[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   91.035141] audit: type=1800 audit(1546170248.084:25): pid=10876 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[   91.054366] audit: type=1800 audit(1546170248.084:26): pid=10876 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[   91.073890] audit: type=1800 audit(1546170248.104:27): pid=10876 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.15.207' (ECDSA) to the list of known hosts.
2018/12/30 11:44:23 fuzzer started
2018/12/30 11:44:27 dialing manager at 10.128.0.26:38305
2018/12/30 11:44:27 checking revisions...
2018/12/30 11:44:28 testing simple program...
syzkaller login: [  113.428906] IPVS: ftp: loaded support on port[0] = 21
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[  141.436325] can: request_module (can-proto-0) failed.
[  141.451335] can: request_module (can-proto-0) failed.
2018/12/30 11:45:00 syscalls: 1
2018/12/30 11:45:00 code coverage: enabled
2018/12/30 11:45:00 comparison tracing: CONFIG_KCOV_ENABLE_COMPARISONS is not enabled
2018/12/30 11:45:00 setuid sandbox: enabled
2018/12/30 11:45:00 namespace sandbox: enabled
2018/12/30 11:45:00 Android sandbox: /sys/fs/selinux/policy does not exist
2018/12/30 11:45:00 fault injection: enabled
2018/12/30 11:45:00 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2018/12/30 11:45:00 net packet injection: enabled
2018/12/30 11:45:00 net device setup: enabled
11:45:03 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0a5c1f023c126285719070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000000c0)={0x26, 'hash\x00', 0x0, 0x0, 'cmac(anubis)\x00'}, 0x58)
r2 = accept4(r1, 0x0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000000)="285474dae6badf3a960eca58356ed2eb", 0x10)
recvfrom$packet(r2, &(0x7f0000000140)=""/4096, 0x1000, 0x0, 0x0, 0x0)

[  146.845224] IPVS: ftp: loaded support on port[0] = 21
[  147.000660] chnl_net:caif_netlink_parms(): no params data found
[  147.071290] bridge0: port 1(bridge_slave_0) entered blocking state
[  147.077940] bridge0: port 1(bridge_slave_0) entered disabled state
[  147.086459] device bridge_slave_0 entered promiscuous mode
[  147.096121] bridge0: port 2(bridge_slave_1) entered blocking state
[  147.102682] bridge0: port 2(bridge_slave_1) entered disabled state
[  147.111014] device bridge_slave_1 entered promiscuous mode
[  147.146090] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  147.157345] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  147.187828] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  147.196719] team0: Port device team_slave_0 added
[  147.203529] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  147.212447] team0: Port device team_slave_1 added
[  147.218842] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  147.227224] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  147.337594] device hsr_slave_0 entered promiscuous mode
[  147.463030] device hsr_slave_1 entered promiscuous mode
[  147.643669] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
[  147.651170] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
[  147.680948] bridge0: port 2(bridge_slave_1) entered blocking state
[  147.687540] bridge0: port 2(bridge_slave_1) entered forwarding state
[  147.694882] bridge0: port 1(bridge_slave_0) entered blocking state
[  147.701430] bridge0: port 1(bridge_slave_0) entered forwarding state
[  147.791001] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready
[  147.797564] 8021q: adding VLAN 0 to HW filter on device bond0
[  147.809875] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  147.823670] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  147.834237] bridge0: port 1(bridge_slave_0) entered disabled state
[  147.844619] bridge0: port 2(bridge_slave_1) entered disabled state
[  147.855041] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[  147.873659] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
[  147.879759] 8021q: adding VLAN 0 to HW filter on device team0
[  147.896511] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  147.904996] bridge0: port 1(bridge_slave_0) entered blocking state
[  147.911484] bridge0: port 1(bridge_slave_0) entered forwarding state
[  147.961558] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  147.970248] bridge0: port 2(bridge_slave_1) entered blocking state
[  147.976823] bridge0: port 2(bridge_slave_1) entered forwarding state
[  147.986867] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  147.996174] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  148.013237] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  148.021467] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  148.036240] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready
[  148.054099] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  148.063360] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  148.077580] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready
[  148.084228] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  148.114227] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready
[  148.135295] 8021q: adding VLAN 0 to HW filter on device batadv0
[  148.192509] ==================================================================
[  148.199923] BUG: KMSAN: uninit-value in send_hsr_supervision_frame+0x1056/0x1510
[  148.207470] CPU: 1 PID: 0 Comm: swapper/1 Not tainted 4.20.0-rc7+ #16
[  148.214058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  148.223419] Call Trace:
[  148.226027]  <IRQ>
[  148.228203]  dump_stack+0x173/0x1d0
[  148.231863]  kmsan_report+0x12e/0x2a0
[  148.235696]  __msan_warning+0x82/0xf0
[  148.239523]  send_hsr_supervision_frame+0x1056/0x1510
[  148.244773]  hsr_announce+0x14c/0x3a0
[  148.248645]  call_timer_fn+0x285/0x600
[  148.253095]  ? hsr_dev_finalize+0xb90/0xb90
[  148.257472]  __run_timers+0xdb4/0x11d0
[  148.261381]  ? hsr_dev_finalize+0xb90/0xb90
[  148.265765]  ? __msan_metadata_ptr_for_store_8+0x13/0x20
[  148.271270]  ? irqtime_account_irq+0xcf/0x2e0
[  148.275790]  ? timers_dead_cpu+0xa50/0xa50
[  148.280062]  run_timer_softirq+0x2e/0x50
[  148.284140]  __do_softirq+0x53f/0x93a
[  148.287985]  irq_exit+0x214/0x250
[  148.291456]  exiting_irq+0xe/0x10
[  148.294929]  smp_apic_timer_interrupt+0x48/0x70
[  148.299618]  apic_timer_interrupt+0x2e/0x40
[  148.303945]  </IRQ>
[  148.306201] RIP: 0010:default_idle+0x27e/0x4e0
[  148.310832] Code: 04 24 00 00 00 00 8b 45 c0 41 89 44 24 08 8b 45 c4 41 89 84 24 90 0c 00 00 48 c7 c7 d8 22 cb 8b 8b 75 bc e8 84 3b b0 f6 fb f4 <65> 8b 04 25 20 a1 02 00 89 45 b8 8b 1c 25 20 32 04 8c 48 c7 c7 20
[  148.329760] RSP: 0018:ffff8880af66fdd0 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13
[  148.337492] RAX: ffff888112443220 RBX: 0000000000000000 RCX: ffff888112443220
[  148.344775] RDX: ffff888112043220 RSI: 0000160000000000 RDI: ccccccccccccd000
[  148.352059] RBP: ffff8880af66fe18 R08: 0000000000000002 R09: ffff8880af66fd78
[  148.359359] R10: 0000000000000000 R11: ffffffff8acbf5c0 R12: ffff8880af640988
[  148.366645] R13: 0000000000000001 R14: ffff8880af640000 R15: ffff8880af640988
[  148.373946]  ? __cpuidle_text_start+0x8/0x8
[  148.378334]  ? __cpuidle_text_start+0x8/0x8
[  148.382684]  ? __cpuidle_text_start+0x8/0x8
[  148.387033]  arch_cpu_idle+0x26/0x30
[  148.390768]  do_idle+0x22d/0x800
[  148.394177]  cpu_startup_entry+0x45/0x50
[  148.398250]  ? setup_APIC_timer+0x200/0x200
[  148.402592]  start_secondary+0x4b2/0x5d0
[  148.406680]  secondary_startup_64+0xa4/0xb0
[  148.411030] 
[  148.412660] Uninit was created at:
[  148.416224]  kmsan_save_stack_with_flags+0x7a/0x130
[  148.421257]  kmsan_internal_alloc_meta_for_pages+0x113/0x580
[  148.427062]  kmsan_alloc_page+0x7e/0x100
[  148.431131]  __alloc_pages_nodemask+0x1587/0x5f20
[  148.435982]  page_frag_alloc+0x3c1/0x980
[  148.440058]  __netdev_alloc_skb+0x1f1/0xa50
[  148.444392]  send_hsr_supervision_frame+0x168/0x1510
[  148.449505]  hsr_announce+0x14c/0x3a0
[  148.453319]  call_timer_fn+0x285/0x600
[  148.457229]  __run_timers+0xdb4/0x11d0
[  148.461131]  run_timer_softirq+0x2e/0x50
[  148.465207]  __do_softirq+0x53f/0x93a
[  148.469017] ==================================================================
[  148.476382] Disabling lock debugging due to kernel taint
[  148.481836] Kernel panic - not syncing: panic_on_warn set ...
[  148.487735] CPU: 1 PID: 0 Comm: swapper/1 Tainted: G    B             4.20.0-rc7+ #16
[  148.495708] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  148.505066] Call Trace:
[  148.507656]  <IRQ>
[  148.509835]  dump_stack+0x173/0x1d0
[  148.513507]  panic+0x3ce/0x961
[  148.516765]  kmsan_report+0x293/0x2a0
[  148.520603]  __msan_warning+0x82/0xf0
[  148.524432]  send_hsr_supervision_frame+0x1056/0x1510
[  148.529679]  hsr_announce+0x14c/0x3a0
[  148.533544]  call_timer_fn+0x285/0x600
[  148.537448]  ? hsr_dev_finalize+0xb90/0xb90
[  148.541813]  __run_timers+0xdb4/0x11d0
[  148.545721]  ? hsr_dev_finalize+0xb90/0xb90
[  148.550086]  ? __msan_metadata_ptr_for_store_8+0x13/0x20
[  148.555553]  ? irqtime_account_irq+0xcf/0x2e0
[  148.560070]  ? timers_dead_cpu+0xa50/0xa50
[  148.564336]  run_timer_softirq+0x2e/0x50
[  148.568410]  __do_softirq+0x53f/0x93a
[  148.572247]  irq_exit+0x214/0x250
[  148.575762]  exiting_irq+0xe/0x10
[  148.579236]  smp_apic_timer_interrupt+0x48/0x70
[  148.583920]  apic_timer_interrupt+0x2e/0x40
[  148.588247]  </IRQ>
[  148.590525] RIP: 0010:default_idle+0x27e/0x4e0
[  148.595116] Code: 04 24 00 00 00 00 8b 45 c0 41 89 44 24 08 8b 45 c4 41 89 84 24 90 0c 00 00 48 c7 c7 d8 22 cb 8b 8b 75 bc e8 84 3b b0 f6 fb f4 <65> 8b 04 25 20 a1 02 00 89 45 b8 8b 1c 25 20 32 04 8c 48 c7 c7 20
[  148.614032] RSP: 0018:ffff8880af66fdd0 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13
[  148.621756] RAX: ffff888112443220 RBX: 0000000000000000 RCX: ffff888112443220
[  148.629040] RDX: ffff888112043220 RSI: 0000160000000000 RDI: ccccccccccccd000
[  148.636317] RBP: ffff8880af66fe18 R08: 0000000000000002 R09: ffff8880af66fd78
[  148.643616] R10: 0000000000000000 R11: ffffffff8acbf5c0 R12: ffff8880af640988
[  148.650899] R13: 0000000000000001 R14: ffff8880af640000 R15: ffff8880af640988
[  148.658235]  ? __cpuidle_text_start+0x8/0x8
[  148.662591]  ? __cpuidle_text_start+0x8/0x8
[  148.666928]  ? __cpuidle_text_start+0x8/0x8
[  148.671268]  arch_cpu_idle+0x26/0x30
[  148.675025]  do_idle+0x22d/0x800
[  148.678433]  cpu_startup_entry+0x45/0x50
[  148.682525]  ? setup_APIC_timer+0x200/0x200
[  148.686869]  start_secondary+0x4b2/0x5d0
[  148.690963]  secondary_startup_64+0xa4/0xb0
[  148.696198] Kernel Offset: disabled
[  148.699835] Rebooting in 86400 seconds..