[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 58.346992] audit: type=1800 audit(1540512293.391:25): pid=6075 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 58.366389] audit: type=1800 audit(1540512293.401:26): pid=6075 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 58.386099] audit: type=1800 audit(1540512293.421:27): pid=6075 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.10.57' (ECDSA) to the list of known hosts. syzkaller login: [ 113.314812] IPVS: ftp: loaded support on port[0] = 21 [ 113.667160] bridge0: port 1(bridge_slave_0) entered blocking state [ 113.673838] bridge0: port 1(bridge_slave_0) entered disabled state [ 113.681832] device bridge_slave_0 entered promiscuous mode [ 113.720828] bridge0: port 2(bridge_slave_1) entered blocking state [ 113.727414] bridge0: port 2(bridge_slave_1) entered disabled state [ 113.735812] device bridge_slave_1 entered promiscuous mode [ 113.774213] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 113.812763] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 113.931279] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 113.974777] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 114.161427] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 114.169634] team0: Port device team_slave_0 added [ 114.207578] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 114.215255] team0: Port device team_slave_1 added [ 114.256334] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 114.301914] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 114.343518] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 114.386085] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 114.530314] ip (6292) used greatest stack depth: 53264 bytes left RTNETLINK answers: Operation not supported [ 114.788048] bridge0: port 2(bridge_slave_1) entered blocking state [ 114.794703] bridge0: port 2(bridge_slave_1) entered forwarding state [ 114.801842] bridge0: port 1(bridge_slave_0) entered blocking state [ 114.808281] bridge0: port 1(bridge_slave_0) entered forwarding state [ 114.816770] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready RTNETLINK answers: No buffer space available RTNETLINK answers: Operation not supported RTNETLINK answers: Operation not supported RTNETLINK answers: Operation not supported RTNETLINK answers: Operation not supported RTNETLINK answers: Invalid argument [ 115.552015] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready RTNETLINK answers: Invalid argument RTNETLINK answers: Invalid argument [ 116.220025] 8021q: adding VLAN 0 to HW filter on device bond0 [ 116.352215] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 116.482396] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 116.488643] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 116.496770] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 116.625093] 8021q: adding VLAN 0 to HW filter on device team0 executing program [ 117.421339] ================================================================== [ 117.428768] BUG: KMSAN: uninit-value in ip_tunnel_lookup+0x17b/0x1610 [ 117.435358] CPU: 1 PID: 6469 Comm: syz-executor963 Not tainted 4.19.0-rc8+ #70 [ 117.442718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 117.452169] Call Trace: [ 117.454761] [ 117.456925] dump_stack+0x306/0x460 [ 117.460563] ? _raw_spin_lock_irqsave+0x227/0x340 [ 117.465421] ? ip_tunnel_lookup+0x17b/0x1610 [ 117.469868] kmsan_report+0x1a2/0x2e0 [ 117.473713] __msan_warning+0x7c/0xe0 [ 117.477533] ip_tunnel_lookup+0x17b/0x1610 [ 117.481797] gre_err+0x9e8/0xf40 [ 117.485299] ? gre_rcv+0x1920/0x1920 [ 117.489035] gre_err+0x1a5/0x200 [ 117.492728] ? gre_rcv+0x3a0/0x3a0 [ 117.496296] icmp_unreach+0xa35/0x1070 [ 117.500212] ? icmp_discard+0x30/0x30 [ 117.504068] icmp_rcv+0x19d5/0x1a90 [ 117.507772] ? local_bh_enable+0x40/0x40 [ 117.511880] ip_local_deliver_finish+0x8b7/0xf70 [ 117.516660] ip_local_deliver+0x44e/0x510 [ 117.520851] ? ip_local_deliver+0x510/0x510 [ 117.525283] ? ip_call_ra_chain+0x7b0/0x7b0 [ 117.529684] ip_rcv+0x6b6/0x740 [ 117.532997] ? ip_rcv_core+0x1250/0x1250 [ 117.537164] process_backlog+0x82b/0x11d0 [ 117.541396] ? ip_local_deliver_finish+0xf70/0xf70 [ 117.546351] ? rps_trigger_softirq+0x2e0/0x2e0 [ 117.550941] net_rx_action+0x975/0x1cf0 [ 117.554944] ? net_tx_action+0xea0/0xea0 [ 117.559040] __do_softirq+0x601/0xa6d [ 117.562893] do_softirq_own_stack+0x49/0x80 [ 117.567362] [ 117.569960] __local_bh_enable_ip+0x139/0x170 [ 117.574486] local_bh_enable+0x36/0x40 [ 117.578391] ip_finish_output2+0x13ca/0x14f0 [ 117.582826] ip_finish_output+0xd3c/0x10e0 [ 117.587190] ip_output+0x534/0x600 [ 117.590818] ? ip_mc_finish_output+0x440/0x440 [ 117.595426] ? ip_finish_output+0x10e0/0x10e0 [ 117.600414] ip_push_pending_frames+0x230/0x420 [ 117.605100] raw_sendmsg+0x2ce5/0x43b0 [ 117.609063] ? __msan_poison_alloca+0x160/0x210 [ 117.613775] ? compat_raw_ioctl+0x100/0x100 [ 117.618105] inet_sendmsg+0x4d8/0x7f0 [ 117.621918] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 117.627341] ? security_socket_sendmsg+0x1bd/0x200 [ 117.632289] ? inet_getname+0x490/0x490 [ 117.636279] __sys_sendto+0x975/0xb70 [ 117.640113] ? syscall_return_slowpath+0x112/0x880 [ 117.645059] __se_sys_sendto+0x107/0x130 [ 117.649138] __x64_sys_sendto+0x6e/0x90 [ 117.653136] do_syscall_64+0xbe/0x100 [ 117.656974] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 117.662247] RIP: 0033:0x455da9 [ 117.665477] Code: e8 ec ad 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 1b c9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 117.684391] RSP: 002b:00007fff59463228 EFLAGS: 00000212 ORIG_RAX: 000000000000002c [ 117.692117] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 0000000000455da9 [ 117.699426] RDX: 000000000000029c RSI: 00000000200001c0 RDI: 0000000000000003 [ 117.706732] RBP: 0000000000000000 R08: 0000000020000080 R09: 0000000000000010 [ 117.714051] R10: 0000000000000000 R11: 0000000000000212 R12: 0000000000412b50 [ 117.721353] R13: 0000000000412be0 R14: 0000000000000000 R15: 0000000000000000 [ 117.728671] [ 117.730339] Local variable description: ----tpi@gre_err [ 117.735701] Variable was created at: [ 117.739423] gre_err+0x69/0xf40 [ 117.742782] gre_err+0x1a5/0x200 [ 117.746150] ================================================================== [ 117.753507] Disabling lock debugging due to kernel taint [ 117.759059] Kernel panic - not syncing: panic_on_warn set ... [ 117.759059] [ 117.766480] CPU: 1 PID: 6469 Comm: syz-executor963 Tainted: G B 4.19.0-rc8+ #70 [ 117.775259] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 117.784736] Call Trace: [ 117.787381] [ 117.789565] dump_stack+0x306/0x460 [ 117.793278] panic+0x54c/0xafa [ 117.796519] kmsan_report+0x2d3/0x2e0 [ 117.800339] __msan_warning+0x7c/0xe0 [ 117.804421] ip_tunnel_lookup+0x17b/0x1610 [ 117.809037] gre_err+0x9e8/0xf40 [ 117.812490] ? gre_rcv+0x1920/0x1920 [ 117.816290] gre_err+0x1a5/0x200 [ 117.819796] ? gre_rcv+0x3a0/0x3a0 [ 117.823357] icmp_unreach+0xa35/0x1070 [ 117.827340] ? icmp_discard+0x30/0x30 [ 117.831359] icmp_rcv+0x19d5/0x1a90 [ 117.835020] ? local_bh_enable+0x40/0x40 [ 117.839174] ip_local_deliver_finish+0x8b7/0xf70 [ 117.844078] ip_local_deliver+0x44e/0x510 [ 117.848393] ? ip_local_deliver+0x510/0x510 [ 117.852771] ? ip_call_ra_chain+0x7b0/0x7b0 [ 117.857163] ip_rcv+0x6b6/0x740 [ 117.860516] ? ip_rcv_core+0x1250/0x1250 [ 117.864618] process_backlog+0x82b/0x11d0 [ 117.868913] ? ip_local_deliver_finish+0xf70/0xf70 [ 117.873901] ? rps_trigger_softirq+0x2e0/0x2e0 [ 117.878507] net_rx_action+0x975/0x1cf0 [ 117.882529] ? net_tx_action+0xea0/0xea0 [ 117.886599] __do_softirq+0x601/0xa6d [ 117.890438] do_softirq_own_stack+0x49/0x80 [ 117.894825] [ 117.897075] __local_bh_enable_ip+0x139/0x170 [ 117.901601] local_bh_enable+0x36/0x40 [ 117.905522] ip_finish_output2+0x13ca/0x14f0 [ 117.909957] ip_finish_output+0xd3c/0x10e0 [ 117.914243] ip_output+0x534/0x600 [ 117.917812] ? ip_mc_finish_output+0x440/0x440 [ 117.922421] ? ip_finish_output+0x10e0/0x10e0 [ 117.926947] ip_push_pending_frames+0x230/0x420 [ 117.931651] raw_sendmsg+0x2ce5/0x43b0 [ 117.935612] ? __msan_poison_alloca+0x160/0x210 [ 117.940302] ? compat_raw_ioctl+0x100/0x100 [ 117.944631] inet_sendmsg+0x4d8/0x7f0 [ 117.948443] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 117.953815] ? security_socket_sendmsg+0x1bd/0x200 [ 117.958773] ? inet_getname+0x490/0x490 [ 117.962784] __sys_sendto+0x975/0xb70 [ 117.966637] ? syscall_return_slowpath+0x112/0x880 [ 117.971598] __se_sys_sendto+0x107/0x130 [ 117.975697] __x64_sys_sendto+0x6e/0x90 [ 117.979699] do_syscall_64+0xbe/0x100 [ 117.983586] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 117.988780] RIP: 0033:0x455da9 [ 117.991986] Code: e8 ec ad 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 1b c9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 118.011010] RSP: 002b:00007fff59463228 EFLAGS: 00000212 ORIG_RAX: 000000000000002c [ 118.018743] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 0000000000455da9 [ 118.026060] RDX: 000000000000029c RSI: 00000000200001c0 RDI: 0000000000000003 [ 118.033381] RBP: 0000000000000000 R08: 0000000020000080 R09: 0000000000000010 [ 118.040685] R10: 0000000000000000 R11: 0000000000000212 R12: 0000000000412b50 [ 118.047994] R13: 0000000000412be0 R14: 0000000000000000 R15: 0000000000000000 [ 118.056795] Kernel Offset: disabled [ 118.060449] Rebooting in 86400 seconds..