c7 31 3a c9 96 31 c0 e8 61 81 47 ff 0f 0b 0f 0b 0f 0b 0f 0b e8 82 9f 47 ff 0f 0b <0f> 0b 0f 1f 40 00 66 2e 0f 1f 84 00 00 00 00 00 55 48 89 e5 83 ff
[  162.556633][  T307] RSP: 0018:ffffa25f0139ef98 EFLAGS: 00010046
[  162.563023][  T307] RAX: 0000000000000002 RBX: 00000000042700b5 RCX: 00000000042700b5
[  162.571073][  T307] RDX: 0000000000000000 RSI: 0000000000000001 RDI: ffffa25f0139f074
[  162.579036][  T307] RBP: ffffa25f0139f040 R08: 0000000000000000 R09: ffff99d86fd28ed0
[  162.586991][  T307] R10: 0000000000000000 R11: ffffffff8d959a10 R12: 0000000000000000
[  162.595908][  T307] R13: 0000000000000001 R14: 0000000000000002 R15: 0000000000000001
[  162.603972][  T307] FS:  0000000000000000(0000) GS:ffff99d86fd00000(0000) knlGS:0000000000000000
[  162.612992][  T307] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  162.619573][  T307] CR2: 00005558cdb91000 CR3: 0000000119f32000 CR4: 00000000001406e0
[  162.627674][  T307] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  162.636083][  T307] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  162.644044][  T307] Kernel panic - not syncing: Fatal exception in interrupt
[  162.651365][  T307] ------------[ cut here ]------------
[  162.656818][  T307] kernel BUG at mm/kmsan/kmsan.h:87!
[  162.662176][  T307] invalid opcode: 0000 [#2] SMP
[  162.667083][  T307] CPU: 1 PID: 307 Comm: kworker/u4:3 Tainted: G    B D           5.7.0-rc4-syzkaller #0
[  162.677501][  T307] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  162.687563][  T307] Workqueue: bat_events batadv_iv_send_outstanding_bat_ogm_packet
[  162.695451][  T307] RIP: 0010:kmsan_internal_check_memory+0x3c0/0x3d0
[  162.702122][  T307] Code: 5b 41 5c 41 5d 41 5e 41 5f 5d c3 0f 0b 48 c7 c7 31 3a c9 96 31 c0 e8 61 81 47 ff 0f 0b 0f 0b 0f 0b 0f 0b e8 82 9f 47 ff 0f 0b <0f> 0b 0f 1f 40 00 66 2e 0f 1f 84 00 00 00 00 00 55 48 89 e5 83 ff
[  162.722530][  T307] RSP: 0018:ffffa25f0139e988 EFLAGS: 00010002
[  162.728592][  T307] RAX: 0000000000000003 RBX: 00000000059900b4 RCX: 00000000059900b4
[  162.736605][  T307] RDX: 0000000000000000 RSI: 0000000000000001 RDI: ffffa25f0139ea64
[  162.744735][  T307] RBP: ffffa25f0139ea30 R08: 0000000000000000 R09: ffff99d86fd28ed0
[  162.752795][  T307] R10: 0000000000000000 R11: ffffffff8d959a10 R12: 0000000000000000
[  162.761456][  T307] R13: 0000000000000001 R14: 0000000000000006 R15: 0000000000000001
[  162.770037][  T307] FS:  0000000000000000(0000) GS:ffff99d86fd00000(0000) knlGS:0000000000000000
[  162.779333][  T307] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  162.786369][  T307] CR2: 00005558cdb91000 CR3: 0000000119f32000 CR4: 00000000001406e0
[  162.794631][  T307] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  162.803043][  T307] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  162.811710][  T307] Call Trace:
[  162.814988][  T307]  ? vprintk_default+0x90/0xa0
[  162.820062][  T307]  kmsan_check_memory+0xd/0x10
[  162.824811][  T307]  iowrite8+0x99/0x2e0
[  162.828891][  T307]  pvpanic_panic_notify+0x99/0xc0
[  162.834012][  T307]  ? pvpanic_mmio_remove+0x60/0x60
[  162.839107][  T307]  atomic_notifier_call_chain+0x12a/0x240
[  162.844813][  T307]  panic+0x468/0xc3e
[  162.848699][  T307]  oops_end+0x2a5/0x2d0
[  162.852857][  T307]  die+0x317/0x370
[  162.856629][  T307]  do_trap+0x3c0/0x760
[  162.860864][  T307]  do_invalid_op+0x2d4/0x370
[  162.865668][  T307]  ? kmsan_internal_check_memory+0x3c0/0x3d0
[  162.871756][  T307]  ? kmsan_internal_check_memory+0x3c0/0x3d0
[  162.877769][  T307]  invalid_op+0x3d/0x50
[  162.881904][  T307] RIP: 0010:kmsan_internal_check_memory+0x3c0/0x3d0
[  162.888854][  T307] Code: 5b 41 5c 41 5d 41 5e 41 5f 5d c3 0f 0b 48 c7 c7 31 3a c9 96 31 c0 e8 61 81 47 ff 0f 0b 0f 0b 0f 0b 0f 0b e8 82 9f 47 ff 0f 0b <0f> 0b 0f 1f 40 00 66 2e 0f 1f 84 00 00 00 00 00 55 48 89 e5 83 ff
[  162.916323][  T307] RSP: 0018:ffffa25f0139ef98 EFLAGS: 00010046
[  162.922554][  T307] RAX: 0000000000000002 RBX: 00000000042700b5 RCX: 00000000042700b5
[  162.931136][  T307] RDX: 0000000000000000 RSI: 0000000000000001 RDI: ffffa25f0139f074
[  162.939380][  T307] RBP: ffffa25f0139f040 R08: 0000000000000000 R09: ffff99d86fd28ed0
[  162.947860][  T307] R10: 0000000000000000 R11: ffffffff8d959a10 R12: 0000000000000000
[  162.956100][  T307] R13: 0000000000000001 R14: 0000000000000002 R15: 0000000000000001
[  162.964433][  T307]  ? pvpanic_mmio_remove+0x60/0x60
[  162.971564][  T307]  ? kmsan_internal_check_memory+0x324/0x3d0
[  162.978183][  T307]  kmsan_check_memory+0xd/0x10
[  162.983433][  T307]  iowrite8+0x99/0x2e0
[  162.988732][  T307]  pvpanic_panic_notify+0x99/0xc0
[  162.994647][  T307]  ? pvpanic_mmio_remove+0x60/0x60
[  163.000356][  T307]  atomic_notifier_call_chain+0x12a/0x240
[  163.006909][  T307]  panic+0x468/0xc3e
[  163.010929][  T307]  kmsan_report+0x1df/0x1e0
[  163.015797][  T307]  __msan_warning+0x58/0xa0
[  163.020594][  T307]  bpf_skb_load_helper_8+0xe0/0x290
[  163.025802][  T307]  ___bpf_prog_run+0x214d/0x97a0
[  163.030861][  T307]  ? bpf_skb_get_nlattr_nest+0x2f0/0x2f0
[  163.036789][  T307]  __bpf_prog_run32+0x101/0x170
[  163.041639][  T307]  ? kmsan_get_metadata+0x11d/0x180
[  163.047063][  T307]  ? kmsan_get_metadata+0x4f/0x180
[  163.052691][  T307]  ? kmsan_get_shadow_origin_ptr+0x81/0xb0
[  163.058512][  T307]  ? ___bpf_prog_run+0x97a0/0x97a0
[  163.063613][  T307]  packet_rcv+0x70f/0x2160
[  163.068087][  T307]  ? packet_sock_destruct+0x1e0/0x1e0
[  163.073661][  T307]  dev_queue_xmit_nit+0x1199/0x1270
[  163.079083][  T307]  dev_hard_start_xmit+0x20f/0xab0
[  163.084966][  T307]  ? kmsan_get_metadata+0x11d/0x180
[  163.090591][  T307]  __dev_queue_xmit+0x2f8d/0x3b20
[  163.095619][  T307]  ? kmsan_get_metadata+0x11d/0x180
[  163.100954][  T307]  dev_queue_xmit+0x4b/0x60
[  163.105693][  T307]  batadv_send_skb_packet+0x59b/0x8c0
[  163.112627][  T307]  batadv_send_broadcast_skb+0x76/0x90
[  163.118208][  T307]  batadv_iv_send_outstanding_bat_ogm_packet+0x97e/0xd50
[  163.125371][  T307]  ? batadv_iv_ogm_queue_add+0x1900/0x1900
[  163.131181][  T307]  process_one_work+0x1555/0x1f40
[  163.136217][  T307]  worker_thread+0xef6/0x2450
[  163.140891][  T307]  kthread+0x4b5/0x4f0
[  163.144949][  T307]  ? process_one_work+0x1f40/0x1f40
[  163.150321][  T307]  ? kthread_blkcg+0xf0/0xf0
[  163.154974][  T307]  ret_from_fork+0x35/0x40
[  163.159394][  T307] Modules linked in:
[  163.163280][  T307] ---[ end trace 70dcefcb0efaa428 ]---
[  163.168727][  T307] RIP: 0010:kmsan_internal_check_memory+0x3c0/0x3d0
[  163.175312][  T307] Code: 5b 41 5c 41 5d 41 5e 41 5f 5d c3 0f 0b 48 c7 c7 31 3a c9 96 31 c0 e8 61 81 47 ff 0f 0b 0f 0b 0f 0b 0f 0b e8 82 9f 47 ff 0f 0b <0f> 0b 0f 1f 40 00 66 2e 0f 1f 84 00 00 00 00 00 55 48 89 e5 83 ff
[  163.195301][  T307] RSP: 0018:ffffa25f0139ef98 EFLAGS: 00010046
[  163.201648][  T307] RAX: 0000000000000002 RBX: 00000000042700b5 RCX: 00000000042700b5
[  163.209714][  T307] RDX: 0000000000000000 RSI: 0000000000000001 RDI: ffffa25f0139f074
[  163.217675][  T307] RBP: ffffa25f0139f040 R08: 0000000000000000 R09: ffff99d86fd28ed0
[  163.225628][  T307] R10: 0000000000000000 R11: ffffffff8d959a10 R12: 0000000000000000
[  163.233825][  T307] R13: 0000000000000001 R14: 0000000000000002 R15: 0000000000000001
[  163.242401][  T307] FS:  0000000000000000(0000) GS:ffff99d86fd00000(0000) knlGS:0000000000000000
[  163.251546][  T307] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  163.258400][  T307] CR2: 00005558cdb91000 CR3: 0000000119f32000 CR4: 00000000001406e0
[  163.266574][  T307] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  163.274706][  T307] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  163.282659][  T307] Kernel panic - not syncing: Fatal exception in interrupt
[  163.290638][  T307] Kernel Offset: 0x7600000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff)
[  163.302648][  T307] Rebooting in 86400 seconds..