[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c.
[   82.830440] audit: type=1800 audit(1557301063.875:25): pid=10099 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0
[   82.861896] audit: type=1800 audit(1557301063.905:26): pid=10099 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0
[   82.882873] audit: type=1800 audit(1557301063.915:27): pid=10099 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0
[....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

Warning: Permanently added '10.128.1.35' (ECDSA) to the list of known hosts.
syzkaller login: [   94.711328] IPVS: ftp: loaded support on port[0] = 21
[   94.783383] chnl_net:caif_netlink_parms(): no params data found
[   94.824335] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.830854] bridge0: port 1(bridge_slave_0) entered disabled state
[   94.838655] device bridge_slave_0 entered promiscuous mode
[   94.846190] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.852802] bridge0: port 2(bridge_slave_1) entered disabled state
[   94.860223] device bridge_slave_1 entered promiscuous mode
[   94.881084] bond0: Enslaving bond_slave_0 as an active interface with an up link
[   94.891090] bond0: Enslaving bond_slave_1 as an active interface with an up link
[   94.912444] team0: Port device team_slave_0 added
[   94.919422] team0: Port device team_slave_1 added
[   94.974697] device hsr_slave_0 entered promiscuous mode
[   95.022186] device hsr_slave_1 entered promiscuous mode
[   95.093267] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.099766] bridge0: port 2(bridge_slave_1) entered forwarding state
[   95.106903] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.113498] bridge0: port 1(bridge_slave_0) entered forwarding state
[   95.160648] 8021q: adding VLAN 0 to HW filter on device bond0
[   95.174777] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   95.183751] bridge0: port 1(bridge_slave_0) entered disabled state
[   95.191424] bridge0: port 2(bridge_slave_1) entered disabled state
[   95.199591] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   95.213133] 8021q: adding VLAN 0 to HW filter on device team0
[   95.226418] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   95.234393] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.240838] bridge0: port 1(bridge_slave_0) entered forwarding state
[   95.264307] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   95.273293] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.279849] bridge0: port 2(bridge_slave_1) entered forwarding state
[   95.289318] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   95.300022] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   95.312583] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   95.330623] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   95.340437] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   95.354411] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
executing program
[   95.363633] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   95.373206] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   95.398227] 8021q: adding VLAN 0 to HW filter on device batadv0
[   95.414032] raw_sendmsg: syz-executor278 forgot to set AF_INET. Fix it!
[   95.421453] ==================================================================
[   95.428921] BUG: KMSAN: uninit-value in gre_parse_header+0x1395/0x1690
[   95.435635] CPU: 0 PID: 10250 Comm: syz-executor278 Not tainted 5.1.0-rc7+ #5
[   95.442908] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   95.452261] Call Trace:
[   95.454836]  <IRQ>
[   95.456995]  dump_stack+0x191/0x1f0
[   95.460637]  kmsan_report+0x130/0x2a0
[   95.464473]  __msan_warning+0x75/0xe0
[   95.472382]  gre_parse_header+0x1395/0x1690
[   95.478058]  gre_rcv+0x1ee/0x18b0
[   95.481516]  ? __msan_metadata_ptr_for_load_8+0x10/0x20
[   95.486895]  ? raw_local_deliver+0xdd/0x1940
[   95.491301]  ? nf_confirm+0x5c0/0x720
[   95.495099]  ? erspan_xmit+0x35a0/0x35a0
[   95.499180]  ? erspan_xmit+0x35a0/0x35a0
[   95.503245]  gre_rcv+0x2dd/0x3c0
[   95.506606]  ? kmsan_get_shadow_origin_ptr+0x71/0x470
[   95.511824]  ? gre_parse_header+0x1690/0x1690
[   95.516335]  ip_protocol_deliver_rcu+0x504/0xad0
[   95.521102]  ip_local_deliver+0x628/0x7b0
[   95.525285]  ? ip_local_deliver+0x7b0/0x7b0
[   95.529604]  ? ip_protocol_deliver_rcu+0xad0/0xad0
[   95.534529]  ip_rcv+0x6c5/0x740
[   95.537810]  ? ip_rcv_core+0x11d0/0x11d0
[   95.541892]  process_backlog+0x6da/0x1070
[   95.546057]  ? ip_local_deliver_finish+0x320/0x320
[   95.550992]  ? rps_trigger_softirq+0x2e0/0x2e0
[   95.555565]  net_rx_action+0x738/0x1940
[   95.559550]  ? net_tx_action+0xb70/0xb70
[   95.563610]  __do_softirq+0x4ad/0x858
[   95.567414]  do_softirq_own_stack+0x49/0x80
[   95.571724]  </IRQ>
[   95.573973]  __local_bh_enable_ip+0x199/0x1e0
[   95.578488]  local_bh_enable+0x36/0x40
[   95.582382]  ip_finish_output2+0x1721/0x1930
[   95.586834]  ip_finish_output+0xd2a/0xfd0
[   95.590995]  ip_output+0x541/0x610
[   95.594542]  ? ip_mc_finish_output+0x3b0/0x3b0
[   95.599145]  ? ip_finish_output+0xfd0/0xfd0
[   95.603461]  ip_push_pending_frames+0x243/0x460
[   95.608157]  raw_sendmsg+0x2da2/0x4670
[   95.612140]  ? aa_sock_msg_perm+0x16d/0x320
[   95.616492]  ? kmsan_get_shadow_origin_ptr+0x71/0x470
[   95.621703]  ? compat_raw_ioctl+0x100/0x100
[   95.626033]  inet_sendmsg+0x546/0x720
[   95.629852]  ? kmsan_get_shadow_origin_ptr+0x71/0x470
[   95.635052]  ? inet_getname+0x490/0x490
[   95.639034]  ___sys_sendmsg+0xcc6/0x1200
[   95.643114]  ? kmsan_get_shadow_origin_ptr+0x71/0x470
[   95.648295]  ? __msan_metadata_ptr_for_store_1+0x13/0x20
[   95.653750]  ? __msan_metadata_ptr_for_load_4+0x10/0x20
[   95.659133]  ? __fget_light+0x1cd/0x6e0
[   95.663129]  __sys_sendmmsg+0x536/0xaf0
[   95.667129]  ? __msan_metadata_ptr_for_store_4+0x13/0x20
[   95.672580]  ? prepare_exit_to_usermode+0x114/0x420
[   95.677587]  ? kmsan_get_shadow_origin_ptr+0x71/0x470
[   95.682779]  __se_sys_sendmmsg+0xbd/0xe0
[   95.686844]  __x64_sys_sendmmsg+0x56/0x70
[   95.690985]  do_syscall_64+0xbc/0xf0
[   95.694701]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[   95.699889] RIP: 0033:0x441979
[   95.703162] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 bb 10 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[   95.722410] RSP: 002b:00007fff6a0da7b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   95.730132] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000441979
[   95.737398] RDX: 0000000000000001 RSI: 00000000200006c0 RDI: 0000000000000004
[   95.744664] RBP: 00000000004a9010 R08: 0000000001bbbbbb R09: 0000000001bbbbbb
[   95.751975] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000402ec0
[   95.759281] R13: 0000000000402f50 R14: 0000000000000000 R15: 0000000000000000
[   95.766576] 
[   95.768192] Uninit was stored to memory at:
[   95.772530]  kmsan_internal_chain_origin+0x133/0x230
[   95.777652]  kmsan_memcpy_memmove_metadata+0x969/0xd40
[   95.782945]  kmsan_memcpy_metadata+0xb/0x10
[   95.787271]  __msan_memcpy+0x56/0x70
[   95.790978]  pskb_expand_head+0x3aa/0x1a30
[   95.795205]  ip_tunnel_xmit+0x2bd5/0x3290
[   95.799351]  erspan_xmit+0x1efe/0x35a0
[   95.803257]  dev_hard_start_xmit+0x594/0xb20
[   95.807655]  sch_direct_xmit+0x571/0x870
[   95.811712]  __qdisc_run+0x158b/0x3380
[   95.815604]  __dev_queue_xmit+0x21a0/0x3b60
[   95.819913]  dev_queue_xmit+0x4b/0x60
[   95.823703]  neigh_resolve_output+0xab7/0xb50
[   95.828279]  ip_finish_output2+0x1709/0x1930
[   95.832675]  ip_finish_output+0xd2a/0xfd0
[   95.836811]  ip_output+0x541/0x610
[   95.840341]  ip_push_pending_frames+0x243/0x460
[   95.845019]  raw_sendmsg+0x2da2/0x4670
[   95.848894]  inet_sendmsg+0x546/0x720
[   95.852693]  ___sys_sendmsg+0xcc6/0x1200
[   95.856785]  __sys_sendmmsg+0x536/0xaf0
[   95.860751]  __se_sys_sendmmsg+0xbd/0xe0
[   95.864828]  __x64_sys_sendmmsg+0x56/0x70
[   95.868982]  do_syscall_64+0xbc/0xf0
[   95.872693]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[   95.877875] 
[   95.879483] Uninit was created at:
[   95.883020]  kmsan_internal_poison_shadow+0x92/0x150
[   95.888200]  kmsan_kmalloc+0xa4/0x130
[   95.892002]  kmsan_slab_alloc+0xe/0x10
[   95.895902]  __kmalloc_node_track_caller+0xcba/0xf30
[   95.900992]  __alloc_skb+0x306/0xa10
[   95.904694]  __ip_append_data+0x3661/0x5000
[   95.909015]  ip_append_data+0x324/0x480
[   95.912986]  raw_sendmsg+0x2aac/0x4670
[   95.916860]  inet_sendmsg+0x546/0x720
[   95.920644]  ___sys_sendmsg+0xcc6/0x1200
[   95.924698]  __sys_sendmmsg+0x536/0xaf0
[   95.928659]  __se_sys_sendmmsg+0xbd/0xe0
[   95.932712]  __x64_sys_sendmmsg+0x56/0x70
[   95.936849]  do_syscall_64+0xbc/0xf0
[   95.940566]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[   95.945824] ==================================================================
[   95.953196] Disabling lock debugging due to kernel taint
[   95.958637] Kernel panic - not syncing: panic_on_warn set ...
[   95.964520] CPU: 0 PID: 10250 Comm: syz-executor278 Tainted: G    B             5.1.0-rc7+ #5
[   95.974038] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   95.983383] Call Trace:
[   95.985961]  <IRQ>
[   95.988106]  dump_stack+0x191/0x1f0
[   95.991747]  panic+0x3ca/0xafe
[   95.994987]  kmsan_report+0x298/0x2a0
[   95.998810]  __msan_warning+0x75/0xe0
[   96.002633]  gre_parse_header+0x1395/0x1690
[   96.006977]  gre_rcv+0x1ee/0x18b0
[   96.010432]  ? __msan_metadata_ptr_for_load_8+0x10/0x20
[   96.015791]  ? raw_local_deliver+0xdd/0x1940
[   96.020192]  ? nf_confirm+0x5c0/0x720
[   96.023987]  ? erspan_xmit+0x35a0/0x35a0
[   96.028042]  ? erspan_xmit+0x35a0/0x35a0
[   96.032135]  gre_rcv+0x2dd/0x3c0
[   96.035510]  ? kmsan_get_shadow_origin_ptr+0x71/0x470
[   96.040695]  ? gre_parse_header+0x1690/0x1690
[   96.045188]  ip_protocol_deliver_rcu+0x504/0xad0
[   96.049946]  ip_local_deliver+0x628/0x7b0
[   96.054110]  ? ip_local_deliver+0x7b0/0x7b0
[   96.058440]  ? ip_protocol_deliver_rcu+0xad0/0xad0
[   96.063367]  ip_rcv+0x6c5/0x740
[   96.066652]  ? ip_rcv_core+0x11d0/0x11d0
[   96.070712]  process_backlog+0x6da/0x1070
[   96.074878]  ? ip_local_deliver_finish+0x320/0x320
[   96.079840]  ? rps_trigger_softirq+0x2e0/0x2e0
[   96.084446]  net_rx_action+0x738/0x1940
[   96.088443]  ? net_tx_action+0xb70/0xb70
[   96.092522]  __do_softirq+0x4ad/0x858
[   96.096345]  do_softirq_own_stack+0x49/0x80
[   96.100653]  </IRQ>
[   96.102887]  __local_bh_enable_ip+0x199/0x1e0
[   96.114222]  local_bh_enable+0x36/0x40
[   96.118120]  ip_finish_output2+0x1721/0x1930
[   96.122547]  ip_finish_output+0xd2a/0xfd0
[   96.126705]  ip_output+0x541/0x610
[   96.130286]  ? ip_mc_finish_output+0x3b0/0x3b0
[   96.134885]  ? ip_finish_output+0xfd0/0xfd0
[   96.139202]  ip_push_pending_frames+0x243/0x460
[   96.143878]  raw_sendmsg+0x2da2/0x4670
[   96.147817]  ? aa_sock_msg_perm+0x16d/0x320
[   96.152163]  ? kmsan_get_shadow_origin_ptr+0x71/0x470
[   96.158099]  ? compat_raw_ioctl+0x100/0x100
[   96.162420]  inet_sendmsg+0x546/0x720
[   96.166255]  ? kmsan_get_shadow_origin_ptr+0x71/0x470
[   96.171446]  ? inet_getname+0x490/0x490
[   96.175415]  ___sys_sendmsg+0xcc6/0x1200
[   96.179491]  ? kmsan_get_shadow_origin_ptr+0x71/0x470
[   96.184673]  ? __msan_metadata_ptr_for_store_1+0x13/0x20
[   96.190118]  ? __msan_metadata_ptr_for_load_4+0x10/0x20
[   96.195486]  ? __fget_light+0x1cd/0x6e0
[   96.199474]  __sys_sendmmsg+0x536/0xaf0
[   96.203470]  ? __msan_metadata_ptr_for_store_4+0x13/0x20
[   96.208912]  ? prepare_exit_to_usermode+0x114/0x420
[   96.213918]  ? kmsan_get_shadow_origin_ptr+0x71/0x470
[   96.219117]  __se_sys_sendmmsg+0xbd/0xe0
[   96.223180]  __x64_sys_sendmmsg+0x56/0x70
[   96.227492]  do_syscall_64+0xbc/0xf0
[   96.231199]  entry_SYSCALL_64_after_hwframe+0x63/0xe7
[   96.236380] RIP: 0033:0x441979
[   96.239560] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 bb 10 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[   96.258457] RSP: 002b:00007fff6a0da7b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   96.266161] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000441979
[   96.273441] RDX: 0000000000000001 RSI: 00000000200006c0 RDI: 0000000000000004
[   96.280706] RBP: 00000000004a9010 R08: 0000000001bbbbbb R09: 0000000001bbbbbb
[   96.287975] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000402ec0
[   96.295245] R13: 0000000000402f50 R14: 0000000000000000 R15: 0000000000000000
[   96.303507] Kernel Offset: disabled
[   96.307160] Rebooting in 86400 seconds..